- CheckMates
- :
- Products
- :
- Quantum
- :
- Threat Prevention
- :
- cp_file_convert always coredump
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
cp_file_convert always coredump
Hi all,
We're using Threat Prevention on a R80.10 VSX virtual system configured with MTA support.
The Threat Extraction is configured to convert to pdf in the policy, file types like docx, pps, xls etc. are according to profile converted to pdf then.
In the /var/log/messages we see many coredumps like these here:
kernel: do_coredump: argv_arr[1] = /var/log/dump/usermode/cp_file_convert.24156.core
kernel: cp_file_convert[14806]: segfault at 00000000000001a8 rip 00000000f6dc7129 rsp 00000000ffd471c4 error 4
kernel: do_coredump: corename = |/etc/coredump/compress.sh /var/log/dump/usermode/cp_file_convert.14806.core
kernel: do_coredump: argv_arr[0] = /etc/coredump/compress.sh
kernel: do_coredump: argv_arr[1] = /var/log/dump/usermode/cp_file_convert.14806.core
kernel: cp_file_convert[1235]: segfault at 00000000000001a8 rip 00000000f6d8c129 rsp 00000000ffb857f4 error 4
kernel: do_coredump: corename = |/etc/coredump/compress.sh /var/log/dump/usermode/cp_file_convert.1235.core
kernel: do_coredump: argv_arr[0] = /etc/coredump/compress.sh
kernel: do_coredump: argv_arr[1] = /var/log/dump/usermode/cp_file_convert.1235.core
kernel: cp_file_convert[10122]: segfault at 00000000000001a8 rip 00000000f6d63129 rsp 00000000ffec8174 error 4
kernel: do_coredump: corename = |/etc/coredump/compress.sh /var/log/dump/usermode/cp_file_convert.10122.core
kernel: do_coredump: argv_arr[0] = /etc/coredump/compress.sh
kernel: do_coredump: argv_arr[1] = /var/log/dump/usermode/cp_file_convert.10122.core
kernel: cp_file_convert[24497]: segfault at 00000000000001a8 rip 00000000f6d5f129 rsp 00000000ffe7c5b4 error 4
kernel: do_coredump: corename = |/etc/coredump/compress.sh /var/log/dump/usermode/cp_file_convert.24497.core
kernel: do_coredump: argv_arr[0] = /etc/coredump/compress.sh
kernel: do_coredump: argv_arr[1] = /var/log/dump/usermode/cp_file_convert.24497.core
kernel: cp_file_convert[15136]: segfault at 00000000000001a8 rip 00000000f6d9c129 rsp 00000000ffbe9b34 error 4
kernel: do_coredump: corename = |/etc/coredump/compress.sh /var/log/dump/usermode/cp_file_convert.15136.core
kernel: do_coredump: argv_arr[0] = /etc/coredump/compress.sh
kernel: do_coredump: argv_arr[1] = /var/log/dump/usermode/cp_file_convert.15136.core
kernel: cp_file_convert[5687]: segfault at 00000000000001a8 rip 00000000f6dd4129 rsp 00000000ffd0a414 error 4
kernel: do_coredump: corename = |/etc/coredump/compress.sh /var/log/dump/usermode/cp_file_convert.5687.core
kernel: do_coredump: argv_arr[0] = /etc/coredump/compress.sh
kernel: do_coredump: argv_arr[1] = /var/log/dump/usermode/cp_file_convert.5687.core
In /var/log/jail/$FWDIR/log/scrub_cp_file_convertd.elg we see the following:
cp_file_convert_empty_tmp_oem_dir
cp_file_convert_main: starting mainloop (initialized by fwd)
cp_file_convert_urg_sig_handler: SIGPIPE received (ignored)
Has anyone with a similar config the same problems?
The whole system is running ok so far but why so many coredumps?
Thanks,
Peter
- Tags:
- threat extraction
2 Replies
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would consult TAC, even when there is no apparent issue...
CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hii Peter Baumann I am also getting same logs and unable to convert to pdf (clean file)
Please share us the solution
Thanks in advance
#Chinmaya Naik
