Snow Leopard users: Turn off automatic date and time in System Preferences immediately

I hope that both of you haven't quit your day jobs for this. 😉 Many thanks

Just installed the rev 4. Logs (seems to be looking good):

****Dec 30 19:10:34 **** ntpd[282]: proto: fuzz beneath 0.125 usec
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: proto: precision = 1.000 usec (-20)
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: proto: fuzz beneath 0.125 usec
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: Listen and drop on 0 v6wildcard [::]:123
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: Listen and drop on 1 v4wildcard 0.0.0.0:123
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: Listen normally on 2 lo0 [::1]:123
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: Listen normally on 3 lo0 [fe80::1%1]:123
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: setsockopt IPV6_MULTICAST_IF 0 for fe80::1%1 fails: Can't assign requested address
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: Listen normally on 4 lo0 127.0.0.1:123
Dec 30 19:10:34 **** ntpd[282]: setsockopt IPV6_MULTICAST_IF 0 for fe80::1%1 fails: Can't assign requested address
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: Listen normally on 5 en1 192.168.1.47:123
Dec 30 19:10:34 **** org.ntp.ntpd[282]: 30 Dec 19:10:34 ntpd[282]: Listening on routing socket on fd #26 for interface updates
Dec 30 19:11:28 **** ntpd[290]: ntpd 4.2.8@1.3265-o Wed Dec 24 18:19:07 UTC 2014 (1): Starting
Dec 30 19:11:28 **** org.ntp.ntpd[290]: 30 Dec 19:11:28 ntpd[290]: ntpd 4.2.8@1.3265-o Wed Dec 24 18:19:07 UTC 2014 (1): Starting
Dec 30 19:11:28 **** org.ntp.ntpd[290]: 30 Dec 19:11:28 ntpd[290]: Command line: /usr/sbin/ntpd -c /private/etc/ntp-restrict.conf -n -g -p /var/run/ntpd.pid -f /var/db/ntp.drift

Question: upon going from manual to automatic, in Little Snitch network monitor, seeing quick connection to sntp, then to ntpd. Wondering what that's about. Hadn't seen that before.

Question: upon going from manual to automatic, in Little Snitch network monitor, seeing quick connection to sntp, then to ntpd. Wondering what that's about. Hadn't seen that before.

SNTP is a reduced version of the NTP protocol that can be used to replace TIME clients.

http://wiki.tcl.tk/3391

Why is it doing this in the rev4? Wasn't with the command line version.

I think you may be misunderstanding what I said. This was the Little Snitch network monitor, a small splash screen where active outgoing connections or connections history are reported. It was not a prompt from LS to allow or deny. The connection to sntp was allowed, via protected rules in the LS rules--an area entirely different from the network monitor, to allow both ntpd and sntp connections (UDP to Port 123 / ntp) I saw that, upon resuming automatic from manual in date and time, there was a very brief outgoing connection to sntp. It lasted maybe less than a second, then ntdp took over, whereupon the sntp connection became greyed out and then showed as "terminated." It finally disappeared entirely.

If this is now expected behavior, behavior which you consider normal according to the way the installer has been rewritten, then I have no concerns. I was just surprised at seeing this, since I had never seen it before and I wondered what was creating this new behavior. In fact, since LS has protected rules (meaning rules which are set by default, but which can be overridden if necessary) both for ntpd and sntp, then I suppose this is sometimes, at least, expected behavior-- Below is a screenshot from my LS network monitor in 10.8.5. Also note that my LS is responsible only for outgoing connections. There is a newer version which can define both outgoing and incoming, but that's not the case here.

In fact, scratch all that about whether this should be happening or not: As a test, I just went from manual to auto in 10.8.5, something I never do there, with the network monitor displayed, which it usually isn't, and it did the exact same thing as described above. Quickly connected to sntp and then ntpd took over. It happens very quickly, so I can't even take a screenshot of it to show you. This is obviously completely normal.

I realized--posted in bold and a larger font at the bottom of my reply--upon checking that behavior in my ML, that it was normal (I guess you didn't see that). Especially, since it appears that you are now using the ML ntpd-wrapper. And many thanks to you for all the work you've put in on this.

flatsixracer wrote:

Great. Yes, the sntp -v error was corrected in the newer installer by including the updated ntpd-wrapper with the correct command for sntp:

...

if sntp -K /dev/null -s ${server} &> ${LOG}; then

I had, yesterday evening (my comments above were related to that) installed the rev 4 on a "virgin" external partition which still had the original 4.2.4. Just now, installed the rev 4 on the internal drive and got this ntpd crash, which I can't reproduce, so I'm assuming it was a one-off event due to the fact that the new rev 4 being installed was overwriting the pre-exisitng 4.2.8 files from flatsixracer's original command line version, which I installed there way back at the beginning of this thread, much before the installer arrived.

My thinking is that *** error for object 0x10020fe48: incorrect checksum for freed object - object was probably modified after being freed reflects the overwriting of flatsixracer's first command line version that relied on binaries compiled by Xcode, thereby producing the incorrect checksum, which com.apple.TrustEvaluationAgent was made very unhappy by. Otherwise, I'm in the dark about why this crash happened. Other than that, it appears to be performing properly.

What do you think?

Process: ntpd [128]
Path: /usr/sbin/ntpd
Identifier: ntpd
Version: ??? (???)
Code Type: X86-64 (Native)
Parent Process: launchd [1]

Date/Time: 2014-12-31 11:19:33.212 -0500
OS Version: Mac OS X 10.6.8 (10K549)
Report Version: 6

Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Crashed Thread: 0 Dispatch queue: com.apple.main-thread

Application Specific Information:
*** error for object 0x10020fe48: incorrect checksum for freed object - object was probably modified after being freed.

Thread 0 Crashed: Dispatch queue: com.apple.main-thread
0 libSystem.B.dylib 0x00007fff87b460b6 __kill + 10
1 libSystem.B.dylib 0x00007fff87be69f6 abort + 83
2 libSystem.B.dylib 0x00007fff87bd562d szone_error + 519
3 libSystem.B.dylib 0x00007fff87b016c6 tiny_free_list_remove_ptr + 158
4 libSystem.B.dylib 0x00007fff87afec8e szone_free_definite_size + 2005
5 libcrypto.0.9.8.dylib 0x00007fff841dd3b5 CRYPTO_free + 37
6 libcrypto.0.9.8.dylib 0x00007fff841d9a4b lh_delete + 203
7 libcrypto.0.9.8.dylib 0x00007fff8424deae OBJ_NAME_remove + 46
8 libcrypto.0.9.8.dylib 0x00007fff841d9dbd lh_doall + 77
9 libcrypto.0.9.8.dylib 0x00007fff8424ddcc OBJ_NAME_cleanup + 60
10 libcrypto.0.9.8.dylib 0x00007fff8422b1ee EVP_cleanup + 14
11 ntpd 0x000000010005077b atexit_ssl_cleanup + 43
12 libSystem.B.dylib 0x00007fff87b0a37f __cxa_finalize + 214
13 libSystem.B.dylib 0x00007fff87b0a28c exit + 18
14 ntpd 0x0000000100011948 finish + 88
15 libSystem.B.dylib 0x00007fff87b581ba _sigtramp + 26
16 ??? 0x00007fff5fbff1a0 0 + 140734799802784
17 libSystem.B.dylib 0x00007fff87afecdc szone_free_definite_size + 2083
18 ntpd 0x0000000100020186 filegen_unregister + 134
19 ntpd 0x0000000100033723 uninit_util + 99
20 libSystem.B.dylib 0x00007fff87b0a37f __cxa_finalize + 214
21 libSystem.B.dylib 0x00007fff87b0a28c exit + 18
22 ntpd 0x0000000100051aa4 exit_worker + 68
23 ntpd 0x0000000100051ef4 send_blocking_req_internal + 1092
24 ntpd 0x000000010004f57b queue_blocking_request + 187
25 ntpd 0x000000010004e5b4 getaddrinfo_sometime + 372
26 ntpd 0x0000000100002c8c config_peers + 1036
27 ntpd 0x0000000100004ee9 config_ntpd + 6521
28 ntpd 0x000000010000792c getconfig + 380
29 ntpd 0x000000010001224b ntpdmain + 1707
30 ntpd 0x0000000100001374 start + 52

Thread 0 crashed with X86 Thread State (64-bit):
rax: 0x0000000000000000 rbx: 0x0000000100108000 rcx: 0x00007fff5fbfe798 rdx: 0x0000000000000000
rdi: 0x0000000000000080 rsi: 0x0000000000000006 rbp: 0x00007fff5fbfe7b0 rsp: 0x00007fff5fbfe798
r8: 0x0000000000000903 r9: 0x0000000000000000 r10: 0x00007fff87b420fa r11: 0x0000000000000206
r12: 0x0000000000000000 r13: 0x000000010020fe48 r14: 0x00000001000d6000 r15: 0x00000001001080c0
rip: 0x00007fff87b460b6 rfl: 0x0000000000000206 cr2: 0x00007fff70de3008

Binary Images:
0x100000000 - 0x100091fef +ntpd ??? (???) <79F0785F-B853-3CAF-9049-862F70132304> /usr/sbin/ntpd
0x7fff5fc00000 - 0x7fff5fc3be0f dyld 132.1 (???) <29DECB19-0193-2575-D838-CF743F0400B2> /usr/lib/dyld
0x7fff81e0b000 - 0x7fff81e4aff7 libssl.0.9.8.dylib 0.9.8 (compatibility 0.9.8) <B2E93DEC-2F33-366A-995C-ACA0523D508F> /usr/lib/libssl.0.9.8.dylib
0x7fff8419b000 - 0x7fff842baff7 libcrypto.0.9.8.dylib 0.9.8 (compatibility 0.9.8) <0CE8D59B-D0C7-1DCE-3654-37F27F61BEFA> /usr/lib/libcrypto.0.9.8.dylib
0x7fff84f67000 - 0x7fff84f68ff7 com.apple.TrustEvaluationAgent 1.1 (1) <5952A9FA-BC2B-16EF-91A7-43902A5C07B6> /System/Library/PrivateFrameworks/TrustEvaluationAgent.framework/Versions/A/Tru stEvaluationAgent
0x7fff8636d000 - 0x7fff8637eff7 libz.1.dylib 1.2.3 (compatibility 1.0.0) <97019C74-161A-3488-41EC-A6CA8738418C> /usr/lib/libz.1.dylib
0x7fff87af7000 - 0x7fff87cb8fef libSystem.B.dylib 125.2.11 (compatibility 1.0.0) <9AB4F1D1-89DC-0E8A-DC8E-A4FE4D69DB69> /usr/lib/libSystem.B.dylib
0x7fff88f9e000 - 0x7fff88fa2ff7 libmathCommon.A.dylib 315.0.0 (compatibility 1.0.0) <95718673-FEEE-B6ED-B127-BCDBDB60D4E5> /usr/lib/system/libmathCommon.A.dylib
0x7fff8a6e8000 - 0x7fff8a709fff libresolv.9.dylib 41.1.0 (compatibility 1.0.0) <9410EC7F-4D24-6740-AFEE-90405750FAD7> /usr/lib/libresolv.9.dylib
0x7fffffe00000 - 0x7fffffe01fff libSystem.B.dylib ??? (???) <9AB4F1D1-89DC-0E8A-DC8E-A4FE4D69DB69> /usr/lib/libSystem.B.dylib

Personally I haven't yet committed to using any of the 4.2.8's on my primary working system until I am convinced it's 100% safe to do so.

So, if your primary working system is 10.6, what are you doing there? You think the 4.2.8, as is, has some intrinsic incompatibility with OSX? I'm at a loss now what to do. Could try the one from MacIssues, Topher Kessler's site, or the GitHub one, but if it's intrinsic to the 4.2.8, then none of those is going to be the solution. And wouldn't want to try out the beta and find myself back at square one.

It's probably too late for this now, since a lot of people have lost the original 4.2.4 after trying out the 4.2.8, in one flavor or another, and way, way above my pay grade, but wondering if someone with the skills could port Apple's patch to the original 10.6 4.2.4, with the necessary modifications, whatever they might be.

This was a mild crash/abort. But a KP is far more serious and, if the 4.2.8 was clearly responsible, that points to system instability. Then again, some KPs can happen just once and never again.