Ubuntu 18.04 Seccomp Failures #197

hosom · 2019-01-08T17:38:52Z

It looks like Stenotype's seccomp sandbox may need tweaked for the version of libc that ships with Ubuntu 18.04. For now, those using 18.04 may need to run with --seccomp=none.

#0122019-01-08T17:30:10.020384Z T:6ffff7 [stenotype.cc:462] CHECK(SUCCEEDED(__check_success_error__)) output.Rotate(file_dirname, micros, flag_preallocate_file_mb << 20): Function not implemented <- open

The text was updated successfully, but these errors were encountered:

gconnell · 2019-01-08T19:09:57Z

Thanks for the report!

If you have the time/inclination, could you run stenotype with --seccomp=trace under strace, so we can see if we can find the exact syscall that's causing this issue? I'll also test locally, since I think I may have access to a recent ubuntu on a box somewhere.

gconnell · 2019-01-08T19:12:33Z

My guess is that some of the flags here changed: https://github.com/google/stenographer/blob/master/stenotype/stenotype.cc#L371

hosom · 2019-01-22T13:51:37Z

It looks that way...

~# strace stenotype -v -v -v --seccomp=trace --dir=/opt/steno/pkts1 --iface=ens4f1
execve("/usr/bin/stenotype", ["stenotype", "-v", "-v", "-v", "--seccomp=trace", "--dir=/opt/steno/pkts1", "--iface=ens4f1"], 0x7ffc6e72b310 /* 19 vars */) = 0
brk(NULL)                               = 0x5601fba3c000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f7562e91000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libleveldb.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@$\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=379760, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7562e8f000
mmap(NULL, 2474872, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7562a15000
mprotect(0x7f7562a6f000, 2097152, PROT_NONE) = 0
mmap(0x7f7562c6f000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5a000) = 0x7f7562c6f000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=31680, ...}) = 0
mmap(NULL, 2128864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f756280d000
mprotect(0x7f7562814000, 2093056, PROT_NONE) = 0
mmap(0x7f7562a13000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f7562a13000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libaio.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\5\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=5480, ...}) = 0
mmap(NULL, 2101264, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f756260b000
mprotect(0x7f756260c000, 2093056, PROT_NONE) = 0
mmap(0x7f756280b000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0x7f756280b000
mmap(0x7f756280c000, 16, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f756280c000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000b\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=144976, ...}) = 0
mmap(NULL, 2221184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f75623ec000
mprotect(0x7f7562406000, 2093056, PROT_NONE) = 0
mmap(0x7f7562605000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19000) = 0x7f7562605000
mmap(0x7f7562607000, 13440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7562607000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libseccomp.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \30\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=280776, ...}) = 0
mmap(NULL, 2375912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f75621a7000
mprotect(0x7f75621d5000, 2097152, PROT_NONE) = 0
mmap(0x7f75623d5000, 94208, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7f75623d5000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libstdc++.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\303\10\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=1594832, ...}) = 0
mmap(NULL, 3702816, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7561e1e000
mprotect(0x7f7561f97000, 2097152, PROT_NONE) = 0
mmap(0x7f7562197000, 49152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x179000) = 0x7f7562197000
mmap(0x7f75621a3000, 12320, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f75621a3000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgcc_s.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300*\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=96616, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7562e8d000
mmap(NULL, 2192432, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7561c06000
mprotect(0x7f7561c1d000, 2093056, PROT_NONE) = 0
mmap(0x7f7561e1c000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7f7561e1c000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\34\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2030544, ...}) = 0
mmap(NULL, 4131552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7561815000
mprotect(0x7f75619fc000, 2097152, PROT_NONE) = 0
mmap(0x7f7561bfc000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7f7561bfc000
mmap(0x7f7561c02000, 15072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7561c02000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libsnappy.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260!\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=30928, ...}) = 0
mmap(NULL, 2125976, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f756160d000
mprotect(0x7f7561614000, 2093056, PROT_NONE) = 0
mmap(0x7f7561813000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f7561813000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\272\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=1700792, ...}) = 0
mmap(NULL, 3789144, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f756126f000
mprotect(0x7f756140c000, 2093056, PROT_NONE) = 0
mmap(0x7f756160b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19c000) = 0x7f756160b000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7562e8b000
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7562e88000
arch_prctl(ARCH_SET_FS, 0x7f7562e88740) = 0
mprotect(0x7f7561bfc000, 16384, PROT_READ) = 0
mprotect(0x7f756160b000, 4096, PROT_READ) = 0
mprotect(0x7f7561e1c000, 4096, PROT_READ) = 0
mprotect(0x7f7562197000, 40960, PROT_READ) = 0
mprotect(0x7f7561813000, 4096, PROT_READ) = 0
mprotect(0x7f75623d5000, 90112, PROT_READ) = 0
mprotect(0x7f7562605000, 4096, PROT_READ) = 0
mprotect(0x7f756280b000, 4096, PROT_READ) = 0
mprotect(0x7f7562a13000, 4096, PROT_READ) = 0
mprotect(0x7f7562c6f000, 8192, PROT_READ) = 0
mprotect(0x5601fb041000, 4096, PROT_READ) = 0
mprotect(0x7f7562e99000, 4096, PROT_READ) = 0
munmap(0x7f7562e91000, 28744)           = 0
set_tid_address(0x7f7562e88a10)         = 20987
set_robust_list(0x7f7562e88a20, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7f75623f1cb0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7f75623fe890}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7f75623f1d50, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7f75623fe890}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
brk(NULL)                               = 0x5601fba3c000
brk(0x5601fba5d000)                     = 0x5601fba5d000
futex(0x7f75621a407c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7f75621a4088, FUTEX_WAKE_PRIVATE, 2147483647) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1875802, tv_nsec=2408605}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1875802, tv_nsec=2459275}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1875802, tv_nsec=2505442}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1875802, tv_nsec=2550858}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1875802, tv_nsec=2596762}) = 0
prctl(PR_SET_PDEATHSIG, SIGTERM)        = 0
openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=127, ...}) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=127, ...}) = 0
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0\0\0\0"..., 4096) = 127
lseek(3, -71, SEEK_CUR)                 = 56
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0\0\0\0"..., 4096) = 71
close(3)                                = 0
write(2, "2019-01-22T13:53:05.156368Z T:62"..., 962019-01-22T13:53:05.156368Z T:62e887 [stenotype.cc:545] Stenotype running with these arguments:
) = 96
write(2, "2019-01-22T13:53:05.156855Z T:62"..., 712019-01-22T13:53:05.156855Z T:62e887 [stenotype.cc:547] 0:	"stenotype"
) = 71
write(2, "2019-01-22T13:53:05.156915Z T:62"..., 642019-01-22T13:53:05.156915Z T:62e887 [stenotype.cc:547] 1:	"-v"
) = 64
write(2, "2019-01-22T13:53:05.156972Z T:62"..., 642019-01-22T13:53:05.156972Z T:62e887 [stenotype.cc:547] 2:	"-v"
) = 64
write(2, "2019-01-22T13:53:05.157027Z T:62"..., 642019-01-22T13:53:05.157027Z T:62e887 [stenotype.cc:547] 3:	"-v"
) = 64
write(2, "2019-01-22T13:53:05.157082Z T:62"..., 772019-01-22T13:53:05.157082Z T:62e887 [stenotype.cc:547] 4:	"--seccomp=trace"
) = 77
write(2, "2019-01-22T13:53:05.157138Z T:62"..., 842019-01-22T13:53:05.157138Z T:62e887 [stenotype.cc:547] 5:	"--dir=/opt/steno/pkts1"
) = 84
write(2, "2019-01-22T13:53:05.157193Z T:62"..., 762019-01-22T13:53:05.157193Z T:62e887 [stenotype.cc:547] 6:	"--iface=ens4f1"
) = 76
write(2, "2019-01-22T13:53:05.157248Z T:62"..., 842019-01-22T13:53:05.157248Z T:62e887 [stenotype.cc:549] Starting, page size is 4096
) = 84
write(2, "2019-01-22T13:53:05.157306Z T:62"..., 1042019-01-22T13:53:05.157306Z T:62e887 [stenotype.cc:576] Setting up AF_PACKET sockets for packet reading
) = 104
socket(AF_PACKET, SOCK_RAW, 0)          = 3
setsockopt(3, SOL_PACKET, PACKET_VERSION, [2], 4) = 0
setsockopt(3, SOL_PACKET, PACKET_RX_RING, 0x7ffee590c290, 28) = 0
mmap(NULL, 2147483648, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_NORESERVE|MAP_LOCKED, 3, 0) = 0x7f74e126f000
getpid()                                = 20987
access("/proc/net", R_OK)               = 0
access("/proc/net/unix", R_OK)          = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
ioctl(4, SIOCGIFINDEX, {ifr_name="ens4f1", }) = 0
close(4)                                = 0
write(2, "2019-01-22T13:53:05.807921Z T:62"..., 902019-01-22T13:53:05.807921Z T:62e887 [packets.cc:229] Setting promiscuous mode for ens4f1
) = 90
ioctl(3, SIOCGIFFLAGS, {ifr_name="ens4f1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_NOARP|IFF_PROMISC|IFF_MULTICAST}) = 0
write(2, "2019-01-22T13:53:05.808036Z T:62"..., 952019-01-22T13:53:05.808036Z T:62e887 [packets.cc:237] Interface ens4f1 already in promisc mode
) = 95
bind(3, {sa_family=AF_PACKET, sll_protocol=htons(ETH_P_ALL), sll_ifindex=if_nametoindex("ens4f1"), sll_hatype=ARPHRD_NETROM, sll_pkttype=PACKET_HOST, sll_halen=0}, 20) = 0
brk(0x5601fba83000)                     = 0x5601fba83000
umask(077)                              = 022
write(2, "2019-01-22T13:53:05.808347Z T:62"..., 762019-01-22T13:53:05.808347Z T:62e887 [stenotype.cc:248] Dropping privileges
) = 76
getgid()                                = 0
getgid()                                = 0
write(2, "2019-01-22T13:53:05.808433Z T:62"..., 992019-01-22T13:53:05.808433Z T:62e887 [stenotype.cc:253] Dropping priviledges from 0 to GID nogroup
) = 99
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
openat(AT_FDCWD, "/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=513, ...}) = 0
read(4, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 513
read(4, "", 4096)                       = 0
close(4)                                = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f7562e91000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_compat.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\22\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=39744, ...}) = 0
mmap(NULL, 2136256, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f74e1065000
mprotect(0x7f74e106d000, 2097152, PROT_NONE) = 0
mmap(0x7f74e126d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x8000) = 0x7f74e126d000
close(4)                                = 0
mprotect(0x7f74e126d000, 4096, PROT_READ) = 0
munmap(0x7f7562e91000, 28744)           = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f7562e91000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p \0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=47576, ...}) = 0
mmap(NULL, 2143624, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f74e0e59000
mprotect(0x7f74e0e64000, 2093056, PROT_NONE) = 0
mmap(0x7f74e1063000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x7f74e1063000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnsl.so.1", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220@\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=97176, ...}) = 0
mmap(NULL, 2202200, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f74e0c3f000
mprotect(0x7f74e0c56000, 2093056, PROT_NONE) = 0
mmap(0x7f74e0e55000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x16000) = 0x7f74e0e55000
mmap(0x7f74e0e57000, 6744, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f74e0e57000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P#\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=47568, ...}) = 0
mmap(NULL, 2168632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f74e0a2d000
mprotect(0x7f74e0a38000, 2093056, PROT_NONE) = 0
mmap(0x7f74e0c37000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x7f74e0c37000
mmap(0x7f74e0c39000, 22328, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f74e0c39000
close(4)                                = 0
mprotect(0x7f74e0c37000, 4096, PROT_READ) = 0
mprotect(0x7f74e0e55000, 4096, PROT_READ) = 0
mprotect(0x7f74e1063000, 4096, PROT_READ) = 0
munmap(0x7f7562e91000, 28744)           = 0
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
mmap(NULL, 783, PROT_READ, MAP_SHARED, 4, 0) = 0x7f7562e98000
lseek(4, 783, SEEK_SET)                 = 783
munmap(0x7f7562e98000, 783)             = 0
close(4)                                = 0
setgid(65534)                           = 0
getuid()                                = 0
getuid()                                = 0
write(2, "2019-01-22T13:53:05.811487Z T:62"..., 982019-01-22T13:53:05.811487Z T:62e887 [stenotype.cc:265] Dropping priviledges from 0 to UID nobody
) = 98
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
openat(AT_FDCWD, "/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=1769, ...}) = 0
mmap(NULL, 1769, PROT_READ, MAP_SHARED, 4, 0) = 0x7f7562e98000
lseek(4, 1769, SEEK_SET)                = 1769
munmap(0x7f7562e98000, 1769)            = 0
close(4)                                = 0
getgid()                                = 65534
openat(AT_FDCWD, "/proc/sys/kernel/ngroups_max", O_RDONLY) = 4
read(4, "65536\n", 31)                  = 6
close(4)                                = 0
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
mmap(NULL, 783, PROT_READ, MAP_SHARED, 4, 0) = 0x7f7562e98000
lseek(4, 783, SEEK_SET)                 = 783
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
munmap(0x7f7562e98000, 783)             = 0
close(4)                                = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f7562e91000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_systemd.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`X\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=258040, ...}) = 0
mmap(NULL, 2355192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7f74e07ee000
mprotect(0x7f74e082a000, 2093056, PROT_NONE) = 0
mmap(0x7f74e0a29000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3b000) = 0x7f74e0a29000
close(4)                                = 0
mprotect(0x7f74e0a29000, 12288, PROT_READ) = 0
munmap(0x7f7562e91000, 28744)           = 0
setgroups(1, [65534])                   = 0
setuid(65534)                           = 0
mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f74dffed000
mprotect(0x7f74dffee000, 8388608, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7f74e07ecfb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f74e07ed9d0, tls=0x7f74e07ed700, child_tidptr=0x7f74e07ed9d0) = 20988
rt_sigprocmask(SIG_BLOCK, [INT TERM], NULL, 8) = 0
write(2, "2019-01-22T13:53:05.813609Z T:62"..., 812019-01-22T13:53:05.813609Z T:62e887 [stenotype.cc:652] Starting writing threads
) = 81
write(2, "2019-01-22T13:53:05.813688Z T:62"..., 742019-01-22T13:53:05.813688Z T:62e887 [stenotype.cc:655] Starting thread 0
) = 74
futex(0x7f7561c028b0, FUTEX_WAKE_PRIVATE, 1) = 1
2019-01-22T13:53:05.813605Z T:e07ed7 [stenotype.cc:427] Handling signals
futex(0x7f7561c028b0, FUTEX_WAIT_PRIVATE, 2, NULL) = -1 EAGAIN (Resource temporarily unavailable)
futex(0x7f7561c028b0, FUTEX_WAKE_PRIVATE, 1) = 0
mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f74df7ec000
mprotect(0x7f74df7ed000, 8388608, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7f74dffebfb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f74dffec9d0, tls=0x7f74dffec700, child_tidptr=0x7f74dffec9d0) = 20989
write(2, "2019-01-22T13:53:05.813994Z T:62"..., 822019-01-22T13:53:05.813994Z T:62e887 [stenotype.cc:666] Starting indexing threads
) = 82
mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7f74de7ea000
mprotect(0x7f74de7eb000, 8388608, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7f74defe9fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7f74defea9d0, tls=0x7f74defea700, child_tidptr=0x7f74defea9d0) = 20991
2019-01-22T13:53:05.814233Z T:defea7 [stenotype.cc:395] Starting WriteIndexes thread 0
prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)  = 0
2019-01-22T13:53:05.814414Z T:dffec7 [stenotype.cc:450] Thread 0 starting to process packets
seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=32, filter=0x5601fba6b0c0}2019-01-22T13:53:05.814494Z T:dffec7 [aio.cc:190] Opening packet file /opt/steno/pkts1/PKT0/.1548165185814465: -1
2019-01-22T13:53:05.814510Z T:dffec7 [stenotype.cc:462] CHECK(SUCCEEDED(__check_success_error__)) output.Rotate(file_dirname, micros, flag_preallocate_file_mb << 20): Function not implemented <- open
ABORTABORTABORT
) = 0
2019-01-22T13:53:05.814555Z T:defea7 [stenotype.cc:403] Waiting for index
write(2, "2019-01-22T13:53:05.814574Z T:62"..., 1042019-01-22T13:53:05.814574Z T:62e887 [stenotype.cc:680] ===============Waiting for thread==============
) = 104
futex(0x7f74dffec9d0, FUTEX_WAIT, 20989, NULLstenotype(+0x70a1) [0x5601fae1a0a1]
stenotype(+0x24931) [0x5601fae37931]
/usr/lib/x86_64-linux-gnu/libstdc++.so.6(+0xbd57f) [0x7f7561edb57f]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x76db) [0x7f75623f36db]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f) [0x7f756193688f]
) = ?
+++ killed by SIGSEGV (core dumped) +++
Segmentation fault (core dumped)

