id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	os	architecture	failure	difficulty	testcase	blockedby	blocking	related
5838	integer overflow in rts/RtsUtils:heapOverflow()	hvr	simonmar	"When failing with a heap exhaustion, the RTS truncates the '''reported''' ''current maximum heap size'' modulo 2^32, e.g.

{{{
$ ghc +RTS -M4G -RTS -e 'sum [1..]'
Heap exhausted;
Current maximum heap size is 0 bytes (0 MB);
use `+RTS -M<size>' to increase it.
}}}

This is most probably due to `OutOfHeapHook()` already being called with the truncated value from `heapOverflow()`:

{{{
#!c
void
heapOverflow(void)
{
    if (!heap_overflow)
    {
        /* don't fflush(stdout); WORKAROUND bug in Linux glibc */
        OutOfHeapHook(0/*unknown request size*/,
                      RtsFlags.GcFlags.maxHeapSize * BLOCK_SIZE);

        heap_overflow = rtsTrue;
    }
}
}}}

which multiplies `RtsFlags.GcFlags.maxHeapSize` and `BLOCK_SIZE` whose type are 32-bit `unsigned int`s, causing the result to be wrapped again into an `unsigned int`, whereas the result should be upcasted to a `long unsigned int` (which at least on 64bit archs would be equivalent to a C99 `uint64_t`)
"	bug	closed	high	7.4.2	Runtime System	7.2.2	fixed			Unknown/Multiple	x86_64 (amd64)	Incorrect result at runtime	Unknown