1.2.5 crash

Dustin Sallings dustin at spy.net
Mon Jun 16 00:08:54 UTC 2008

On Jun 15, 2008, at 14:42, dormando wrote:

> Dammit :\ Sorry about that. Nice catch on the fix.

	It was pretty easy with a stack trace and valgrind output.

	Oddly enough, github doesn't seem to display the full commit text  
anymore.  It's this:

commit 6ec16c4ad2e8274e23d3c1c2111a8a6a2f99d3b4
Author: Dustin Sallings <dustin at spy.net>
Date:   Fri Jun 13 09:01:12 2008 -0700

     Fix freesuffix corruption.

     When attempting to grow the freesuffix storage, the realloc is  
     to the number of bytes in freesuffixtotal instead of a number of
     pointers of that size.

     That is, the original malloc is for

       sizeof(char *) * freesuffixtotal

     but the realloc for growth was

       freesuffixtotal * 2

     On a 32-bit machine, this would have the effect of freeing half of
     the freelist when an attempt was made to grow it.

     The realloc is now consistent with the initial malloc.

Dustin Sallings

More information about the memcached mailing list