gconnell · 2019-01-22T18:20:33Z

Thanks a ton for following up on this!

Unfortunately, it appears that the failure occurred not in the main thread, and strace by default only traces the main thread. Would it be possible to rerun this with the -f flag added to strace? IE: strace -f ... (everything you had above)

hosom · 2019-01-22T18:24:09Z

Sure!

~# strace -f stenotype -v -v -v --seccomp=trace --dir=/opt/steno/pkts1 --iface=ens4f1
execve("/usr/bin/stenotype", ["stenotype", "-v", "-v", "-v", "--seccomp=trace", "--dir=/opt/steno/pkts1", "--iface=ens4f1"], 0x7ffe97d03338 /* 19 vars */) = 0
brk(NULL)                               = 0x564ba9f45000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fc0e31bc000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libleveldb.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@$\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=379760, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0e31ba000
mmap(NULL, 2474872, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e2d40000
mprotect(0x7fc0e2d9a000, 2097152, PROT_NONE) = 0
mmap(0x7fc0e2f9a000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5a000) = 0x7fc0e2f9a000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=31680, ...}) = 0
mmap(NULL, 2128864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e2b38000
mprotect(0x7fc0e2b3f000, 2093056, PROT_NONE) = 0
mmap(0x7fc0e2d3e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7fc0e2d3e000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libaio.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\5\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=5480, ...}) = 0
mmap(NULL, 2101264, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e2936000
mprotect(0x7fc0e2937000, 2093056, PROT_NONE) = 0
mmap(0x7fc0e2b36000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0x7fc0e2b36000
mmap(0x7fc0e2b37000, 16, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc0e2b37000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000b\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=144976, ...}) = 0
mmap(NULL, 2221184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e2717000
mprotect(0x7fc0e2731000, 2093056, PROT_NONE) = 0
mmap(0x7fc0e2930000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19000) = 0x7fc0e2930000
mmap(0x7fc0e2932000, 13440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc0e2932000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libseccomp.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \30\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=280776, ...}) = 0
mmap(NULL, 2375912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e24d2000
mprotect(0x7fc0e2500000, 2097152, PROT_NONE) = 0
mmap(0x7fc0e2700000, 94208, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7fc0e2700000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libstdc++.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\303\10\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=1594832, ...}) = 0
mmap(NULL, 3702816, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e2149000
mprotect(0x7fc0e22c2000, 2097152, PROT_NONE) = 0
mmap(0x7fc0e24c2000, 49152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x179000) = 0x7fc0e24c2000
mmap(0x7fc0e24ce000, 12320, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc0e24ce000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgcc_s.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300*\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=96616, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0e31b8000
mmap(NULL, 2192432, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e1f31000
mprotect(0x7fc0e1f48000, 2093056, PROT_NONE) = 0
mmap(0x7fc0e2147000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7fc0e2147000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\34\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2030544, ...}) = 0
mmap(NULL, 4131552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e1b40000
mprotect(0x7fc0e1d27000, 2097152, PROT_NONE) = 0
mmap(0x7fc0e1f27000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7fc0e1f27000
mmap(0x7fc0e1f2d000, 15072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc0e1f2d000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libsnappy.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260!\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=30928, ...}) = 0
mmap(NULL, 2125976, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e1938000
mprotect(0x7fc0e193f000, 2093056, PROT_NONE) = 0
mmap(0x7fc0e1b3e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7fc0e1b3e000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\272\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=1700792, ...}) = 0
mmap(NULL, 3789144, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fc0e159a000
mprotect(0x7fc0e1737000, 2093056, PROT_NONE) = 0
mmap(0x7fc0e1936000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19c000) = 0x7fc0e1936000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0e31b6000
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fc0e31b3000
arch_prctl(ARCH_SET_FS, 0x7fc0e31b3740) = 0
mprotect(0x7fc0e1f27000, 16384, PROT_READ) = 0
mprotect(0x7fc0e1936000, 4096, PROT_READ) = 0
mprotect(0x7fc0e2147000, 4096, PROT_READ) = 0
mprotect(0x7fc0e24c2000, 40960, PROT_READ) = 0
mprotect(0x7fc0e1b3e000, 4096, PROT_READ) = 0
mprotect(0x7fc0e2700000, 90112, PROT_READ) = 0
mprotect(0x7fc0e2930000, 4096, PROT_READ) = 0
mprotect(0x7fc0e2b36000, 4096, PROT_READ) = 0
mprotect(0x7fc0e2d3e000, 4096, PROT_READ) = 0
mprotect(0x7fc0e2f9a000, 8192, PROT_READ) = 0
mprotect(0x564ba81bd000, 4096, PROT_READ) = 0
mprotect(0x7fc0e31c4000, 4096, PROT_READ) = 0
munmap(0x7fc0e31bc000, 28744)           = 0
set_tid_address(0x7fc0e31b3a10)         = 21227
set_robust_list(0x7fc0e31b3a20, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7fc0e271ccb0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fc0e2729890}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7fc0e271cd50, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fc0e2729890}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
brk(NULL)                               = 0x564ba9f45000
brk(0x564ba9f66000)                     = 0x564ba9f66000
futex(0x7fc0e24cf07c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7fc0e24cf088, FUTEX_WAKE_PRIVATE, 2147483647) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1892041, tv_nsec=381981516}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1892041, tv_nsec=382029124}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1892041, tv_nsec=382074074}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1892041, tv_nsec=382118780}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1892041, tv_nsec=382163104}) = 0
prctl(PR_SET_PDEATHSIG, SIGTERM)        = 0
openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=127, ...}) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=127, ...}) = 0
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0\0\0\0"..., 4096) = 127
lseek(3, -71, SEEK_CUR)                 = 56
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0\0\0\0"..., 4096) = 71
close(3)                                = 0
write(2, "2019-01-22T18:23:44.535936Z T:e3"..., 962019-01-22T18:23:44.535936Z T:e31b37 [stenotype.cc:545] Stenotype running with these arguments:
) = 96
write(2, "2019-01-22T18:23:44.536406Z T:e3"..., 712019-01-22T18:23:44.536406Z T:e31b37 [stenotype.cc:547] 0:	"stenotype"
) = 71
write(2, "2019-01-22T18:23:44.536466Z T:e3"..., 642019-01-22T18:23:44.536466Z T:e31b37 [stenotype.cc:547] 1:	"-v"
) = 64
write(2, "2019-01-22T18:23:44.536521Z T:e3"..., 642019-01-22T18:23:44.536521Z T:e31b37 [stenotype.cc:547] 2:	"-v"
) = 64
write(2, "2019-01-22T18:23:44.536574Z T:e3"..., 642019-01-22T18:23:44.536574Z T:e31b37 [stenotype.cc:547] 3:	"-v"
) = 64
write(2, "2019-01-22T18:23:44.536627Z T:e3"..., 772019-01-22T18:23:44.536627Z T:e31b37 [stenotype.cc:547] 4:	"--seccomp=trace"
) = 77
write(2, "2019-01-22T18:23:44.536681Z T:e3"..., 842019-01-22T18:23:44.536681Z T:e31b37 [stenotype.cc:547] 5:	"--dir=/opt/steno/pkts1"
) = 84
write(2, "2019-01-22T18:23:44.536735Z T:e3"..., 762019-01-22T18:23:44.536735Z T:e31b37 [stenotype.cc:547] 6:	"--iface=ens4f1"
) = 76
write(2, "2019-01-22T18:23:44.536788Z T:e3"..., 842019-01-22T18:23:44.536788Z T:e31b37 [stenotype.cc:549] Starting, page size is 4096
) = 84
write(2, "2019-01-22T18:23:44.536844Z T:e3"..., 1042019-01-22T18:23:44.536844Z T:e31b37 [stenotype.cc:576] Setting up AF_PACKET sockets for packet reading
) = 104
socket(AF_PACKET, SOCK_RAW, 0)          = 3
setsockopt(3, SOL_PACKET, PACKET_VERSION, [2], 4) = 0
setsockopt(3, SOL_PACKET, PACKET_RX_RING, 0x7ffd68e2f2d0, 28) = 0
mmap(NULL, 2147483648, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_NORESERVE|MAP_LOCKED, 3, 0) = 0x7fc06159a000
getpid()                                = 21227
access("/proc/net", R_OK)               = 0
access("/proc/net/unix", R_OK)          = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
ioctl(4, SIOCGIFINDEX, {ifr_name="ens4f1", }) = 0
close(4)                                = 0
write(2, "2019-01-22T18:23:45.184149Z T:e3"..., 902019-01-22T18:23:45.184149Z T:e31b37 [packets.cc:229] Setting promiscuous mode for ens4f1
