From owner-freebsd-bugs  Wed Mar 12 11:10:05 1997
Return-Path: <owner-bugs>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id LAA03935
          for bugs-outgoing; Wed, 12 Mar 1997 11:10:05 -0800 (PST)
Received: (from gnats@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id LAA03921;
          Wed, 12 Mar 1997 11:10:02 -0800 (PST)
Date: Wed, 12 Mar 1997 11:10:02 -0800 (PST)
Message-Id: <199703121910.LAA03921@freefall.freebsd.org>
To: freebsd-bugs
Cc: 
From: Bruce Evans <bde@zeta.org.au>
Subject: Re: kern/2964: malloc() returns non-null when it should not
Reply-To: Bruce Evans <bde@zeta.org.au>
Sender: owner-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

The following reply was made to PR kern/2964; it has been noted by GNATS.

From: Bruce Evans <bde@zeta.org.au>
To: FreeBSD-gnats-submit@FreeBSD.ORG, jmaslak@blackfire.com
Cc:  Subject: Re: kern/2964: malloc() returns non-null when it should not
Date: Thu, 13 Mar 1997 05:57:13 +1100

 >	I'm assuming this is a kernel problem, although it may be a gnu
 >	problem.
 >
 >	If malloc is called as follows:
 >		malloc((size_t) 0xffffffff)
 >	it returns a non-null pointer.  Obviously, free objects to
 
 Actually, it's just an overflow bug in the malloc library.  Rounding up
 of any size > 0xfffff000 to a page boundary gives a size of 0.  This
 bug is common in roundup macros.
 
 Bruce