From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Sat, 25 Jul 2015 12:53:37 +0300 From: "Dmitry V. Levin" To: ALT Devel discussion list Message-ID: <20150725095337.GA22428@altlinux.org> Mail-Followup-To: ALT Devel discussion list References: <201507250617.36319@ruslandh> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VbJkn9YxBvnuCH5J" Content-Disposition: inline In-Reply-To: <201507250617.36319@ruslandh> X-fingerprint: FE4C 93AB E19A 2E4C CB5D 3E4E 7CAB E6AC 9E35 361E Subject: Re: [devel] =?koi8-r?b?79vJwsvBINfZxMXMxc7J0SDQwc3R1Mkg1yBtYWxsb2Mg?= =?koi8-r?b?1yAzMi3IIMLJ1M7PyiDB0sjJ1MXL1NXSxQ==?= X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Jul 2015 09:53:37 -0000 Archived-At: List-Archive: List-Post: --VbJkn9YxBvnuCH5J Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 25, 2015 at 06:17:28AM +0300, Hihin Ruslan wrote: > =FA=C4=D2=C1=D7=D3=D4=D7=D5=CA=D4=C5 ! >=20 > =F2=C1=DA=C2=C9=D2=C1=D1=D3=D8 =D3 =D4=C5=CD, =D0=CF=DE=C5=CD=D5 =D0=D2= =CF=C9=D3=C8=CF=C4=C9=D4 =D7=D9=D0=C1=C4=C5=CE=C9=C5 =D7 core 32-=C2=C9=D4= =CE=CF=CA=20 > =D7=C5=D2=D3=C9=C9 palemoon, =D0=D2=C9=DB=A3=CC =CB =D7=D9=D7=CF=C4=D5, = =DE=D4=CF =D0=C1=C4=C5=CE=C9=C5 =D0=D2=CF=C9=D3=C8=CF=C4=C9=D4 =D7=20 > =C6=D5=CE=CB=C3=C9=C9 malloc, =C1 =C9=CD=C5=CE=CE=CF =CE=C1 =DC=D4=CF=CD = =D5=DE=C1=D3=D4=CB=C5 =CB=CF=C4=C1 (=C6=C1=CA=CC malloc.c =C9=DA=20 > glibc-core): >=20 > =F7=D9=DA=CF=D7 =C9=DA palemoon: > options =3D malloc (sizeof (cairo_font_options_t)); >=20 > =EB=CF=C4 malloc.c: > =D3=D4=D2 3350 > if (in_smallbin_range(nb)) { > idx =3D smallbin_index(nb); > bin =3D bin_at(av,idx); >=20 > if ( (victim =3D last(bin)) !=3D bin) { > if (victim =3D=3D 0) /* initialization check */ > malloc_consolidate(av); > else { > bck =3D victim->bk; > =3D=3D=3D> (=D3=D4=D2 3359) if (__builtin_expect (bck->fd !=3D victim, 0)) > { > errstr =3D "malloc(): smallbin double linked list corrupted"; > goto errout; > } > set_inuse_bit_at_offset(victim, nb); > bin->bk =3D bck; > bck->fd =3D bin; >=20 > if (av !=3D &main_arena) > victim->size |=3D NON_MAIN_ARENA; > check_malloced_chunk(av, victim, nb); > void *p =3D chunk2mem(victim); > if (__builtin_expect (perturb_byte, 0)) > alloc_perturb (p, bytes); > return p; > } > } >=20 > =E1 =C9=CD=C5=CE=CE=CF, =D3=D5=C4=D1 =D0=CF =D7=D3=C5=CD=D5 =D7 victim->b= k =CE=C1=C8=CF=C4=C9=D4=D3=D1 0, =C9 bck->fd=20 > =D0=D2=C5=D7=D2=C1=DD=C1=C5=D4=D3=D1 =D7 null->fd. >=20 > =FC=D4=CF =C7=CC=C0=CB malloc, =C9=CC=C9 =CE=C5=D0=D2=C1=D7=C9=CC=D8=CE= =CF=C5 =CF=C2=D2=C1=DD=C5=CE=C9=C5 =CF=D4 palemoon? > =ED=CE=C5 =D7=D3=A3-=D6=C5 =CB=C1=D6=C5=D4=D3=D1, =DE=D4=CF =D3=C1=CD=CF= =C7=CF glibc. =E5=D3=CC=C9 =D5 =D7=C1=D3 memory corruption, =D4=CF glibc -- =DC=D4=CF =D0= =CF=D3=CC=C5=C4=CE=C5=C5 =CD=C5=D3=D4=CF, =CB=CF=D4=CF=D2=CF=C5 =D3=D4=CF=C9=D4 =D0=D2=CF=D7=C5=D2=D1=D4=D8. =E5=D3=D4=D8 =D2=C1=DA=CE=D9=C5 =D3=D2=C5=C4=D3=D4=D7=C1 =CF=D4=CC=C1=C4=CB= =C9, =D0=D2=CF=D7=C5=D2=D8=D4=C5 =D3=D0=C5=D2=D7=C1 =C9=CD=C9. =EE=C1=DE= =CE=C9=D4=C5 =D3 valgrind. --=20 ldv --VbJkn9YxBvnuCH5J Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlWzXKAACgkQfKvmrJ41Nh5fkwCeIrJJXkym4xI0GxaBJuLBD9oG LdoAnjnOqewv5zROoUOrnxL4QnFeryFd =9hFM -----END PGP SIGNATURE----- --VbJkn9YxBvnuCH5J--