Bug 1263765

Summary: free -h segfault
Product: Red Hat Enterprise Linux 7 Reporter: Branislav Náter <bnater>
Component: procps-ngAssignee: Jan Rybar <jrybar>
Status: CLOSED ERRATA QA Contact: Branislav Náter <bnater>
Severity: medium Docs Contact: Adam Kvitek <akvitek>
Priority: low    
Version: 7.2CC: jhouska, jrybar, kdudka, mkyral
Target Milestone: rcKeywords: Patch, Upstream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: procps-ng-3.3.10-20.el7 Doc Type: No Doc Update
Doc Text:
undefined
 Story Points: ---
Clone Of: Environment:
Last Closed: 2018-10-30 07:56:26 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Upstream backport patch with additional CLI options
none
Cherrypicked backport patch kdudka: review+

Description Branislav Náter 2015-09-16 15:53:55 UTC 
Description of problem:
During testing of BZ#1246379, I've tried to pass huge numbers (petabytes of memory) to free utility. When trying to produce output in human readable form (-h), free segfaults.

Version-Release number of selected component (if applicable):
procps-ng-3.3.10-3.el7

Steps to Reproduce:
1. copy /proc/meminfo file and change "MemTotal" value to "123123123123123"
2. mount modified meminfo:
mount --bind meminfo /proc/meminfo
3. free -h

Actual results:
              total        used        free      shared  buff/cache   available
Segmentation fault

Expected results:
No segfault
Comment 2 Jaromír Cápík 2016-01-14 16:31:30 UTC 
In my case the free tool starts to crash when I get over 1192928601000 kB and the probability of crashing gets higher when the value is increased even more. That means it probably depends on other values which change in time. However, it's very probably an overflow in the evaluations and needs to be fixed.
Comment 6 Jan Rybar 2017-07-13 16:53:18 UTC 
*** Bug 1362588 has been marked as a duplicate of this bug. ***
Comment 7 Jan Rybar 2017-07-13 17:05:09 UTC 
According to the comment in code made by the author, 'free -h' generally acts as described above on systems with memory exceeding 1PB.

Problem is caused by character overflow in reserved Memory info column. Solution preventing this behaviour was deferred by upstream as no computer with that much memory exists so far.

Patch under construction.
Comment 9 Jan Rybar 2017-07-27 14:32:51 UTC 
Created attachment 1305425 [details]
Upstream backport patch with additional CLI options
Comment 10 Jan Rybar 2018-01-17 14:06:14 UTC 
Created attachment 1382414 [details]
Cherrypicked backport patch
Comment 11 Kamil Dudka 2018-01-17 21:40:08 UTC 
Comment on attachment 1382414 [details]
Cherrypicked backport patch

Looks good to me.
Comment 18 errata-xmlrpc 2018-10-30 07:56:26 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:3045