Actions
Bug #8300
openopenbsd: race condition between pledge and pcap directory mode
Affected Versions:
Effort:
Difficulty:
Label:
Description
It seems there is a race condition between the pledge call and the directory mode for pcap. Not sure yet what happens, but what I observe is that the pcap thread already starts to read the directory when the pledge is activated. This is because of the call to TmThreadContinueThreads allows the pcap thread to start its loop, but the SCPledge call is only done by the main thread a afterwards.
The follow command in a loop eventually fails
src/suricata --set classification-file="/home/victor/builds/UtkAo7MY/0/inliniac/suricata-ci/suricata/classification.config" --set reference-config-file="/home/victor/builds/UtkAo7MY/0/inliniac/suricata-ci/suricata/reference.config" -l /home/victor/builds/UtkAo7MY/0/inliniac/suricata-ci/suricata-verify/tests/test-bad-hex-rule-2/output -c /home/victor/builds/UtkAo7MY/0/inliniac/suricata-ci/suricata-verify/tests/test-bad-hex-rule-2/suricata.yaml -r . -S /home/victor/builds/UtkAo7MY/0/inliniac/suricata-ci/suricata-verify/tests/test-bad-hex-rule-2/test.rules --runmode=single
A failed run
Notice: suricata: This is Suricata version 9.0.0-dev ("undefined") running in USER mode [LogVersion:suricata.c:1218]
Info: cpu: CPUs/cores online: 3 [UtilCpuPrintSummary:util-cpu.c:149]
Info: suricata: Setting engine mode to IDS mode by default [PostConfLoadedSetup:suricata.c:2834]
Info: suricata: No 'host-mode': suricata is in IDS mode, using default setting 'sniffer-only' [PostConfLoadedSetupHostMode:suricata.c:2726]
Warning: counters: stats are enabled but no loggers are active [StatsInitCtxPostOutput:counters.c:340]
Error: detect-content: Invalid hex code in content - |01 10 0j|, hex j. Invalidating signature. [DetectContentDataParse:detect-content.c:152]
Error: detect: error parsing signature "alert tcp any any -> any any (msg:"invalid hex test rule"; content:"|01 10 0j|"; sid:12346; rev:1;)" from file /home/victor/builds/UtkAo7MY/0/inliniac/suricata-ci/suricata-verify/tests/test-bad-hex-rule-2/test.rules at line 1 [DetectLoadSigFile:detect-engine-loader.c:197]
Warning: detect: 1 rule files specified, but no rules were loaded! [SigLoadSignatures:detect-engine-loader.c:458]
Warning: threshold-config: Error opening file: "/usr/local/etc/suricata//threshold.config": No such file or directory [SCThresholdConfInitContext:util-threshold-config.c:182]
Info: detect: 0 signatures processed. 0 are IP-only rules, 0 are inspecting packet payload, 0 inspect application layer, 0 are decoder event only 0 are packet inspecting, 0 are packet-stream inspecting [SigPrepareStage1:detect-engine-build.c:1829]
Notice: threads: W#01 start LoopInit [TmThreadsSlotPktAcqLoop:tm-threads.c:326]
Info: pcap: Argument . was a directory [ReceivePcapFileThreadInit:source-pcap-file.c:307]
Notice: threads: W#01 done LoopInit [TmThreadsSlotPktAcqLoop:tm-threads.c:330]
Notice: threads: W#01 unpaused [TmThreadsSlotPktAcqLoop:tm-threads.c:333]
Info: pcap: Starting directory run for . [ReceivePcapFileLoop:source-pcap-file.c:210]
Info: pcap: Processing pcaps directory ., files must be newer than 0 and older than 18446744073709550616 [PcapDirectoryDispatch:source-pcap-file-directory-helper.c:507]
Info: pcap: Found "./depcomp" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./SECURITY.md" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./libsuricata-config.in" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./LICENSE" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.sub" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./Makefile.in" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./aclocal.m4" at 1771275903000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./missing" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./Makefile.am" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./README.md" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./acsite.m4" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./threshold.config" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./COPYING" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.guess" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./suricata.yaml.in" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.rpath" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./ChangeLog" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./configure" at 1771275903000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./install-sh" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./compile" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./ltmain.sh" at 1771275902000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./configure.ac" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./classification.config" at 1771305353272 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./reference.config" at 1771305353272 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.log" at 1771323812062 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.status" at 1771323810342 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./Makefile" at 1771323810532 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./libtool" at 1771323811642 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Notice: threads: Threads created -> W: 1 FM: 1 FR: 1 Engine started. [TmThreadWaitOnThreadRunning:tm-threads.c:1961]
Info: pcap: Found "./suricata.yaml" at 1771323810992 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./libsuricata-config" at 1771323811132 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./ktrace.out" at 1771335196992 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
suricata[43434]: pledge "rpath", syscall 59
Abort trap (core dumped)
A good run
Notice: suricata: This is Suricata version 9.0.0-dev ("undefined") running in USER mode [LogVersion:suricata.c:1218]
Info: cpu: CPUs/cores online: 3 [UtilCpuPrintSummary:util-cpu.c:149]
Info: suricata: Setting engine mode to IDS mode by default [PostConfLoadedSetup:suricata.c:2834]
Info: suricata: No 'host-mode': suricata is in IDS mode, using default setting 'sniffer-only' [PostConfLoadedSetupHostMode:suricata.c:2726]
Warning: counters: stats are enabled but no loggers are active [StatsInitCtxPostOutput:counters.c:340]
Error: detect-content: Invalid hex code in content - |01 10 0j|, hex j. Invalidating signature. [DetectContentDataParse:detect-content.c:152]
Error: detect: error parsing signature "alert tcp any any -> any any (msg:"invalid hex test rule"; content:"|01 10 0j|"; sid:12346; rev:1;)" from file /home/victor/builds/UtkAo7MY/0/inliniac/suricata-ci/suricata-verify/tests/test-bad-hex-rule-2/test.rules at line 1 [DetectLoadSigFile:detect-engine-loader.c:197]
Warning: detect: 1 rule files specified, but no rules were loaded! [SigLoadSignatures:detect-engine-loader.c:458]
Warning: threshold-config: Error opening file: "/usr/local/etc/suricata//threshold.config": No such file or directory [SCThresholdConfInitContext:util-threshold-config.c:182]
Info: detect: 0 signatures processed. 0 are IP-only rules, 0 are inspecting packet payload, 0 inspect application layer, 0 are decoder event only 0 are packet inspecting, 0 are packet-stream inspecting [SigPrepareStage1:detect-engine-build.c:1829]
