From owner-freebsd-bugs@FreeBSD.ORG  Thu Dec 18 06:30:04 2008
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D90CB106564A
	for <freebsd-bugs@hub.freebsd.org>;
	Thu, 18 Dec 2008 06:30:04 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id C9A998FC19
	for <freebsd-bugs@hub.freebsd.org>;
	Thu, 18 Dec 2008 06:30:04 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id mBI6U4hM045988
	for <freebsd-bugs@freefall.freebsd.org>; Thu, 18 Dec 2008 06:30:04 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.3/8.14.3/Submit) id mBI6U4Nt045981;
	Thu, 18 Dec 2008 06:30:04 GMT (envelope-from gnats)
Date: Thu, 18 Dec 2008 06:30:04 GMT
Message-Id: <200812180630.mBI6U4Nt045981@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: Bruce Cran <bruce@cran.org.uk>
Cc: 
Subject: Re: bin/129706: top(1) corrupts SIZE field when a process
	allocates 2048GB memory
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Bruce Cran <bruce@cran.org.uk>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Dec 2008 06:30:04 -0000

The following reply was made to PR bin/129706; it has been noted by GNATS.

From: Bruce Cran <bruce@cran.org.uk>
To: Garrett Cooper <yanefbsd@gmail.com>
Cc: Bruce Cran <bruce@cran.org.uk>, freebsd-gnats-submit@freebsd.org
Subject: Re: bin/129706: top(1) corrupts SIZE field when a process
	allocates 2048GB memory
Date: Thu, 18 Dec 2008 01:13:28 -0500

 On Tue, Dec 16, 2008 at 10:51:42PM -0800, Garrett Cooper wrote:
 > Although I'd love to say it's top, it sounds more like a weird corner
 > case dealing with overflow / underflow and vmem allocation.
 
 It looks like it's an overflow bug in contrib/top/utils.c because
 format_2k uses a signed 'int' to represent the amount of memory:
 changing it to 'unsigned int' appears to fix it.
 top-3.8beta1 has removed the format_2k function but also changed the
 other format functions to take a 'long' parameter instead of 'int'.
 
 -- 
 Bruce Cran