) = 90
ioctl(3, SIOCGIFFLAGS, {ifr_name="ens4f1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_NOARP|IFF_PROMISC|IFF_MULTICAST}) = 0
write(2, "2019-01-22T18:23:45.184268Z T:e3"..., 952019-01-22T18:23:45.184268Z T:e31b37 [packets.cc:237] Interface ens4f1 already in promisc mode
) = 95
bind(3, {sa_family=AF_PACKET, sll_protocol=htons(ETH_P_ALL), sll_ifindex=if_nametoindex("ens4f1"), sll_hatype=ARPHRD_NETROM, sll_pkttype=PACKET_HOST, sll_halen=0}, 20) = 0
brk(0x564ba9f8c000)                     = 0x564ba9f8c000
umask(077)                              = 022
write(2, "2019-01-22T18:23:45.184589Z T:e3"..., 762019-01-22T18:23:45.184589Z T:e31b37 [stenotype.cc:248] Dropping privileges
) = 76
getgid()                                = 0
getgid()                                = 0
write(2, "2019-01-22T18:23:45.184672Z T:e3"..., 992019-01-22T18:23:45.184672Z T:e31b37 [stenotype.cc:253] Dropping priviledges from 0 to GID nogroup
) = 99
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
openat(AT_FDCWD, "/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=513, ...}) = 0
read(4, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 513
read(4, "", 4096)                       = 0
close(4)                                = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7fc0e31bc000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_compat.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\22\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=39744, ...}) = 0
mmap(NULL, 2136256, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fc061390000
mprotect(0x7fc061398000, 2097152, PROT_NONE) = 0
mmap(0x7fc061598000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x8000) = 0x7fc061598000
close(4)                                = 0
mprotect(0x7fc061598000, 4096, PROT_READ) = 0
munmap(0x7fc0e31bc000, 28744)           = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7fc0e31bc000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p \0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=47576, ...}) = 0
mmap(NULL, 2143624, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fc061184000
mprotect(0x7fc06118f000, 2093056, PROT_NONE) = 0
mmap(0x7fc06138e000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x7fc06138e000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnsl.so.1", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220@\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=97176, ...}) = 0
mmap(NULL, 2202200, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fc060f6a000
mprotect(0x7fc060f81000, 2093056, PROT_NONE) = 0
mmap(0x7fc061180000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x16000) = 0x7fc061180000
mmap(0x7fc061182000, 6744, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc061182000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P#\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=47568, ...}) = 0
mmap(NULL, 2168632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fc060d58000
mprotect(0x7fc060d63000, 2093056, PROT_NONE) = 0
mmap(0x7fc060f62000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x7fc060f62000
mmap(0x7fc060f64000, 22328, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fc060f64000
close(4)                                = 0
mprotect(0x7fc060f62000, 4096, PROT_READ) = 0
mprotect(0x7fc061180000, 4096, PROT_READ) = 0
mprotect(0x7fc06138e000, 4096, PROT_READ) = 0
munmap(0x7fc0e31bc000, 28744)           = 0
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
mmap(NULL, 783, PROT_READ, MAP_SHARED, 4, 0) = 0x7fc0e31c3000
lseek(4, 783, SEEK_SET)                 = 783
munmap(0x7fc0e31c3000, 783)             = 0
close(4)                                = 0
setgid(65534)                           = 0
getuid()                                = 0
getuid()                                = 0
write(2, "2019-01-22T18:23:45.187695Z T:e3"..., 982019-01-22T18:23:45.187695Z T:e31b37 [stenotype.cc:265] Dropping priviledges from 0 to UID nobody
) = 98
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
openat(AT_FDCWD, "/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=1769, ...}) = 0
mmap(NULL, 1769, PROT_READ, MAP_SHARED, 4, 0) = 0x7fc0e31c3000
lseek(4, 1769, SEEK_SET)                = 1769
munmap(0x7fc0e31c3000, 1769)            = 0
close(4)                                = 0
getgid()                                = 65534
openat(AT_FDCWD, "/proc/sys/kernel/ngroups_max", O_RDONLY) = 4
read(4, "65536\n", 31)                  = 6
close(4)                                = 0
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
mmap(NULL, 783, PROT_READ, MAP_SHARED, 4, 0) = 0x7fc0e31c3000
lseek(4, 783, SEEK_SET)                 = 783
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
munmap(0x7fc0e31c3000, 783)             = 0
close(4)                                = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7fc0e31bc000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_systemd.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`X\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=258040, ...}) = 0
mmap(NULL, 2355192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fc060b19000
mprotect(0x7fc060b55000, 2093056, PROT_NONE) = 0
mmap(0x7fc060d54000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3b000) = 0x7fc060d54000
close(4)                                = 0
mprotect(0x7fc060d54000, 12288, PROT_READ) = 0
munmap(0x7fc0e31bc000, 28744)           = 0
setgroups(1, [65534])                   = 0
setuid(65534)                           = 0
mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fc060318000
mprotect(0x7fc060319000, 8388608, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7fc060b17fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fc060b189d0, tls=0x7fc060b18700, child_tidptr=0x7fc060b189d0) = 21229
rt_sigprocmask(SIG_BLOCK, [INT TERM], strace: Process 21229 attached
NULL, 8) = 0
[pid 21229] set_robust_list(0x7fc060b189e0, 24 <unfinished ...>
[pid 21227] write(2, "2019-01-22T18:23:45.189820Z T:e3"..., 812019-01-22T18:23:45.189820Z T:e31b37 [stenotype.cc:652] Starting writing threads
 <unfinished ...>
[pid 21229] <... set_robust_list resumed> ) = 0
[pid 21227] <... write resumed> )       = 81
[pid 21227] write(2, "2019-01-22T18:23:45.189895Z T:e3"..., 742019-01-22T18:23:45.189895Z T:e31b37 [stenotype.cc:655] Starting thread 0
 <unfinished ...>
[pid 21229] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0 <unfinished ...>
[pid 21227] <... write resumed> )       = 74
[pid 21229] <... mmap resumed> )        = 0x7fc058318000
[pid 21227] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 21229] munmap(0x7fc058318000, 63864832 <unfinished ...>
[pid 21227] <... mmap resumed> )        = 0x7fc057b17000
[pid 21229] <... munmap resumed> )      = 0
[pid 21227] mprotect(0x7fc057b18000, 8388608, PROT_READ|PROT_WRITE <unfinished ...>
[pid 21229] munmap(0x7fc060000000, 3244032 <unfinished ...>
[pid 21227] <... mprotect resumed> )    = 0
[pid 21229] <... munmap resumed> )      = 0
[pid 21227] clone( <unfinished ...>
[pid 21229] mprotect(0x7fc05c000000, 135168, PROT_READ|PROT_WRITE <unfinished ...>
[pid 21227] <... clone resumed> child_stack=0x7fc058316fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fc0583179d0, tls=0x7fc058317700, child_tidptr=0x7fc0583179d0) = 21230
[pid 21229] <... mprotect resumed> )    = 0
[pid 21227] write(2, "2019-01-22T18:23:45.190153Z T:e3"..., 822019-01-22T18:23:45.190153Z T:e31b37 [stenotype.cc:666] Starting indexing threads
strace: Process 21230 attached
) = 82
[pid 21230] set_robust_list(0x7fc0583179e0, 24 <unfinished ...>
[pid 21227] futex(0x7fc0e1f2d8b0, FUTEX_WAKE_PRIVATE, 1 <unfinished ...>
[pid 21229] futex(0x7fc0e1f2d8b0, FUTEX_WAIT_PRIVATE, 2, NULL <unfinished ...>
[pid 21227] <... futex resumed> )       = 0
[pid 21229] <... futex resumed> )       = -1 EAGAIN (Resource temporarily unavailable)
[pid 21227] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 21230] <... set_robust_list resumed> ) = 0
[pid 21227] <... mmap resumed> )        = 0x7fc05b7ff000
[pid 21229] write(2, "2019-01-22T18:23:45.189896Z T:60"..., 732019-01-22T18:23:45.189896Z T:60b187 [stenotype.cc:427] Handling signals
 <unfinished ...>
[pid 21227] mprotect(0x7fc05b800000, 8388608, PROT_READ|PROT_WRITE <unfinished ...>
[pid 21230] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0 <unfinished ...>
[pid 21227] <... mprotect resumed> )    = 0
[pid 21230] <... mmap resumed> )        = 0x7fc04fb17000
[pid 21227] clone( <unfinished ...>
[pid 21230] munmap(0x7fc04fb17000, 5148672 <unfinished ...>
[pid 21229] <... write resumed> )       = 73
[pid 21227] <... clone resumed> child_stack=0x7fc05bffefb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fc05bfff9d0, tls=0x7fc05bfff700, child_tidptr=0x7fc05bfff9d0) = 21231
strace: Process 21231 attached
[pid 21230] <... munmap resumed> )      = 0
[pid 21231] set_robust_list(0x7fc05bfff9e0, 24 <unfinished ...>
[pid 21230] munmap(0x7fc054000000, 61960192 <unfinished ...>
[pid 21231] <... set_robust_list resumed> ) = 0
[pid 21229] futex(0x7fc0e1f2d8b0, FUTEX_WAKE_PRIVATE, 1 <unfinished ...>
[pid 21227] prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0 <unfinished ...>
