All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Highlighted
Solved! Jump to solution

VMWare app scheduled searches are crashing

dchodur
Path Finder
‎07-16-2012 12:16 PM

Has anyone seen where the VMWare app crashes at least once a min with having SA-VMW-HierarchyInventory enabled in the app. Here is the log off the dump. Did open a support case as well but thought I would ask here as well.


[build 123586] 2012-07-12 17:20:05
Access violation, cannot read at address [0x0000000000000040]
Exception address: [0x00000001403A5FB1]
Crashing thread: dispatch
MxCsr: [0x0000000000001FA0]
SegDs: [0x000000000000002B]
SegEs: [0x000000000000002B]
SegFs: [0x0000000000000053]
SegGs: [0x000000000000002B]
SegSs: [0x000000000000002B]
SegCs: [0x0000000000000033]
EFlags: [0x0000000000010206]
Rsp: [0x000000000230D480]
Rip: [0x00000001403A5FB1] ?
Dr0: [0x0000000000000000]
Dr1: [0x0000000000000000]
Dr2: [0x0000000000000000]
Dr3: [0x0000000000000000]
Dr6: [0x0000000000000000]
Dr7: [0x0000000000000000]
Rax: [0x000000000265A410]
Rcx: [0x0000000002948C10]
Rdx: [0x0000000000000000]
Rbx: [0x00000000029DFAB0]
Rbp: [0x0000000000000000]
Rsi: [0x0000000000000008]
Rdi: [0x000000000265A310]
R8: [0x0000000000000000]
R9: [0x0000000000000000]
R10: [0x0000000000000000]
R11: [0x0000000000000286]
R12: [0x000000000230D5B0]
R13: [0x000000000230DA38]
R14: [0x00000000029CBFD0]
R15: [0x000000000230D540]
DebugControl: [0x00000000710194D9]
LastBranchToRip: [0x0000000000000000]
LastBranchFromRip: [0x0000000000000000]
LastExceptionToRip: [0x0000000000000000]
LastExceptionFromRip: [0x0000000000000000]

OS: Windows
Arch: x86-64

Backtrace:
[0x00000001403A5FB1] ?
[0x00000001403B5FD2] ?
[0x0000000140440A98] ?
[0x0000000140441227] ?
[0x00000001403EFFBE] ?
[0x0000000140B3551A] ?
[0x0000000140B3F668] ?
[0x0000000140B44023] ?
[0x00000001408F1A82] ?
[0x0000000140004537] ?
[0x00000000736637D7] endthreadex + 71/272
[0x0000000073663894] endthreadex + 260/272
[0x0000000076B1652D] BaseThreadInitThunk + 13/96
[0x0000000076EFC521] RtlUserThreadStart + 33/1024
Crash dump written to: C:\Program Files\Splunk\var\log\splunk\C_Program FilesSplunkbinsplunkdexecrash-2012-07-12-17-20-05.dmp

CHODURDJTEST /6.1 Service Pack 1
Threads running: 2
argv: [splunkd search --id=scheduleradmin_U0EtVk1XLUhpZXJhcmNoeUludmVudG9yeQTimeHierarchyClusterUpdateat1342131600f123db188cccd28f --maxbuckets=0 --ttl=1200 --maxout=500000 --maxtime=8640000 --lookups=1 --reducefreq=10 --user=admin --pro --roles=admin:power:user]
terminating...

Reply
1 Solution
Highlighted
Solved! Jump to solution
Solution

Re: VMWare app scheduled searches are crashing

hexx
Splunk Employee
Splunk Employee
‎07-16-2012 04:14 PM

It seems that you are hitting core Splunk bug SPL-53256, which is specific to Windows and causes searches to crash when they load empty file-based lookup tables. The searches of the VMWare app use and maintaining a lot of lookups which makes them prime candidates to trigger this bug.

This bug has been fixed in Splunk 4.3.4.

View solution in original post

Reply