Created attachment 241981 [details] patch for net-mgmt/yaf and net/libfixbuf Trying to track down a segfault on my network monitoring probe, I noticed that yaf is quite out-of-date. libfixbuf is less so, but I updated both to see if it would make a difference to the crashes. I'm running the attached patch now; it passes `poudriere testport` but haven't determined yet whether it fixes the crash. I had to fix some missing includes in libairframe and update the packing list.
(Updating did not fix the segfault.)
(In reply to Garrett Wollman from comment #1) time to rebuild with DEBUG?
Currently testing with DPI disabled to see if that's where the problem is; it's running longer but I need at least a couple of days to be sure. The segfaults just started earlier this week when I pushed a global package update (with unmodified net-mgmt/yaf). The only prerequisite that changed was glib (yaf was not updated) so I suspect the ultimate cause is either in glib or in yaf code that calls glib improperly. It's been four hours so far without a crash after disabling DPI (which we weren't actually using: we had enabled it to collect SSH version strings to detect an attacker's C&C traffic in 2019, and SSH was the only protocol enabled).
Nope, even with DPI disabled it's still crashing. Not sure when I'll have more time to debug this.
<https://tools.netsa.cert.org/yaf2/download.html#release-2.13.0> <https://tools.netsa.cert.org/fixbuf2/download.html#release-2.4.2>
Comment on attachment 241981 [details] patch for net-mgmt/yaf and net/libfixbuf Maintainer timeout on both patches.
@wollamn Are you still interested in committing these patches?
(In reply to Robert Clausecker from comment #7) I'm not a committer. What I attached here is what we are running now (which does contain one patch rejected by upstream a long time ago). For what it's worth, the crashes decreased dramatically in frequency (although they haven't gone away) in the last few months. We did upgrade to 13.2 about four weeks ago but I think the stability improvement started before that.
Do you have a src or doc bit? If so, you can commit with approval from a ports committer (use "Approved by:"). If not, please let me know and I'll help you get these committed. Patch largely looks good from my part. Some questions: - you should switch to DISTVERSION from PORTVERSION if possible - if you commit, please make one commit for each of the two ports - is there any reason you use the EXTRA_PATCHES mechanism? If not, please use regular patches (to generate them, copy the original files to $file.orig, then patch the files, then run "make makepatch") - do you have a changelog for the update? If yes, please mention it in the commit message. With these issues addressed, the patches are LGTM from my side.
(In reply to Robert Clausecker from comment #9) I resigned as a src committer several years ago after it became clear that I had no time for any of this. I gave back my ports commit bit well before that. I'm happy to port my local changes forward if someone wants to just do a straight update; I don't have energy for whatever faff is currently expected.
I understand. Thank you for your work, I'll see that I get these adapted and in the tree.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=50844c209d8960a54cc58b75daeaf6f795358642 commit 50844c209d8960a54cc58b75daeaf6f795358642 Author: Garrett Wollman <wollman@FreeBSD.org> AuthorDate: 2023-11-20 07:07:15 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-11-24 06:12:31 +0000 net/libfixbuf: update to 2.4.2 Changelog: https://tools.netsa.cert.org/fixbuf2/release-history.html#release-2.4.2 PR: 271249 Approved by: nacho319+freebsdZilla@gmail.com (maintainer timeout) net/libfixbuf/Makefile | 2 +- net/libfixbuf/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=5fd544260929b691bfc5804dd288b404059c631e commit 5fd544260929b691bfc5804dd288b404059c631e Author: Garrett Wollman <wollman@FreeBSD.org> AuthorDate: 2023-11-20 07:15:31 +0000 Commit: Robert Clausecker <fuz@FreeBSD.org> CommitDate: 2023-11-24 06:12:31 +0000 net-mgmt/yaf: update to 2.13.0 Changelog: https://tools.netsa.cert.org/yaf2/release-history.html#release-2.14.0 PR: 271249 Approved by: dikshie@sfc.wide.ad.jp (maintainer timeout) net-mgmt/yaf/Makefile | 2 +- net-mgmt/yaf/distinfo | 6 ++-- .../yaf/files/patch-airframe_src_airdaemon.c (new) | 13 +++++++ .../files/patch-airframe_src_filedaemon.c (new) | 13 +++++++ .../yaf/files/patch-include_yaf_decode.h (new) | 11 ++++++ net-mgmt/yaf/files/patch-src_decode.c (new) | 15 ++++++++ net-mgmt/yaf/files/patch-src_yaf.pod (new) | 21 +++++++++++ net-mgmt/yaf/files/patch-src_yafstat.c (new) | 41 ++++++++++++++++++++++ net-mgmt/yaf/pkg-plist | 37 +++---------------- 9 files changed, 122 insertions(+), 37 deletions(-)
Thank you for your contribution.