[pid 21231] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0 <unfinished ...>
[pid 21227] <... prctl resumed> )       = 0
[pid 21231] <... mmap resumed> )        = 0x7fc048000000
[pid 21227] seccomp(SECCOMP_SET_MODE_STRICT, 1, NULL <unfinished ...>
[pid 21231] munmap(0x7fc04c000000, 67108864 <unfinished ...>
[pid 21227] <... seccomp resumed> )     = -1 EINVAL (Invalid argument)
[pid 21231] <... munmap resumed> )      = 0
[pid 21227] seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=32, filter=0x564ba9f740c0} <unfinished ...>
[pid 21231] mprotect(0x7fc048000000, 135168, PROT_READ|PROT_WRITE <unfinished ...>
[pid 21230] <... munmap resumed> )      = 0
[pid 21231] <... mprotect resumed> )    = 0
[pid 21230] mprotect(0x7fc050000000, 135168, PROT_READ|PROT_WRITE <unfinished ...>
[pid 21229] <... futex resumed> )       = 0
[pid 21231] write(2, "2019-01-22T18:23:45.190609Z T:5b"..., 872019-01-22T18:23:45.190609Z T:5bfff7 [stenotype.cc:395] Starting WriteIndexes thread 0
 <unfinished ...>
[pid 21230] <... mprotect resumed> )    = 0
[pid 21227] <... seccomp resumed> )     = 0
[pid 21231] <... write resumed> )       = 87
[pid 21227] futex(0x7fc0e1f2d8b0, FUTEX_WAIT_PRIVATE, 2, NULL <unfinished ...>
[pid 21231] futex(0x7fc0e1f2d8b0, FUTEX_WAKE_PRIVATE, 1 <unfinished ...>
[pid 21227] <... futex resumed> )       = -1 EAGAIN (Resource temporarily unavailable)
[pid 21231] <... futex resumed> )       = 0
[pid 21227] write(2, "2019-01-22T18:23:45.190916Z T:e3"..., 1042019-01-22T18:23:45.190916Z T:e31b37 [stenotype.cc:680] ===============Waiting for thread==============
 <unfinished ...>
[pid 21231] futex(0x7fc0e1f2d8b0, FUTEX_WAIT_PRIVATE, 2, NULL <unfinished ...>
[pid 21227] <... write resumed> )       = 104
[pid 21230] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 21227] futex(0x7fc0e1f2d8b0, FUTEX_WAKE_PRIVATE, 1 <unfinished ...>
[pid 21230] <... mmap resumed> )        = 0x7fc05affe000
[pid 21227] <... futex resumed> )       = 1
[pid 21231] <... futex resumed> )       = 0
[pid 21227] futex(0x7fc0583179d0, FUTEX_WAIT, 21230, NULL <unfinished ...>
[pid 21231] futex(0x7fc0e1f2d8b0, FUTEX_WAKE_PRIVATE, 1 <unfinished ...>
[pid 21230] mprotect(0x7fc05afff000, 8388608, PROT_READ|PROT_WRITE <unfinished ...>
[pid 21231] <... futex resumed> )       = 0
[pid 21229] futex(0x7fc0e1f2d8b0, FUTEX_WAIT_PRIVATE, 2, NULL <unfinished ...>
[pid 21230] <... mprotect resumed> )    = 0
[pid 21231] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 21229] <... futex resumed> )       = -1 EAGAIN (Resource temporarily unavailable)
[pid 21231] <... mmap resumed> )        = 0x7fc05a7fd000
[pid 21230] clone( <unfinished ...>
[pid 21231] mprotect(0x7fc05a7fe000, 8388608, PROT_READ|PROT_WRITE <unfinished ...>
[pid 21229] futex(0x7fc0e1f2d8b0, FUTEX_WAKE_PRIVATE, 1 <unfinished ...>
[pid 21231] <... mprotect resumed> )    = 0
[pid 21229] <... futex resumed> )       = 0
[pid 21231] clone( <unfinished ...>
[pid 21229] rt_sigaction(SIGINT, {sa_handler=0x564ba7fae2b0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fc0e2729890}, strace: Process 21232 attached
 <unfinished ...>
[pid 21230] <... clone resumed> child_stack=0x7fc05b7fdfb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fc05b7fe9d0, tls=0x7fc05b7fe700, child_tidptr=0x7fc05b7fe9d0) = 21232
[pid 21232] set_robust_list(0x7fc05b7fe9e0, 24) = 0
strace: Process 21233 attached
[pid 21232] clock_gettime(CLOCK_MONOTONIC_RAW,  <unfinished ...>
[pid 21233] set_robust_list(0x7fc05affd9e0, 24 <unfinished ...>
[pid 21232] <... clock_gettime resumed> {tv_sec=1892042, tv_nsec=37816815}) = 0
[pid 21233] <... set_robust_list resumed> ) = 0
[pid 21232] clock_nanosleep(CLOCK_MONOTONIC, 0, {tv_sec=1, tv_nsec=0},  <unfinished ...>
[pid 21233] clock_gettime(CLOCK_MONOTONIC_RAW,  <unfinished ...>
[pid 21231] <... clone resumed> child_stack=0x7fc05affcfb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fc05affd9d0, tls=0x7fc05affd700, child_tidptr=0x7fc05affd9d0) = 21233
[pid 21233] <... clock_gettime resumed> {tv_sec=1892042, tv_nsec=37904792}) = 0
[pid 21231] gettid( <unfinished ...>
[pid 21233] clock_nanosleep(CLOCK_MONOTONIC, 0, {tv_sec=1, tv_nsec=0},  <unfinished ...>
[pid 21231] <... gettid resumed> )      = 21231
[pid 21229] <... rt_sigaction resumed> NULL, 8) = 0
[pid 21231] setpriority(PRIO_PROCESS, 21231, 0 <unfinished ...>
[pid 21229] rt_sigaction(SIGTERM, {sa_handler=0x564ba7fae2b0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fc0e2729890},  <unfinished ...>
[pid 21231] <... setpriority resumed> ) = 0
[pid 21230] prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0 <unfinished ...>
[pid 21229] <... rt_sigaction resumed> NULL, 8) = 0
[pid 21230] <... prctl resumed> )       = 0
[pid 21230] seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=51, filter=0x7fc050007840} <unfinished ...>
[pid 21231] prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0 <unfinished ...>
[pid 21229] prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0 <unfinished ...>
[pid 21231] <... prctl resumed> )       = 0
[pid 21229] <... prctl resumed> )       = 0
[pid 21231] seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=40, filter=0x7fc048006bf0} <unfinished ...>
[pid 21229] seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=32, filter=0x7fc05c005b00} <unfinished ...>
[pid 21231] <... seccomp resumed> )     = 0
[pid 21230] <... seccomp resumed> )     = 0
[pid 21229] <... seccomp resumed> )     = 0
[pid 21231] write(2, "2019-01-22T18:23:45.192069Z T:5b"..., 742019-01-22T18:23:45.192069Z T:5bfff7 [stenotype.cc:403] Waiting for index
 <unfinished ...>
[pid 21229] futex(0x564ba81be2d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 21231] <... write resumed> )       = 74
[pid 21231] futex(0x564ba9f6edf8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 21230] write(2, "2019-01-22T18:23:45.192147Z T:58"..., 932019-01-22T18:23:45.192147Z T:583177 [stenotype.cc:450] Thread 0 starting to process packets
) = 93
[pid 21230] io_setup(128, [0x7fc0e31c1000]) = 0
[pid 21230] clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1892042, tv_nsec=39036333}) = 0
[pid 21230] openat(AT_FDCWD, "/opt/steno/pkts1/PKT0/.1548181425192669", O_WRONLY|O_CREAT|O_DSYNC|O_DIRECT, 0600) = -1 ENOSYS (Function not implemented)
[pid 21230] write(2, "2019-01-22T18:23:45.192823Z T:58"..., 1142019-01-22T18:23:45.192823Z T:583177 [aio.cc:190] Opening packet file /opt/steno/pkts1/PKT0/.1548181425192669: -1
) = 114
[pid 21230] write(2, "2019-01-22T18:23:45.192930Z T:58"..., 2002019-01-22T18:23:45.192930Z T:583177 [stenotype.cc:462] CHECK(SUCCEEDED(__check_success_error__)) output.Rotate(file_dirname, micros, flag_preallocate_file_mb << 20): Function not implemented <- open
) = 200
[pid 21230] write(2, "ABORTABORTABORT", 15ABORTABORTABORT) = 15
[pid 21230] write(2, "\n", 1
)           = 1
[pid 21230] futex(0x7fc0e1f2f270, FUTEX_WAKE_PRIVATE, 2147483647) = 0
[pid 21230] futex(0x7fc0e21481a0, FUTEX_WAKE_PRIVATE, 2147483647) = 0
[pid 21230] write(2, "stenotype(+0x70a1) [0x564ba7f960"..., 35stenotype(+0x70a1) [0x564ba7f960a1]) = 35
[pid 21230] write(2, "\n", 1
)           = 1
[pid 21230] write(2, "stenotype(+0x24931) [0x564ba7fb3"..., 36stenotype(+0x24931) [0x564ba7fb3931]) = 36
[pid 21230] write(2, "\n", 1
)           = 1
[pid 21230] write(2, "/usr/lib/x86_64-linux-gnu/libstd"..., 67/usr/lib/x86_64-linux-gnu/libstdc++.so.6(+0xbd57f) [0x7fc0e220657f]) = 67
[pid 21230] write(2, "\n", 1
)           = 1
[pid 21230] write(2, "/lib/x86_64-linux-gnu/libpthread"..., 63/lib/x86_64-linux-gnu/libpthread.so.0(+0x76db) [0x7fc0e271e6db]) = 63
[pid 21230] write(2, "\n", 1
)           = 1
[pid 21230] write(2, "/lib/x86_64-linux-gnu/libc.so.6("..., 60/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f) [0x7fc0e1c6188f]) = 60
[pid 21230] write(2, "\n", 1
)           = 1
[pid 21230] rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
[pid 21230] rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [INT TERM], 8) = 0
[pid 21230] getpid()                    = -38
[pid 21230] gettid()                    = -38
[pid 21230] tgkill(-38, -38, SIGABRT)   = -1 EINVAL (Invalid argument)
[pid 21230] rt_sigprocmask(SIG_SETMASK, [INT TERM], NULL, 8) = 0
[pid 21230] rt_sigaction(SIGABRT, {sa_handler=SIG_DFL, sa_mask=~[], sa_flags=SA_RESTORER, sa_restorer=0x7fc0e1b7ef20}, NULL, 8) = 0
[pid 21230] rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [INT TERM], 8) = 0
[pid 21230] getpid()                    = -38
[pid 21230] gettid()                    = -38
[pid 21230] tgkill(-38, -38, SIGABRT)   = -1 EINVAL (Invalid argument)
[pid 21230] rt_sigprocmask(SIG_SETMASK, [INT TERM], NULL, 8) = 0
[pid 21230] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid 21227] <... futex resumed>)        = ?
[pid 21233] <... clock_nanosleep resumed> <unfinished ...>) = ?
[pid 21232] <... clock_nanosleep resumed> <unfinished ...>) = ?
[pid 21231] <... futex resumed>)        = ?
[pid 21229] <... futex resumed>)        = ?
[pid 21231] +++ killed by SIGSEGV (core dumped) +++
[pid 21233] +++ killed by SIGSEGV (core dumped) +++
[pid 21232] +++ killed by SIGSEGV (core dumped) +++
[pid 21229] +++ killed by SIGSEGV (core dumped) +++
[pid 21230] +++ killed by SIGSEGV (core dumped) +++
+++ killed by SIGSEGV (core dumped) +++
Segmentation fault (core dumped)

