[Bro] seg fault on bro v1.5 pre-release svn 10oct2009 with policy/all.bro
rmkml
rmkml at free.fr
Sat Oct 10 16:49:11 PDT 2009
Thx for your very good job Robin (and team)!
ok run bro with gdb:
...
[rewrite_dns_PTR_reply] = 56,
[FTP::ftp_ports] = 472,
[Drop::never_drop_nets] = 336
}
Program received signal SIGSEGV, Segmentation fault.
0x0817c778 in Serializer::StartSerialization (this=0x9f96718, info=0xbfe7a0b8,
descr=0x824a0a9 "call", tag=101 'e') at Serializer.cc:60
60 format->StartWrite();
(gdb) bt full
#0 0x0817c778 in Serializer::StartSerialization (this=0x9f96718,
info=0xbfe7a0b8, descr=0x824a0a9 "call", tag=101 'e') at Serializer.cc:60
__PRETTY_FUNCTION__ = "bool Serializer::StartSerialization(SerialInfo*, const char*, char)"
#1 0x0817caf9 in Serializer::Serialize (this=0x9f96718, info=0xbfe7a0b8,
func=0x8bbe1f8 "rotate_interval", args=0x9f21c38) at Serializer.cc:133
a = <value optimized out>
i = <value optimized out>
#2 0x080ecf73 in BroFile::CloseCachedFiles () at Event.h:40
vl = (val_list *) 0x9f21c38
event = (class Event *) 0x8baef50
f = (BroFile *) 0x9fd2690
next = <value optimized out>
#3 0x0804e32f in termination_signal () at main.cc:301
sval = {<BroObj> = {<SerialObj> = {_vptr.SerialObj = 0x8250108,
static NEVER = 0, static ALWAYS = 1, static factories = 0x8b90930,
static names = 0x8b90950, static time_counter = 5236},
in_ser_cache = false, location = 0x0, ref_cnt = 1,
static suppress_runtime = 0}, static register_type = {<No data fields>},
tid = {id = 352301, static counter = 386311}, val = {int_val = 15,
uint_val = 15, addr_val = 0xf, subnet_val = {net = {15, 167050090, 14,
167048488}, width = 3219628376}, double_val = 1.0661355626552263e-260,
string_val = 0xf, func_val = 0xf, file_val = 0xf, re_val = 0xf,
---Type <return> to continue, or q <return> to quit---
table_val = 0xf, val_list_val = 0xf, vector_val = 0xf}, type = 0x8bbec70,
attribs = 0x0}
#4 0x0813f5a5 in net_run () at Net.cc:593
ts = 1231950283.285104
src = <value optimized out>
#5 0x0804f80f in main (argc=0, argv=0xbfe7a524) at main.cc:999
flow = FLOW_NEXT
f = {<BroObj> = {<SerialObj> = {_vptr.SerialObj = 0x8249f28,
static NEVER = 0, static ALWAYS = 1, static factories = 0x8b90930,
static names = 0x8b90950, static time_counter = 5236},
in_ser_cache = false, location = 0x0, ref_cnt = 1,
static suppress_runtime = 0}, frame = 0x9fd8488, size = 2844,
function = 0x0, func_args = 0x0, next_stmt = 0x0,
break_before_next_stmt = false, break_on_return = false, trigger = 0x0,
call = 0x0, delayed = false}
interfaces = {<BaseList> = {entry = 0x8b94518, chunk_size = 10,
max_entries = 10, num_entries = 0}, <No data fields>}
read_files = {<BaseList> = {entry = 0x8b94548, chunk_size = 10,
max_entries = 10, num_entries = 1}, <No data fields>}
netflows = {<BaseList> = {entry = 0x8b94578, chunk_size = 10,
max_entries = 10, num_entries = 0}, <No data fields>}
flow_files = {<BaseList> = {entry = 0x8b945a8, chunk_size = 10,
max_entries = 10, num_entries = 0}, <No data fields>}
---Type <return> to continue, or q <return> to quit---
rule_files = {<BaseList> = {entry = 0x8b945d8, chunk_size = 10,
max_entries = 10, num_entries = 2}, <No data fields>}
transformed_writefile = 0x0
bst_file = 0x0
id_name = 0x0
events_file = 0x0
seed_load_file = 0x0
seed_save_file = 0x0
seed = 0
dump_cfg = 0
do_watchdog = 0
override_ignore_checksums = 0
rule_debug = 0
RE_level = 4
dns_type = DNS_FAKE
oldhandler = <value optimized out>
p = <value optimized out>
long_optsind = 137046432
opts = "A:a:B:D:e:f:I:i:K:n:p:R:r:s:T:t:U:w:x:X:y:Y:z:CFGHLOPSWdghlv", '\0' <repeats 195 times>
