Greetings, I've run into a segmentation fault in net-snmp version 5.4 on our product, when there's a cpuIdle > or < alert set up in snmpd.conf.
The segfault is in snmp_oid_compare, called on line 281 of agent/mibgroup/disman/event/mteTrigger.c, in mteTrigger_run. vp2->name is sometimes 0, sometimes other values. I've seen vp2 pointing out into the ether, not within the process's memory space. entry->count is 2 at this point, vp2_prev->next_variable is pointing out there. vp2_prev seems fine. I've also seen vp2 be fine, but vp2->name with an address like "0x131". I assume we have some sort of memory management bug here. Occasionally, seemingly at random, I'll also get a glibc double free warning. This is x86_64, in one of the montavista distributions. If anyone more familiar with this code than I happens to know what could cause this, I'd appreciate it greatly :) I've been perusing mteTrigger_run looking for problems surrounding the calls to snmp_free_varbind, but haven't spotted anything just yet. -- Chris Larson Dedicated Engineer Montavista, Inc. Email: clarson AT mvista DOT com Email: clarson AT kergoth DOT com ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
