Date: Fri, 20 Jan 2006 21:20:59 +0100 From: Fredrik Lindberg <fli+freebsd-current@shapeshifter.se> To: Giorgos Keramidas <keramida@ceid.upatras.gr> Cc: freebsd-current@freebsd.org, jasone@freebsd.org, Steve Kargl <sgk@troutmask.apl.washington.edu> Subject: Re: top(1) aborts in redzone Message-ID: <43D1462B.8080807@shapeshifter.se> In-Reply-To: <20060120200449.GB94172@flame.pc> References: <20060120193620.GA26029@troutmask.apl.washington.edu> <20060120200449.GB94172@flame.pc>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format.
--------------060604060305040101040307
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Giorgos Keramidas wrote:
> On 2006-01-20 11:36, Steve Kargl <sgk@troutmask.apl.washington.edu> wrote:
>
>>75 processes: 5 running, 70 sleeping
>>CPU states: 98.3% user, 0.0% nice, 1.7% system, 0.0% interrupt, 0.0% idle
>>Mem: 586M Active, 1202M Inact, 200M Wired, 20K Cache, 214M Buf, 9752M Free
>>Swap: 17G Total, 17G Free
>>
>>top: (malloc) Corrupted redzone 1 byte after 0x2020056f0 (size 1975) (0x0)D
>>Abort (core dumped) 1 132 0 295M 257M RUN 0 5:07 93.95% scat
>>troutmask:kargl[202] 132 0 295M 257M RUN 0 5:02 93.26% scat
>>
>>The above happened as I was resizing an xterm with an
>>actively run top(1). This is on amd64 with malloc.c
>>v 1.100.
>
>
> Can you file a bug report please? I will look into this, as I can
> reproduce it here, but I don't want it to be forgotten or lost in
> list-noise.
>
> Thanks in advance :)
>
It's writing past its buffer when a line gets truncated.
Either increase the buffer by one, or decrease the offset on the
places where it is manupulating the buffer.
Both solutions work (I tried them), the easiest one is attached.
Fredrik Lindberg
--------------060604060305040101040307
Content-Type: text/plain;
name="display.c-20060120.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="display.c-20060120.patch"
Index: display.c
===================================================================
RCS file: /home/ncvs/src/contrib/top/display.c,v
retrieving revision 1.9
diff -u -r1.9 display.c
--- display.c 19 May 2005 13:34:19 -0000 1.9
+++ display.c 20 Jan 2006 20:18:03 -0000
@@ -114,7 +114,7 @@
}
/* now, allocate space for the screen buffer */
- screenbuf = (char *)malloc(lines * display_width);
+ screenbuf = (char *)malloc(lines * (display_width + 1));
if (screenbuf == (char *)NULL)
{
/* oops! */
--------------060604060305040101040307--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43D1462B.8080807>