From ee673194b45efda3e21507d57ef11ba190e9a502 Mon Sep 17 00:00:00 2001
From: Stefan Reinauer <stepan@coresystems.de>
Date: Thu, 14 Aug 2008 14:40:10 +0000
Subject: [PATCH] * fix memory allocator bug that lead to freelist corruption
 on the first malloc   (and spent 8 bytes too much per malloc) * if the memory
 allocator detects freelist corruption, print a message   instead of silently
 dying.

Signed-off-by: Stefan Reinauer <stepan@coresystems.de>
Acked-by: Jordan Crouse <jordan.crouse@amd.com>



git-svn-id: svn://svn.coreboot.org/coreboot/trunk@3510 2b7e53f0-3cfb-0310-b3e9-8179ed1497e1
---
 payloads/libpayload/libc/malloc.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/payloads/libpayload/libc/malloc.c b/payloads/libpayload/libc/malloc.c
index fe3d45bab..3c6cf5d83 100644
--- a/payloads/libpayload/libc/malloc.c
+++ b/payloads/libpayload/libc/malloc.c
@@ -92,13 +92,15 @@ static void *alloc(int len)
 		header = *((hdrtype_t *) ptr);
 		int size = SIZE(header);
 
-		if (!HAS_MAGIC(header) || size == 0)
+		if (!HAS_MAGIC(header) || size == 0) {
+			printf("memory allocator panic.\n");
 			halt();
+		}
 
 		if (header & FLAG_FREE) {
 			if (len <= size) {
 				void *nptr = ptr + (HDRSIZE + len);
-				int nsize = size - (len + 8);
+				int nsize = size - (HDRSIZE + len);
 
 				/* Mark the block as used. */
 				*((hdrtype_t *) ptr) = USED_BLOCK(len);
@@ -109,7 +111,7 @@ static void *alloc(int len)
 
 				if (nsize > 0)
 					*((hdrtype_t *) nptr) =
-					    FREE_BLOCK(nsize - 4);
+					    FREE_BLOCK(nsize);
 
 				return (void *)(ptr + HDRSIZE);
 			}
-- 
2.25.1