What version of gdbm? There's an old bug report on the net for 1.8.0 crashing in get_elem...
And BTW, from where it's crashing, it's got nothing to do with netFlow - the segfault is in dequeueAddress, i.e. the DNSAR thread. -----Burton -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nick Buraglio Sent: Monday, January 17, 2005 12:22 PM To: [email protected] Subject: Re: [Ntop] flow collector segfault My bad, forgot to paste them in: (gdb) list 259 /* ************************************ */ 260 261 /* That's the meat */ 262 #ifdef WIN32 263 int ntop_main(int argc, char *argv[]) { 264 #else 265 int main(int argc, char *argv[]) { 266 #endif 267 int i, rc, userSpecified; 268 char ifStr[196] = {0}; (gdb) info stack #0 0x29567a2c in get_elem () from /usr/local/lib/libgdbm.so.3 #1 0x29567402 in _gdbm_alloc () from /usr/local/lib/libgdbm.so.3 #2 0x29565e34 in gdbm_store () from /usr/local/lib/libgdbm.so.3 #3 0x2816c386 in ntop_gdbm_store (g=0x807a500, d={dptr = 0xbfabdec8 "2897105977", dsize = 11}, v= {dptr = 0xbfabdef8 "acae5439.ipt.aol.com", dsize = 72}, r=1) at util.c:4186 #4 0x2813fb24 in dequeueAddress (notUsed=0x0) at address.c:483 #5 0x29334a8d in pthread_create () from /usr/lib/libpthread.so.1 #6 0x293eec5f in _ctx_start () from /lib/libc.so.5 (gdb) print deviceId No symbol "deviceId" in current context. (gdb) bt full #0 0x29567a2c in get_elem () from /usr/local/lib/libgdbm.so.3 No symbol table info available. #1 0x29567402 in _gdbm_alloc () from /usr/local/lib/libgdbm.so.3 No symbol table info available. #2 0x29565e34 in gdbm_store () from /usr/local/lib/libgdbm.so.3 No symbol table info available. #3 0x2816c386 in ntop_gdbm_store (g=0x807a500, d={dptr = 0xbfabdec8 "2897105977", dsize = 11}, v= {dptr = 0xbfabdef8 "acae5439.ipt.aol.com", dsize = 72}, r=1) at util.c:4186 rc = -1079255140 #4 0x2813fb24 in dequeueAddress (notUsed=0x0) at address.c:483 theAddr = "��T9", '\0' <repeats 12 times> family = 2 size = 4 error_num = 0 addr = {hostFamily = 2, addr = {_hostIp4Address = {s_addr = 2897105977}, _hostIp6Address = { __u6_addr = {__u6_addr8 = "9Tƨ", '\0' <repeats 11 times>, __u6_addr16 = {21561, 44206, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {2897105977, 0, 0, 0}}}}} key_data = {dptr = 0x0, dsize = 4} data_data = {dptr = 0x852a980 "9Tƨ66.28.46.9", dsize = 4} #5 0x29334a8d in pthread_create () from /usr/lib/libpthread.so.1 No symbol table info available. #6 0x293eec5f in _ctx_start () from /lib/libc.so.5 No symbol table info available. nb On Jan 17, 2005, at 12:14 PM, Burton Strauss wrote: > And ??? > > You forgot the list and show/info commands once it dies... > > -----Burton > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf > Of Nick Buraglio > Sent: Monday, January 17, 2005 11:51 AM > To: [email protected] > Subject: Re: [Ntop] flow collector segfault > > Running the process in the foreground (ntop -K -w 0 -W 3000 --ipv4) > yields > this: > > > Mon Jan 17 10:55:56 2005 **WARNING** Error: bad magic number > (expected=1968/real=0) [deviceId=1] > Mon Jan 17 10:55:56 2005 **WARNING** Error: wrong bucketIdx /9 > (expected=4184/real=2) [deviceId=1] > zsh: segmentation fault ntop -K -w 0 -W 3000 --ipv4 > > I removed one of the colllectors and let it run and it dies with: > > zsh: segmentation fault ntop -K -w 0 -W 3000 --ipv4 > > > gdb shows: > > [EMAIL PROTECTED]:~/ntop/docs ] gdb /usr/local/bin/ntop > <134> GNU gdb 6.1.1 [FreeBSD] > Copyright 2004 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and > you are welcome to change it and/or distribute copies of it under > certain conditions. > Type "show copying" to see the conditions. > There is absolutely no warranty for GDB. Type "show warranty" for > details. > This GDB was configured as "i386-marcel-freebsd"... > (gdb) set args -u root -w 0 -W 3000 --ipv4 -K > (gdb) run > Starting program: /usr/local/bin/ntop -u root -w 0 -W 3000 --ipv4 -K > Mon Jan 17 11:46:16 2005 Initializing gdbm databases Mon Jan 17 > 11:46:16 2005 ntop v.3.1 MT (SSL) Mon Jan 17 11:46:16 2005 > Configured on Jan 9 2005 15:03:29, built on Jan 9 2005 15:06:02. > Mon Jan 17 11:46:16 2005 Copyright 1998-2004 by Luca Deri > <[EMAIL PROTECTED]> Mon Jan 17 11:46:16 2005 Get the freshest ntop from > http://www.ntop.org/ Mon Jan 17 11:46:16 2005 Initializing ntop Mon > Jan 17 11:46:16 2005 Checking rl0 for additional devices Mon Jan 17 > 11:46:16 2005 Resetting traffic statistics for device rl0 Mon Jan 17 > 11:46:16 2005 DLT: Device 0 [rl0] is 1, mtu 1514, header 14 Mon Jan > 17 11:46:16 2005 Initializing gdbm databases Mon Jan 17 11:46:16 2005 > VENDOR: Loading MAC address table. > Mon Jan 17 11:46:16 2005 VENDOR: Checking for MAC address table file > Mon Jan 17 11:46:16 2005 VENDOR: File > '/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded > Mon Jan 17 11:46:16 2005 VENDOR: ntop continues ok Mon Jan 17 > 11:46:16 2005 VENDOR: Checking for MAC address table file Mon Jan 17 > 11:46:16 2005 VENDOR: File '/usr/local/etc/ntop/oui.txt.gz' > does not need to be reloaded > Mon Jan 17 11:46:16 2005 VENDOR: ntop continues ok Mon Jan 17 > 11:46:16 2005 Fingeprint: Loading signature file. > Mon Jan 17 11:46:16 2005 Fingeprint: ...loaded 1697 records Mon Jan > 17 11:46:16 2005 ASN: Checking for Autonomous System Number table > file Mon Jan 17 11:46:17 2005 **WARNING** ASN: Unable to open file > 'AS-list.txt' > Mon Jan 17 11:46:17 2005 I18N: This instance of ntop does not support > multiple languages Mon Jan 17 11:46:17 2005 IP2CC: Checking for IP > address <-> Country Code mapping file Mon Jan 17 11:46:17 2005 IP2CC: > Loading file '/usr/local/etc/ntop/p2c.opt.table.gz' > Mon Jan 17 11:46:18 2005 IP2CC: ...found 52395 lines Mon Jan 17 > 11:46:18 2005 GDVERCHK: Guessing at libgd version Mon Jan 17 11:46:18 > 2005 GDVERCHK: ... as 2.0.21+ Mon Jan 17 11:46:18 2005 Initializing > external applications Mon Jan 17 11:46:18 2005 THREADMGMT: Started > thread (134612992) for network packet analyser Mon Jan 17 11:46:18 > 2005 THREADMGMT: Started thread (134613504) for fingerprinting Mon > Jan 17 11:46:18 2005 THREADMGMT: Started thread (134614016) for idle > hosts detection Mon Jan 17 11:46:18 2005 THREADMGMT: Started thread > (134614528) for DNS address resolution Mon Jan 17 11:46:18 2005 > Calling plugin start functions (if any) Mon Jan 17 11:46:18 2005 SSL: > Initializing... > Mon Jan 17 11:46:18 2005 SSL_PRNG: Automatically initialized! > Mon Jan 17 11:46:18 2005 