I'm still not able to recreate this bug (#2943) where we double free cb_data at the bottom of agentx_master_handler() (with the netsnmp_free_delegated_cache()).
Just in looking at the code logic, it seems like we allocate the netsnmp_delegated_cache structure only if the master sent a CleanupSet PDU. In the case I'm looking at, I can see the master has already disconnected the subagent: bgpd[5180]: snmp[info]: AgentX master disconnected us, reconnecting in 15 ip[8042]: *** Error in `/usr/sbin/snmpd': double free or corruption (fasttop): 0x0000000001d15420 *** zebra[21794]: snmp[info]: AgentX master disconnected us, reconnecting in 15 So when this happens, the master attempts to close_agentx_session(). My best guess (without being able to recreate this) is that this structure is freed here first. Is it possible to somehow protect the session (and all subsessions) from being freed if there the master is in the process of allocating netsnmp_delegated_cache? Can we set something like AGENTX_MSG_CLEANUPSET if we have disconnected (or timed out) any/all subagents? This is just to prevent the double free that happens at the end of agentx_master_handler(). Thanks, Sam
_______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders