Probably a memory management related bug (free(): Invalid pointer)

[admtan]

Environment:

• OS name: Ubuntu Server 22.04
• OS version: (see below)

  admtan@IntelRabbit6:~$ lsb_release -a; uname -a
  No LSB modules are available.
  Distributor ID: Ubuntu
  Description:    Ubuntu 22.04.3 LTS
  Release:        22.04
  Codename:       jammy
  Linux IntelRabbit6 5.15.0-1036-intel-iotg #41-Ubuntu SMP Mon Jul 17 15:32:50 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

• Architecture: amd64
• ntopng version/revision: (see below)

  admtan@IntelRabbit6:~$ ntopng -V
  Version:        5.7.230809 [Enterprise/Professional build]
  GIT rev:        dev:c632e13f093c17416c750923a1df46ca623c24a0:20230809
  Pro rev:        r5996
  Built on:       Ubuntu 22.04.2 LTS
  System Id:      LB74E0F0E9206A1D8--UB74E0F0E3D788A72--OL
  Platform:       x86_64
  Edition:        Community
  License Type:   Time-Limited [Empty license file]
  Validity:       Until Thu Aug 10 05:21:41 2023

What happened: After applying v.5.7.230809, a memory management-related error occurred, causing the service to fall into a continuous restart situation. Since everything was working normally with v.5.7.230808, this is likely a bug. The system's memory-related settings have not been changed since installation with Subiquity's default values. (Swap is enabled.)