THREADMGMT: Packet processor thread > running... > Mon Jan 17 11:46:18 2005 THREADMGMT: Fingerprint scan thread > running... > Mon Jan 17 11:46:18 2005 THREADMGMT: Idle host scan thread running... > Mon Jan 17 11:46:18 2005 THREADMGMT: Address resolution thread > running... > Mon Jan 17 11:46:18 2005 CHKVER: Checking current ntop version at > version.ntop.org/version.xml Mon Jan 17 11:46:18 2005 SSL initialized > successfully Mon Jan 17 11:46:18 2005 INITWEB: Initializing web > server Mon Jan 17 11:46:18 2005 INITWEB: Initializing tcp/ip socket > connections for web server Mon Jan 17 11:46:18 2005 INITWEB: > Initialized ssl socket, port 3000, address (any) Mon Jan 17 11:46:18 > 2005 INITWEB: Waiting for HTTPS (SSL) connections on port 3000 Mon > Jan 17 11:46:18 2005 INITWEB: Starting web server Mon Jan 17 11:46:18 > 2005 THREADMGMT: Started thread (137688576) for web server Mon Jan 17 > 11:46:18 2005 Listening on [rl0] Mon Jan 17 11:46:18 2005 Loading > Plugins Mon Jan 17 11:46:18 2005 Searching for plugins in > /usr/local/lib/ntop/plugins Mon Jan 17 11:46:18 2005 THREADMGMT: web > connections thread (62182) started... > Mon Jan 17 11:46:18 2005 Note: SIGPIPE handler set (ignore) Mon Jan > 17 11:46:18 2005 WEB: ntop's web server is now processing requests > Mon Jan 17 11:46:18 2005 ICMP: Welcome to icmpWatchPlugin. (C) > 1999-2004 by Luca Deri > Mon Jan 17 11:46:18 2005 LASTSEEN: Welcome to LastSeenWatchPlugin. > (C) > 1999 by Andrea Marangoni > Mon Jan 17 11:46:18 2005 NETFLOW: Welcome to NetFlow.(C) 2002-04 by > Luca Deri Mon Jan 17 11:46:18 2005 NFS: Welcome to nfsWatchPlugin. > (C) 1999-2004 by Luca Deri Mon Jan 17 11:46:18 2005 **WARNING** > Plugin 'nfsPlugin.so' discarded: > compiled for a different ntop version > Mon Jan 17 11:46:18 2005 **WARNING** Expected ntop version '3.0', > actual plugin ntop version '3.1'. > Mon Jan 17 11:46:18 2005 PDA: Welcome to PDAPlugin. (C) 2001-2004 by > L.Deri and W.Brock Mon Jan 17 11:46:18 2005 RRD: Welcome to > rrdPlugin. (C) 2002-04 by Luca Deri. > Mon Jan 17 11:46:18 2005 SFLOW: Welcome to sFlow.(C) 2002-04 by Luca > Deri Mon Jan 17 11:46:18 2005 XML: Welcome to xmldump plugin. (C) > 2003-2004 by Burton Strauss Mon Jan 17 11:46:18 2005 SNMP: Welcome to > snmpPlugin. (C) 2004 by F.Fusco and G.Giardina Mon Jan 17 11:46:18 > 2005 Calling plugin start functions (if any) Mon Jan 17 11:46:18 2005 > RRD: Welcome to the RRD plugin Mon Jan 17 11:46:18 2005 RRD: Mask for > new directories is 0700 Mon Jan 17 11:46:18 2005 RRD: Mask for new > files is 0066 Mon Jan 17 11:46:18 2005 RRD: Started thread > (137689088) for data collection. > Mon Jan 17 11:46:18 2005 NETFLOW: initializing '2,3,4,5,6,7' devices > Mon Jan 17 11:46:18 2005 NETFLOW: createNetFlowDevice(2) Mon Jan 17 > 11:46:18 2005 Creating dummy interface, 'NetFlow-device.2' > Mon Jan 17 11:46:18 2005 THREADMGMT: rrd thread (137689088) started > Mon Jan 17 11:46:18 2005 NETFLOW: initializing deviceId=1 Mon Jan 17 > 11:46:18 2005 NETFLOW: White list initialized to '' > Mon Jan 17 11:46:18 2005 NETFLOW: Black list initialized to '' > Mon Jan 17 11:46:18 2005 NETFLOW: Created a UDP socket (17) Mon Jan > 17 11:46:18 2005 NETFLOW: Collector listening on port 6996 Mon Jan 