Bug 465304 - ntop segfaulted
Summary: ntop segfaulted
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: ntop
Version: 9
Hardware: i386
OS: Linux
urgent
medium
Target Milestone: ---
Assignee: Rakesh Pandit
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 461605
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-10-02 17:20 UTC by Stephen John Smoogen
Modified: 2008-10-29 21:57 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-10-23 06:10:12 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Stephen John Smoogen 2008-10-02 17:20:10 UTC 
+++ This bug was initially created as a clone of Bug #461605 +++

Description of problem:
ntop segfaulted nafter start.

I couldn't figure out how to reopen the bug.. but I am seeing the same problem:

Installed ntop last night onto my F9 system

[smooge@bakeneko ~]$ rpm -q ntop
ntop-3.3.6-5.fc9.i386

it ran for 3 minutes and then crashed..

Oct  1 22:39:50 bakeneko kernel: ntop[14639]: segfault at 38 ip 0037a733 sp b1d367f4 error 6 in libntop-3.3.6.so[334000+66000]
Oct  1 23:06:43 bakeneko kernel: ntop[14955]: segfault at 38 ip 0037a733 sp b1c9c7f4 error 6 in libntop-3.3.6.so[334000+66000]

Started to debug the problem since a segfault for a root level program listening on network migth be a security issue.

Loaded debuginfo rpms for all the items that gdb thought it needed, and then ran 

gdb ntop
run


Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb1d3cb90 (LWP 20474)]
incrementTrafficCounter (ctr=<value optimized out>, value=<value optimized out>) at util.c:4279
4279	    ctr->value += value, ctr->modified = 1;
Missing separate debuginfos, use: debuginfo-install keyutils.i386 mysql.i386
(gdb) where
#0  incrementTrafficCounter (ctr=<value optimized out>, value=<value optimized out>) at util.c:4279
#1  0x05593c5a in handleBootp (srcHost=<value optimized out>, dstHost=<value optimized out>, sport=<value optimized out>, dport=Could not find the frame base for "handleBootp".
) at protocols.c:528
#2  0x0559f424 in handleSession (h=Could not find the frame base for "handleSession".
) at sessions.c:2861
#3  0x05584bd8 in processIpPkt (bp=<value optimized out>, h=<value optimized out>, length=<value optimized out>, ether_src=<value optimized out>, ether_dst=<value optimized out>, 
    actualDeviceId=<value optimized out>, vlanId=<value optimized out>) at pbuf.c:1956
#4  0x0558811c in processPacket (_deviceId=<value optimized out>, h=<value optimized out>, p=<value optimized out>) at pbuf.c:3689
#5  0x0558c9c4 in queuePacket (_deviceId=<value optimized out>, h=<value optimized out>, p=<value optimized out>) at pbuf.c:2505
#6  0x00b7f7f9 in pcap_read_linux (handle=<value optimized out>, max_packets=Could not find the frame base for "pcap_read_linux".
) at ./pcap-linux.c:737
#7  0x00b80e37 in pcap_dispatch (p=Could not find the frame base for "pcap_dispatch".
) at ./pcap.c:77
#8  0x05577743 in pcapDispatch (_i=<value optimized out>) at ntop.c:94
#9  0x004d932f in start_thread (arg=<value optimized out>) at pthread_create.c:297
#10 0x0041420e in clone () from /lib/libc.so.6
(gdb) quit

Problem occured lots of times last night.. but only twice this morning.. not sure what exactly is the trigger but I hope this is a starter so you can tell me what I need to do next.
Comment 1 Stephen John Smoogen 2008-10-02 17:23:51 UTC 
Interestingly when I added the debuginfos:

