All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Access Violation, cannot read at address

Labertal
New Member
‎10-16-2013 07:16 AM

Hallo,
i have a problem with my splunk server version 5.0.5.
The Problem looks similar to this one:
http://answers.splunk.com/answers/53230/vmware-app-scheduled-searches-are-crashing
There is an error every minute.
I have the following Apps installed:
Splunk for Microsoft Exchange,
Splunk Support LDAP,
S.o.S,
Sideviews Utils,
Google Maps,
Deployment Monitor,
Keywords,
IP Reputation

Has anyone a solution for the problem?

[build 179365] 2013-10-16 15:32:38
Access violation, cannot read at address [0x0000008000031841]
Exception address: [0x00000001407165FF]
Crashing thread: dispatch
MxCsr: [0x0000000000001F80]
SegDs: [0x000000000000002B]
SegEs: [0x000000000000002B]
SegFs: [0x0000000000000053]
SegGs: [0x000000000000002B]
SegSs: [0x000000000000002B]
SegCs: [0x0000000000000033]
EFlags: [0x0000000000010202]
Rsp: [0x00000000027C8810]
Rip: [0x00000001407165FF] ?
Dr0: [0x0000000000000000]
Dr1: [0x0000000000000000]
Dr2: [0x0000000000000000]
Dr3: [0x0000000000000000]
Dr6: [0x0000000000000000]
Dr7: [0x0000000000000000]
Rax: [0x0000008000031841]
Rcx: [0x0000000002C590A0]
Rdx: [0x00000000027C8860]
Rbx: [0x000000000333CD40]
Rbp: [0x000000000333D330]
Rsi: [0x0000000002C590A0]
Rdi: [0x0000000002C592E0]
R8: [0x0000000000000000]
R9: [0x0000000002C592E0]
R10: [0x0000000000000080]
R11: [0x0000000000000003]
R12: [0x0000000000000000]
R13: [0x0000000002C59370]
R14: [0x00000000027C8B90]
R15: [0x000000000333F470]
DebugControl: [0x000000014080D8F3]
LastBranchToRip: [0x0000000000000000]
LastBranchFromRip: [0x0000000000000000]
LastExceptionToRip: [0x0000000000000000]
LastExceptionFromRip: [0x0000000000000000]

OS: Windows
Arch: x86-64

Backtrace:
[0x00000001407165FF] ?
[0x00000001404D2030] ?
[0x00000001404615F2] ?
[0x0000000140D3CC6F] ?
[0x00000001403B767D] ?
[0x0000000140D3CC6F] ?
[0x0000000140CDE3D5] ?
[0x00000001403A21A6] ?
[0x00000001403B6B94] ?
[0x0000000140CDD725] ?
[0x0000000140CE23E8] ?
[0x0000000140CEB275] ?
[0x0000000140A08E02] ?
[0x00000001400040C7] ?
[0x00000000754737D7] endthreadex + 71/272
[0x0000000075473894] endthreadex + 260/272
[0x000000007772652D] BaseThreadInitThunk + 13/96
[0x000000007795C541] RtlUserThreadStart + 33/1024
Crash dump written to: C:\Program Files\Splunk\var\log\splunk\C__Program Files_Splunk_bin_splunkd_exe_crash-2013-10-16-15-32-38.dmp

SRVSPLUNK /6.1 Service Pack 1
Threads running: 3
argv: [splunkd search --id=SummaryDirector_1381930357.115 --maxbuckets=0 --ttl=30 --maxout=50000 --maxtime=8640000 --lookups=0 --reduce_freq=10 --user=splunk-system-user --pro --roles=admin:power:splunk-system-role:user]
terminating...

0 Karma
Reply

Labertal
New Member
‎05-26-2014 01:26 AM

I´m not sure, but I think it was a problem with the IP Reputation App. I deactivated the app and the problem was solved.

0 Karma
Reply

jichen
Explorer
‎05-26-2014 01:46 AM

So,it should caused by a related scheduled search, can we see some info related in splunkd.log?I'll check later

0 Karma
Reply

jichen
Explorer
‎05-26-2014 01:08 AM

hi,I have the same problem with version 5.0.5. How to solve it.

0 Karma
Reply

hexx
Splunk Employee
Splunk Employee
‎11-19-2013 04:09 PM

I'm confident that this is crash has been already identified as SPL-68356 and fixed in Splunk 5.0.5.

0 Karma
Reply

Labertal
New Member
‎10-16-2013 07:37 AM

Thanks for the answer. I opened a support case.

0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎10-16-2013 07:25 AM

Have you filed a Support Case for this?

0 Karma
Reply
Get Updates on the Splunk Community!

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...