Package: chkrootkit Version: 0.55-1+b1 Followup-For: Bug #982998 X-Debbugs-Cc: report...@duvert.net
Hello, I also have the same problem. Looking at the extracted source package, I noticed that the MAX_PROCESSES 99999 define actually comes from the Debian patch debian/patches/27_fix-race-condition-ps-proc.patch, which replaces the conditional define: -#define MAX_PROCESSES 999999 -#if defined (__x86_64) > 0 -#undef MAX_PROCESSES -#define MAX_PROCESSES 4194384 -#endif +#define MAX_PROCESSES 99999 I tried to revert this part of the patch and rebuild chkproc, and that seems to fix the issue (tested on a system with an existing process of PID 1001133). Not sure if the MAX_PROCESSES change in the patch was made deliberately or not, however; with MAX_PROCESSES = 4194384, chkproc uses 64 MiB of memory to hold its state (four int arrays of size MAX_PROCESSES + 1), compared to ~1.5 MiB with MAX_PROCESSES = 99999. It is also noticeably slower since it tries to read /proc/<pid> for every PID in the 1..4194384 range. Regards, Vincent Duvert -- System Information: Debian Release: 11.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-8-amd64 (SMP w/1 CPU thread) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages chkrootkit depends on: ii binutils 2.35.2-2 ii debconf [debconf-2.0] 1.5.77 ii libc6 2.31-13+deb11u2 ii net-tools 1.60+git20181103.0eebece-1 ii openssh-client 1:8.4p1-5 ii procps 2:3.3.17-5 chkrootkit recommends no packages. chkrootkit suggests no packages. -- debconf information excluded
