net-snmp-5.7_3 cores after a while. It also has a memory leak. # gdb GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-marcel-freebsd". (gdb) core /snmpd.core Core was generated by `snmpd'. Program terminated with signal 11, Segmentation fault. #0 0x286fe4fe in ?? () (gdb) bt #0 0x286fe4fe in ?? () #1 0x3f7ff100 in ?? () [...] #1152 0x0000000f in ?? () #1153 <signal handler called> Cannot access memory at address 0x4c (gdb) [helmut@BSDHelmut ~]$ ps auxww | grep snmpd root 41224 0.0 14.0 311996 292284 ?? S Sun03PM 12:38.10 /usr/local/sbin/snmpd -p /var/run/snmpd.pid [helmut@BSDHelmut ~]$ At startup it takes ~30MB, currently 312MB, I have also seen the process using 1.6GB. [helmut@BSDHelmut ~]$ sudo /usr/local/etc/rc.d/snmpd restart Stopping snmpd. Waiting for PIDS: 41224. Starting snmpd. mibII/mta_sendmail.c:open_sendmailst: could not guess version of statistics file "/var/log/sendmail.st" [helmut@BSDHelmut ~]$ ps auxww | grep snmpd root 62232 1.0 0.3 27324 6560 ?? S 12:16PM 0:00.07 /usr/local/sbin/snmpd -p /var/run/snmpd.pid [helmut@BSDHelmut ~]$ How-To-Repeat: Install net-snmp, wait.
Please upgrade to 'critical'. I ran snmpd with # /usr/local/sbin/snmpd -p /var/run/snmpd.pid -Lsd -DALL and got the following results. Oct 3 11:36:41 xxxxxxx kernel: pid 1625 (snmpd), uid 0: exited on signal 8 (core dumped) Last few log messages before it crashed: Oct 3 11:36:41 xxxxxxx snmpd[1625]: compare:index: Oct 3 11:36:41 xxxxxxx snmpd[1625]: result was 0 Oct 3 11:36:41 xxxxxxx snmpd[1625]: trace: Oct 3 11:36:41 xxxxxxx snmpd[1625]: _fs_type(): hardware/fsys/fsys_getfsstats.c, 63: Oct 3 11:36:41 xxxxxxx snmpd[1625]: fsys:type: Oct 3 11:36:41 xxxxxxx snmpd[1625]: Classifying linsysfs It crashes the first time you do an snmpwalk. Running FreeBSD 8.2-RELEASE-p3, net-snmp-5.7_1
I installed net-snmp-5.7_3 and got the same results.
On the box mentioned before it now stays alive for some reason, on an other one (FreeBSD 8.2) net-snmp-5.7_3 still crashes: Oct 5 13:05:39 xxx snmpd[91569]: compare:index: Oct 5 13:05:39 xxx snmpd[91569]: result was 0 Oct 5 13:05:39 xxx snmpd[91569]: trace: Oct 5 13:05:39 xxx snmpd[91569]: _fs_type(): hardware/fsys/fsys_getfsstats.c, 63: Oct 5 13:05:39 xxx snmpd[91569]: fsys:type: Oct 5 13:05:39 xxx snmpd[91569]: Classifying ufs
(gdb) core /snmpd.core Core was generated by `snmpd'. Program terminated with signal 8, Arithmetic exception. #0 0x00000008008069aa in ?? ()
Responsible Changed From-To: freebsd-ports-bugs->sylvio Fix synopsis and assign.
