[9.060][MYTH] Snort crash (out_of_memory)

Hello ,

please check attechment
please let me know which other log /log content will help to diagnose

pm for remote (i will really appricate if we can do remote as i have some other issuse also so we can disccus thoes issuse also and i will try to reproduc that )

thanks

logfiles_20130123143310.zip

Parents

0 William Warren over 12 years ago

cpu, ram, nics, etc etc how many users, which modules in use..the usual things that should be in your posts..if not there then in your sig.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 utm_kid over 12 years ago in reply to William Warren

Hey man this is a bug

why it should crash at the time aroung 1:15 am when system is idel

[HTML]  2013:02:05-01:14:23 acenn kernel: [ 8040.042757] postgres invoked oom-killer: gfp_mask=0x280da, order=0, oom_score_adj=0
2013:02:05-01:14:23 acenn kernel: [ 8040.042761] Pid: 3819, comm: postgres Tainted: G           O 3.7.5-4.g8729af5-smp64 #1
2013:02:05-01:14:23 acenn kernel: [ 8040.042763] Call Trace:
2013:02:05-01:14:23 acenn kernel: [ 8040.042770]  [] ? dump_header+0x67/0x190
2013:02:05-01:14:23 acenn kernel: [ 8040.042774]  [] ? delayacct_end+0x74/0x7f
2013:02:05-01:14:23 acenn kernel: [ 8040.042777]  [] ? get_page_from_freelist+0x696/0x6f0
2013:02:05-01:14:23 acenn kernel: [ 8040.042779]  [] ? oom_kill_process+0x74/0x300
2013:02:05-01:14:23 acenn kernel: [ 8040.042781]  [] ? oom_badness+0x93/0xf3
2013:02:05-01:14:23 acenn kernel: [ 8040.042783]  [] ? out_of_memory+0x2f1/0x328
2013:02:05-01:14:23 acenn kernel: [ 8040.042786]  [] ? __alloc_pages_nodemask+0x4cf/0x58a
2013:02:05-01:14:23 acenn kernel: [ 8040.042789]  [] ? handle_pte_fault+0x1a9/0x7b2
2013:02:05-01:14:23 acenn kernel: [ 8040.042793]  [] ? do_page_fault+0x417/0x43b
2013:02:05-01:14:23 acenn kernel: [ 8040.042796]  [] ? ip_send_skb+0xc/0x33
2013:02:05-01:14:23 acenn kernel: [ 8040.042799]  [] ? udp_send_skb+0x266/0x2cf
2013:02:05-01:14:23 acenn kernel: [ 8040.042801]  [] ? udp_sendmsg+0x539/0x72b
2013:02:05-01:14:23 acenn kernel: [ 8040.042805]  [] ? read_tsc+0xa/0x20
2013:02:05-01:14:23 acenn kernel: [ 8040.042807]  [] ? page_fault+0x28/0x30
2013:02:05-01:14:23 acenn kernel: [ 8040.042809]  [] ? file_read_actor+0x36/0x122
2013:02:05-01:14:23 acenn kernel: [ 8040.042813]  [] ? lookup_fast+0x3d/0x242
2013:02:05-01:14:23 acenn kernel: [ 8040.042815]  [] ? generic_file_aio_read+0x38f/0x5dc
2013:02:05-01:14:23 acenn kernel: [ 8040.042819]  [] ? do_sync_read+0x8a/0xcc
2013:02:05-01:14:23 acenn kernel: [ 8040.042821]  [] ? vfs_read+0xa2/0xfa
2013:02:05-01:14:23 acenn kernel: [ 8040.042823]  [] ? sys_read+0x57/0x91
2013:02:05-01:14:23 acenn kernel: [ 8040.042826]  [] ? sys_mmap_pgoff+0xaf/0xd1
2013:02:05-01:14:23 acenn kernel: [ 8040.042829]  [] ? sysenter_dispatch+0x7/0x25
2013:02:05-01:14:23 acenn kernel: [ 8040.042830] Mem-Info:
2013:02:05-01:14:23 acenn kernel: [ 8040.042832] Node 0 DMA per-cpu:
2013:02:05-01:14:23 acenn kernel: [ 8040.042834] CPU    0: hi:    0, btch:   1 usd:   0
2013:02:05-01:14:23 acenn kernel: [ 8040.042835] Node 0 DMA32 per-cpu:
2013:02:05-01:14:23 acenn kernel: [ 8040.042837] CPU    0: hi:  186, btch:  31 usd:   0
2013:02:05-01:14:23 acenn kernel: [ 8040.042841] active_anon:164949 inactive_anon:55608 isolated_anon:0
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  active_file:853 inactive_file:2913 isolated_file:32
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  unevictable:8 dirty:0 writeback:0 unstable:0
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  free:3236 slab_reclaimable:3932 slab_unreclaimable:4820
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  mapped:7385 shmem:10808 pagetables:2322 bounce:0
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  free_cma:0
2013:02:05-01:14:23 acenn kernel: [ 8040.042844] Node 0 DMA free:7460kB min:44kB low:52kB high:64kB active_anon:3464kB inactive_anon:3584kB active_file:128kB inactive_file:424kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:15652kB mlocked:0kB dirty:0kB writeback:0kB mapped:96kB shmem:28kB slab_reclaimable:120kB slab_unreclaimable:160kB kernel_stack:72kB pagetables:52kB unstable:0kB bounce:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:6751 all_unreclaimable? yes
2013:02:05-01:14:23 acenn kernel: [ 8040.042850] lowmem_reserve[]: 0 1854 1854 1854
2013:02:05-01:14:23 acenn kernel: [ 8040.042853] Node 0 DMA32 free:5484kB min:5484kB low:6852kB high:8224kB active_anon:656332kB inactive_anon:218848kB active_file:3284kB inactive_file:11228kB unevictable:32kB isolated(anon):0kB isolated(file):128kB present:1899008kB mlocked:32kB dirty:0kB writeback:0kB mapped:29444kB shmem:43204kB slab_reclaimable:15608kB slab_unreclaimable:19120kB kernel_stack:3112kB pagetables:9236kB unstable:0kB bounce:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:70581 all_unreclaimable? yes
2013:02:05-01:14:23 acenn kernel: [ 8040.042859] lowmem_reserve[]: 0 0 0 0
2013:02:05-01:14:23 acenn kernel: [ 8040.042861] Node 0 DMA: 5*4kB 12*8kB 3*16kB 14*32kB 11*64kB 10*128kB 5*256kB 3*512kB 0*1024kB 1*2048kB 0*4096kB = 7460kB
2013:02:05-01:14:23 acenn kernel: [ 8040.042867] Node 0 DMA32: 1094*4kB 5*8kB 2*16kB 3*32kB 9*64kB 3*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5504kB
2013:02:05-01:14:23 acenn kernel: [ 8040.042873] 31092 total pagecache pages
2013:02:05-01:14:23 acenn kernel: [ 8040.042875] 16467 pages in swap cache
2013:02:05-01:14:23 acenn kernel: [ 8040.042876] Swap cache stats: add 602582, delete 586115, find 2558841/2580965
2013:02:05-01:14:23 acenn kernel: [ 8040.042877] Free swap  = 0kB
2013:02:05-01:14:23 acenn kernel: [ 8040.042878] Total swap = 1048572kB
2013:02:05-01:14:23 acenn kernel: [ 8040.049889] 486384 pages RAM
2013:02:05-01:14:23 acenn kernel: [ 8040.049891] 9285 pages reserved
2013:02:05-01:14:23 acenn kernel: [ 8040.049892] 325143 pages shared
2013:02:05-01:14:23 acenn kernel: [ 8040.049893] 457950 pages non-shared  [/HTML]

