Serious problem running bro-pub-0.8a48 on OpenBSD 3.3

Nimit Sawhney nimits at cmu.edu
Tue Nov 11 06:23:42 PST 2003 

I have the same problem with 0.8a48 and 0.8a37 on
OBsd3.3

Vern, any suggestions?

/Nimit

> Hi All,
>
> I keep getting segmentation faults while I attempt to run Bro 0.8a48 on
> OpenBSD3.3.
> I've gone back and tried some older versions and the last version I can
> run
> without
> seg faults is 0.8a32. None of the versions after that one seem to work for
> me. Has
> anyone faced this problem before??
>
> -  I am running this on a P3-600 MHz, 200 MB memory system. Is that too
> slow?
>
> - The size of the 'bro.core' file upon the seg-fault is of the order of
> 500
> MB.
> Isn't that weird? The response time of my system also increases
> drastically
> when I start Bro (other than version 0.8a32 - where it remains very
> normal).
>
> ----------------------------------------------------------------------------------------------------------
> bash-2.05b# ./bro -i fxp0 -t trace.txt -w dump.txt -S mt
> Execution tracing ON.
> Segmentation fault (core dumped)
> -------------trace.txt is appended at the end of this
> mail--------------------
> bash-2.05b# ls -la bro.core
> -rw-------  1 root  wheel  536426260 Nov 10 12:08 bro.core
> -----------------------------------------------------------------------------------------------------------
>
> - I tried without the '-S' option but that didn't help either.
>
> - attaching a gdb snapshot below. Each time I've seen some or the other
> function
> related to 'md5' here. The bro src. file 'md5.c' hasn't changed in a
> while.
> What's
> causing this?
> --------------------------------------------------------------------------------------------------------------
> bash-2.05b# gdb -c bro.core -s bro
> GNU gdb 4.16.1
> Copyright 1996 Free Software Foundation, Inc.
> This GDB was configured as "i386-unknown-openbsd3.3"...
> Core was generated by `bro'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /usr/libexec/ld.so...done.
> Reading symbols from /usr/lib/libcrypto.so.9.0...done.
> Reading symbols from /usr/lib/libssl.so.7.0...done.
> Reading symbols from /usr/lib/libtermcap.so.9.0...done.
> Reading symbols from /usr/lib/libpcap.so.2.0...done.
> Reading symbols from /usr/lib/libpthread.so.1.0...done.
> Reading symbols from /usr/lib/libstdc++.so.31.0...done.
> Reading symbols from /usr/lib/libm.so.1.0...done.
> Reading symbols from /usr/lib/libc.so.29.0...done.
> #0  0x13e2a1 in md5_process ()
> (gdb) bt
> #0  0x13e2a1 in md5_process ()
> Cannot access memory at address 0x13e298.
> (gdb) i r
> eax            0xcf3fe178       -817897096
> ecx            0x0      0
> edx            0x8      8
> ebx            0xcf3fe160       -817897120
> esp            0xcf3fe000       0xcf3fe000
> ebp            0xcf3fe0ac       0xcf3fe0ac
> esi            0x38     56
> edi            0x0      0
> eip            0x13e2a1 0x13e2a1
> eflags         0x10286  66182
> cs             0x1f     31
> ss             0x27     39
> ds             0x27     39
> es             0x27     39
> fs             0x27     39
> gs             0x27     39
> (gdb) q
> ----------------------------------------------------------------------------------------------------------
>
> - Could it be a problem with the glibc on my system (it's a standard
> install). ?
>
> Whats so different after version 0.8a32 so as to cause this?
> Any help is greatly appreciated.
>
> thanks,
> -MdK
>
> -------trace.txt----------
> 0.000000 <no location>:0        function called: open_log_file(tag =
> 'log')
> 0.000000 <no location>:0                function called: log_file_name(tag
> =
> 'log')
> 0.000000 policy/bro.init:195                    Builtin Function called:
> getenv(var = '
> BRO_ID')
> 0.000000 policy/bro.init:195                    Function return:
> 0.000000 policy/bro.init:196                    Builtin Function called:
> fmt(va_args =
> '%s.%s', vararg0 = 'log', vararg1 = 'log')
> 0.000000 policy/bro.init:196                    Function return: log.log
> 0.000000 policy/bro.init:196            Function return: log.log
> 0.000000 policy/bro.init:201            Builtin Function called: open(f =
> 'log.log')
> 0.000000 policy/bro.init:201            Function return: <no value
> description>
> 0.000000 policy/bro.init:201    Function return: <no value description>
> 0.000000 <no location>:0        function called: open_log_file(tag =
> 'alert')
> 0.000000 <no location>:0                function called: log_file_name(tag
> =
> 'alert')
> 0.000000 policy/bro.init:195                    Builtin Function called:
> getenv(var = '
> BRO_ID')
> 0.000000 policy/bro.init:195                    Function return:
> 0.000000 policy/bro.init:196                    Builtin Function called:
> fmt(va_args =
> '%s.%s', vararg0 = 'alert', vararg1 = 'log')
> 0.000000 policy/bro.init:196                    Function return: alert.log
> 0.000000 policy/bro.init:196            Function return: alert.log
> 0.000000 policy/bro.init:201            Builtin Function called: open(f =
> 'alert.log')
> 0.000000 policy/bro.init:201            Function return: <no value
> description>
> 0.000000 policy/bro.init:201    Function return: <no value description>
> -----end of trace-------
>

More information about the Bro mailing list