-
-
Notifications
You must be signed in to change notification settings - Fork 193
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Runnng nfcapd/sfcapd simultaneously in WSL segfaults... #523
Comments
Hi Ken,
if it crashes in gdb, run
send me the output of the gdb session. |
Hi Peter,
When I ran sfcapd in gdb (while nfcapd is run normally) neither process
segfaults. In my startup scripts for each process, I'm copying the
libnfdump shared library file to /usr/local/lib then running ldconfig
before I start nfcapd/sfcapd. It appears that doing this a second time
(while nfcapd is running) is causing the segfaults.
Any idea what might be going on?
…On Wed, May 15, 2024 at 3:33 PM Peter Haag ***@***.***> wrote:
Hi Ken,
Do you have the command line, how you startup the two collectors?
Did you compile the code on the WSL Ubuntu?
I assume it makes no difference if sfcapd or nfcpad, but simply two
collectors.
If you startup two collectors with -t 10 cycle time, does it crash after
10 or 20s?
Could you startup one of them in gdb?
% gdb nfcapd
gdb> run <you nfcapd arguments>
if it crashes in gdb, run
gdb > bt
send me the output of the gdb session.
—
Reply to this email directly, view it on GitHub
<#523 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AHUIHYC3F5EINZQFUG3X2I3ZCO2BRAVCNFSM6AAAAABHYX5QQWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMJTGMYTONBWGQ>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
--
Ken Adey
|
In any event, I've modified my startup scripts so that the libnfdump shared
library file is copied and loaded only once (at initial startup).
This has eliminated the segfaults.
…On Wed, May 15, 2024 at 3:33 PM Peter Haag ***@***.***> wrote:
Hi Ken,
Do you have the command line, how you startup the two collectors?
Did you compile the code on the WSL Ubuntu?
I assume it makes no difference if sfcapd or nfcpad, but simply two
collectors.
If you startup two collectors with -t 10 cycle time, does it crash after
10 or 20s?
Could you startup one of them in gdb?
% gdb nfcapd
gdb> run <you nfcapd arguments>
if it crashes in gdb, run
gdb > bt
send me the output of the gdb session.
—
Reply to this email directly, view it on GitHub
<#523 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AHUIHYC3F5EINZQFUG3X2I3ZCO2BRAVCNFSM6AAAAABHYX5QQWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMJTGMYTONBWGQ>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
--
Ken Adey
|
Hmm .. I do not understand the details of the WSL setup and why the libnfdump needs to be copied. If you found a suitable solution, that’s fine, otherwise my recommendation would be to disable the shared library in configure:
That links all code into the final binary. That may solve library issues. |
If I didn't disable the shared library at build time, what are my options
besides copying it to a standard location where it would be found by
ldconfig?
…On Thu, May 16, 2024 at 3:33 PM Peter Haag ***@***.***> wrote:
Hmm .. I do not understand the details of the WSL setup and why the
libnfdump needs to be copied. If you found a suitable solution, that’s
fine, otherwise my recommendation would be to disable the shared library in
configure:
./configure …. —disable-shared
That links all code into the final binary. That may solve library issues.
—
Reply to this email directly, view it on GitHub
<#523 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AHUIHYHRWAQJWGWUS3IFQJTZCUCXVAVCNFSM6AAAAABHYX5QQWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMJWGAZTSMJXHA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
--
Ken Adey
|
Actually just running ldconfig should do the trick. Or recompile the binaries. |
Issue is resolved.
…On Fri, May 17, 2024 at 4:46 AM Peter Haag ***@***.***> wrote:
Actually just running ldconfig should do the trick. Or recompile the
binaries.
—
Reply to this email directly, view it on GitHub
<#523 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AHUIHYCGMZL4QFPGZB5U3STZCW7YHAVCNFSM6AAAAABHYX5QQWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMJXGA2TQNBQGA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
--
Ken Adey
|
Great! |
Hi Peter,
I'm trying to run both nfcapd and sfcapd (Version: 1.6.23) in a Windows 11 WSL V2 Ubuntu 22.05 distro.
They eventually SEGFAULT after about 5 or 10 minutes. They're also not actually processing any incoming flow data. Here's the dmesg logs:
[Wed May 15 19:00:01 2024] nfcapd[1364]: segfault at 9420 ip 0000000000009420 sp 00007ffe248e8f38 error 14 in nfcapd[5572a6b00000+3000]
[Wed May 15 19:00:01 2024] Code: Unable to access opcode bytes at RIP 0x93f6.
[Wed May 15 19:00:01 2024] potentially unexpected fatal signal 11.
[Wed May 15 19:00:01 2024] CPU: 9 PID: 1364 Comm: nfcapd Not tainted 5.15.146.1-microsoft-standard-WSL2 #1
[Wed May 15 19:00:01 2024] RIP: 0033:0x9420
[Wed May 15 19:00:01 2024] Code: Unable to access opcode bytes at RIP 0x93f6.
[Wed May 15 19:00:01 2024] RSP: 002b:00007ffe248e8f38 EFLAGS: 00010246
[Wed May 15 19:00:01 2024] RAX: 00007f878b0e0010 RBX: 00005572a8342ad0 RCX: 00000000000003e8
[Wed May 15 19:00:01 2024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[Wed May 15 19:00:01 2024] RBP: 00005572a83402c8 R08: 0000000000000035 R09: 00007ffe248e97a0
[Wed May 15 19:00:01 2024] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffe248ea8e0
[Wed May 15 19:00:01 2024] R13: 00005572a8342ad0 R14: 00007ffe248e97a0 R15: 00005572a83402c0
[Wed May 15 19:00:01 2024] FS: 00007f878bbc3740 GS: 0000000000000000
[Wed May 15 19:00:02 2024] sfcapd[1383]: segfault at 9420 ip 0000000000009420 sp 00007fff3dd3d548 error 14 in sfcapd[55653c880000+3000]
[Wed May 15 19:00:02 2024] Code: Unable to access opcode bytes at RIP 0x93f6.
[Wed May 15 19:00:02 2024] potentially unexpected fatal signal 11.
[Wed May 15 19:00:02 2024] CPU: 6 PID: 1383 Comm: sfcapd Not tainted 5.15.146.1-microsoft-standard-WSL2 #1
[Wed May 15 19:00:02 2024] RIP: 0033:0x9420
[Wed May 15 19:00:02 2024] Code: Unable to access opcode bytes at RIP 0x93f6.
[Wed May 15 19:00:02 2024] RSP: 002b:00007fff3dd3d548 EFLAGS: 00010246
[Wed May 15 19:00:02 2024] RAX: 00007f6a45d4e010 RBX: 000055653d3ef960 RCX: 000055653d3efa50
[Wed May 15 19:00:02 2024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[Wed May 15 19:00:02 2024] RBP: 000055653d3ed308 R08: 0000000000000035 R09: 00007fff3dd3d3f0
[Wed May 15 19:00:02 2024] R10: 00007fff3dd3dda0 R11: 0000000000000000 R12: 00007fff3dd3eee0
[Wed May 15 19:00:02 2024] R13: 000055653d3ef960 R14: 000055653d3ed300 R15: 000055653c893ad0
[Wed May 15 19:00:02 2024] FS: 00007f6a4674f740 GS: 0000000000000000
I can run one or the other just fine.
Please let me know what other info I can provide.
Ken....
The text was updated successfully, but these errors were encountered: