[PHP-DEV] Memory manager fast_cache_list_entry corruption From: Bill Stoddard (bill <email protected>)
Date: 01/05/01

Running PHP as a servlet under Tomcat on AIX and I am getting a consistent
segfault on the third call to jver.php. I've debugged to the point of
identifying a corrupted fast_cache_list_entry. Specifically, while iterating
through the while loop in shutdown_memory_manager (see below), I hit a
fast_cache_list_entry whose next pointer points back to itself. efree is
called multiple times on the same address which eventually results in a seg
fault. Hoping someone more familier with the code may have some insite on
where I might look for the bug.

Thanks,
Bill

>From zend_alloc.c...

ZEND_API void shutdown_memory_manager(int silent, int clean_cache)
{

<snip>

    for (fci=0; fci<MAX_FAST_CACHE_TYPES; fci++) {
        fast_cache_list_entry = AG(fast_cache_list_head)[fci];
        while (fast_cache_list_entry) {
            next_fast_cache_list_entry = fast_cache_list_entry->next;
            efree(fast_cache_list_entry);
            fast_cache_list_entry = next_fast_cache_list_entry;
    }
} 

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>