On Aug 8 19:07, Eliot Moss wrote: > On 8/8/2011 5:17 PM, Ken Brown wrote: > > >do > >newsize *= 2; > >while ((__malloc_size_t) BLOCK ((char *) result + size) > newsize); > > > >My guess now is that there was some invalid pointer arithmetic somewhere > >that led to this, but I > >don't have time at the moment to look for it. I'll do it later (or tomorrow) > >if no one beats me to it. > > Possibly, Ken. I also wonder about signed vs unsigned calculations > and such. We are looking at the higher end of the address space, > which means negative addresses when considered as signed numbers. > > I'm not sure what the above is doing, but if it is trying to > double its understanding of the heap size, based on using the > current end of the heap (result?) as a measure of size, then > if the heap is at 0x80000000, doubling that gives 0 in a 32-bit > address space ...
The question is, how could newsize ever become >= 0x80000000? Ken, what are the values of result and size? And what value has heapsize? Consider that the statement before the loop is newsize = heapsize; Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