2013:02:05-01:15:14 acenn snort[29805]: Enabling inline operation
2013:02:05-01:15:14 acenn snort[29805]: Running in IDS mode
2013:02:05-01:15:14 acenn snort[29805]:
2013:02:05-01:15:14 acenn snort[29805]:         --== Initializing Snort ==--
2013:02:05-01:15:14 acenn snort[29805]: Initializing Output Plugins!
2013:02:05-01:15:14 acenn snort[29805]: Initializing Preprocessors!
2013:02:05-01:15:14 acenn snort[29805]: Initializing Plug-ins!
2013:02:05-01:15:14 acenn snort[29805]: Parsing Rules file "/etc/snort/snort.conf"
2013:02:05-01:15:14 acenn snort[29805]: PortVar 'HTTP_PORTS' defined :
2013:02:05-01:15:14 acenn snort[29805]:  [ 80 2301 3128 7777 7779 8000 8008 8028 8080 8180 8888 9999 ]
2013:02:05-01:15:14 acenn snort[29805]:
2013:02:05-01:15:14 acenn snort[29805]: PortVar 'FILE_DATA_PORTS' defined :
2013:02:05-01:15:14 acenn snort[29805]:  [ 80 110 143 2301 3128 7777 7779 8000 8008 8028 8080 8180 8888 9999 ]
2013:02:05-01:15:14 acenn snort[29805]:
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 utm_kid over 12 years ago in reply to William Warren