op = <value optimized out>
script_rule_files = <value optimized out>
tmp = 0x0
---Type <return> to continue, or q <return> to quit---
s = <value optimized out>
bro_alarm_file = <value optimized out>
bro_init = {handler = 0x8baf118}
dead_handlers = <value optimized out>
alive_handlers = <value optimized out>
long_opts = {{name = 0x82251d9 "debug-policy", has_arg = 0,
flag = 0x0, val = 100}, {name = 0x82251e6 "dump-config", has_arg = 0,
flag = 0x0, val = 103}, {name = 0x82251f2 "exec", has_arg = 1, flag = 0x0,
val = 101}, {name = 0x823bc9d "filter", has_arg = 1, flag = 0x0,
val = 102}, {name = 0x82251f7 "help", has_arg = 0, flag = 0x0, val = 104},
{name = 0x82251fc "iface", has_arg = 1, flag = 0x0, val = 105}, {
name = 0x8225202 "print-scripts", has_arg = 0, flag = 0x0, val = 108}, {
name = 0x82507d3 "prefix", has_arg = 1, flag = 0x0, val = 112}, {
name = 0x8225210 "readfile", has_arg = 1, flag = 0x0, val = 114}, {
name = 0x8225219 "flowfile", has_arg = 1, flag = 0x0, val = 121}, {
name = 0x8225222 "netflow", has_arg = 1, flag = 0x0, val = 89}, {
name = 0x822522a "rulefile", has_arg = 1, flag = 0x0, val = 115}, {
name = 0x8225233 "tracefile", has_arg = 1, flag = 0x0, val = 116}, {
name = 0x822523d "writefile", has_arg = 1, flag = 0x0, val = 119}, {
name = 0x824698f "version", has_arg = 0, flag = 0x0, val = 118}, {
name = 0x8225247 "print-state", has_arg = 1, flag = 0x0, val = 120}, {
name = 0x8225253 "analyze", has_arg = 1, flag = 0x0, val = 122}, {
name = 0x822525b "transfile", has_arg = 1, flag = 0x0, val = 65}, {
---Type <return> to continue, or q <return> to quit---
name = 0x8225265 "no-checksums", has_arg = 0, flag = 0x0, val = 67}, {
name = 0x8225272 "dfa-cache", has_arg = 1, flag = 0x0, val = 68}, {
name = 0x822527c "force-dns", has_arg = 0, flag = 0x0, val = 70}, {
name = 0x8225286 "load-seeds", has_arg = 1, flag = 0x0, val = 71}, {
name = 0x8225291 "save-seeds", has_arg = 1, flag = 0x0, val = 72}, {
name = 0x822529c "set-seed", has_arg = 1, flag = 0x0, val = 74}, {
name = 0x82252a5 "md5-hashkey", has_arg = 1, flag = 0x0, val = 75}, {
name = 0x82252b1 "rule-benchmark", has_arg = 0, flag = 0x0, val = 76}, {
name = 0x82252c0 "optimize", has_arg = 0, flag = 0x0, val = 79}, {
name = 0x82252c9 "prime-dns", has_arg = 0, flag = 0x0, val = 80}, {
name = 0x82252d3 "replay", has_arg = 1, flag = 0x0, val = 82}, {
name = 0x82252da "debug-rules", has_arg = 0, flag = 0x0, val = 83}, {
name = 0x82252e6 "re-level", has_arg = 1, flag = 0x0, val = 82}, {
name = 0x82252ef "watchdog", has_arg = 0, flag = 0x0, val = 87}, {
name = 0x82252f8 "print-id", has_arg = 1, flag = 0x0, val = 73}, {
name = 0x8225301 "status-file", has_arg = 1, flag = 0x0, val = 85}, {
name = 0x822530d "pseudo-realtime", has_arg = 2, flag = 0x0, val = 69}, {
name = 0x822531d "use-binpac", has_arg = 0, flag = 0x82b3d48, val = 1}, {
name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
(gdb)
Do you need more information?
Regards
Rmkml
Crusoe-Researches.com
On Sat, 10 Oct 2009, Robin Sommer wrote:
>
> On Sat, Oct 10, 2009 at 14:26 +0200, rmkml wrote:
>
>> #@load capture-events
>
> Ok, that helps to pinpoint it somewhat already. If you're familiar
> with gdb, can you send a stack-backtrace? See
> http://blog.icir.org/2009/01/how-to-report-bro-problem.html for more
> information on how to get that. Thanks!
>
> Robin
>
> --
> Robin Sommer * Phone +1 (510) 666-2886 * robin at icir.org
> ICSI/LBNL * Fax +1 (510) 666-2956 * www.icir.org
>
More information about the Bro
mailing list