Missing separate debuginfos, use: debuginfo-install keyutils.i386 mysql.i386

The problem 'disappeared' as I was able to run it for 10 minutes without watching ntop die. I am going to run here for the rest of the day and see if it triggers itself while I am gone.
Comment 2 Stephen John Smoogen 2008-10-02 17:33:06 UTC 
I get up to leave and it does it again.. looks like the same value/place. I have left gdb open so we can do whatever gdb steps you would like.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb1afdb90 (LWP 20778)]
incrementTrafficCounter (ctr=<value optimized out>, value=<value optimized out>) at util.c:4279
4279	    ctr->value += value, ctr->modified = 1;
(gdb) where
#0  incrementTrafficCounter (ctr=<value optimized out>, value=<value optimized out>) at util.c:4279
#1  0x05593c5a in handleBootp (srcHost=<value optimized out>, dstHost=<value optimized out>, sport=<value optimized out>, dport=Could not find the frame base for "handleBootp".
) at protocols.c:528
#2  0x0559f424 in handleSession (h=Could not find the frame base for "handleSession".
) at sessions.c:2861
#3  0x05584bd8 in processIpPkt (bp=<value optimized out>, h=<value optimized out>, length=<value optimized out>, ether_src=<value optimized out>, ether_dst=<value optimized out>, 
    actualDeviceId=<value optimized out>, vlanId=<value optimized out>) at pbuf.c:1956
#4  0x0558811c in processPacket (_deviceId=<value optimized out>, h=<value optimized out>, p=<value optimized out>) at pbuf.c:3689
#5  0x0558c9c4 in queuePacket (_deviceId=<value optimized out>, h=<value optimized out>, p=<value optimized out>) at pbuf.c:2505
#6  0x00b7f7f9 in pcap_read_linux (handle=<value optimized out>, max_packets=Could not find the frame base for "pcap_read_linux".
) at ./pcap-linux.c:737
#7  0x00b80e37 in pcap_dispatch (p=Could not find the frame base for "pcap_dispatch".
) at ./pcap.c:77
#8  0x05577743 in pcapDispatch (_i=<value optimized out>) at ntop.c:94
#9  0x004d932f in start_thread (arg=<value optimized out>) at pthread_create.c:297
#10 0x0041420e in clone () from /lib/libc.so.6
Comment 3 Rakesh Pandit 2008-10-02 17:40:00 UTC 
Thanks Stephen :-)

But, I would only be able to work on it on weekend. Hope to catch you in 2 days with more info.
Comment 4 Stephen John Smoogen 2008-10-02 18:23:54 UTC 
I will be available this weekend. If you need me to fire it up in valgrind etc in the meantime, some pointers on setting up the environment correctly and I will have it ready for you then.
Comment 5 Stefan Jensen 2008-10-18 08:33:05 UTC 
Just want you to know, thats the same for me here, ntop segfault in libntop-3.3.6.so

This happend for me, after a few minutes of successful running ntop with a "out of the box" install on F8 and F9:

ntop[3253]: segfault at 38 ip 02d1f4f3 sp b1cfa7c4 error 6 in libntop-3.3.6.so[2cd8000+68000]

best regards

Stefan
Comment 6 Rakesh Pandit 2008-10-22 13:50:42 UTC 
http://koji.fedoraproject.org/koji/taskinfo?taskID=895540

I have updated to 3.3.8, may you folks check if it works ?
Comment 7 Rakesh Pandit 2008-10-22 13:51:11 UTC 
Download the respective rpms from koji
Comment 8 Stefan Jensen 2008-10-22 15:04:02 UTC 
It is possible to provide a build for F8? 

the ntop-3.3.8-1.fc10.i386.rpm has failed dependencies on F8

Thx!
Comment 9 Rakesh Pandit 2008-10-22 15:56:26 UTC 
My intention was to test on rawhide and then only push on stable F9 or F8. Do you have F9 available ? In case no, I will try to get an F8 system and provide you a build. I can only do it tomorrow.
Comment 10 Rakesh Pandit 2008-10-23 05:04:13 UTC 
http://koji.fedoraproject.org/koji/taskinfo?taskID=897015

Here is the build for fc8 May you choose the respective architecture link and then drag down to get the output.

Thanks.
Comment 11 Stefan Jensen 2008-10-23 05:31:45 UTC 
Thank you very much. I've made a quick check and it seems to run fine.

Thanks.
Comment 12 Rakesh Pandit 2008-10-23 06:10:12 UTC 
Thanks for confirming. I will push the check in for F8 and F9 and push updates.

CLOSED -> RAWHIDE
Comment 13 Stefan Jensen 2008-10-29 20:27:05 UTC 
Uhm, after some days of running without any problems (2.6.26.6-49.fc8 #1 SMP and ntop-3.3.8-1.fc8 from koji), ntop seqfaults again today:

kernel: ntop[3968]: segfault at 38 ip 074f5ab3 sp b1cf85a4 error 6 in libntop-3.3.8.so[74af000+67000]
Comment 14 Rakesh Pandit 2008-10-29 21:57:22 UTC 
In case you are able to reproduce it again, open a new bug with trace. That will help.

Thanks
Note You need to log in before you can comment on or make changes to this bug.