top-3.8beta1 improper use of free() on Solaris

Brought to you by: wnl

#47 top-3.8beta1 improper use of free() on Solaris

Milestone: v3.8beta

Status: open

Owner: nobody

Labels: Runtime Errors (11)

Priority: 5

Updated: 2010-03-07

Created: 2010-03-07

Creator: Ian Donaldson

Private: No

I found that top-3.8beta1 sometimes hung on Solaris.

This was tracked to malloc arena corruption due to improper use of
free() in the thread handling code.

This shows up immediately when debugging when using libumem...

eg: on Solaris 9/x86...

$ env LD_PRELOAD=/usr/lib/libumem.so.1 UMEM_DEBUG=guards,verbose ./top
free(807de00): invalid or corrupted buffer
stack trace:
libumem.so.1'?? (0xceb42f20)
libumem.so.1'free+0x4c
top'getptable+0x22f
top'get_process_info+0x5c
top'main+0x43f
top'_start+0x5d
Abort

free() was being handed a pointer that wasn't at the start
of the malloc()'d block.

I attach a patch to fix this.

Discussion

Ian Donaldson - 2010-03-07

free() fix for Solaris

EKIT.PATCH1

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

top-3.8beta1 improper use of free() on Solaris

Group

Searches

Help

#47 top-3.8beta1 improper use of free() on Solaris

Discussion