Hi All,
I am a software developer for Solaris. One of the daemons in solaris,
which uses libnetsnmp-5.4.1, gets a coredump during shutdown of the
daemon. Following is the stack trace:
libumem.so.1'umem_err_recoverable+0x42
libumem.so.1'process_free+0xe6
libumem.so.1'free+0x1e
libnetsnmp.so.15.1.0'free_slots+0xaa
libnetsnmp.so.15.1.0'snmp_call_callbacks+0x3a3
libnetsnmp.so.15.1.0'snmp_shutdown+0xc3
...
The above stack trace suggests that the code breaks somewhere in
free_slots of libnetsnmp.
code of free_slots in version 5.4.1 (Code of free_slots in version 5.7.2
is same):
105 static int
106 free_slots(int majorID, int minorID, void *serverarg, void *clientarg)
107 {
108 int slotcount, i;
109
110 if (pSlot != NULL) {
111 slotcount = pSlot->count;
112 for (i = 0; i < slotcount; i++) {
113 if (pSlot->pSession->hdl != NULL) {
114 free(pSlot->pSession->hdl);
115 }
116 }
117 free(pSlot);
118 }
119
120 (void) C_Finalize(NULL);
121 return 0;
122 }
In the above code, the for loop(lines 112 - 115) seems to be wrong
since the API C_Finalize(NULL) by pkcs11 framework will be releasing the
memory allocated to the handle. Also, to free a memory multiple times,
when slotcount is greater than 1, doesn't seem right.
I also found a memory leak in this code. pSlot->pSession is not being
freed but pSlot is getting freed up.
To fix these bugs, I applied the following patch:
--- net-snmp-5.4.1/snmplib/pkcs.c Thu Feb 21 15:18:43 2013
+++ net-snmp-5.4.1/snmplib/pkcs.mod.c Thu Feb 21 13:13:37 2013
@@ -105,19 +105,13 @@
static int
free_slots(int majorID, int minorID, void *serverarg, void *clientarg)
{
- int slotcount, i;
+ (void) C_Finalize(NULL);
if (pSlot != NULL) {
- slotcount = pSlot->count;
- for (i = 0; i < slotcount; i++) {
- if (pSlot->pSession->hdl != NULL) {
- free(pSlot->pSession->hdl);
- }
- }
+ SNMP_FREE(pSlot->pSession);
free(pSlot);
}
- (void) C_Finalize(NULL);
return 0;
}
After application of this patch, the daemon, which was dumping core
consistently during shutdown, doesn't dump core any more.
I found that a ticket was created regarding a similar issue
(http://sourceforge.net/p/net-snmp/bugs/2374/) but it was closed with
the following reason:
"From the stack trace that you have provided, it looks as if the problem
lies within the RtpSnmSubAgent module.
That is not part of the standard Net-SNMP code structure, so must have
been provided by a third party.
You will need to take this issue up with whoever supplied this subagent.
We cannot support third party code."
Can you please let me know what part of standard Net-SNMP code structure
is not being followed by RtpSnmSubAgent and the daemon I am working on?
Ashik.
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
