Subject: lib/8986: Asking malloc(3) for too much memory causes a segfault
To: None <>
From: None <>
List: netbsd-bugs
Date: 12/12/1999 15:55:16
>Number:         8986
>Category:       lib
>Synopsis:       Asking malloc(3) for too much memory causes a segfault.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people (Library Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Dec 12 15:54:01 1999
>Originator:     Nathan J. Williams
	Massachvsetts Institvte of Technology
>Release:        NetBSD-current of 1999/12/12
System: NetBSD daffy-duck.putnam 1.4P NetBSD 1.4P (DAFFY-DUCK) #11: Sat Nov 27 20:08:23 EST 1999 nathanw@daffy-duck.putnam:/u1/nbsd/src/sys/arch/alpha/compile/DAFFY-DUCK alpha

Asking malloc(3) for too much memory causes a segmentation violation, 
even before the memory is accessed.

Without getting into the religious issue of whether malloc() should appear 
to succed or fail when asked for, say, 2^50 bytes of memory, the response
of segfaulting is clearly incorrect.

Run the following code on a system with a 64-bit size_t and watch it
segfault; examine the core file and note the crash is inside of malloc(3).

#include <stdio.h>
#include <stdlib.h>

int main()

	size_t big;
	void *ptr;

	big = 1L << 50; /* Much too big */
	printf("Before malloc of %qd bytes.\n", (long long) big);
	ptr = malloc(big);
	printf("After malloc.\n");