Path: utzoo!news-server.csri.toronto.edu!cs.utexas.edu!uwm.edu!spool.mu.edu!sol.ctr.columbia.edu!zaphod.mps.ohio-state.edu!wuarchive!udel!haven!adm!smoke!gwyn
From: gwyn@smoke.brl.mil (Doug Gwyn)
Newsgroups: comp.unix.wizards
Subject: Re: oldest bug in the world ?
Message-ID: <15388@smoke.brl.mil>
Date: 4 Mar 91 22:01:01 GMT
References: <RKWW.91Mar4153858@server3.crosfield.co.uk>
Organization: U.S. Army Ballistic Research Laboratory, APG, MD.
Lines: 17

In article <RKWW.91Mar4153858@server3.crosfield.co.uk> rkww@crosfield.co.uk (roger willcocks) writes:
>In the file blok.c, function 'alloc' (#defined to be malloc) actually
>returns a block of memory BYTESPERWORD too short.  The last few bytes
>contain a live linkword for the storage allocator.

The situation is actually much worse than that.  I ended up drastically
overhauling the SVR2.0 version of blok.c in order to straighten out the
various alignment problems, as well as the unportable assumption that
the lowest bit in a pointer representation was available for use as a
"busy" flag.  (Note that it is a struct blk *, not a word, that needs
to be allowed for.)

Of course, the fundamentally worst problem with the Bourne shell source
is that it insists on replacing the system malloc() with its own version.
Practically every time our Cray UNICOS is upgraded, I have to embark on a
Bourne shell debugging expedition involving this weird method of storage
management.