Notice: threads: W#01 start LoopInit [TmThreadsSlotPktAcqLoop:tm-threads.c:326]
Info: pcap: Argument . was a directory [ReceivePcapFileThreadInit:source-pcap-file.c:307]
Notice: threads: W#01 done LoopInit [TmThreadsSlotPktAcqLoop:tm-threads.c:330]
Notice: threads: W#01 unpaused [TmThreadsSlotPktAcqLoop:tm-threads.c:333]
Info: pcap: Starting directory run for . [ReceivePcapFileLoop:source-pcap-file.c:210]
Info: pcap: Processing pcaps directory ., files must be newer than 0 and older than 18446744073709550616 [PcapDirectoryDispatch:source-pcap-file-directory-helper.c:507]
Info: pcap: Found "./depcomp" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./SECURITY.md" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./libsuricata-config.in" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./LICENSE" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.sub" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./Makefile.in" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./aclocal.m4" at 1771275903000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./missing" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./Makefile.am" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./README.md" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./acsite.m4" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./threshold.config" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./COPYING" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.guess" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./suricata.yaml.in" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.rpath" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./ChangeLog" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./configure" at 1771275903000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./install-sh" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./compile" at 1771275904000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./ltmain.sh" at 1771275902000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./configure.ac" at 1771275898000 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./classification.config" at 1771305353272 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./reference.config" at 1771305353272 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.log" at 1771323812062 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./config.status" at 1771323810342 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./Makefile" at 1771323810532 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./libtool" at 1771323811642 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./suricata.yaml" at 1771323810992 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./libsuricata-config" at 1771323811132 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./ktrace.out" at 1771335195752 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./suricata.core" at 1771333794052 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./.gdbinit" at 1771328557283 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Info: pcap: Found "./debug.log" at 1771331730812 [PcapDirectoryPopulateBuffer:source-pcap-file-directory-helper.c:370]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./SECURITY.md, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./libsuricata-config.in, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./LICENSE, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./Makefile.am, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./README.md, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./acsite.m4, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./threshold.config, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./COPYING, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./suricata.yaml.in, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: fread: Undefined error: 0 [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./config.rpath, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./ChangeLog, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./configure.ac, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./ltmain.sh, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./aclocal.m4, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./configure, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Notice: threads: Threads created -> W: 1 FM: 1 FR: 1 Engine started. [TmThreadWaitOnThreadRunning:tm-threads.c:1961]
Warning: pcap: Failed to init pcap file ./depcomp, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Notice: suricata: SCPledge done [SuricataPostInit:suricata.c:3214]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./config.sub, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./Makefile.in, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./missing, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./config.guess, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./install-sh, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./compile, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./classification.config, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./reference.config, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./config.status, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./Makefile, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./suricata.yaml, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./libsuricata-config, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./libtool, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./config.log, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./.gdbinit, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: fread: Undefined error: 0 [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./debug.log, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./suricata.core, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Error: pcap: bad dump file format [InitPcapFile:source-pcap-file-helper.c:207]
Warning: pcap: Failed to init pcap file ./ktrace.out, skipping [PcapDirectoryDispatchForTimeRange:source-pcap-file-directory-helper.c:435]
Info: pcap: Directory run mode complete [PcapDirectoryDispatch:source-pcap-file-directory-helper.c:540]
Notice: suricata: Signal Received. Stopping engine. [SuricataMainLoop:suricata.c:2970]
Info: suricata: time elapsed 0.145s [SCPrintElapsedTime:suricata.c:1238]
Notice: pcap: read 0 files, 0 packets, 0 bytes [ReceivePcapFileThreadExitStats:source-pcap-file.c:414]
A failure that runs in ktrace will then produce this kdump output
... 43434 suricata RET write 189/0xbd 43434 suricata CALL pledge(0xa00746c14b8,0) 43434 suricata STRU promise="stdio rpath wpath cpath fattr unix dns bpf" 43434 suricata CALL stat(0xa02d101de70,0xa02d101dd90) 43434 suricata NAMI "./suricata.core" 43434 suricata PLDG execve, "rpath", errno 1 Operation not permitted 43434 suricata RET pledge 0 43434 suricata PSIG SIGABRT SIG_DFL code=<980181358> 43434 suricata NAMI "suricata.core"
Seeing this issue intermittently on both my OpenBSD VM runners, running 7.7 and 7.8.
@eroullit do you have any idea why this happens? I'm not understanding enough of pledge.
Updated by Victor Julien 5 days ago
- Status changed from Assigned to In Review
Actions