From owner-freebsd-current  Thu Jan  4 14:14:25 1996
Return-Path: owner-current
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id OAA10686
          for current-outgoing; Thu, 4 Jan 1996 14:14:25 -0800 (PST)
Received: from ra.dkuug.dk (ra.dkuug.dk [193.88.44.193])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id OAA10670
          for <current@FreeBSD.ORG>; Thu, 4 Jan 1996 14:14:15 -0800 (PST)
Received: from critter.tfs.com ([193.88.44.194]) by ra.dkuug.dk (8.6.12/8.6.12) with ESMTP id XAA16047; Thu, 4 Jan 1996 23:13:09 +0100
Received: from localhost.tfs.com (localhost.tfs.com [127.0.0.1]) by critter.tfs.com (8.6.12/8.6.12) with SMTP id XAA01269; Thu, 4 Jan 1996 23:13:39 +0100
X-Authentication-Warning: critter.tfs.com: Host localhost.tfs.com didn't use HELO protocol
To: Lars Fredriksen <fredriks@mcs.com>
cc: current@FreeBSD.ORG
Subject: Re: malloc bug in current? 
In-reply-to: Your message of "Thu, 04 Jan 1996 14:41:36 CST."
             <199601042041.OAA29400@fredriks.pr.mcs.net> 
Date: Thu, 04 Jan 1996 23:13:39 +0100
Message-ID: <1267.820793619@critter.tfs.com>
From: Poul-Henning Kamp <phk@critter.tfs.com>
Sender: owner-current@FreeBSD.ORG
Precedence: bulk

> Hi,
> 	Pax kept blowing up on me in free() so I started looking at tit a bit.
> It looks like there is a slight bug in malloc.c. 

Hmm, I guess I'll have to look at it.  It was meant to be that there would
always be at least one entry behind the last used one, to avoid this 
comparison, so I guess I have missed one place.

Thanks!

Poul-Henning

> 
> -----------------------------------------------------------------------------
--
> *** malloc.c.orig	Thu Jan  4 08:45:03 1996
> --- malloc.c	Thu Jan  4 08:45:06 1996
> ***************
> *** 957,963 ****
>   
>       /* Count how many pages and mark them free at the same time */
>       page_dir[index] = MALLOC_FREE;
> !     for (i = 1; page_dir[index+i] == MALLOC_FOLLOW; i++)
>   	page_dir[index + i] = MALLOC_FREE;
>   
>       l = i << malloc_pageshift;
> --- 957,963 ----
>   
>       /* Count how many pages and mark them free at the same time */
>       page_dir[index] = MALLOC_FREE;
> !     for (i = 1; (index < last_index) && (page_dir[index+i] == MALLOC_FOLLOW
); i++)
>   	page_dir[index + i] = MALLOC_FREE;
>   
>       l = i << malloc_pageshift;
> -----------------------------------------------------------------------------
--
> 
> The problem was( I think) that index+i went past last_index which caused a 
> SIGSEGV. With the above fix my backups now works again. :-)
> 
> Lars

--
Poul-Henning Kamp           | phk@FreeBSD.ORG       FreeBSD Core-team.
http://www.freebsd.org/~phk | phk@login.dknet.dk    Private mailbox.
whois: [PHK]                | phk@ref.tfs.com       TRW Financial Systems, Inc.
Future will arrive by its own means, progress not so.