We also had problems with the recent version of the net-snmp port. The snmpd daemon kept dying with signal 8 and signal 11 on various machines. When I started looking at the source, I found two bugs: one buffer overrun and one division overflow. After applying the patches below, the problems are gone. I believe there are more bugs in the net-snmp source, but at least it doesn't die anymore on our machines. Important: These patches *replace* the existing patches for the two files specified. @sylvio: Please replace the two patch files and increase the PORTREVISION. Thank you very much! Best regards Oliver --- agent/mibgroup/hardware/fsys/fsys_getfsstats.c.orig 2011-07-02 00:35:46.000000000 +0200 +++ agent/mibgroup/hardware/fsys/fsys_getfsstats.c 2011-10-06 19:17:12.000000000 +0200 @@ -150,13 +150,13 @@ if (!entry) continue; - memcpy( entry->path, stats[i].f_mntonname, sizeof(entry->path) ); + strncpy( entry->path, stats[i].f_mntonname, sizeof(entry->path) ); entry->path[sizeof(entry->path)-1] = '\0'; - memcpy( entry->device, stats[i].f_mntfromname, sizeof(entry->device)); + strncpy( entry->device, stats[i].f_mntfromname, sizeof(entry->device)); entry->device[sizeof(entry->device)-1] = '\0'; entry->units = stats[i].f_bsize; /* or f_frsize */ entry->size = stats[i].f_blocks; - entry->used = stats[i].f_bfree; + entry->used = stats[i].f_blocks - stats[i].f_bfree; entry->avail = stats[i].f_bavail; entry->inums_total = stats[i].f_files; entry->inums_avail = stats[i].f_ffree; --- agent/mibgroup/ucd-snmp/disk_hw.c.orig 2011-07-02 00:35:46.000000000 +0200 +++ agent/mibgroup/ucd-snmp/disk_hw.c 2011-10-06 19:17:46.000000000 +0200 @@ -245,7 +245,9 @@ static int _percent( int value, int total ) { - return (int)( value * 100 ) / total; + if (!total) + return 100; + return (int)(( (int64_t) value * 100 ) / total); } static netsnmp_fsys_info **
I just noticed that gnats didn't handle my patches very well, i.e. they got misformatted. Therefore I have uploaded them here: http://www.secnetix.de/olli/tmp/patch-agent-mibgroup-hardware-fsys-fsys_getfsstats.c http://www.secnetix.de/olli/tmp/patch-agent-mibgroup-ucd-snmp_disk_hw.c Please download both of them. Be sure you don't accidentally convert tabs to spaces or vice versa. These two patch files replace the existing files with the same name in the "files" subdirectory of the net-snmp port. Best regards Oliver
I'm running i386 and amd64 with those patches since yesterday.
As the daemon sems stable with those patches the memory leak is now the bigger problem: root 70540 0.0 30.5 1102524 635852 ?? S Thu10PM 48:50.80 /usr/local/sbin/snmpd -p /var/run/snmpd.pid 1,1GB... -----Ursprüngliche Nachricht----- From: Helmut Schneider Sent: Friday, October 21, 2011 9:26 PM To: Oliver Fromme ; bug-followup@FreeBSD.org Subject: Re: ports/161064: net-mgmt/net-snmp cores and memory leak I'm running i386 and amd64 with those patches since yesterday.
Well, I found one more bug. Sigh. There's a free() call missing in the fsys_getfsstats.c file. I have updated the two patch files (see the URLs posted in my previous reply). Please re-fetch them to the port's "files" directory and rebuild. This will fix one memory leak for sure, but there might be more leaks hidden elsewhere. Best regards Oliver
Oliver's patch works for me, if that helps.
Unfortunately snmpd still seems to have a memory leak, after starting the deamon it used 27MB, currently it is using 195MB which i guess is too much. [helmut@BSDHelmut ~]$ ps auxww | grep /usr/local/sbin/snmpd root 32226 0.0 8.3 195260 172112 ?? S Thu08PM 30:41.36 /usr/local/sbin/snmpd -p /var/run/snmpd.pid [helmut@BSDHelmut ~]$
Responsible Changed From-To: sylvio->zi Taking due to maintainer timeout and criticality of this issue
zi 2011-11-01 22:31:03 UTC FreeBSD ports repository Modified files: net-mgmt/net-snmp Makefile net-mgmt/net-snmp/files patch-agent-mibgroup-hardware-fsys-fsys_getfsstats.c patch-agent-mibgroup-ucd-snmp_disk_hw.c Log: - Fix memleak (obtained from upstream commit: 6ef6907642247c663b9b8964b9fd44a211dbcaa7) - Fix logic error in local patch (to avoid divide by zero condition) - Fix buffer overflow possibility - Bump PORTREVISION PR: ports/161064 Submitted by: Helmut Schneider <jumper99@gmx.de> Approved by: maintainer timeout (1 month) Revision Changes Path 1.192 +1 -1 ports/net-mgmt/net-snmp/Makefile 1.2 +18 -4 ports/net-mgmt/net-snmp/files/patch-agent-mibgroup-hardware-fsys-fsys_getfsstats.c 1.2 +6 -4 ports/net-mgmt/net-snmp/files/patch-agent-mibgroup-ucd-snmp_disk_hw.c _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!