Bug 174094

Summary: glibc free protection message appears during snmp_shutdown
Product: Red Hat Enterprise Linux 4 Reporter: Didier Drigues <didier.drigues>
Component: net-snmpAssignee: Jan Safranek <jsafrane>
Status: CLOSED INSUFFICIENT_DATA QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 4.0   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-15 11:38:54 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Didier Drigues 2005-11-24 14:15:47 UTC 
Description of problem:
glibc free protection message appears  when snmp_shutdown is called

Version-Release number of selected component (if applicable):
net-snmp-5.1.2-11.EL4.6 (Master Agent in AgentX mode)


How reproducible:
Always

Steps to Reproduce:
1. Call snmp_shutdown
  
Actual results:
*** glibc detected *** double free or corruption (!prev)"

Expected results:
No message

Additional info:
Pb found in net-snmp mailing list
http://www.mail-archive.com/net-snmp-users@lists.sourceforge.net/msg04481.html
Seems to be related to bug 1084653
Bhttp://sourceforge.net/tracker/?
group_id=12694&atid=112694&func=detail&aid=1084653
Comment 1 Radek Vokál 2006-01-06 12:17:37 UTC 
Oups, I thought this issue is already gone and fixed in net-snmp-5.1.2-11.EL.3.
See bug #157539 and clear_callbacks and free_session patches. Do you reproduce
the error with the same steps as in the bug you refer to? I've just tried on my
RHEL4 box a sample tt.c code and it seems to work fine.
Comment 2 Didier Drigues 2006-01-06 13:11:59 UTC 
yes.

# rpm -qa | grep snmp
net-snmp-utils-5.1.2-11.EL4.6
net-snmp-devel-5.1.2-11.EL4.6
net-snmp-perl-5.1.2-11.EL4.6
net-snmp-libs-5.1.2-11
php-snmp-4.3.9-3.8
net-snmp-5.1.2-11
# cat /etc/redhat-release 
Red Hat Enterprise Linux ES release 4 (Nahant Update 2)



# gcc -I/usr/local/include -g `net-snmp-config --agent-libs` tt.c
# ./a.out 
*** glibc detected *** double free or corruption (!prev): 0x0997a498 ***
Aborted

(gdb) bt
#0  0x0075b7a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
#1  0x007c47d5 in raise () from /lib/tls/libc.so.6
#2  0x007c6149 in abort () from /lib/tls/libc.so.6
#3  0x007f840a in __libc_message () from /lib/tls/libc.so.6
#4  0x007feb3f in _int_free () from /lib/tls/libc.so.6
#5  0x007feeba in free () from /lib/tls/libc.so.6
#6  0x00db2b86 in clear_callback () from /usr/lib/libnetsnmp.so.5
#7  0x00d9416f in snmp_shutdown () from /usr/lib/libnetsnmp.so.5
#8  0x0804864a in main (argc=1, argv=0xbff0f9d4) at tt.c:20

here is the snmpd.conf file

master agentx
rwcommunity public
trap2sink pro8
~
Comment 3 Jan Safranek 2007-06-18 09:15:55 UTC 
I apologize for long silence from Red Hat. I am new maintainer on net-snmp and I
am cleaning old bugs. The patch you are referring to is already fixed in
net-snmp-5.1.2-11.EL4.3, so it seems you have found different bug.  Could you
please try to reproduce the bug with latest RHEL 4.5 update? If it is still
reproducible, could you please attach the magic tt.c, which reproduces the bug?

Thanks in advance.
Comment 4 Jan Safranek 2008-01-15 11:38:54 UTC 
Closing due to reporter inactivity. Feel free to reopen the bug if you are able
to reproduce it and provide the required information.