Aug 09 23:46:00 IntelRabbit6 systemd[1]: ntopng.service: Scheduled restart job, restart counter is at 81.
Aug 09 23:46:00 IntelRabbit6 systemd[1]: Stopped ntopng high-speed web-based traffic monitoring and analysis tool.
Aug 09 23:46:00 IntelRabbit6 systemd[1]: ntopng.service: Consumed 3.896s CPU time.
Aug 09 23:46:00 IntelRabbit6 systemd[1]: Starting ntopng high-speed web-based traffic monitoring and analysis tool...
Aug 09 23:46:00 IntelRabbit6 systemd[1]: Started ntopng high-speed web-based traffic monitoring and analysis tool.
Aug 09 23:46:00 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:00 [Redis.cpp:164] Successfully connected to redis 127.0.0.1:6379@0
Aug 09 23:46:00 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:00 [Redis.cpp:164] Successfully connected to redis 127.0.0.1:6379@0
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [PF_RINGInterface.cpp:77] Reading packets from PF_RING v.8.5.0 interface enp3s0...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:2748] Registered interface enp3s0 [id: 3]
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [PF_RINGInterface.cpp:77] Reading packets from PF_RING v.8.5.0 interface enp1s0f0...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:2748] Registered interface enp1s0f0 [id: 4]
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [PF_RINGInterface.cpp:77] Reading packets from PF_RING v.8.5.0 interface enp1s0f1...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:2748] Registered interface enp1s0f1 [id: 5]
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [main.cpp:366] PID stored in file /var/run/ntopng.pid
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Geolocation.cpp:170] Loaded database GeoLite2-ASN.mmdb [/var/lib/GeoIP/GeoLite2-ASN.mmdb][ip_version: 6]
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Geolocation.cpp:170] Loaded database GeoLite2-City.mmdb [/var/lib/GeoIP/GeoLite2-City.mmdb][ip_version: 6]
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Geolocation.cpp:75] Using geolocation provided by MaxMind (https://maxmind.com)
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [HTTPserver.cpp:1623] Found TLS certificate /usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [HTTPserver.cpp:1914] Web server dirs [/usr/share/ntopng/httpdocs][/usr/share/ntopng/scripts]
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [HTTPserver.cpp:1919] HTTP server listening on 3000
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Utils.cpp:860] User changed to ntopng
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [NetworkInterface.cpp:3447] Started flow user script hooks loop on interface enp3s0 [id: 3]...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [NetworkInterface.cpp:3507] Started host user script hooks loop on interface enp3s0 [id: 3]...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [NetworkInterface.cpp:3447] Started flow user script hooks loop on interface enp1s0f0 [id: 4]...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [NetworkInterface.cpp:3507] Started host user script hooks loop on interface enp1s0f0 [id: 4]...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [NetworkInterface.cpp:3447] Started flow user script hooks loop on interface enp1s0f1 [id: 5]...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [NetworkInterface.cpp:3507] Started host user script hooks loop on interface enp1s0f1 [id: 5]...
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [main.cpp:441] Working directory: /var/lib/ntopng
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [main.cpp:443] Scripts/HTML pages directory: /usr/share/ntopng
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:528] Welcome to ntopng x86_64 v.5.7.230809 (dev:c632e13f093c17416c750923a1df46ca623c24a0:20230809)
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:537] Built on Ubuntu 22.04.2 LTS
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:539] (C) 1998-23 ntop
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [FlowRiskAlerts.cpp:261] [!] nDPI risk 51/Fully encrypted flow has not been defined in ntopng
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:1045] Adding fe80::523e:aaff:fe07:392/128 as IPv6 interface address for enp3s0
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:1057] Adding fe80::523e:aaff:fe07:392/64 as IPv6 local network for enp3s0
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:1045] Adding fe80::9ab7:85ff:fe00:8632/128 as IPv6 interface address for enp1s0f0
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:1057] Adding fe80::9ab7:85ff:fe00:8632/64 as IPv6 local network for enp1s0f0
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:1045] Adding fe80::9ab7:85ff:fe00:8633/128 as IPv6 interface address for enp1s0f1
Aug 09 23:46:01 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:01 [Ntop.cpp:1057] Adding fe80::9ab7:85ff:fe00:8633/64 as IPv6 local network for enp1s0f1
Aug 09 23:46:03 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:03 [PeriodicActivities.cpp:108] Started periodic activities loop...
Aug 09 23:46:03 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:03 [startup.lua:35] Processing startup.lua: please hold on...
Aug 09 23:46:04 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:04 [startup.lua:118] [lists_utils.lua:827] Refreshing category lists...
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [startup.lua:118] [lists_utils.lua:751] Category Lists (9557 hosts, 14172 IPs, 0 JA3) loaded in 1 sec
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [startup.lua:122] Initializing device polices...
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [startup.lua:138] Initializing alerts...
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [startup.lua:147] Initializing timeseries...
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [startup.lua:235] Completed startup.lua
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [PeriodicActivities.cpp:167] Found 10 activities
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [HostChecksLoader.cpp:204] Unable to find host check external_host_script
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [NetworkInterface.cpp:3685] Setting affinity of interface enp3s0 to core 0
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [NetworkInterface.cpp:3697] Started packet polling on interface enp3s0 [id: 3]...
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [NetworkInterface.cpp:3685] Setting affinity of interface enp1s0f0 to core 1
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [NetworkInterface.cpp:3697] Started packet polling on interface enp1s0f0 [id: 4]...
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [NetworkInterface.cpp:3685] Setting affinity of interface enp1s0f1 to core 2
Aug 09 23:46:05 IntelRabbit6 ntopng[24739]: 09/Aug/2023 23:46:05 [NetworkInterface.cpp:3697] Started packet polling on interface enp1s0f1 [id: 5]...
Aug 09 23:46:15 IntelRabbit6 ntopng[24739]: free(): invalid pointer
Aug 09 23:46:15 IntelRabbit6 systemd[1]: ntopng.service: Main process exited, code=killed, status=6/ABRT
Aug 09 23:46:15 IntelRabbit6 systemd[1]: ntopng.service: Failed with result 'signal'.
Aug 09 23:46:15 IntelRabbit6 systemd[1]: ntopng.service: Consumed 6.045s CPU time.
Aug 09 23:46:21 IntelRabbit6 systemd[1]: ntopng.service: Scheduled restart job, restart counter is at 82.
Aug 09 23:46:21 IntelRabbit6 systemd[1]: Stopped ntopng high-speed web-based traffic monitoring and analysis tool.
