My first bash bug debugging, part 2
The reason for bash’s crash wasn’t an int overflow, but lack of memory available.
Part 1 is available here.
Bash wasn’t trying to allocate a negative number.
I didn’t debug deep enough. Also, I didn’t know C enough.
size_t type as argument, as we can see in its source code below.
size_t is an unsigned integer type used to represent the sizes of objects .
What does it mean?
It means that even if I invoke
xmalloc() with a negative integer number,
size_t type will convert that integer into a not signed number.
Let’s see it happening with gdb:
The “conversion” happens because both have same binary representation.
Original int value: -294967280
size_t conversion: 4000000016
The root cause for bash’s crash was that my laptop didn’t have 4gb of memory available to be allocated (thanks to Google Chrome using all of it already).
Thanks to Nenad Stojanovski for pointing the real root cause.