slice_count overflow for very large allocations
#876
Comments
vstinner
added a commit
to vstinner/mimalloc
that referenced
this issue
Apr 15, 2024
If the slice count doesn't fit into uint32_t, consider that the
memory allocation failed.
On s390x, allocating around 8,589,934,592 GiB with mmap() works
thanks to overcommit on a machine with 8 GiB of memory:
mmap(NULL, 0x8000000000400000,
PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS|MAP_NORESERVE,
-1, 0)
vstinner
added a commit
to vstinner/mimalloc
that referenced
this issue
Apr 15, 2024
If the slice count doesn't fit into uint32_t, consider that the
memory allocation failed.
On Linux s390x, allocating around 8,589,934,592 GiB with mmap() works
thanks to overcommit on a machine with 8 GiB of memory:
mmap(NULL,
0x8000000000400000,
PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS | MAP_NORESERVE,
-1, 0)
|
I proposed a fix: #877 |
|
Ah, that is a terrible bug but I just merged a fix. I am going to do a fresh release tag soon. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This was seen in python/cpython#117755 on s390x (Linux on IBMz) for an allocation of
0x7fffffffffffffffbytes:mimalloc/src/segment.c
Lines 617 to 618 in f199b88
The
mi_segment_os_allocis successful (possibly due to overcommit), but then the slice_count is truncated, which leads to either an assertion error (in debug builds) or floating point error due to a divide by zero.The text was updated successfully, but these errors were encountered: