On 10/20/15 10:29 PM, Kai Wang X wrote:
> Hi Chet,
>
> Thank you for your response.
>
> But it does not make sense since sbrk failure will be checked:
>
> mp = (union mhead *) sbrk (sbrk_amt);
>
> /* Totally out of memory. */
> if ((long)mp == -1)
> goto morecore_done;
Sure, sbrk failure is checked, but not whether it returns an invalid value.
The segmentation fault occurs when the bash malloc attempts to dereference
the value returned by sbrk. If the memory access generates a fault, it's
either 0 or out of bounds. Either way, sbrk returned a bad value without
raising an error.
Chet
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU c...@case.edu http://cnswww.cns.cwru.edu/~chet/