17 > 11:46:18 2005 NETFLOW: createNetFlowDevice created device 1 Mon Jan > 17 11:46:18 2005 NETFLOW: createNetFlowDevice(3) Mon Jan 17 11:46:18 > 2005 Creating dummy interface, 'NetFlow-device.3' > Mon Jan 17 11:46:18 2005 NETFLOW: initializing deviceId=2 Mon Jan 17 > 11:46:18 2005 NETFLOW: White list initialized to '' > Mon Jan 17 11:46:18 2005 NETFLOW: Black list initialized to '' > Mon Jan 17 11:46:18 2005 NETFLOW: Created a UDP socket (18) Mon Jan > 17 11:46:18 2005 THREADMGMT: netFlow thread(137689600) started Mon > Jan 17 11:46:18 2005 NETFLOW: Collector listening on port 6997 Mon > Jan 17 11:46:19 2005 NETFLOW: createNetFlowDevice created device 2 > Mon Jan 17 11:46:19 2005 NETFLOW: createNetFlowDevice(4) Mon Jan 17 > 11:46:19 2005 Creating dummy interface, 'NetFlow-device.4' > Mon Jan 17 11:46:19 2005 NETFLOW: initializing deviceId=3 Mon Jan 17 > 11:46:19 2005 NETFLOW: White list initialized to '' > Mon Jan 17 11:46:19 2005 NETFLOW: Black list initialized to '' > Mon Jan 17 11:46:19 2005 NETFLOW: Created a UDP socket (19) Mon Jan > 17 11:46:19 2005 THREADMGMT: netFlow thread(137690112) started Mon > Jan 17 11:46:19 2005 NETFLOW: Collector listening on port 6998 Mon > Jan 17 11:46:19 2005 NETFLOW: createNetFlowDevice created device 3 > Mon Jan 17 11:46:19 2005 NETFLOW: createNetFlowDevice(5) Mon Jan 17 > 11:46:19 2005 Creating dummy interface, 'NetFlow-device.5' > Mon Jan 17 11:46:19 2005 THREADMGMT: netFlow thread(137690624) > started Mon Jan 17 11:46:19 2005 NETFLOW: initializing deviceId=4 Mon > Jan 17 11:46:19 2005 NETFLOW: White list initialized to '' > Mon Jan 17 11:46:19 2005 NETFLOW: Black list initialized to '' > Mon Jan 17 11:46:19 2005 NETFLOW: Created a UDP socket (20) Mon Jan > 17 11:46:19 2005 NETFLOW: Collector listening on port 6999 Mon Jan 17 > 11:46:19 2005 NETFLOW: createNetFlowDevice created device 4 Mon Jan > 17 11:46:19 2005 NETFLOW: createNetFlowDevice(6) Mon Jan 17 11:46:19 > 2005 Creating dummy interface, 'NetFlow-device.6' > Mon Jan 17 11:46:19 2005 THREADMGMT: netFlow thread(137068544) > started Mon Jan 17 11:46:19 2005 NETFLOW: initializing deviceId=5 Mon > Jan 17 11:46:19 2005 NETFLOW: White list initialized to '' > Mon Jan 17 11:46:19 2005 NETFLOW: Black list initialized to '' > Mon Jan 17 11:46:19 2005 NETFLOW: Created a UDP socket (21) Mon Jan > 17 11:46:19 2005 NETFLOW: Collector listening on port 7000 Mon Jan 17 > 11:46:19 2005 NETFLOW: createNetFlowDevice created device 5 Mon Jan > 17 11:46:19 2005 NETFLOW: createNetFlowDevice(7) Mon Jan 17 11:46:19 > 2005 Creating dummy interface, 'NetFlow-device.7' > Mon Jan 17 11:46:19 2005 CHKVER: Version file is from > 'version.ntop.org' > Mon Jan 17 11:46:19 2005 CHKVER: as of date is '2004-12-01T17:00:00' > Mon Jan 17 11:46:19 2005 CHKVER: This version of ntop is the CURRENT > stable version Mon Jan 17 11:46:19 2005 THREADMGMT: netFlow > thread(137069056) started Mon Jan 17 11:46:19 2005 NETFLOW: > initializing deviceId=6 Mon Jan 17 11:46:19 2005 NETFLOW: White list > initialized to '' > Mon Jan 17 11:46:19 2005 NETFLOW: Black list initialized to '' > Mon Jan 17 11:46:19 2005 NETFLOW: Created a UDP socket (14) Mon Jan > 17 11:46:19 2005 NETFLOW: Collector listening on port 7001 Mon Jan 17 > 11:46:19 2005 NETFLOW: createNetFlowDevice created device 6 Mon Jan > 17 11:46:19 2005 Now running as requested user 'root' (0:0) Mon Jan > 17 11:46:19 2005 INIT: Created pid file (/var/run/ntop.pid) Mon Jan > 17 11:46:19 2005 Note: Reporting device initally set to 2 > [TownandCountry.collector] Mon Jan 17 11:46:19 2005 THREADMGMT: > Started thread (137070080) for network packet sniffing on rl0 Mon Jan > 17 11:46:19 2005 THREADMGMT: netFlow thread(137069568) started Mon > Jan 17 11:46:19 2005 THREADMGMT: pcapDispatch(rl0) thread running... > Mon Jan 17 11:46:28 2005 RRD: Created directory > (/usr/local/var/ntop/rrd/graphics) > Mon Jan 17 11:46:28 2005 RRD: Created directory > (/usr/local/var/ntop/rrd/flows) > Mon Jan 17 11:46:28 2005 RRD: Created directory > (/usr/local/var/ntop/rrd/interfaces) > > Program received signal SIGSEGV, Segmentation fault. > [Switching to Thread 5 (LWP 100096)] > 0x29567a2c in get_elem () from /usr/local/lib/libgdbm.so.3 > (gdb) run > > > > > nb > > > > > On Jan 17, 2005, at 10:47 AM, Nick Buraglio wrote: > >> Thanks, will do. >> >> On Jan 17, 2005, at 7:56 AM, Burton Strauss wrote: >> >>> Signal 10 is an unaligned move. You need to figure out where it's >>> occurring. >>> >>> Use gdb (instructions are in docs/FAQ - remember to use -K so ntop >>> doesn't >>> fork()) to trap the failing code. >>> >>> -----Burton >>> >>> -----Original Message----- >>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf >>> Of Nick Buraglio >>> Sent: Sunday, January 16, 2005 7:50 PM >>> To: [email protected] >>> Subject: [Ntop] flow collector segfault >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> I have a freebsd 5.3 machine (9`00mhz, 512mb RAM) running ntop 3.1 >>> (started with ntop -d -w 0 -W 3999 --ipv4) and it's been working >>> wonderfully as a flow collector / analyzer for about a week. >>> Recently I added 2 more virtual interfaces (for a total of 7 plus >>> the actual >>> interface) and now ntop crashes every few minutes with this error: >>> >>> Jan 16 19:35:50 collector ntop[59826]: **WARNING** Error: bad magic >>> number (expected=1968/real=0) [deviceId=3] >>> Jan 16 19:35:50 collector ntop[59826]: **WARNING** Error: wrong >>> bucketIdx / (expected=16/real=2) [deviceId=3] Jan 16 19:35:50 >>> collector >>> kernel: pid 59826 (ntop), uid 65534: exited on signal 10 Jan 16 >>> 19:35:50 collector kernel: rl0: promiscuous mode disabled >>> >>> Directly above in the syslog is this: >>> >>> Jan 16 19:33:52 collector ntop[59826]: **WARNING** Address >>> resolution >>> queue is full [4096 slots] >>> Jan 16 19:33:52 collector ntop[59826]: Addresses in excess won't be >>> resolved - ntop continues >>> >>> Is this a known issue? Is there a fix for this? Ideally I'd like >>> this to be a collector for 20+ exporters (in which case I'd probably >>> upgrade hardware). Is there a limit to the number of virtual >>> interfaces one can have? >>> >>> nb >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1.2.6 (Darwin) >>> >>> iD8DBQFB6xnWFOm2Sy5bRPQRAiRVAJ4hr87OjiHrfv+/PGWrEVgmxFdqiwCfVvZO >>> Lrf0b+yp7q/r3bBGH7tEWQU= >>> =PsTY >>> -----END PGP SIGNATURE----- >>> _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
