NetBSD Problem Report #39200

From gcw@primenet.com.au  Thu Jul 24 03:37:49 2008
Return-Path: <gcw@primenet.com.au>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by narn.NetBSD.org (Postfix) with ESMTP id BB45263B89E
	for <gnats-bugs@gnats.NetBSD.org>; Thu, 24 Jul 2008 03:37:48 +0000 (UTC)
Message-Id: <20080724033741.24279.qmail@g.primenet.com.au>
Date: 24 Jul 2008 13:37:41 +1000
From: gcw@primenet.com.au
Reply-To: gcw@primenet.com.au
To: gnats-bugs@gnats.NetBSD.org
Subject: external program "top" overruns allocated memory for multiple cpus
X-Send-Pr-Version: 3.95

>Number:         39200
>Category:       bin
>Synopsis:       top fails on multiple cpus
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jul 24 03:40:00 +0000 2008
>Closed-Date:    Mon Nov 03 02:43:36 +0000 2008
>Last-Modified:  Mon Nov 03 02:43:36 +0000 2008
>Originator:     Geoff C. Wing
>Release:        NetBSD 4.99.70
>Organization:
>Environment:
System: NetBSD g.primenet.com.au 4.99.70 NetBSD 4.99.70 (G) #0: Mon Jul 21 13:08:27 EST 2008 gcw@g.primenet.com.au:/usr/netbsd/src/sys/arch/i386/compile/G i386
Architecture: i386
Machine: i386
>Description:
	top fails to reset an index on multiple cpu machines which
	causes it to access memory past its allocated space.

>How-To-Repeat:
	run with malloc checking
>Fix:

--- external/bsd/top/dist/display.c	2008-07-24 13:29:00.000000000 +1000
+++ external/bsd/top/dist/display.c.org	2008-07-16 10:36:15.000000000 +1000
@@ -1181,7 +1181,7 @@
     int *colp;
     int color = 0;
 #ifdef ENABLE_COLOR
-    int *cidx;
+    int *cidx = cpustate_cidx;
 #endif
     int c, i;

@@ -1196,9 +1196,6 @@

     for (c = 0; c < (multi ? ncpu : 1); c++)
     {
-#ifdef ENABLE_COLOR
-    	cidx = cpustate_cidx;
-#endif

 	/* print tag */
 	display_write(0, y_cpustates + c, 0, 0, cpustates_tag(c));
@@ -1247,7 +1244,7 @@
     int *colp;
     int color = 0;
 #ifdef ENABLE_COLOR
-    int *cidx;
+    int *cidx = cpustate_cidx;
 #endif
     int c, i;

@@ -1264,9 +1261,6 @@

     for (c = 0; c < (multi ? ncpu : 1); c++)
     {
-#ifdef ENABLE_COLOR
-    	cidx = cpustate_cidx;
-#endif
 	colp = cpustate_columns;
 	/* we could be much more optimal about this */
 	for (names = cpustate_names; (thisname = *names++) != NULL;)

>Release-Note:

>Audit-Trail:
From: Christos Zoulas <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/39200 CVS commit: src/external/bsd/top/dist
Date: Thu, 24 Jul 2008 15:10:34 +0000 (UTC)

 Module Name:	src
 Committed By:	christos
 Date:		Thu Jul 24 15:10:34 UTC 2008

 Modified Files:
 	src/external/bsd/top/dist: display.c

 Log Message:
 PR/39200: Geoff Wing: Fix memory stomping on multi-cpu machines.


 To generate a diff of this commit:
 cvs rdiff -r1.2 -r1.3 src/external/bsd/top/dist/display.c

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: snj@NetBSD.org
State-Changed-When: Mon, 03 Nov 2008 02:43:36 +0000
State-Changed-Why:
christos applied this patch in July.
Thanks for the submission!


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.