Aug 09 23:46:21 IntelRabbit6 systemd[1]: ntopng.service: Consumed 6.045s CPU time.
Aug 09 23:46:21 IntelRabbit6 systemd[1]: Starting ntopng high-speed web-based traffic monitoring and analysis tool...
Aug 09 23:46:21 IntelRabbit6 systemd[1]: Started ntopng high-speed web-based traffic monitoring and analysis tool.
Aug 09 23:46:21 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:21 [Redis.cpp:164] Successfully connected to redis 127.0.0.1:6379@0
Aug 09 23:46:21 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:21 [Redis.cpp:164] Successfully connected to redis 127.0.0.1:6379@0
Aug 09 23:46:21 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:21 [PF_RINGInterface.cpp:77] Reading packets from PF_RING v.8.5.0 interface enp3s0...
Aug 09 23:46:21 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:21 [Ntop.cpp:2748] Registered interface enp3s0 [id: 3]
Aug 09 23:46:21 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:21 [PF_RINGInterface.cpp:77] Reading packets from PF_RING v.8.5.0 interface enp1s0f0...
Aug 09 23:46:21 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:21 [Ntop.cpp:2748] Registered interface enp1s0f0 [id: 4]
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [PF_RINGInterface.cpp:77] Reading packets from PF_RING v.8.5.0 interface enp1s0f1...
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:2748] Registered interface enp1s0f1 [id: 5]
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [main.cpp:366] PID stored in file /var/run/ntopng.pid
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Geolocation.cpp:170] Loaded database GeoLite2-ASN.mmdb [/var/lib/GeoIP/GeoLite2-ASN.mmdb][ip_version: 6]
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Geolocation.cpp:170] Loaded database GeoLite2-City.mmdb [/var/lib/GeoIP/GeoLite2-City.mmdb][ip_version: 6]
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Geolocation.cpp:75] Using geolocation provided by MaxMind (https://maxmind.com)
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [HTTPserver.cpp:1623] Found TLS certificate /usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [HTTPserver.cpp:1914] Web server dirs [/usr/share/ntopng/httpdocs][/usr/share/ntopng/scripts]
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [HTTPserver.cpp:1919] HTTP server listening on 3000
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Utils.cpp:860] User changed to ntopng
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [NetworkInterface.cpp:3507] Started host user script hooks loop on interface enp3s0 [id: 3]...
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [NetworkInterface.cpp:3447] Started flow user script hooks loop on interface enp3s0 [id: 3]...
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [NetworkInterface.cpp:3447] Started flow user script hooks loop on interface enp1s0f0 [id: 4]...
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [NetworkInterface.cpp:3507] Started host user script hooks loop on interface enp1s0f0 [id: 4]...
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [NetworkInterface.cpp:3447] Started flow user script hooks loop on interface enp1s0f1 [id: 5]...
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [NetworkInterface.cpp:3507] Started host user script hooks loop on interface enp1s0f1 [id: 5]...
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [main.cpp:441] Working directory: /var/lib/ntopng
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [main.cpp:443] Scripts/HTML pages directory: /usr/share/ntopng
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:528] Welcome to ntopng x86_64 v.5.7.230809 (dev:c632e13f093c17416c750923a1df46ca623c24a0:20230809)
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:537] Built on Ubuntu 22.04.2 LTS
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:539] (C) 1998-23 ntop
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [FlowRiskAlerts.cpp:261] [!] nDPI risk 51/Fully encrypted flow has not been defined in ntopng
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:1045] Adding fe80::523e:aaff:fe07:392/128 as IPv6 interface address for enp3s0
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:1057] Adding fe80::523e:aaff:fe07:392/64 as IPv6 local network for enp3s0
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:1045] Adding fe80::9ab7:85ff:fe00:8632/128 as IPv6 interface address for enp1s0f0
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:1057] Adding fe80::9ab7:85ff:fe00:8632/64 as IPv6 local network for enp1s0f0
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:1045] Adding fe80::9ab7:85ff:fe00:8633/128 as IPv6 interface address for enp1s0f1
Aug 09 23:46:22 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:22 [Ntop.cpp:1057] Adding fe80::9ab7:85ff:fe00:8633/64 as IPv6 local network for enp1s0f1
Aug 09 23:46:23 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:23 [PeriodicActivities.cpp:108] Started periodic activities loop...
Aug 09 23:46:24 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:24 [startup.lua:35] Processing startup.lua: please hold on...
Aug 09 23:46:24 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:24 [startup.lua:118] [lists_utils.lua:827] Refreshing category lists...
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [startup.lua:118] [lists_utils.lua:751] Category Lists (9557 hosts, 14172 IPs, 0 JA3) loaded in 1 sec
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [startup.lua:122] Initializing device polices...
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [startup.lua:138] Initializing alerts...
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [startup.lua:147] Initializing timeseries...
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [startup.lua:235] Completed startup.lua
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [PeriodicActivities.cpp:167] Found 10 activities
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [HostChecksLoader.cpp:204] Unable to find host check external_host_script
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [NetworkInterface.cpp:3685] Setting affinity of interface enp3s0 to core 0
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [NetworkInterface.cpp:3697] Started packet polling on interface enp3s0 [id: 3]...
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [NetworkInterface.cpp:3685] Setting affinity of interface enp1s0f0 to core 1
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [NetworkInterface.cpp:3697] Started packet polling on interface enp1s0f0 [id: 4]...
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [NetworkInterface.cpp:3685] Setting affinity of interface enp1s0f1 to core 2
Aug 09 23:46:25 IntelRabbit6 ntopng[25082]: 09/Aug/2023 23:46:25 [NetworkInterface.cpp:3697] Started packet polling on interface enp1s0f1 [id: 5]...
Aug 09 23:46:27 IntelRabbit6 ntopng[25082]: free(): invalid pointer
Aug 09 23:46:28 IntelRabbit6 systemd[1]: ntopng.service: Main process exited, code=killed, status=6/ABRT
Aug 09 23:46:28 IntelRabbit6 systemd[1]: ntopng.service: Failed with result 'signal'.
Aug 09 23:46:28 IntelRabbit6 systemd[1]: ntopng.service: Consumed 3.978s CPU time.

[lucaderi]

Fixed by https://github.com/ntop/ntopng/commit/139ac17a0c927224a87c4772bc5abaca1931e608 Packages being built and will be available in about 1h from now. Please report if working

[admtan]

Thank you fixing! Now is working correctly. (this issue may have been a duplicate of #7735.)