Date: Thu, 18 Dec 2008 06:30:04 GMT From: Bruce Cran <bruce@cran.org.uk> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/129706: top(1) corrupts SIZE field when a process allocates 2048GB memory Message-ID: <200812180630.mBI6U4Nt045981@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/129706; it has been noted by GNATS. From: Bruce Cran <bruce@cran.org.uk> To: Garrett Cooper <yanefbsd@gmail.com> Cc: Bruce Cran <bruce@cran.org.uk>, freebsd-gnats-submit@freebsd.org Subject: Re: bin/129706: top(1) corrupts SIZE field when a process allocates 2048GB memory Date: Thu, 18 Dec 2008 01:13:28 -0500 On Tue, Dec 16, 2008 at 10:51:42PM -0800, Garrett Cooper wrote: > Although I'd love to say it's top, it sounds more like a weird corner > case dealing with overflow / underflow and vmem allocation. It looks like it's an overflow bug in contrib/top/utils.c because format_2k uses a signed 'int' to represent the amount of memory: changing it to 'unsigned int' appears to fix it. top-3.8beta1 has removed the format_2k function but also changed the other format functions to take a 'long' parameter instead of 'int'. -- Bruce Cran
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812180630.mBI6U4Nt045981>