gconnell · 2019-01-22T18:28:48Z

Thanks for the fast reply!

Here's the offending line:

[pid 21230] openat(AT_FDCWD, "/opt/steno/pkts1/PKT0/.1548181425192669", O_WRONLY|O_CREAT|O_DSYNC|O_DIRECT, 0600) = -1 ENOSYS (Function not implemented)

It appears that it switched from open() calling the 'open' syscall to calling the 'openat' syscall :(

Should have a fix out soon!

hosom · 2019-01-22T18:33:47Z

Awesome! Thanks for the help. I'm FAR from a seccomp expert, so you figured this out way faster than I would have.

gconnell · 2019-01-22T19:12:27Z

Would you mind trying out #201 locally on your instance to see if it fixes the issue?

hosom · 2019-01-22T19:20:16Z

I'll get it installed and start it testing shortly.

hosom · 2019-01-22T19:44:37Z

Doesn't look like it has done the trick. I put your branch in the place of the standard 'google' one in my GOPATH and ran install.sh. It's still failing.

# strace -f stenotype -v -v -v --seccomp=trace --dir=/opt/steno/pkts1 --iface=ens4f1
execve("/usr/bin/stenotype", ["stenotype", "-v", "-v", "-v", "--seccomp=trace", "--dir=/opt/steno/pkts1", "--iface=ens4f1"], 0x7ffe0c6b0db8 /* 22 vars */) = 0
brk(NULL)                               = 0x5627fafaf000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fe341b4e000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libleveldb.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@$\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=379760, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe341b4c000
mmap(NULL, 2474872, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe3416d2000
mprotect(0x7fe34172c000, 2097152, PROT_NONE) = 0
mmap(0x7fe34192c000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x5a000) = 0x7fe34192c000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\"\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=31680, ...}) = 0
mmap(NULL, 2128864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe3414ca000
mprotect(0x7fe3414d1000, 2093056, PROT_NONE) = 0
mmap(0x7fe3416d0000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7fe3416d0000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libaio.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\5\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=5480, ...}) = 0
mmap(NULL, 2101264, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe3412c8000
mprotect(0x7fe3412c9000, 2093056, PROT_NONE) = 0
mmap(0x7fe3414c8000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0x7fe3414c8000
mmap(0x7fe3414c9000, 16, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fe3414c9000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000b\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=144976, ...}) = 0
mmap(NULL, 2221184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe3410a9000
mprotect(0x7fe3410c3000, 2093056, PROT_NONE) = 0
mmap(0x7fe3412c2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19000) = 0x7fe3412c2000
mmap(0x7fe3412c4000, 13440, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fe3412c4000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libseccomp.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \30\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=280776, ...}) = 0
mmap(NULL, 2375912, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe340e64000
mprotect(0x7fe340e92000, 2097152, PROT_NONE) = 0
mmap(0x7fe341092000, 94208, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2e000) = 0x7fe341092000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libstdc++.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\303\10\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=1594832, ...}) = 0
mmap(NULL, 3702816, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe340adb000
mprotect(0x7fe340c54000, 2097152, PROT_NONE) = 0
mmap(0x7fe340e54000, 49152, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x179000) = 0x7fe340e54000
mmap(0x7fe340e60000, 12320, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fe340e60000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgcc_s.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\300*\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=96616, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe341b4a000
mmap(NULL, 2192432, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe3408c3000
mprotect(0x7fe3408da000, 2093056, PROT_NONE) = 0
mmap(0x7fe340ad9000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7fe340ad9000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\34\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2030544, ...}) = 0
mmap(NULL, 4131552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe3404d2000
mprotect(0x7fe3406b9000, 2097152, PROT_NONE) = 0
mmap(0x7fe3408b9000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7fe3408b9000
mmap(0x7fe3408bf000, 15072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fe3408bf000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/libsnappy.so.1", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260!\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=30928, ...}) = 0
mmap(NULL, 2125976, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe3402ca000
mprotect(0x7fe3402d1000, 2093056, PROT_NONE) = 0
mmap(0x7fe3404d0000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7fe3404d0000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\272\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=1700792, ...}) = 0
mmap(NULL, 3789144, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fe33ff2c000
mprotect(0x7fe3400c9000, 2093056, PROT_NONE) = 0
mmap(0x7fe3402c8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19c000) = 0x7fe3402c8000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe341b48000
mmap(NULL, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fe341b45000
arch_prctl(ARCH_SET_FS, 0x7fe341b45740) = 0
mprotect(0x7fe3408b9000, 16384, PROT_READ) = 0
mprotect(0x7fe3402c8000, 4096, PROT_READ) = 0
mprotect(0x7fe340ad9000, 4096, PROT_READ) = 0
mprotect(0x7fe340e54000, 40960, PROT_READ) = 0
mprotect(0x7fe3404d0000, 4096, PROT_READ) = 0
mprotect(0x7fe341092000, 90112, PROT_READ) = 0
mprotect(0x7fe3412c2000, 4096, PROT_READ) = 0
mprotect(0x7fe3414c8000, 4096, PROT_READ) = 0
mprotect(0x7fe3416d0000, 4096, PROT_READ) = 0
mprotect(0x7fe34192c000, 8192, PROT_READ) = 0
mprotect(0x5627faa95000, 4096, PROT_READ) = 0
mprotect(0x7fe341b56000, 4096, PROT_READ) = 0
munmap(0x7fe341b4e000, 28744)           = 0
set_tid_address(0x7fe341b45a10)         = 24261
set_robust_list(0x7fe341b45a20, 24)     = 0
rt_sigaction(SIGRTMIN, {sa_handler=0x7fe3410aecb0, sa_mask=[], sa_flags=SA_RESTORER|SA_SIGINFO, sa_restorer=0x7fe3410bb890}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=0x7fe3410aed50, sa_mask=[], sa_flags=SA_RESTORER|SA_RESTART|SA_SIGINFO, sa_restorer=0x7fe3410bb890}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
brk(NULL)                               = 0x5627fafaf000
brk(0x5627fafd0000)                     = 0x5627fafd0000
futex(0x7fe340e6107c, FUTEX_WAKE_PRIVATE, 2147483647) = 0
futex(0x7fe340e61088, FUTEX_WAKE_PRIVATE, 2147483647) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1896794, tv_nsec=280140059}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1896794, tv_nsec=280188132}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1896794, tv_nsec=280232252}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1896794, tv_nsec=280276939}) = 0
clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1896794, tv_nsec=280321407}) = 0
prctl(PR_SET_PDEATHSIG, SIGTERM)        = 0
openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=127, ...}) = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=127, ...}) = 0
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0\0\0\0"..., 4096) = 127
lseek(3, -71, SEEK_CUR)                 = 56
read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\1\0\0\0\0"..., 4096) = 71
close(3)                                = 0
write(2, "2019-01-22T19:42:57.434096Z T:41"..., 962019-01-22T19:42:57.434096Z T:41b457 [stenotype.cc:550] Stenotype running with these arguments:
) = 96
write(2, "2019-01-22T19:42:57.434555Z T:41"..., 712019-01-22T19:42:57.434555Z T:41b457 [stenotype.cc:552] 0:	"stenotype"
) = 71
write(2, "2019-01-22T19:42:57.434614Z T:41"..., 642019-01-22T19:42:57.434614Z T:41b457 [stenotype.cc:552] 1:	"-v"
) = 64
write(2, "2019-01-22T19:42:57.434669Z T:41"..., 642019-01-22T19:42:57.434669Z T:41b457 [stenotype.cc:552] 2:	"-v"
) = 64
write(2, "2019-01-22T19:42:57.434723Z T:41"..., 642019-01-22T19:42:57.434723Z T:41b457 [stenotype.cc:552] 3:	"-v"
) = 64
write(2, "2019-01-22T19:42:57.434776Z T:41"..., 772019-01-22T19:42:57.434776Z T:41b457 [stenotype.cc:552] 4:	"--seccomp=trace"
) = 77
write(2, "2019-01-22T19:42:57.434829Z T:41"..., 842019-01-22T19:42:57.434829Z T:41b457 [stenotype.cc:552] 5:	"--dir=/opt/steno/pkts1"
) = 84
write(2, "2019-01-22T19:42:57.434883Z T:41"..., 762019-01-22T19:42:57.434883Z T:41b457 [stenotype.cc:552] 6:	"--iface=ens4f1"
) = 76
write(2, "2019-01-22T19:42:57.434937Z T:41"..., 842019-01-22T19:42:57.434937Z T:41b457 [stenotype.cc:554] Starting, page size is 4096
) = 84
write(2, "2019-01-22T19:42:57.434994Z T:41"..., 1042019-01-22T19:42:57.434994Z T:41b457 [stenotype.cc:581] Setting up AF_PACKET sockets for packet reading
) = 104
socket(AF_PACKET, SOCK_RAW, 0)          = 3
setsockopt(3, SOL_PACKET, PACKET_VERSION, [2], 4) = 0
setsockopt(3, SOL_PACKET, PACKET_RX_RING, 0x7fff883eb1c0, 28) = 0
mmap(NULL, 2147483648, PROT_READ|PROT_WRITE, MAP_SHARED|MAP_NORESERVE|MAP_LOCKED, 3, 0) = 0x7fe2bff2c000
getpid()                                = 24261
access("/proc/net", R_OK)               = 0
access("/proc/net/unix", R_OK)          = 0
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0) = 4
ioctl(4, SIOCGIFINDEX, {ifr_name="ens4f1", }) = 0
close(4)                                = 0
write(2, "2019-01-22T19:42:58.090466Z T:41"..., 902019-01-22T19:42:58.090466Z T:41b457 [packets.cc:229] Setting promiscuous mode for ens4f1
) = 90
ioctl(3, SIOCGIFFLAGS, {ifr_name="ens4f1", ifr_flags=IFF_UP|IFF_BROADCAST|IFF_RUNNING|IFF_NOARP|IFF_PROMISC|IFF_MULTICAST}) = 0
write(2, "2019-01-22T19:42:58.090594Z T:41"..., 952019-01-22T19:42:58.090594Z T:41b457 [packets.cc:237] Interface ens4f1 already in promisc mode
) = 95
bind(3, {sa_family=AF_PACKET, sll_protocol=htons(ETH_P_ALL), sll_ifindex=if_nametoindex("ens4f1"), sll_hatype=ARPHRD_NETROM, sll_pkttype=PACKET_HOST, sll_halen=0}, 20) = 0
brk(0x5627faff6000)                     = 0x5627faff6000
umask(077)                              = 022
write(2, "2019-01-22T19:42:58.090898Z T:41"..., 762019-01-22T19:42:58.090898Z T:41b457 [stenotype.cc:248] Dropping privileges
) = 76
getgid()                                = 0
getgid()                                = 0
write(2, "2019-01-22T19:42:58.090981Z T:41"..., 992019-01-22T19:42:58.090981Z T:41b457 [stenotype.cc:253] Dropping priviledges from 0 to GID nogroup
) = 99
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
openat(AT_FDCWD, "/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=513, ...}) = 0
read(4, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 513
read(4, "", 4096)                       = 0
close(4)                                = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7fe341b4e000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_compat.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240\22\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=39744, ...}) = 0
mmap(NULL, 2136256, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fe2bfd22000
mprotect(0x7fe2bfd2a000, 2097152, PROT_NONE) = 0
mmap(0x7fe2bff2a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x8000) = 0x7fe2bff2a000
close(4)                                = 0
mprotect(0x7fe2bff2a000, 4096, PROT_READ) = 0
munmap(0x7fe341b4e000, 28744)           = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7fe341b4e000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p \0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=47576, ...}) = 0
mmap(NULL, 2143624, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fe2bfb16000
mprotect(0x7fe2bfb21000, 2093056, PROT_NONE) = 0
mmap(0x7fe2bfd20000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x7fe2bfd20000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnsl.so.1", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220@\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=97176, ...}) = 0
mmap(NULL, 2202200, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fe2bf8fc000
mprotect(0x7fe2bf913000, 2093056, PROT_NONE) = 0
mmap(0x7fe2bfb12000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x16000) = 0x7fe2bfb12000
mmap(0x7fe2bfb14000, 6744, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fe2bfb14000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P#\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=47568, ...}) = 0
mmap(NULL, 2168632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fe2bf6ea000
mprotect(0x7fe2bf6f5000, 2093056, PROT_NONE) = 0
mmap(0x7fe2bf8f4000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0xa000) = 0x7fe2bf8f4000
mmap(0x7fe2bf8f6000, 22328, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fe2bf8f6000
close(4)                                = 0
mprotect(0x7fe2bf8f4000, 4096, PROT_READ) = 0
mprotect(0x7fe2bfb12000, 4096, PROT_READ) = 0
mprotect(0x7fe2bfd20000, 4096, PROT_READ) = 0
munmap(0x7fe341b4e000, 28744)           = 0
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
mmap(NULL, 783, PROT_READ, MAP_SHARED, 4, 0) = 0x7fe341b55000
lseek(4, 783, SEEK_SET)                 = 783
munmap(0x7fe341b55000, 783)             = 0
close(4)                                = 0
setgid(65534)                           = 0
getuid()                                = 0
getuid()                                = 0
write(2, "2019-01-22T19:42:58.094007Z T:41"..., 982019-01-22T19:42:58.094007Z T:41b457 [stenotype.cc:265] Dropping priviledges from 0 to UID nobody
) = 98
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 4
connect(4, {sa_family=AF_UNIX, sun_path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
close(4)                                = 0
openat(AT_FDCWD, "/etc/passwd", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=1769, ...}) = 0
mmap(NULL, 1769, PROT_READ, MAP_SHARED, 4, 0) = 0x7fe341b55000
lseek(4, 1769, SEEK_SET)                = 1769
munmap(0x7fe341b55000, 1769)            = 0
close(4)                                = 0
getgid()                                = 65534
openat(AT_FDCWD, "/proc/sys/kernel/ngroups_max", O_RDONLY) = 4
read(4, "65536\n", 31)                  = 6
close(4)                                = 0
openat(AT_FDCWD, "/etc/group", O_RDONLY|O_CLOEXEC) = 4
lseek(4, 0, SEEK_CUR)                   = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
mmap(NULL, 783, PROT_READ, MAP_SHARED, 4, 0) = 0x7fe341b55000
lseek(4, 783, SEEK_SET)                 = 783
fstat(4, {st_mode=S_IFREG|0644, st_size=783, ...}) = 0
munmap(0x7fe341b55000, 783)             = 0
close(4)                                = 0
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=28744, ...}) = 0
mmap(NULL, 28744, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7fe341b4e000
close(4)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libnss_systemd.so.2", O_RDONLY|O_CLOEXEC) = 4
read(4, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0`X\0\0\0\0\0\0"..., 832) = 832
fstat(4, {st_mode=S_IFREG|0644, st_size=258040, ...}) = 0
mmap(NULL, 2355192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 4, 0) = 0x7fe2bf4ab000
mprotect(0x7fe2bf4e7000, 2093056, PROT_NONE) = 0
mmap(0x7fe2bf6e6000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x3b000) = 0x7fe2bf6e6000
close(4)                                = 0
mprotect(0x7fe2bf6e6000, 12288, PROT_READ) = 0
munmap(0x7fe341b4e000, 28744)           = 0
setgroups(1, [65534])                   = 0
setuid(65534)                           = 0
mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0) = 0x7fe2becaa000
mprotect(0x7fe2becab000, 8388608, PROT_READ|PROT_WRITE) = 0
clone(child_stack=0x7fe2bf4a9fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fe2bf4aa9d0, tls=0x7fe2bf4aa700, child_tidptr=0x7fe2bf4aa9d0) = 24262
rt_sigprocmask(SIG_BLOCK, [INT TERM], strace: Process 24262 attached
NULL, 8) = 0
[pid 24262] set_robust_list(0x7fe2bf4aa9e0, 24 <unfinished ...>
[pid 24261] write(2, "2019-01-22T19:42:58.096127Z T:41"..., 812019-01-22T19:42:58.096127Z T:41b457 [stenotype.cc:657] Starting writing threads
 <unfinished ...>
[pid 24262] <... set_robust_list resumed> ) = 0
[pid 24261] <... write resumed> )       = 81
[pid 24261] write(2, "2019-01-22T19:42:58.096205Z T:41"..., 742019-01-22T19:42:58.096205Z T:41b457 [stenotype.cc:660] Starting thread 0
 <unfinished ...>
[pid 24262] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0 <unfinished ...>
[pid 24261] <... write resumed> )       = 74
[pid 24262] <... mmap resumed> )        = 0x7fe2b6caa000
[pid 24261] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 24262] munmap(0x7fe2b6caa000, 20275200 <unfinished ...>
[pid 24261] <... mmap resumed> )        = 0x7fe2b64a9000
[pid 24262] <... munmap resumed> )      = 0
[pid 24261] mprotect(0x7fe2b64aa000, 8388608, PROT_READ|PROT_WRITE <unfinished ...>
[pid 24262] munmap(0x7fe2bc000000, 46833664 <unfinished ...>
[pid 24261] <... mprotect resumed> )    = 0
[pid 24262] <... munmap resumed> )      = 0
[pid 24261] clone( <unfinished ...>
[pid 24262] mprotect(0x7fe2b8000000, 135168, PROT_READ|PROT_WRITE <unfinished ...>
[pid 24261] <... clone resumed> child_stack=0x7fe2b6ca8fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fe2b6ca99d0, tls=0x7fe2b6ca9700, child_tidptr=0x7fe2b6ca99d0) = 24263
strace: Process 24263 attached
[pid 24261] write(2, "2019-01-22T19:42:58.096468Z T:41"..., 822019-01-22T19:42:58.096468Z T:41b457 [stenotype.cc:671] Starting indexing threads
 <unfinished ...>
[pid 24263] set_robust_list(0x7fe2b6ca99e0, 24 <unfinished ...>
[pid 24261] <... write resumed> )       = 82
[pid 24263] <... set_robust_list resumed> ) = 0
[pid 24261] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 24262] <... mprotect resumed> )    = 0
[pid 24261] <... mmap resumed> )        = 0x7fe2be4a9000
[pid 24261] mprotect(0x7fe2be4aa000, 8388608, PROT_READ|PROT_WRITE <unfinished ...>
[pid 24262] write(2, "2019-01-22T19:42:58.096205Z T:bf"..., 73 <unfinished ...>
2019-01-22T19:42:58.096205Z T:bf4aa7 [stenotype.cc:432] Handling signals
[pid 24261] <... mprotect resumed> )    = 0
[pid 24263] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0 <unfinished ...>
[pid 24261] clone( <unfinished ...>
[pid 24263] <... mmap resumed> )        = 0x7fe2ae4a9000
[pid 24262] <... write resumed> )       = 73
[pid 24261] <... clone resumed> child_stack=0x7fe2beca8fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fe2beca99d0, tls=0x7fe2beca9700, child_tidptr=0x7fe2beca99d0) = 24264
[pid 24262] rt_sigaction(SIGINT, {sa_handler=0x5627fa8864b0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fe3410bb890}, strace: Process 24264 attached
 <unfinished ...>
[pid 24263] munmap(0x7fe2ae4a9000, 28667904 <unfinished ...>
[pid 24264] set_robust_list(0x7fe2beca99e0, 24 <unfinished ...>
[pid 24262] <... rt_sigaction resumed> NULL, 8) = 0
[pid 24264] <... set_robust_list resumed> ) = 0
[pid 24262] rt_sigaction(SIGTERM, {sa_handler=0x5627fa8864b0, sa_mask=[], sa_flags=SA_RESTORER, sa_restorer=0x7fe3410bb890},  <unfinished ...>
[pid 24264] mmap(NULL, 134217728, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0 <unfinished ...>
[pid 24261] prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0 <unfinished ...>
[pid 24264] <... mmap resumed> )        = 0x7fe2a8000000
[pid 24261] <... prctl resumed> )       = 0
[pid 24264] munmap(0x7fe2ac000000, 67108864 <unfinished ...>
[pid 24261] seccomp(SECCOMP_SET_MODE_STRICT, 1, NULL <unfinished ...>
[pid 24264] <... munmap resumed> )      = 0
[pid 24261] <... seccomp resumed> )     = -1 EINVAL (Invalid argument)
[pid 24264] mprotect(0x7fe2a8000000, 135168, PROT_READ|PROT_WRITE <unfinished ...>
[pid 24261] seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=32, filter=0x5627fafde0c0} <unfinished ...>
[pid 24264] <... mprotect resumed> )    = 0
[pid 24263] <... munmap resumed> )      = 0
[pid 24262] <... rt_sigaction resumed> NULL, 8) = 0
[pid 24264] write(2, "2019-01-22T19:42:58.096872Z T:be"..., 87 <unfinished ...>
2019-01-22T19:42:58.096872Z T:beca97 [stenotype.cc:400] Starting WriteIndexes thread 0
[pid 24263] munmap(0x7fe2b4000000, 38440960 <unfinished ...>
[pid 24264] <... write resumed> )       = 87
[pid 24264] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 24261] <... seccomp resumed> )     = 0
[pid 24264] <... mmap resumed> )        = 0x7fe2bdca8000
[pid 24263] <... munmap resumed> )      = 0
[pid 24261] write(2, "2019-01-22T19:42:58.097247Z T:41"..., 1042019-01-22T19:42:58.097247Z T:41b457 [stenotype.cc:685] ===============Waiting for thread==============
 <unfinished ...>
[pid 24264] mprotect(0x7fe2bdca9000, 8388608, PROT_READ|PROT_WRITE <unfinished ...>
[pid 24261] <... write resumed> )       = 104
[pid 24264] <... mprotect resumed> )    = 0
[pid 24261] futex(0x7fe2b6ca99d0, FUTEX_WAIT, 24263, NULL <unfinished ...>
[pid 24263] mprotect(0x7fe2b0000000, 135168, PROT_READ|PROT_WRITE <unfinished ...>
[pid 24264] clone( <unfinished ...>
[pid 24263] <... mprotect resumed> )    = 0
[pid 24262] prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) = 0
[pid 24263] mmap(NULL, 8392704, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS|MAP_STACK, -1, 0 <unfinished ...>
[pid 24264] <... clone resumed> child_stack=0x7fe2be4a7fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fe2be4a89d0, tls=0x7fe2be4a8700, child_tidptr=0x7fe2be4a89d0) = 24265
[pid 24263] <... mmap resumed> )        = 0x7fe2bd4a7000
strace: Process 24265 attached
[pid 24264] gettid( <unfinished ...>
[pid 24265] set_robust_list(0x7fe2be4a89e0, 24 <unfinished ...>
[pid 24264] <... gettid resumed> )      = 24264
[pid 24265] <... set_robust_list resumed> ) = 0
[pid 24264] setpriority(PRIO_PROCESS, 24264, 0 <unfinished ...>
[pid 24265] clock_gettime(CLOCK_MONOTONIC_RAW,  <unfinished ...>
[pid 24264] <... setpriority resumed> ) = 0
[pid 24265] <... clock_gettime resumed> {tv_sec=1896794, tv_nsec=943944057}) = 0
[pid 24263] mprotect(0x7fe2bd4a8000, 8388608, PROT_READ|PROT_WRITE <unfinished ...>
[pid 24265] clock_nanosleep(CLOCK_MONOTONIC, 0, {tv_sec=1, tv_nsec=0},  <unfinished ...>
[pid 24263] <... mprotect resumed> )    = 0
[pid 24262] seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=32, filter=0x7fe2b8005b00} <unfinished ...>
[pid 24263] clone( <unfinished ...>
[pid 24264] prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) = 0
strace: Process 24266 attached
[pid 24264] seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=40, filter=0x7fe2a8006bf0} <unfinished ...>
[pid 24266] set_robust_list(0x7fe2bdca79e0, 24 <unfinished ...>
[pid 24263] <... clone resumed> child_stack=0x7fe2bdca6fb0, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID, parent_tidptr=0x7fe2bdca79d0, tls=0x7fe2bdca7700, child_tidptr=0x7fe2bdca79d0) = 24266
[pid 24266] <... set_robust_list resumed> ) = 0
[pid 24262] <... seccomp resumed> )     = 0
[pid 24266] clock_gettime(CLOCK_MONOTONIC_RAW,  <unfinished ...>
[pid 24264] <... seccomp resumed> )     = 0
[pid 24266] <... clock_gettime resumed> {tv_sec=1896794, tv_nsec=944360767}) = 0
[pid 24262] futex(0x5627faa962d8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 24266] clock_nanosleep(CLOCK_MONOTONIC, 0, {tv_sec=1, tv_nsec=0},  <unfinished ...>
[pid 24264] write(2, "2019-01-22T19:42:58.098043Z T:be"..., 742019-01-22T19:42:58.098043Z T:beca97 [stenotype.cc:408] Waiting for index
) = 74
[pid 24264] futex(0x5627fafd8df8, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 24263] prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) = 0
[pid 24263] seccomp(SECCOMP_SET_MODE_FILTER, 0, {len=64, filter=0x7fe2b00085e0}) = 0
[pid 24263] write(2, "2019-01-22T19:42:58.098591Z T:b6"..., 932019-01-22T19:42:58.098591Z T:b6ca97 [stenotype.cc:455] Thread 0 starting to process packets
) = 93
[pid 24263] io_setup(128, [0x7fe341b53000]) = 0
[pid 24263] clock_gettime(CLOCK_MONOTONIC_RAW, {tv_sec=1896794, tv_nsec=945398686}) = 0
[pid 24263] openat(AT_FDCWD, "/opt/steno/pkts1/PKT0/.1548186178099032", O_WRONLY|O_CREAT|O_DSYNC|O_DIRECT, 0600) = -1 ENOSYS (Function not implemented)
[pid 24263] write(2, "2019-01-22T19:42:58.099141Z T:b6"..., 1142019-01-22T19:42:58.099141Z T:b6ca97 [aio.cc:190] Opening packet file /opt/steno/pkts1/PKT0/.1548186178099032: -1
) = 114
[pid 24263] write(2, "2019-01-22T19:42:58.099216Z T:b6"..., 2002019-01-22T19:42:58.099216Z T:b6ca97 [stenotype.cc:467] CHECK(SUCCEEDED(__check_success_error__)) output.Rotate(file_dirname, micros, flag_preallocate_file_mb << 20): Function not implemented <- open
) = 200
[pid 24263] write(2, "ABORTABORTABORT", 15ABORTABORTABORT) = 15
[pid 24263] write(2, "\n", 1
)           = 1
[pid 24263] futex(0x7fe3408c1270, FUTEX_WAKE_PRIVATE, 2147483647) = 0
[pid 24263] futex(0x7fe340ada1a0, FUTEX_WAKE_PRIVATE, 2147483647) = 0
[pid 24263] write(2, "stenotype(+0x70a1) [0x5627fa86e0"..., 35stenotype(+0x70a1) [0x5627fa86e0a1]) = 35
[pid 24263] write(2, "\n", 1
)           = 1
[pid 24263] write(2, "stenotype(+0x24b31) [0x5627fa88b"..., 36stenotype(+0x24b31) [0x5627fa88bb31]) = 36
[pid 24263] write(2, "\n", 1
)           = 1
[pid 24263] write(2, "/usr/lib/x86_64-linux-gnu/libstd"..., 67/usr/lib/x86_64-linux-gnu/libstdc++.so.6(+0xbd57f) [0x7fe340b9857f]) = 67
[pid 24263] write(2, "\n", 1
)           = 1
[pid 24263] write(2, "/lib/x86_64-linux-gnu/libpthread"..., 63/lib/x86_64-linux-gnu/libpthread.so.0(+0x76db) [0x7fe3410b06db]) = 63
[pid 24263] write(2, "\n", 1
)           = 1
[pid 24263] write(2, "/lib/x86_64-linux-gnu/libc.so.6("..., 60/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f) [0x7fe3405f388f]) = 60
[pid 24263] write(2, "\n", 1
)           = 1
[pid 24263] rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
[pid 24263] rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [INT TERM], 8) = 0
[pid 24263] getpid()                    = -38
[pid 24263] gettid()                    = -38
[pid 24263] tgkill(-38, -38, SIGABRT)   = -1 EINVAL (Invalid argument)
[pid 24263] rt_sigprocmask(SIG_SETMASK, [INT TERM], NULL, 8) = 0
[pid 24263] rt_sigaction(SIGABRT, {sa_handler=SIG_DFL, sa_mask=~[], sa_flags=SA_RESTORER, sa_restorer=0x7fe340510f20}, NULL, 8) = 0
[pid 24263] rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [INT TERM], 8) = 0
[pid 24263] getpid()                    = -38
[pid 24263] gettid()                    = -38
[pid 24263] tgkill(-38, -38, SIGABRT)   = -1 EINVAL (Invalid argument)
[pid 24263] rt_sigprocmask(SIG_SETMASK, [INT TERM], NULL, 8) = 0
[pid 24263] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid 24261] <... futex resumed>)        = ?
[pid 24266] <... clock_nanosleep resumed> <unfinished ...>) = ?
[pid 24264] <... futex resumed>)        = ?
[pid 24265] <... clock_nanosleep resumed> <unfinished ...>) = ?
[pid 24262] <... futex resumed>)        = ?
[pid 24262] +++ killed by SIGSEGV (core dumped) +++
[pid 24266] +++ killed by SIGSEGV (core dumped) +++
[pid 24265] +++ killed by SIGSEGV (core dumped) +++
[pid 24264] +++ killed by SIGSEGV (core dumped) +++
[pid 24263] +++ killed by SIGSEGV (core dumped) +++
+++ killed by SIGSEGV (core dumped) +++
Segmentation fault (core dumped)

FabFaeb · 2019-04-23T07:19:58Z

I can confirm that #201 is not working for me. However, when I added

SECCOMP_RULE_ADD(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), 0);

to the CommonPrivileges() method, this seems to have fixed the issue. So openat seems to be the actual problem, but adding the respective seccomp rule in DropPacketThreadPrivileges() doesn't seem to be sufficient.
Since I do not have an overview of the whole codebase: Is adding the rule in CommonPrivileges() alright or do you guys have a better idea?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ubuntu 18.04 Seccomp Failures #197

Ubuntu 18.04 Seccomp Failures #197

hosom commented Jan 8, 2019

gconnell commented Jan 8, 2019

gconnell commented Jan 8, 2019

hosom commented Jan 22, 2019 •

edited

Loading

gconnell commented Jan 22, 2019

hosom commented Jan 22, 2019

gconnell commented Jan 22, 2019

hosom commented Jan 22, 2019

gconnell commented Jan 22, 2019

hosom commented Jan 22, 2019

hosom commented Jan 22, 2019

FabFaeb commented Apr 23, 2019

Ubuntu 18.04 Seccomp Failures #197

Ubuntu 18.04 Seccomp Failures #197

Comments

hosom commented Jan 8, 2019

gconnell commented Jan 8, 2019

gconnell commented Jan 8, 2019

hosom commented Jan 22, 2019 • edited Loading

gconnell commented Jan 22, 2019

hosom commented Jan 22, 2019

gconnell commented Jan 22, 2019

hosom commented Jan 22, 2019

gconnell commented Jan 22, 2019

hosom commented Jan 22, 2019

hosom commented Jan 22, 2019

FabFaeb commented Apr 23, 2019

hosom commented Jan 22, 2019 •

edited

Loading