Hey man this is a bug

why it should crash at the time aroung 1:15 am when system is idel

[HTML]  2013:02:05-01:14:23 acenn kernel: [ 8040.042757] postgres invoked oom-killer: gfp_mask=0x280da, order=0, oom_score_adj=0
2013:02:05-01:14:23 acenn kernel: [ 8040.042761] Pid: 3819, comm: postgres Tainted: G           O 3.7.5-4.g8729af5-smp64 #1
2013:02:05-01:14:23 acenn kernel: [ 8040.042763] Call Trace:
2013:02:05-01:14:23 acenn kernel: [ 8040.042770]  [] ? dump_header+0x67/0x190
2013:02:05-01:14:23 acenn kernel: [ 8040.042774]  [] ? delayacct_end+0x74/0x7f
2013:02:05-01:14:23 acenn kernel: [ 8040.042777]  [] ? get_page_from_freelist+0x696/0x6f0
2013:02:05-01:14:23 acenn kernel: [ 8040.042779]  [] ? oom_kill_process+0x74/0x300
2013:02:05-01:14:23 acenn kernel: [ 8040.042781]  [] ? oom_badness+0x93/0xf3
2013:02:05-01:14:23 acenn kernel: [ 8040.042783]  [] ? out_of_memory+0x2f1/0x328
2013:02:05-01:14:23 acenn kernel: [ 8040.042786]  [] ? __alloc_pages_nodemask+0x4cf/0x58a
2013:02:05-01:14:23 acenn kernel: [ 8040.042789]  [] ? handle_pte_fault+0x1a9/0x7b2
2013:02:05-01:14:23 acenn kernel: [ 8040.042793]  [] ? do_page_fault+0x417/0x43b
2013:02:05-01:14:23 acenn kernel: [ 8040.042796]  [] ? ip_send_skb+0xc/0x33
2013:02:05-01:14:23 acenn kernel: [ 8040.042799]  [] ? udp_send_skb+0x266/0x2cf
2013:02:05-01:14:23 acenn kernel: [ 8040.042801]  [] ? udp_sendmsg+0x539/0x72b
2013:02:05-01:14:23 acenn kernel: [ 8040.042805]  [] ? read_tsc+0xa/0x20
2013:02:05-01:14:23 acenn kernel: [ 8040.042807]  [] ? page_fault+0x28/0x30
2013:02:05-01:14:23 acenn kernel: [ 8040.042809]  [] ? file_read_actor+0x36/0x122
2013:02:05-01:14:23 acenn kernel: [ 8040.042813]  [] ? lookup_fast+0x3d/0x242
2013:02:05-01:14:23 acenn kernel: [ 8040.042815]  [] ? generic_file_aio_read+0x38f/0x5dc
2013:02:05-01:14:23 acenn kernel: [ 8040.042819]  [] ? do_sync_read+0x8a/0xcc
2013:02:05-01:14:23 acenn kernel: [ 8040.042821]  [] ? vfs_read+0xa2/0xfa
2013:02:05-01:14:23 acenn kernel: [ 8040.042823]  [] ? sys_read+0x57/0x91
2013:02:05-01:14:23 acenn kernel: [ 8040.042826]  [] ? sys_mmap_pgoff+0xaf/0xd1
2013:02:05-01:14:23 acenn kernel: [ 8040.042829]  [] ? sysenter_dispatch+0x7/0x25
2013:02:05-01:14:23 acenn kernel: [ 8040.042830] Mem-Info:
2013:02:05-01:14:23 acenn kernel: [ 8040.042832] Node 0 DMA per-cpu:
2013:02:05-01:14:23 acenn kernel: [ 8040.042834] CPU    0: hi:    0, btch:   1 usd:   0
2013:02:05-01:14:23 acenn kernel: [ 8040.042835] Node 0 DMA32 per-cpu:
2013:02:05-01:14:23 acenn kernel: [ 8040.042837] CPU    0: hi:  186, btch:  31 usd:   0
2013:02:05-01:14:23 acenn kernel: [ 8040.042841] active_anon:164949 inactive_anon:55608 isolated_anon:0
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  active_file:853 inactive_file:2913 isolated_file:32
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  unevictable:8 dirty:0 writeback:0 unstable:0
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  free:3236 slab_reclaimable:3932 slab_unreclaimable:4820
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  mapped:7385 shmem:10808 pagetables:2322 bounce:0
2013:02:05-01:14:23 acenn kernel: [ 8040.042841]  free_cma:0
2013:02:05-01:14:23 acenn kernel: [ 8040.042844] Node 0 DMA free:7460kB min:44kB low:52kB high:64kB active_anon:3464kB inactive_anon:3584kB active_file:128kB inactive_file:424kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:15652kB mlocked:0kB dirty:0kB writeback:0kB mapped:96kB shmem:28kB slab_reclaimable:120kB slab_unreclaimable:160kB kernel_stack:72kB pagetables:52kB unstable:0kB bounce:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:6751 all_unreclaimable? yes
2013:02:05-01:14:23 acenn kernel: [ 8040.042850] lowmem_reserve[]: 0 1854 1854 1854
2013:02:05-01:14:23 acenn kernel: [ 8040.042853] Node 0 DMA32 free:5484kB min:5484kB low:6852kB high:8224kB active_anon:656332kB inactive_anon:218848kB active_file:3284kB inactive_file:11228kB unevictable:32kB isolated(anon):0kB isolated(file):128kB present:1899008kB mlocked:32kB dirty:0kB writeback:0kB mapped:29444kB shmem:43204kB slab_reclaimable:15608kB slab_unreclaimable:19120kB kernel_stack:3112kB pagetables:9236kB unstable:0kB bounce:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:70581 all_unreclaimable? yes
2013:02:05-01:14:23 acenn kernel: [ 8040.042859] lowmem_reserve[]: 0 0 0 0
2013:02:05-01:14:23 acenn kernel: [ 8040.042861] Node 0 DMA: 5*4kB 12*8kB 3*16kB 14*32kB 11*64kB 10*128kB 5*256kB 3*512kB 0*1024kB 1*2048kB 0*4096kB = 7460kB
2013:02:05-01:14:23 acenn kernel: [ 8040.042867] Node 0 DMA32: 1094*4kB 5*8kB 2*16kB 3*32kB 9*64kB 3*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5504kB
2013:02:05-01:14:23 acenn kernel: [ 8040.042873] 31092 total pagecache pages
2013:02:05-01:14:23 acenn kernel: [ 8040.042875] 16467 pages in swap cache
2013:02:05-01:14:23 acenn kernel: [ 8040.042876] Swap cache stats: add 602582, delete 586115, find 2558841/2580965
2013:02:05-01:14:23 acenn kernel: [ 8040.042877] Free swap  = 0kB
2013:02:05-01:14:23 acenn kernel: [ 8040.042878] Total swap = 1048572kB
2013:02:05-01:14:23 acenn kernel: [ 8040.049889] 486384 pages RAM
2013:02:05-01:14:23 acenn kernel: [ 8040.049891] 9285 pages reserved
2013:02:05-01:14:23 acenn kernel: [ 8040.049892] 325143 pages shared
2013:02:05-01:14:23 acenn kernel: [ 8040.049893] 457950 pages non-shared  [/HTML]

