https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257368
Bug ID: 257368
Summary: ggate(d) misbehaving
Product: Base System
Version: 12.2-STABLE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
Looks like there's a 32 bit integer overflow or underflow glitch in ggated or
ggatec (not sure yet which).
Relevant lines from the log.
ggated first:
[...snipped...]
debug: Received hdr packet.
debug: recv_thread: offset=53686845440 length=114688
debug: disk_thread: offset=53686845440 length=114688
debug: send_thread: offset=53686845440 length=114688
debug: Sent hdr packet.
debug: Sent 114688 bytes (offset=53686845440, size=114688).
debug: Received hdr packet.
debug: recv_thread: offset=16384 length=2147467264
debug: disk_thread: offset=16384 length=2147467264
debug: send_thread: offset=16384 length=2147467264
debug: Sent hdr packet.
debug: Process 2048 exiting.
Notice the suspicious length paramter:
2147467264 = 0x7FFFC000
114688 = 0x 1C000
Corresponding log from ggatec:
[...snipped...]
debug: Received 114688 bytes (offset=53686845440, size=114688).
debug: Sent hdr packet.
debug: Received hdr packet.
debug: Received data packet.
error: Lost connection 4.
debug: recv_thread: Died.
debug: send_thread: Died.
And ggated promptly allocates an additional 2GB of memory. Line from top:
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
2048 root 1 20 0 2077M 1217M spa_na 1 0:05 0.00% ggated
--
You are receiving this mail because:
You are the assignee for the bug.
