libroot: free bug (was: /bin/bc crash)

[thorn]

Haiku r24244 to get segment violation

* open terminal * type: echo v=1 | bc

[thorn]

0x0023e176 in BPrivate::processHead::free ()

from /boot/beos/system/lib/libroot.so

(gdb) bt #0 0x0023e176 in BPrivate:processHeap::free ()

from /boot/beos/system/lib/libroot.so

#1 0x0023f984 in free () from /boot/beos/system/lib/libroot.so #2 0x0020455e in yyparse () #3 0x00202e85 in main () (gdb)

[thorn]

easily replicable serial log:

vm_soft_fault: va 0xd01800e7 not covered by area in address space
vm_page_fault: vm_soft_fault returned error 'Bad address' on fault at 0xd01800e7, ip 0x23e2f2, write 0, user 1, thread 0x1d50
vm_page_fault: sending team "bc" 0x1d50 SIGSEGV, ip 0x23e2f2 ("libroot.so_seg0ro" +0x2a2f2)
stack trace:
  0x0023fb08 (libroot.so_seg0ro + 0x2bb08)
  0x0020455e (bc_seg0ro + 0x455e)
  0x00202e85 (bc_seg0ro + 0x2e85)
  0x00202953 (bc_seg0ro + 0x2953)
  0x001007ca (runtime_loader_seg0ro + 0x7ca)
  0x7ffe6fec (bc_main_stack + 0xffffec)
vm_soft_fault: va 0x0 not covered by area in address space
vm_page_fault: vm_soft_fault returned error 'Bad address' on fault at 0x0, ip 0x80092ae8, write 0, user 0, thread 0x1d50
debug_server: Thread 7504 entered the debugger: Segment violation
stack trace, current PC 0x23e2f2  free__Q28BPrivate11processHeapPv + 0x66:
  (0x7ffe69ac)  0x23fb08  free + 0xa0
  (0x7ffe69dc)  0x20455e  yyparse + 0x148e
  (0x7ffe6eec)  0x202e85  main + 0x1e1
  (0x7ffe6f7c)  0x202953  _start + 0x5b
  (0x7ffe6fac)  0x1007ca  (runtime_loader_seg0ro + 0x7ca)