2013:02:05-01:15:14 acenn snort[29805]: Enabling inline operation
2013:02:05-01:15:14 acenn snort[29805]: Running in IDS mode
2013:02:05-01:15:14 acenn snort[29805]:
2013:02:05-01:15:14 acenn snort[29805]:         --== Initializing Snort ==--
2013:02:05-01:15:14 acenn snort[29805]: Initializing Output Plugins!
2013:02:05-01:15:14 acenn snort[29805]: Initializing Preprocessors!
2013:02:05-01:15:14 acenn snort[29805]: Initializing Plug-ins!
2013:02:05-01:15:14 acenn snort[29805]: Parsing Rules file "/etc/snort/snort.conf"
2013:02:05-01:15:14 acenn snort[29805]: PortVar 'HTTP_PORTS' defined :
2013:02:05-01:15:14 acenn snort[29805]:  [ 80 2301 3128 7777 7779 8000 8008 8028 8080 8180 8888 9999 ]
2013:02:05-01:15:14 acenn snort[29805]:
2013:02:05-01:15:14 acenn snort[29805]: PortVar 'FILE_DATA_PORTS' defined :
2013:02:05-01:15:14 acenn snort[29805]:  [ 80 110 143 2301 3128 7777 7779 8000 8008 8028 8080 8180 8888 9999 ]
2013:02:05-01:15:14 acenn snort[29805]:
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data