[Poppler-bugs] [Bug 37190] pdftops crashes on solaris with memory corruption

Sat May 14 15:41:31 PDT 2011

https://bugs.freedesktop.org/show_bug.cgi?id=37190

--- Comment #4 from William Bader <williambader at hotmail.com> 2011-05-14 15:41:31 PDT ---
"new" can crash if the memory allocation data structures are corrupted, for
example, by writing to a block after freeing it or by writing past the end of a
block into the data structures for the next block.  The allocation data
structure in the list of free blocks usually has a pointer to the next block. 
Before tools like valgrind, crashes on "new" or "malloc" were hard to debug
because the bad write that caused the corruption could be far away from where
the crash happened.

I did run most of my test pdfs through pdftops under Linux with valgrind, and
with the patch that I submitted yesterday, I did not have any errors.

valgrind does not catch all bad accesses.  It knows what is allocated, but it
does not know what is actually used.  For example, if the compiler or the
run-times allocated padding, valgrind will usually not complain if a program
writes into the padding.  If you have a few variables on the stack, I think
that it also won't mind if you write past the end of one variable into the next
variable as long as you don't write past the end of the stack.  With C, I
sometimes use a bounds checking version of gcc
http://williambader.com/bounds/example.html but it does not work on C++.

Anyway, thanks for the advice.  I guess the next step is rebuilding the
necessary libraries on Solaris.  I'll need a while before I can get around to
it because my sun is about as fast as a 400 MHz Pentium.

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.