Hi,
I am seeing a segmentation fault when SNMP is booting up, following is the back
trace for the same:
#################
Core was generated by `/opt/tms/bin/snmpd -f -s -c /etc/snmpd.conf'.
Program terminated with signal 11, Segmentation fault.
#0 0x0000002a9676e700 in strchr () from /lib64/tls/libc.so.6
Thread 1 (process 4611):
#0 0x0000002a9676e700 in strchr () from /lib64/tls/libc.so.6
No symbol table info available.
#1 0x0000002a95b07838 in snmp_parse_oid (argv=0x480004fb <Address 0x480004fb
out of bounds>, root=0x7fbffff480, rootlen=0x7fbffff478) at mib.c:5825
savlen = 128
tmpbuf_len = 0
tmpbuf = 0x0
suffix = 0x0
prefix = 0x0
__FUNCTION__ = "snmp_parse_oid"
#2 0x0000002a956db6c1 in mteObjects_addOID (owner=0x2a9572abfc "_snmpd",
oname=0x9572ac03 <Address 0x9572ac03 out of bounds>, index=2, oid_name_buf=0x6
<Address 0x6 out of bounds>, wild=6) at disman/event/mteObjects.c:206
row = <value optimized out>
entry = <value optimized out>
name_buf = {1, 3, 6, 1, 2, 1, 88, 2, 1, 1, 0, 0, 0, 0, 0, 0,
34359738368, 0, 0, 0, 0, 0, 428790397804926154, 4346335394598829722,
549755813887, 182894070322, 0, 182914840000, 0, 548682069872, 1, 0,
548682069249, 1, 548682069584, 182903424261, 548682069872, 19806618174344,
7119725, 0, 6559936, 548682069888, 7119712, 182912837297, 206158430248,
548682069696, 548682069504, 33152, 0, 0, 2565, 7119712, 6559968, 548682069888,
0, 1353833802, 0, 182914852416, 14, 182894057945, 0, 182894057945, 0,
182914852416, 0, 6559936, 182895261590, 182895220848, 182895177192, 15,
182915998016, 0, 548682070000, 182895204312, 201691700, 182895240656,
207615620, 182894115440, 548682070064, 548682070000, 201691700, 182895240656,
0, 182894058878, 0, 180388626433, 0, 180388626433, 0, 180388626433,
548682070160, 4294967296, 0, 182894115440, 548682070104, 182894114600,
548682070120, 182894114600, 0, 28710885711151105, 0, 180388626433,
7277943443362444402, 4294967296, 0, 182897405128, 548682070200, 182897404288,
548682071288, 0, 182895204312, 182894114600, 182895186648, 182897170528, 0, 0,
0, 182901479360, 0, 182894070634, 1, 0, 180388626433, 182895204312, 0,
182894070322, 0, 182895948773}
name_buf_len = <value optimized out>
#3 0x0000002a956db7a8 in _init_default_mteObject (oname=0x3a <Address 0x3a out
of bounds>, object=0x6 <Address 0x6 out of bounds>, index=5, wcard=0) at
disman/event/mteObjects.c:50
entry = (struct mteObject *) 0x480004fb
#4 0x0000002a956db829 in _init_default_mteObject_lists (majorID=<value
optimized out>, minorID=<value optimized out>, serverargs=<value optimized
out>, clientarg=<value optimized out>) at disman/event/mteObjects.c:71
_defaults_init = 0
#5 0x0000002a95b3a1f0 in snmp_call_callbacks (major=0, minor=0,
caller_arg=0x0) at callback.c:323
scp = (struct snmp_gen_callback *) 0x628e70
count = 3
__FUNCTION__ = "snmp_call_callbacks"
#6 0x0000000000403355 in main ()
No symbol table info available.
###################
net-snmp version: 5.3.1
Output of 'uname -a':
Linux localhost 2.6.9-34.EL-rbt-13145SMP #2 SMP Tue Sep 4 23:30:05 PDT 2012
x86_64 x86_64 x86_64 GNU/Linux
###################
I cannot reproduce it on other appliances of similar configuration. I am trying
to understand the code where it is crashing, and it seems certain mteObject
OIDs are being set during boot up, and that segfaults for one of the
appliances. The following is the code where the 'object' being passed to
_init_default_mteObject() is going out of bounds:
###################
void
_init_default_mteObject( const char *oname, const char *object, int index, int
wcard)
{
struct mteObject *entry;
entry = mteObjects_addOID( "_snmpd", oname, index, object, 0 );
if (entry) {
entry->flags |= MTE_OBJECT_FLAG_ACTIVE|
MTE_OBJECT_FLAG_FIXED |
MTE_OBJECT_FLAG_VALID;
if (wcard)
entry->flags |= MTE_OBJECT_FLAG_WILD;
}
}
int
_init_default_mteObject_lists( int majorID, int minorID,
void *serverargs, void *clientarg)
{
static int _defaults_init = 0;
if (_defaults_init)
return 0;
/* mteHotTrigger */
_init_default_mteObject( "_triggerFire", ".1.3.6.1.2.1.88.2.1.1", 1, 0);
/* mteHotTargetName */
_init_default_mteObject( "_triggerFire", ".1.3.6.1.2.1.88.2.1.2", 2, 0);
/* mteHotContextName */
_init_default_mteObject( "_triggerFire", ".1.3.6.1.2.1.88.2.1.3", 3, 0);
/* mteHotOID */
_init_default_mteObject( "_triggerFire", ".1.3.6.1.2.1.88.2.1.4", 4, 0);
/* mteHotValue */
_init_default_mteObject( "_triggerFire", ".1.3.6.1.2.1.88.2.1.5", 5, 0);
:
:
:
:
###################
So, there is nothing obvious that is updating the 'object' as such. Could this
be a case of stack corruption? Or am I missing something here? Appreciate any
help.
Thanks & Regards,
Abhiraj
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
