PR# 14575 Postcondition of sprealloc can be violated on 64-bit system
Problem Report Summary
Submitter: prestoat2000
Category: Runtime
Priority: Medium
Date: 2008/07/10
Class: Bug
Severity: Non-critical
Number: 14575
Release: 6.2.73753
Confidential: No
Status: Open
Responsible:
Environment: Mozilla/5.0 (X11; U; SunOS i86pc; en-US; rv:1.8.1.14) Gecko/20080421 Firefox/2.0.0.14
Synopsis: Postcondition of sprealloc can be violated on 64-bit system
Description
Based on code inspection only, it appears that one of the postconditions of `sprealloc' (in malloc.c) can be violated on a 64-bit system. The postcondition that seems to be wrong is: ENSURE ("Valid new size", (int)(HEADER (object)->ov_size & B_SIZE) >= new_size); It looks like the cast "(int)" is unnecessary and wrong. If the size of the special object exceeds 2^32 (or maybe even 2^31), which is possible on a 64-bit system, and if sizeof(int) == 4 (it does on Solaris SPARC 64), then the postcondition will be violated.
To Reproduce
Problem Report Interactions