Hi All,
I'm looking for help on getting a simple ndpi proof of concept app going under linux (ubuntu 20, x64). I have an existing packet processing application which has a plugin architecture. The app runs under both Windows and Linux. Under linux, the plugin is a shared .so library, and under Windows, a .dll. I have compiled ndpi as a platform specific static library, which i link into the .so or .dll depending on platform. This simple test, described below, appears to be working correctly under Windows. Under linux however, it seems to crash in random locations inside a call to ndpi_detection_process_packet(). The basic use of ndpi is:

on the main plugin thread, I simply initialize ndpi:

	ndpi_ = ndpi_init_detection_module( ndpi_no_prefs );
	if (ndpi_) { 
		NDPI_PROTOCOL_BITMASK protos;
		NDPI_BITMASK_SET_ALL(protos);
		ndpi_set_protocol_detection_bitmask2(ndpi_, &protos);
		ndpi_finalize_initialization(ndpi_);
		
		...
	} 

mutliple worker threads process packets independently; each thread has it's own flowmap and holds an instance of ndpi_detection_module_struct. Each entry in a thread's flowmap holds an instance of ndpi_flow_struct named tflow.
As each packet is processed, we hand it to ndpi for processing:

		auto detected_l7_protocol = ndpi_detection_process_packet(
			ndpi_detection_module_, 
			tflow,
			layer3start,
			ip_total_len,
			packet_timestamp);

So, the same code runs on Windows, returning reasonable protocols, and crashes under Linux. GDB backtrace doesn't help too much, as the crash occurs at different locations and doesn't seem related to the line where the crash happens.
Does this sound familiar in any way? Any pointers on how to proceed at this point would be appreciated
Thanks!