This was seen in python/cpython#117755 on s390x (Linux on IBMz) for an allocation of 0x7fffffffffffffff bytes:
|
slice->slice_count = (uint32_t)slice_count; |
|
mi_assert_internal(slice->slice_count == slice_count); // no overflow? |
The mi_segment_os_alloc is successful (possibly due to overcommit), but then the slice_count is truncated, which leads to either an assertion error (in debug builds) or floating point error due to a divide by zero.
This was seen in python/cpython#117755 on s390x (Linux on IBMz) for an allocation of
0x7fffffffffffffffbytes:mimalloc/src/segment.c
Lines 617 to 618 in f199b88
The
mi_segment_os_allocis successful (possibly due to overcommit), but then the slice_count is truncated, which leads to either an assertion error (in debug builds) or floating point error due to a divide by zero.