Serious problem running bro-pub-0.8a48 on OpenBSD 3.3
Nimit Sawhney
nimits at cmu.edu
Tue Nov 11 06:23:42 PST 2003
I have the same problem with 0.8a48 and 0.8a37 on
OBsd3.3
Vern, any suggestions?
/Nimit
> Hi All,
>
> I keep getting segmentation faults while I attempt to run Bro 0.8a48 on
> OpenBSD3.3.
> I've gone back and tried some older versions and the last version I can
> run
> without
> seg faults is 0.8a32. None of the versions after that one seem to work for
> me. Has
> anyone faced this problem before??
>
> - I am running this on a P3-600 MHz, 200 MB memory system. Is that too
> slow?
>
> - The size of the 'bro.core' file upon the seg-fault is of the order of
> 500
> MB.
> Isn't that weird? The response time of my system also increases
> drastically
> when I start Bro (other than version 0.8a32 - where it remains very
> normal).
>
> ----------------------------------------------------------------------------------------------------------
> bash-2.05b# ./bro -i fxp0 -t trace.txt -w dump.txt -S mt
> Execution tracing ON.
> Segmentation fault (core dumped)
> -------------trace.txt is appended at the end of this
> mail--------------------
> bash-2.05b# ls -la bro.core
> -rw------- 1 root wheel 536426260 Nov 10 12:08 bro.core
> -----------------------------------------------------------------------------------------------------------
>
> - I tried without the '-S' option but that didn't help either.
>
> - attaching a gdb snapshot below. Each time I've seen some or the other
> function
> related to 'md5' here. The bro src. file 'md5.c' hasn't changed in a
> while.
> What's
> causing this?
> --------------------------------------------------------------------------------------------------------------
> bash-2.05b# gdb -c bro.core -s bro
> GNU gdb 4.16.1
> Copyright 1996 Free Software Foundation, Inc.
> This GDB was configured as "i386-unknown-openbsd3.3"...
> Core was generated by `bro'.
> Program terminated with signal 11, Segmentation fault.
> Reading symbols from /usr/libexec/ld.so...done.
> Reading symbols from /usr/lib/libcrypto.so.9.0...done.
> Reading symbols from /usr/lib/libssl.so.7.0...done.
> Reading symbols from /usr/lib/libtermcap.so.9.0...done.
> Reading symbols from /usr/lib/libpcap.so.2.0...done.
> Reading symbols from /usr/lib/libpthread.so.1.0...done.
> Reading symbols from /usr/lib/libstdc++.so.31.0...done.
> Reading symbols from /usr/lib/libm.so.1.0...done.
> Reading symbols from /usr/lib/libc.so.29.0...done.
> #0 0x13e2a1 in md5_process ()
> (gdb) bt
> #0 0x13e2a1 in md5_process ()
> Cannot access memory at address 0x13e298.
> (gdb) i r
> eax 0xcf3fe178 -817897096
> ecx 0x0 0
> edx 0x8 8
> ebx 0xcf3fe160 -817897120
> esp 0xcf3fe000 0xcf3fe000
> ebp 0xcf3fe0ac 0xcf3fe0ac
> esi 0x38 56
> edi 0x0 0
> eip 0x13e2a1 0x13e2a1
> eflags 0x10286 66182
> cs 0x1f 31
> ss 0x27 39
> ds 0x27 39
> es 0x27 39
> fs 0x27 39
> gs 0x27 39
> (gdb) q
> ----------------------------------------------------------------------------------------------------------
>
> - Could it be a problem with the glibc on my system (it's a standard
> install). ?
>
> Whats so different after version 0.8a32 so as to cause this?
> Any help is greatly appreciated.
>
> thanks,
> -MdK
>
> -------trace.txt----------
> 0.000000 <no location>:0 function called: open_log_file(tag =
> 'log')
> 0.000000 <no location>:0 function called: log_file_name(tag
> =
> 'log')
> 0.000000 policy/bro.init:195 Builtin Function called:
> getenv(var = '
> BRO_ID')
> 0.000000 policy/bro.init:195 Function return:
> 0.000000 policy/bro.init:196 Builtin Function called:
> fmt(va_args =
> '%s.%s', vararg0 = 'log', vararg1 = 'log')
> 0.000000 policy/bro.init:196 Function return: log.log
> 0.000000 policy/bro.init:196 Function return: log.log
> 0.000000 policy/bro.init:201 Builtin Function called: open(f =
> 'log.log')
> 0.000000 policy/bro.init:201 Function return: <no value
> description>
> 0.000000 policy/bro.init:201 Function return: <no value description>
> 0.000000 <no location>:0 function called: open_log_file(tag =
> 'alert')
> 0.000000 <no location>:0 function called: log_file_name(tag
> =
> 'alert')
> 0.000000 policy/bro.init:195 Builtin Function called:
> getenv(var = '
> BRO_ID')
> 0.000000 policy/bro.init:195 Function return:
> 0.000000 policy/bro.init:196 Builtin Function called:
> fmt(va_args =
> '%s.%s', vararg0 = 'alert', vararg1 = 'log')
> 0.000000 policy/bro.init:196 Function return: alert.log
> 0.000000 policy/bro.init:196 Function return: alert.log
> 0.000000 policy/bro.init:201 Builtin Function called: open(f =
> 'alert.log')
> 0.000000 policy/bro.init:201 Function return: <no value
> description>
> 0.000000 policy/bro.init:201 Function return: <no value description>
> -----end of trace-------
>
More information about the Bro
mailing list