You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am reaching out to report a specific issue we've encountered while using Zeek in conjunction with the ZAM optimization. During live network analysis, we encountered a segmentation fault in Zeek which seems related to the ZAM. The crash occurs in zeek::detail::ZBody::DoExec().
Description of the environment
We use Zeek for real-time network traffic analysis. In our setup, We make use of the ZAM optimization to enhance Zeek's overall performance. Nonetheless, we have come across a problem where Zeek processes begin to crash due to segmentation faults in response to certain specific types of traffic. We have collected core dumps from these crashes. Notably, all these core dumps point to zeek::detail::ZBody::DoExec() as the problematic function, which seems related to ZAM.
The GDB trace is as attached figure below
Environment
Zeek Version: 5.2.2
Operating System: Ubuntu 22.04 LTS
Start Zeek with ZAM by: zeek -O ZAM ...
Thank you very much for your time and attention. Please feel free to reach out if additional information is required. Looking forward to any guidance or suggestions you might have.
The text was updated successfully, but these errors were encountered:
We use Zeek for real-time network traffic analysis. In our setup, We make use of the ZAM optimization to enhance Zeek's overall performance. Nonetheless, we have come across a problem where Zeek processes begin to crash due to segmentation faults in response to certain specific types of traffic. We have collected core dumps from these crashes. Notably, all these core dumps point to zeek::detail::ZBody::DoExec() as the problematic function, which seems related to ZAM.
Zeek Version: 5.2.2
@maofeichen , Zeek 5.2.2 is unsupported at this point. Specifically with ZAM which continues to be under heavy development (feature and bugfix wise), you should at least upgrade to the Zeek 6.0.x release. Preferably, for ZAM, you should run a much later version (possibly even master). We're not currently backporting ZAM fixes to LTS releases due to the maturity level and processes around this feature. That said, if 6.0 is crashing and a reasonable fix can be determined, we'll likely backport it for the next LTS stable release.
Hello,
I am reaching out to report a specific issue we've encountered while using Zeek in conjunction with the ZAM optimization. During live network analysis, we encountered a segmentation fault in Zeek which seems related to the ZAM. The crash occurs in
zeek::detail::ZBody::DoExec()
.Description of the environment
We use Zeek for real-time network traffic analysis. In our setup, We make use of the ZAM optimization to enhance Zeek's overall performance. Nonetheless, we have come across a problem where Zeek processes begin to crash due to segmentation faults in response to certain specific types of traffic. We have collected core dumps from these crashes. Notably, all these core dumps point to
zeek::detail::ZBody::DoExec()
as the problematic function, which seems related to ZAM.The GDB trace is as attached figure below
Environment
Thank you very much for your time and attention. Please feel free to reach out if additional information is required. Looking forward to any guidance or suggestions you might have.
The text was updated successfully, but these errors were encountered: