Zabbix Service Crashing - Unhandled exception c0000005
Hi,
I am going through the process of setting up Zabbix and rolling out the agent to the endpoints etc...
The Zabbix service starts fine, the server picks up the endpoint using PSK encryption and starts monitoring. However, i have had the Zabbix service crash on these machines several times and i have had to manually restart the service until it crashes again.
When the agent is deployed, a FW rule on the end points is created to allow on 10050
Below is an example of the log file of one of the assets on which the Zabbix service crashed...
4740:20230509:065736.095 Unhandled exception c0000005 detected at 0x00007FFA993594E5. Crashing ...
4740:20230509:065736.097 ====== Fatal information: ======
4740:20230509:065736.099 Program counter: 0x993594e5
4740:20230509:065736.101 === Registers: ===
4740:20230509:065736.103 r8 = 114e8b8 = 18147512 = 18147512
4740:20230509:065736.105 r9 = 22cbf94 = 36487060 = 36487060
4740:20230509:065736.107 r10 = 7ffa995f5c60 = 140714291715168 = 140714291715168
4740:20230509:065736.108 r11 = 22cbe80 = 36486784 = 36486784
4740:20230509:065736.110 r12 = 10 = 16 = 16
4740:20230509:065736.112 r13 = 0 = 0 = 0
4740:20230509:065736.114 r14 = 4180cb0 = 68684976 = 68684976
4740:20230509:065736.116 r15 = 60 = 96 = 96
4740:20230509:065736.118 rdi = 7ffa995f00b8 = 140714291691704 = 140714291691704
4740:20230509:065736.120 rsi = 114e840 = 18147392 = 18147392
4740:20230509:065736.122 rbp = 22cc009 = 36487177 = 36487177
4740:20230509:065736.124 rbx = ec6810 = 15493136 = 15493136
4740:20230509:065736.126 rdx = 4180cc0 = 68684992 = 68684992
4740:20230509:065736.128 rax = 0 = 0 = 0
4740:20230509:065736.130 rcx = 7ffa000015f8 = 140711718557176 = 140711718557176
4740:20230509:065736.132 rsp = 22cbf50 = 36486992 = 36486992
4740:20230509:065736.134 efl = 10293 = 66195 = 66195
4740:20230509:065736.136 csgsfs = 332b5300 = 858477312 = 858477312
4740:20230509:065736.138 === Backtrace: ===
4740:20230509:065736.202 24: C:\Zabbix\zabbix_agentd.exe(CoGetProcessIdentifier +0x5535) [0x993594e5]
4740:20230509:065736.204 23: C:\Zabbix\zabbix_agentd.exe(CoGetProcessIdentifier +0x52d7) [0x99359287]
4740:20230509:065736.206 22: C:\Zabbix\zabbix_agentd.exe(CoGetTreatAsClass+0x9b fe) [0x9938e63e]
4740:20230509:065736.208 21: C:\Zabbix\zabbix_agentd.exe(CLSIDFromString+0x138b ) [0x993a0f6b]
4740:20230509:065736.210 20: C:\Zabbix\zabbix_agentd.exe(Ndr64AsyncServerCallAl l+0x10b0) [0x9adbd2f0]
4740:20230509:065736.212 19: C:\Zabbix\zabbix_agentd.exe(CLSIDFromString+0xd18) [0x993a08f8]
4740:20230509:065736.213 18: C:\Zabbix\zabbix_agentd.exe(ObjectStublessClient32 +0x7e62) [0x9941f542]
4740:20230509:065736.215 17: C:\Zabbix\zabbix_agentd.exe(StringFromGUID2+0xbbc6 ) [0x9932e336]
4740:20230509:065736.217 16: C:\Zabbix\zabbix_agentd.exe(StringFromGUID2+0x8b3e ) [0x9932b2ae]
4740:20230509:065736.219 15: C:\Zabbix\zabbix_agentd.exe(StringFromGUID2+0xb4b5 ) [0x9932dc25]
4740:20230509:065736.221 14: C:\Zabbix\zabbix_agentd.exe(StringFromGUID2+0xf290 ) [0x99331a00]
4740:20230509:065736.223 13: C:\Zabbix\zabbix_agentd.exe(CoCreateInstance+0x190 a) [0x9931bd2a]
4740:20230509:065736.225 12: C:\Zabbix\zabbix_agentd.exe(CoCreateInstance+0x3b0 ) [0x9931a7d0]
4740:20230509:065736.227 11: C:\Zabbix\zabbix_agentd.exe(CoCreateInstanceEx+0xf d) [0x9939427d]
4740:20230509:065736.229 10: C:\Zabbix\zabbix_agentd.exe(DllCanUnloadNow+0xd18) [0x887c1d98]
4740:20230509:065736.231 9: C:\Zabbix\zabbix_agentd.exe(DllCanUnloadNow+0x43a) [0x887c14ba]
4740:20230509:065736.233 8: C:\Zabbix\zabbix_agentd.exe(DllCanUnloadNow+0x142) [0x887c11c2]
4740:20230509:065736.235 7: C:\Zabbix\zabbix_agentd.exe() [0x400993c7]
4740:20230509:065736.237 6: C:\Zabbix\zabbix_agentd.exe() [0x40098e51]
4740:20230509:065736.239 5: C:\Zabbix\zabbix_agentd.exe() [0x4009a9c3]
4740:20230509:065736.240 4: C:\Zabbix\zabbix_agentd.exe() [0x400a630d]
4740:20230509:065736.242 3: C:\Zabbix\zabbix_agentd.exe() [0x400a61bc]
4740:20230509:065736.244 2: C:\Zabbix\zabbix_agentd.exe() [0x402216b4]
4740:20230509:065736.246 1: C:\Zabbix\zabbix_agentd.exe(BaseThreadInitThunk+0x 14) [0x9aed7604]
4740:20230509:065736.248 0: C:\Zabbix\zabbix_agentd.exe(RtlUserThreadStart+0x2 1) [0x9b2e26a1]
4740:20230509:065736.253 ================================
Has anyone encountered this issue before?
Thanks
I am going through the process of setting up Zabbix and rolling out the agent to the endpoints etc...
The Zabbix service starts fine, the server picks up the endpoint using PSK encryption and starts monitoring. However, i have had the Zabbix service crash on these machines several times and i have had to manually restart the service until it crashes again.
When the agent is deployed, a FW rule on the end points is created to allow on 10050
Below is an example of the log file of one of the assets on which the Zabbix service crashed...
4740:20230509:065736.095 Unhandled exception c0000005 detected at 0x00007FFA993594E5. Crashing ...
4740:20230509:065736.097 ====== Fatal information: ======
4740:20230509:065736.099 Program counter: 0x993594e5
4740:20230509:065736.101 === Registers: ===
4740:20230509:065736.103 r8 = 114e8b8 = 18147512 = 18147512
4740:20230509:065736.105 r9 = 22cbf94 = 36487060 = 36487060
4740:20230509:065736.107 r10 = 7ffa995f5c60 = 140714291715168 = 140714291715168
4740:20230509:065736.108 r11 = 22cbe80 = 36486784 = 36486784
4740:20230509:065736.110 r12 = 10 = 16 = 16
4740:20230509:065736.112 r13 = 0 = 0 = 0
4740:20230509:065736.114 r14 = 4180cb0 = 68684976 = 68684976
4740:20230509:065736.116 r15 = 60 = 96 = 96
4740:20230509:065736.118 rdi = 7ffa995f00b8 = 140714291691704 = 140714291691704
4740:20230509:065736.120 rsi = 114e840 = 18147392 = 18147392
4740:20230509:065736.122 rbp = 22cc009 = 36487177 = 36487177
4740:20230509:065736.124 rbx = ec6810 = 15493136 = 15493136
4740:20230509:065736.126 rdx = 4180cc0 = 68684992 = 68684992
4740:20230509:065736.128 rax = 0 = 0 = 0
4740:20230509:065736.130 rcx = 7ffa000015f8 = 140711718557176 = 140711718557176
4740:20230509:065736.132 rsp = 22cbf50 = 36486992 = 36486992
4740:20230509:065736.134 efl = 10293 = 66195 = 66195
4740:20230509:065736.136 csgsfs = 332b5300 = 858477312 = 858477312
4740:20230509:065736.138 === Backtrace: ===
4740:20230509:065736.202 24: C:\Zabbix\zabbix_agentd.exe(CoGetProcessIdentifier +0x5535) [0x993594e5]
4740:20230509:065736.204 23: C:\Zabbix\zabbix_agentd.exe(CoGetProcessIdentifier +0x52d7) [0x99359287]
4740:20230509:065736.206 22: C:\Zabbix\zabbix_agentd.exe(CoGetTreatAsClass+0x9b fe) [0x9938e63e]
4740:20230509:065736.208 21: C:\Zabbix\zabbix_agentd.exe(CLSIDFromString+0x138b ) [0x993a0f6b]
4740:20230509:065736.210 20: C:\Zabbix\zabbix_agentd.exe(Ndr64AsyncServerCallAl l+0x10b0) [0x9adbd2f0]
4740:20230509:065736.212 19: C:\Zabbix\zabbix_agentd.exe(CLSIDFromString+0xd18) [0x993a08f8]
4740:20230509:065736.213 18: C:\Zabbix\zabbix_agentd.exe(ObjectStublessClient32 +0x7e62) [0x9941f542]
4740:20230509:065736.215 17: C:\Zabbix\zabbix_agentd.exe(StringFromGUID2+0xbbc6 ) [0x9932e336]
4740:20230509:065736.217 16: C:\Zabbix\zabbix_agentd.exe(StringFromGUID2+0x8b3e ) [0x9932b2ae]
4740:20230509:065736.219 15: C:\Zabbix\zabbix_agentd.exe(StringFromGUID2+0xb4b5 ) [0x9932dc25]
4740:20230509:065736.221 14: C:\Zabbix\zabbix_agentd.exe(StringFromGUID2+0xf290 ) [0x99331a00]
4740:20230509:065736.223 13: C:\Zabbix\zabbix_agentd.exe(CoCreateInstance+0x190 a) [0x9931bd2a]
4740:20230509:065736.225 12: C:\Zabbix\zabbix_agentd.exe(CoCreateInstance+0x3b0 ) [0x9931a7d0]
4740:20230509:065736.227 11: C:\Zabbix\zabbix_agentd.exe(CoCreateInstanceEx+0xf d) [0x9939427d]
4740:20230509:065736.229 10: C:\Zabbix\zabbix_agentd.exe(DllCanUnloadNow+0xd18) [0x887c1d98]
4740:20230509:065736.231 9: C:\Zabbix\zabbix_agentd.exe(DllCanUnloadNow+0x43a) [0x887c14ba]
4740:20230509:065736.233 8: C:\Zabbix\zabbix_agentd.exe(DllCanUnloadNow+0x142) [0x887c11c2]
4740:20230509:065736.235 7: C:\Zabbix\zabbix_agentd.exe() [0x400993c7]
4740:20230509:065736.237 6: C:\Zabbix\zabbix_agentd.exe() [0x40098e51]
4740:20230509:065736.239 5: C:\Zabbix\zabbix_agentd.exe() [0x4009a9c3]
4740:20230509:065736.240 4: C:\Zabbix\zabbix_agentd.exe() [0x400a630d]
4740:20230509:065736.242 3: C:\Zabbix\zabbix_agentd.exe() [0x400a61bc]
4740:20230509:065736.244 2: C:\Zabbix\zabbix_agentd.exe() [0x402216b4]
4740:20230509:065736.246 1: C:\Zabbix\zabbix_agentd.exe(BaseThreadInitThunk+0x 14) [0x9aed7604]
4740:20230509:065736.248 0: C:\Zabbix\zabbix_agentd.exe(RtlUserThreadStart+0x2 1) [0x9b2e26a1]
4740:20230509:065736.253 ================================
Has anyone encountered this issue before?
Thanks
But I think it is more related to agent version, than it being server or desktop windows...
Comment