It occurred to me that Andrew Reilly wrote in gmane.os.netbsd.current:
> On Thu, Jul 06, 2006 at 08:54:41AM +0000, Martijn van Buul wrote:
>> Now, if only I knew *what* he is onto :D
>
> Slipping past the rhetoric, the main complaint seems to be about
> size argument checking in malloc/calloc/realloc, or perhaps the
> kernel equivalents, particularly overflows arising from 64-bit
> size_t args being cast to 32-bit unsigned's for range checking.

It came back. That code segment *does* seem kind of nasty, and does
seem to assume that "size_t" and "unsigned" have the same word length. 
However, I can't say it bears any resemblance to "our" code.

The Net/OpenBSD relation is because of the *kernel* malloc. Someone with
the stature of Ilja should know that this is a fundamentally different
beast as the userland malloc, and that *no* userland malloc will ever
turn into a kernel malloc. 

I think he just might've lost his edge.