hi,
while upgrading our rpm to net-snmp 5.3.0.1 i encountered net-snmp
crashes in the test suite on ppc64 and s390x. both are bigendian.
it works fine so far on ix86, x86_64, pcc, s390 and ia64.
after some debugging and reading we fixed the first issue:
[[[
Index: agent/agent_registry.c
===================================================================
--- agent/agent_registry.c.orig
+++ agent/agent_registry.c
@@ -1451,7 +1451,7 @@
lookup_cache *lookup_cache = NULL;
netsnmp_subtree *myptr = NULL, *previous = NULL;
int cmp = 1;
- int ll_off = 0;
+ size_t ll_off = 0;
if (subtree) {
myptr = subtree;
]]]
without this patch snmpd dies with a stack smashing.[1]
after this patch i encountered a second crash in
agent/mibgroup/disman/event/mteObjects.c:164
i have attached the stacktrace of thise crash to this mail.
sadly i cant run the binary in gdb for debugging it directly.
i tested it with and without our patches/stackprotector/optimizations.
any ideas on this?
with kind regards
marcus rueckert
[1] we build it with -fstack-protector.
--
openSUSE - SUSE Linux is my linux
openSUSE is good for you
#0 0x000000800010e0e8 in mteObjects_createEntry (owner=0x800017a338 "_snmpd",
oname=0x800017a340 "_triggerFire", index=2,
flags=20) at mteObjects.c:164
#1 0x000000800010e28c in mteObjects_addOID (owner=0x800017a338 "_snmpd",
oname=0x800017a340 "_triggerFire", index=2,
oid_name_buf=0x800017a368 ".1.3.6.1.2.1.88.2.1.2", wild=0) at
mteObjects.c:207
#2 0x000000800010dbe8 in _init_default_mteObject (oname=0x800017a340
"_triggerFire",
object=0x800017a368 ".1.3.6.1.2.1.88.2.1.2", index=2, wcard=0) at
mteObjects.c:50
#3 0x000000800010dcd4 in _init_default_mteObject_lists (majorID=0, minorID=0,
serverargs=0x0, clientarg=0x0)
at mteObjects.c:67
#4 0x0000008000373ad0 in snmp_call_callbacks (major=0, minor=0,
caller_arg=0x0) at callback.c:323
#5 0x0000008000360a3c in read_configs () at read_config.c:861
#6 0x000000800033138c in init_snmp (type=0x10007c28 "snmpd") at snmp_api.c:839
#7 0x00000000100055c4 in main (argc=13, argv=0x1fffffff718) at snmpd.c:906
#8 0x0000008000af0b0c in .generic_start_main () from /lib64/libc.so.6
#9 0x0000008000af0db8 in .__libc_start_main () from /lib64/libc.so.6
#10 0x0000000000000000 in ?? ()
#0 0x000000800010e0e8 in mteObjects_createEntry (owner=0x800017a338 "_snmpd",
oname=0x800017a340 "_triggerFire", index=2,
flags=20) at mteObjects.c:164
entry = (struct mteObject *) 0x10210ba0
row = (netsnmp_tdata_row *) 0x10200fe0
row2 = (netsnmp_tdata_row *) 0x1020a060
owner_len = 6
oname_len = 12
#1 0x000000800010e28c in mteObjects_addOID (owner=0x800017a338 "_snmpd",
oname=0x800017a340 "_triggerFire", index=2,
oid_name_buf=0x800017a368 ".1.3.6.1.2.1.88.2.1.2", wild=0) at
mteObjects.c:207
row = (netsnmp_tdata_row *) 0x1020a060
entry = (struct mteObject *) 0x1020f9b0
name_buf = {1, 3, 6, 1, 2, 1, 88, 2, 1, 2, 7782341580968755310,
8029466236339350792, 0, 270042912, 270042960, 75,
2815, 2314885530279477250, 2199023249936, 2199023250192, 270028208,
