[prev in list] [next in list] [prev in thread] [next in thread]
List: net-snmp-bugs
Subject: [ net-snmp-Bugs-1572317 ] send_v2trap Memory Leak
From: "SourceForge.net" <noreply () sourceforge ! net>
Date: 2007-05-31 17:41:48
Message-ID: E1Htoei-0004aI-B3 () sc8-sf-web22 ! sourceforge ! net
[Download RAW message or body]
Bugs item #1572317, was opened at 2006-10-06 14:33
Message generated for change (Comment added) made by rstory
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=1572317&group_id=12694
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: agent
Group: agentx
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: cfan (davidhill)
Assigned to: Nobody/Anonymous (nobody)
Summary: send_v2trap Memory Leak
Initial Comment:
net-snmp-5.2.1.2
Red Hat Fedora 4
CALLING CODE FROM AGENT:
send_v2trap(notification_vars);
MEMORY LEAK CHECKER OUTPUT:
==24795== Memcheck, a memory error detector for x86-
linux.
==24795== Copyright (C) 2002-2005, and GNU GPL'd, by
Julian Seward et al.
==24795== Using valgrind-2.4.0, a program supervision
framework for x86-linux.
==24795== Copyright (C) 2000-2005, and GNU GPL'd, by
Julian Seward et al.
==24795== For more details, rerun with: -v
==24795==
.==24795== Syscall param socketcall.sendto(msg) points
to uninitialised byte(s)
==24795== at 0xA95471: sendto (in /lib/libc-2.3.6.so)
==24795== by 0x1B9E947F: snmp_sess_async_send
(snmp_api.c:4747)
==24795== by 0x1B9E9ABD: snmp_async_send
(snmp_api.c:4565)
==24795== by 0x1B9E9AE3: snmp_send (snmp_api.c:4551)
==24795== by 0x1B999363: send_trap_to_sess
(agent_trap.c:832)
==24795== by 0x1B999562: netsnmp_send_traps
(agent_trap.c:767)
==24795== by 0x1B99991E: send_enterprise_trap_vars
(agent_trap.c:792)
==24795== by 0x1B999959: send_trap_vars
(agent_trap.c:849)
==24795== by 0x1B9999C6: send_v2trap (agent_trap.c:908)
==24795== by 0x1B919CE4:
snmpmanager::SNMPManager::sendAlarmReport(char const*,
int, int, std::string, std::string)
(snmpmanager.cpp:267)
==24795== by 0x804F4DF: SNMPManagerTest::test1()
(tdriver.cpp:35)
==24795== by 0x80506B1:
CppUnit::TestCaller<SNMPManagerTest>::runTest()
(TestCaller.h:166)
==24795== Address 0x1BC49229 is 2009 bytes inside a
block of size 2048 alloc'd
==24795== at 0x1B909222: malloc
(vg_replace_malloc.c:130)
==24795== by 0x1B9E9354: snmp_sess_async_send
(snmp_api.c:4598)
==24795== by 0x1B9E9ABD: snmp_async_send
(snmp_api.c:4565)
==24795== by 0x1B9E9AE3: snmp_send (snmp_api.c:4551)
==24795== by 0x1B999363: send_trap_to_sess
(agent_trap.c:832)
==24795== by 0x1B999562: netsnmp_send_traps
(agent_trap.c:767)
==24795== by 0x1B99991E: send_enterprise_trap_vars
(agent_trap.c:792)
==24795== by 0x1B999959: send_trap_vars
(agent_trap.c:849)
==24795== by 0x1B9999C6: send_v2trap (agent_trap.c:908)
==24795== by 0x1B919CE4:
snmpmanager::SNMPManager::sendAlarmReport(char const*,
int, int, std::string, std::string)
(snmpmanager.cpp:267)
==24795== by 0x804F4DF: SNMPManagerTest::test1()
(tdriver.cpp:35)
==24795== by 0x80506B1:
CppUnit::TestCaller<SNMPManagerTest>::runTest()
(TestCaller.h:166)
2
MAJOR ALARM
<br />
Fri Oct 6 12:47:53 2006
..
<br />
<br />
atlanta
<br />
<br />
<br />
<br />
<br />
OK (3 tests)
<br />
<br />
==24795==
==24795== ERROR SUMMARY: 1 errors from 1 contexts
(suppressed: 63 from 1)
==24795== malloc/free: in use at exit: 615237 bytes in
1037 blocks.
==24795== malloc/free: 1445 allocs, 408 frees, 893436
bytes allocated.
==24795== For counts of detected errors, rerun with: -v
==24795== searching for pointers to 1037 not-freed
blocks.
==24795== checked 2052280 bytes.
==24795==
----------------------------------------------------------------------
Comment By: Robert Story (rstory)
Date: 2007-05-31 13:41
Message:
Logged In: YES
user_id=76148
Originator: NO
standard operating procedure for sending PDUs is that the library frees a
pdu which has successfully been sent, but does not free in the error case,
so the caller can re-use the pdu.
Has anyone tried to reproduce this for more recent releases?
----------------------------------------------------------------------
Comment By: Magnus Fromreide (magfr)
Date: 2007-05-19 17:37
Message:
Logged In: YES
user_id=1124910
Originator: NO
I think the proposed fix is wrong in the case of Inform- and
AgentX-Notify-PDU's as they expect a response and thus they shouldn't be
deleted that fast.
I suppose that a check of UCD_MSG_FLAG_EXPECT_RESPONSE in pdu->flags
should be enough to fix it but I think this is starting to look too
complex.
It is also worth to notice that we seems to leak the PDU in the other case
as well, only later, but I wouldn't trust this later part of the analysis
completely as I am heading to bed now.
----------------------------------------------------------------------
Comment By: Thomas Anders (tanders)
Date: 2007-05-09 07:54
Message:
Logged In: YES
user_id=848638
Originator: NO
Looks like this has just been reported as a new bug #1715210.
----------------------------------------------------------------------
Comment By: RedDevilDan (reddevildan)
Date: 2007-05-08 15:19
Message:
Logged In: YES
user_id=1788529
Originator: NO
I think the memory leak is due to this function at agent_trap.c
void
send_trap_to_sess(netsnmp_session * sess, netsnmp_pdu *template_pdu)
a new pdu is constructed by snmp_clone_pdu(), but the pdu is only free if
the trap didn't get sent correctly.
fix suggestion:
if (result == 0) {
snmp_sess_perror("snmpd: send_trap", sess);
snmp_free_pdu(pdu);
} else {
snmp_increment_statistic(STAT_SNMPOUTTRAPS);
snmp_increment_statistic(STAT_SNMPOUTPKTS);
}
snmp_free_pdu(pdu); /*a new fix*/
}
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=112694&aid=1572317&group_id=12694
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Net-snmp-bugs mailing list
Net-snmp-bugs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/net-snmp-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic