bin/129706: top(1) corrupts SIZE field when a process
allocates 2048GB memory
Bruce Cran
bruce at cran.org.uk
Wed Dec 17 22:30:04 PST 2008
The following reply was made to PR bin/129706; it has been noted by GNATS.
From: Bruce Cran <bruce at cran.org.uk>
To: Garrett Cooper <yanefbsd at gmail.com>
Cc: Bruce Cran <bruce at cran.org.uk>, freebsd-gnats-submit at freebsd.org
Subject: Re: bin/129706: top(1) corrupts SIZE field when a process
allocates 2048GB memory
Date: Thu, 18 Dec 2008 01:13:28 -0500
On Tue, Dec 16, 2008 at 10:51:42PM -0800, Garrett Cooper wrote:
> Although I'd love to say it's top, it sounds more like a weird corner
> case dealing with overflow / underflow and vmem allocation.
It looks like it's an overflow bug in contrib/top/utils.c because
format_2k uses a signed 'int' to represent the amount of memory:
changing it to 'unsigned int' appears to fix it.
top-3.8beta1 has removed the format_2k function but also changed the
other format functions to take a 'long' parameter instead of 'int'.
--
Bruce Cran
More information about the freebsd-bugs
mailing list