2199023250080, 18446744069414584326, 549767637552,
549759826024, 8361530980516765728, 549768616968, 2336916818972008812,
8459215992988919150, 2333181740475424886,
7020114996360078880, 5413442695284879213, 8103511083343438195, 0, 0, 0,
549755973632, 0, 549755974496, 0, 549756036352,
2199023250656, 549756121788, 0, 0, 1, 1, 201691700, 2199023250336,
549755974496, 2199023250192, 2199023250544,
2594676214090165024, 549755878092, 0, 0, 0, 0, 201691700, 0, 2199023250336,
0, 549756036352, 2199023250832, 1, 0, 1, 1, 1,
549756083712, 549755973632, 549755974496, 2199023250368, 2199023250720,
2594676209795203073, 549755878092, 2199023250560,
549758658576, 195858324, 0, 0, 0, 0, 0, 0, 0, 0, 0, 549756028424,
2199023253136, 268537896, 1629840, 549756043264,
549756396080, 549755973632, 2199023250704, 2594078066879758336, 549755896596,
549758657712, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
549756083712, 549756028424, 13, 2199023251940, 0, 2199023250832,
2199023250832, 2214593602, 549755924392,
2594078067148296232, 549755896596, 549758779392, 549757363000, 549757363008,
1, 549757363024, 0, 1, 0}
name_buf_len = 10
#2 0x000000800010dbe8 in _init_default_mteObject (oname=0x800017a340
"_triggerFire",
object=0x800017a368 ".1.3.6.1.2.1.88.2.1.2", index=2, wcard=0) at
mteObjects.c:50
entry = (struct mteObject *) 0x1020f9b0
#3 0x000000800010dcd4 in _init_default_mteObject_lists (majorID=0, minorID=0,
serverargs=0x0, clientarg=0x0)
at mteObjects.c:67
No locals.
#4 0x0000008000373ad0 in snmp_call_callbacks (major=0, minor=0,
caller_arg=0x0) at callback.c:323
scp = (struct snmp_gen_callback *) 0x1014f740
count = 3
__FUNCTION__ = "snmp_call_callbacks"
#5 0x0000008000360a3c in read_configs () at read_config.c:861
optional_config = 0x1001b2f0 "/tmp/snmp-test-1-15097/snmpd.conf"
__FUNCTION__ = "read_configs"
#6 0x000000800033138c in init_snmp (type=0x10007c28 "snmpd") at snmp_api.c:839
done_init = 1
#7 0x00000000100055c4 in main (argc=13, argv=0x1fffffff718) at snmpd.c:906
options = "aAc:CdD::fhHI:l:L:m:M:n:p:P:qrsS:UvV-:g:u:x:X", '\0'
<repeats 82 times>
arg = -1
i = 13
ret = 141
dont_fork = 1
do_help = 0
log_set = 1
uid = 0
gid = 0
agent_mode = -1
cptr = 0x1001b44c ""
argvptr = (char **) 0x1001b3a8
pid_file = 0x1fffffffa80 "/tmp/snmp-test-1-15097/snmpd.pid"
option_compatability = "-Le"
fd = 0
PID = (FILE *) 0x10002c54
__FUNCTION__ = "main"
#8 0x0000008000af0b0c in .generic_start_main () from /lib64/libc.so.6
No symbol table info available.
#9 0x0000008000af0db8 in .__libc_start_main () from /lib64/libc.so.6
No symbol table info available.
#10 0x0000000000000000 in ?? ()
No symbol table info available.
$1 = {oid_index = {len = 0, oids = 0x0}, indexes = 0x10211010, data =
0x10210ba0}
$2 = {mteOwner = "_snmpd", '\0' <repeats 26 times>, mteOName = "_triggerFire",
'\0' <repeats 20 times>, mteOIndex = 2,
mteObjectID = {0 <repeats 128 times>}, mteObjectID_len = 2, flags = 4}
$3 = {oid_index = {len = 0, oids = 0x102090b0}, indexes = 0x1020fe20, data =
0x1020f9b0}
