Bug 293444 - net-analyzer/iptraf-3.0.0-r5 USE=ipv6 crashes when monitoring TCP/UDP on lo interface
Product: Gentoo Linux
Component: Current packages (show other bugs)
Hardware: AMD64 Linux
: High critical (vote)
Assignee: Netmon Herd
Blocks: 305781
Reported: 2009-11-16 23:35 UTC by Israel G. Lugo
Modified: 2010-06-29 14:34 UTC (History)
iptraf build directory, binary and core dump (iptraf-build.tar.bz2,738.42 KB, application/octet-stream)
2009-11-16 23:53 UTC, Israel G. Lugo

Description Israel G. Lugo 2009-11-16 23:35:57 UTC
iptraf crashes with a segmentation fault (SIGSEGV) when using the "statistical breakdowns by TCP/UDP port" feature on the loopback interface. This happens both when going through the graphical interface, and when launching directly with -s lo at the command line.

Sample session:
# iptraf -s lo
Fatal: memory allocation error

If you suspect a bug, please report the exact circumstances under which this
error was generated.  If possible, include gdb or strace data which may point
out where the error occured.  Bug reports may be sent in to

An attempt will be made to clear all lock files, but if stale lock files
remain, exit all other instances of IPTraf and restart with the -f
command-line parameter.

IPTraf process 11588 aborting on signal 11.

This machine has IPv6 support compiled in. iptraf was built with the following use flags:
# equery -q uses iptraf
 + + ipv6    : Adds support for IP version 6
 - - suid    : Enable setuid root program, with potential security risks
 + + unicode : Adds support for Unicode

Debugging with gdb yields the following:
Program received signal SIGSEGV, Segmentation fault.
0x000000000041cba7 in servmon (ifname=0x7fff54f20dd0 "lo", ports=0x0, options=0x7fff54f20de0, facilitytime=0, ofilter=0x7fff54f20c00) at serv.c:1056
1056                if ((((struct ip6_hdr *) ipacket)->ip6_nxt == IPPROTO_TCP)
(gdb) print ipacket
$1 = 0x0
(gdb) bt
#0  0x000000000041cba7 in servmon (ifname=0x7fff54f20dd0 "lo", ports=0x0, options=0x7fff54f20de0, facilitytime=0, ofilter=0x7fff54f20c00) at serv.c:1056
#1  0x0000000000404000 in program_interface (options=0x7fff54f20de0, opt=115, optarg=0x7fff54f20dd0 "lo", facilitytime=0) at iptraf.c:382
#2  0x0000000000404885 in main (argc=3, argv=0x7fff54f20ee8) at iptraf.c:672

Open sockets on loopback at the time were:
# netstat -atun | grep '127\.0\.0\.1\|::1'
tcp        0      0*               LISTEN
tcp        0      0 *               LISTEN
tcp        0      0*               LISTEN
tcp        0      0         ESTABLISHED
tcp        0      0          ESTABLISHED
tcp        0      0          ESTABLISHED
tcp        0      0         ESTABLISHED
tcp6       0      0 ::1:631                 :::*                    LISTEN

I am attaching a tar.bz2 containing the compiled binary (with debug information), a core dump, and corresponding source. I compiled this by running "ebuild prepare" unto a clean environment, then doing a "make -C src all CFLAGS=-g" inside the workspace.

System information:
# emerge --info
Portage (default/linux/amd64/10.0/desktop, gcc-4.3.4, glibc-2.9_p20081201-r2, 2.6.30-gentoo-r4 x86_64)
System uname: Linux-2.6.30-gentoo-r4-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_5200+-with-gentoo-1.12.13
Timestamp of tree: Mon, 16 Nov 2009 21:45:01 +0000
app-shells/bash:     4.0_p28
dev-java/java-config: 2.1.9-r1
dev-lang/python:     2.5.4-r3, 2.6.2-r1
dev-python/pycrypto: 2.0.1-r8
dev-util/cmake:      2.6.4-r3
sys-apps/baselayout: 1.12.13
sys-apps/sandbox:    1.6-r2
sys-devel/autoconf:  2.13, 2.63-r1
sys-devel/automake:  1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.2
sys-devel/binutils:  2.18-r3
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6a
virtual/os-headers:  2.6.27-r2
CFLAGS="-O2 -march=k8-sse3 -mfpmath=sse -pipe"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d"
CXXFLAGS="-O2 -march=k8-sse3 -mfpmath=sse -pipe"
EMERGE_DEFAULT_OPTS="--jobs=2 --load-average=3.00"
FEATURES="distlocks fixpackages parallel-fetch protect-owned sandbox sfperms strict unmerge-orphans userfetch"
MAKEOPTS="--jobs=3 --load-average=3.00"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
USE="3dnow 3dnowext X a52 aac aalib acl acpi adns aften akode alsa amd64 amr amrnb amrwb ao bash-completion berkdb bluetooth branding bzip2 cairo caps cdda cddb cdparanoia cdr cli clisp consolekit cracklib crypt cscope css cups curl dbus dia djvu dri dts dv dvd dvdr dvdread dvi emboss encode evo exif expat fam fame ffmpeg fftw firefox flac fortran fpx gd gdbm gif gimp gimpprint glib glitz gpac gphoto2 gpm graphviz gs gstreamer gtk gtkhtml hal hdri iconv icu id3tag idea ieee1394 imagemagick imlib inkjar ipv6 jbig jpeg jpeg2k kde kdeenablefinal kdehiddenvisibility kpathsea kqemu lame libass libcaca libnotify libsamplerate lm_sensors log4j logrotate lzo mad matroska mikmod mjpeg mmx mmxext mng modules motif mp2 mp3 mp4 mpeg mudflap multilib musepack ncurses new-clx nls nptl nptlonly nvidia ogg oggvorbis openexr opengl openmp pam pch pcre pda pdf perl pg-intdatetime physfs plotutils png pnm portaudio postgres postscript ppds pppd pyste python qt qt3support qt4 quicktime rar readline reflection samba scanner schroedinger sdl session silc smp sndfile solver soundtouch sox speex spell spl sqlite sqlite3 srt sse sse2 sse3 ssl startup-notification svg sysfs t1lib tcpd tetex theora threads thunar tiff timidity truetype tta twolame unicode usb v4l2 vamp vcd vim-syntax vorbis wavpack wma wmf x264 xanim xattr xml xmp xorg xpm xulrunner xv xvid xvmc zlib zoran" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev keyboard mouse wacom" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="nv nvidia vesa"
Comment 1 Israel G. Lugo 2009-11-16 23:53:42 UTC
Created attachment 210459 [details]
iptraf build directory, binary and core dump

tar.bz2 containing the compiled binary (with debug information), a core dump, and corresponding source. It's the contents of the /var/tmp/portage/net-analyzer/iptraf-3.0.0-r5/work/iptraf-3.0.0/src directory.

Compiled by doing "ebuild /usr/portage/net-analyzer/iptraf/iptraf-3.0.0-r5.ebuild prepare", then "make -C src clean ; make -C support clean ; make -C src all CFLAGS=-g" (as indicated in the package's Setup script).
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2010-04-28 18:37:05 UTC
I can't reproduce this bug. `iptraf -s lo' while doing something like `nmap localhost' in another window works quite nicely. Can you still reproduce it on an up to date system?
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2010-04-28 18:40:18 UTC
Ah. I can reproduce this with USE=ipv6. This does however look like bug #257353.
Comment 4 Jeroen Roovers (RETIRED) gentoo-dev 2010-04-28 18:57:01 UTC
Could you check whether iptraf-ng fixes this problem? I cannot reproduce it but then I don't have an IPv6 connection.