Argus memory issues

Peter Van Epp vanepp at sfu.ca
Thu Aug 23 12:01:56 EDT 2007 

	Interesting problem. I had the client still running on the Mac and 
when I tried to start the argus I got a bind error on port 560 til I killed
the client on another machine. I'm about to restart the argus with .threads
enabled. 
	With threads enabled and starting a client I get a seg fault again:

hcids:/scratch # gdb64 argus core.19968
GNU gdb 6.5
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "ppc64-suse-linux"...Using host libthread_db library "/lib64/power5+/libthread_db.so.1".


warning: Can't read pathname for load map: Input/output error.
Reading symbols from /usr/local/lib/libpcap.so.0...done.
Loaded symbols for /usr/local/lib/libpcap.so.0
Reading symbols from /lib64/libwrap.so.0...done.
Loaded symbols for /lib64/libwrap.so.0
Reading symbols from /lib64/libnsl.so.1...done.
Loaded symbols for /lib64/libnsl.so.1
Reading symbols from /lib64/power5+/libpthread.so.0...done.
Loaded symbols for /lib64/power5+/libpthread.so.0
Reading symbols from /lib64/power5+/libm.so.6...done.
Loaded symbols for /lib64/power5+/libm.so.6
Reading symbols from /lib64/power5+/libc.so.6...done.
Loaded symbols for /lib64/power5+/libc.so.6
Reading symbols from /lib64/ld64.so.1...done.
Loaded symbols for /lib64/ld64.so.1
Failed to read a valid object file image from memory.
Core was generated by `argus -JR -P 560 -i eth0 -i eth1 -U 512 -m -D 4 -F /scratch/argus.conf '.
Program terminated with signal 11, Segmentation fault.
#0  0x000000001002841c in ArgusFree (buf=0x41) at argus_util.c:1341
1341             if (mem->tag != ARGUS_ALLOC)
(gdb) where
#0  0x000000001002841c in ArgusFree (buf=0x41) at argus_util.c:1341
#1  0x000000001001134c in ArgusCopyRecordStruct (rec=0x10491a80)
    at ArgusModeler.c:2781
#2  0x000000001001e348 in ArgusWriteSocket (output=0x1024ce40, 
    client=0x1048a2b0, rec=0x10491a80) at ArgusUtil.c:1349
#3  0x0000000010022994 in ArgusOutputProcess (arg=0x1024ce40)
    at ArgusOutput.c:527
#4  0x000004000010cd9c in .start_thread () from /lib64/power5+/libpthread.so.0
#5  0x0000040000302c2c in .__clone () from /lib64/power5+/libc.so.6
Previous frame inner to this frame (corrupt stack?)

	I'll restart without starting a client and see if that works better
in case the client is doing bad things :-).

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

More information about the argus mailing list