Am Sun, 23 May 2010 02:41:04 +0400 (MSD) schrieb William Pitcock <neno...@dereferenced.org>:
> Both. I believe this is caused by a bug where the pointers appear to > become realigned twice (e.g. to the next 16 bytes.) So I believe the > second realignment is a bug that has always been there. Though that assumption proved not to hit the nail exactly, you managed to kick me in the correct direction: There indeed is an issue with the alignment. The humble truth is that my alignment math breaks for pointer addresses that don't fit into ptrdiff_t (which is present implicitly in the (pointer-NULL)%alignment computation) ... which the hardening of debian manages -- malloc returns stuff in the upper half of the address space, which other systems return somewhat smaller pointers values. I fixed the pointer alignment code now to operate on the pointer value via uintptr_t, which should be "proper" enough. It fixes the crash in my virtual machine. Please have a go with http://mpg123.org/download/mpg123-1.12.2-preview.tar.bz2 This is 1.12.1 with this urgent fix together with other build fixes and one internal improvement of the feeder API (used by the xmms2 plugin and hopefully soon my MPlayer, but not mpg123 itself). I'll rework that memory management part with mpg123 1.13 to be more efficient with storage, but opted to play it safe with minimal modification for 1.12.2 . Please give this version a full treatment to make sure that I nailed it this time... an official release will follow quickly after some confirmation. Alrighty then, Thomas. PS: While nenoload has more mighty tools at his disposal, I still want to mention that running every app through a little test after linking with -lduma (apt-get install duma) could work wonders... this catches the memory corruption right at the first invalid access outside of a specific allocated region -- at least it did in this case. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
