ntopng segfault with commit 11fcf54 .

[xgerligand]

Good afternoon.
Compilation of commit 11fcf54 is correct, but i got a segfault when I start ntopng :

ntopng[28048]: segfault at 4b ip 00000000004a697b sp 00007ffdb85c3540 error 4 in ntopng[400000+1c9000]

PF_RING and nDPI were updated to last commit.

Linux : 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2+deb8u3 (2016-07-02) x86_64 GNU/Linux
gcc (Debian 4.9.2-10) 4.9.2

Best regards

[lucaderi]

I have just committed a fix. Can you please update and report us @emanuele-f how you have started ntopng (command line)?

[xgerligand]

Morning all.

This is OK now, thank you very much.

ntopng is started with systemctl.

[emanuele-f]

The bug is difficult to reproduce but indeed it's located somewhere. From my tests it seems to only appear when invoking luaEvalFlow from Flow::dissectHTTP. Maybe it's something related to concurrency in lua vm calls?

Here are some traces:

==8165== Invalid write of size 4
==8165== at 0x4BB14B: lj_dispatch_ins (lj_dispatch.c:388)
==8165== by 0x4DFB4F: lj_vm_inshook (in /home/emanuele/src/ntopng/ntopng)
==8165== by 0x4BFCB5: lua_pcall (lj_api.c:1052)
==8165== by 0x466AB4: NetworkInterface::luaEvalFlow(Flow_, LuaCallback) (NetworkInterface.cpp:4022)
==8165== by 0x458B0E: Flow::dissectHTTP(bool, char_, unsigned short) (Flow.cpp:2312)
==8165== by 0x45D667: NetworkInterface::processPacket(timeval const_, unsigned long, ndpi_ethhdr_, unsigned short, ndpi_iphdr_, ndpi_ipv6hdr_, unsigned short, unsigned short, pcap_pkthdr const_, unsigned char const_, bool_, unsigned short_) (NetworkInterface.cpp:1006)
==8165== by 0x45EA4F: NetworkInterface::dissectPacket(pcap_pkthdr const_, unsigned char const_, bool_, unsigned short_) (NetworkInterface.cpp:1395)
==8165== by 0x43E65C: packetPollLoop(void_) (PcapInterface.cpp:187)
==8165== by 0x5FEB453: start_thread (in /usr/lib/libpthread-2.24.so)
==8165== by 0x81997DE: clone (in /usr/lib/libc-2.24.so)
==8165== Address 0xfff00035c is on thread 1's stack
==8165== 868 bytes below stack pointer
==8165==
==8165== Invalid read of size 4
==8165== at 0x4BB156: lj_dispatch_ins (lj_dispatch.c:389)
==8165== by 0x4DFB4F: lj_vm_inshook (in /home/emanuele/src/ntopng/ntopng)
==8165== by 0x4BFCB5: lua_pcall (lj_api.c:1052)
==8165== by 0x466AB4: NetworkInterface::luaEvalFlow(Flow_, LuaCallback) (NetworkInterface.cpp:4022)
==8165== by 0x458B0E: Flow::dissectHTTP(bool, char_, unsigned short) (Flow.cpp:2312)
==8165== by 0x45D667: NetworkInterface::processPacket(timeval const_, unsigned long, ndpi_ethhdr_, unsigned short, ndpi_iphdr_, ndpi_ipv6hdr_, unsigned short, unsigned short, pcap_pkthdr const_, unsigned char const_, bool_, unsigned short_) (NetworkInterface.cpp:1006)
==8165== by 0x45EA4F: NetworkInterface::dissectPacket(pcap_pkthdr const_, unsigned char const_, bool_, unsigned short_) (NetworkInterface.cpp:1395)
==8165== by 0x43E65C: packetPollLoop(void_) (PcapInterface.cpp:187)
==8165== by 0x5FEB453: start_thread (in /usr/lib/libpthread-2.24.so)
==8165== by 0x81997DE: clone (in /usr/lib/libc-2.24.so)
==8165== Address 0xfff000344 is on thread 1's stack
==8165== 892 bytes below stack pointer

---

24/Aug/2016 19:48:30 [NetworkInterface.cpp:1528] Started packet polling on interface eth0 [id: 17]...
24/Aug/2016 22:20:32 [NetworkInterface.cpp:4023] WARNING: Error while executing flowUpdate [rc=2][HTTP] <<------ Please note "HTTP" string here, which is located in lua stack, position -1
zsh: segmentation fault sudo ./ntopng --dont-change-user -i eth0

---

25/Aug/2016 20:39:52 [NetworkInterface.cpp:4023] WARNING: Error while executing flowUpdate [rc=2][attempt to call a string value]

[kYroL01]

@emanuele-f is it maybe related to this ntop/nDPI#249 ?

[simonemainardi]

@xgerligand can you confirm this is solved?

[emanuele-f]

@simonemainardi this bug should be fixed properly before closing the issue. Right now the defective code it's only disabled, not fixed.

[lucaderi]

We believe this issue is fixed