1.2.5 crash

Dustin Sallings dustin at spy.net
Mon Jun 16 00:08:54 UTC 2008


On Jun 15, 2008, at 14:42, dormando wrote:

> Dammit :\ Sorry about that. Nice catch on the fix.


	It was pretty easy with a stack trace and valgrind output.

	Oddly enough, github doesn't seem to display the full commit text  
anymore.  It's this:

commit 6ec16c4ad2e8274e23d3c1c2111a8a6a2f99d3b4
Author: Dustin Sallings <dustin at spy.net>
Date:   Fri Jun 13 09:01:12 2008 -0700

     Fix freesuffix corruption.

     When attempting to grow the freesuffix storage, the realloc is  
sized
     to the number of bytes in freesuffixtotal instead of a number of
     pointers of that size.

     That is, the original malloc is for

       sizeof(char *) * freesuffixtotal

     but the realloc for growth was

       freesuffixtotal * 2

     On a 32-bit machine, this would have the effect of freeing half of
     the freelist when an attempt was made to grow it.

     The realloc is now consistent with the initial malloc.


-- 
Dustin Sallings





More information about the memcached mailing list