Package: tcc Version: 0.9.23-2 Severity: normal Tags: patch I have reflowed some of the long lines below.
$ cat dummy.c
int
main ()
{
return 0;
}
$ tcc -c dummy.c
$ ls -l dummy.o
-rw-rw-r-- 1 Kalle Kalle 484 2007-04-09 13:31 dummy.o
$ tcc dummy.o -lgnutls -lguile
Segmentation fault (core dumped)
$ tcc dummy.c /usr/lib/libgnutls.so.13.0.4 /usr/lib/libguile.so.12.3.0
Segmentation fault (core dumped)
$ dpkg --search /usr/lib/libgnutls.so.13.0.4 /usr/lib/libguile.so.12.3.0
libgnutls13: /usr/lib/libgnutls.so.13.0.4
guile-1.6-libs: /usr/lib/libguile.so.12.3.0
$ gdb --args /var/tmp/Kalle/debian/tcc-0.9.23/tcc dummy.o -lgnutls -lguile
GNU gdb 6.5-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...Using host libthread_db library
"/lib/tls/libthread_db.so.1".
(gdb) run
Starting program: /var/tmp/Kalle/debian/tcc-0.9.23/tcc dummy.o -lgnutls -lguile
Program received signal SIGSEGV, Segmentation fault.
0xb7e10c10 in strcmp () from /lib/tls/libc.so.6
(gdb) backtrace
#0 0xb7e10c10 in strcmp () from /lib/tls/libc.so.6
#1 0x0806285a in tcc_load_dll (s1=0x8076008, fd=7,
filename=0xbf7fc4e4 "/usr/lib/libguile-ltdl.so.1", level=1)
at tccelf.c:2189
#2 0x08063e98 in tcc_add_file_internal (s1=0x8076008,
filename=0xbf7fc4e4 "/usr/lib/libguile-ltdl.so.1", flags=2)
at tcc.c:9931
#3 0x0806401f in tcc_add_dll (s=0x8076008,
filename=0x80a5e5e "libguile-ltdl.so.1", flags=2) at tcc.c:9991
#4 0x08062888 in tcc_load_dll (s1=0x8076008, fd=6,
filename=0xbf7fca54 "/usr/lib/libguile.so", level=0) at tccelf.c:2192
#5 0x08063e98 in tcc_add_file_internal (s1=0x8076008,
filename=0xbf7fca54 "/usr/lib/libguile.so", flags=0) at tcc.c:9931
#6 0x0806401f in tcc_add_dll (s=0x8076008,
filename=0xbf7fce84 "libguile.so", flags=0) at tcc.c:9991
#7 0x080640a6 in tcc_add_library (s=0x8076008,
libraryname=0xbf7ff92e "guile") at tcc.c:10010
#8 0x08064e58 in main (argc=4, argv=0xbf7fd794) at tcc.c:10647
(gdb) frame 1
#1 0x0806285a in tcc_load_dll (s1=0x8076008, fd=7,
filename=0xbf7fc4e4 "/usr/lib/libguile-ltdl.so.1", level=1)
at tccelf.c:2189
2189 if (!strcmp(name, dllref->name))
(gdb) info local
ehdr = {e_ident = "\177ELF\001\001\001\000\000\000\000\000\000\000\000",
e_type = 3, e_machine = 3, e_version = 1,
e_entry = 3920, e_phoff = 52, e_shoff = 23220,
e_flags = 0, e_ehsize = 52, e_phentsize = 32, e_phnum = 4,
e_shentsize = 40, e_shnum = 22, e_shstrndx = 21}
shdr = (Elf32_Shdr *) 0x808f570
sh = (Elf32_Shdr *) 0x808f8e0
sh1 = (Elf32_Shdr *) 0x808f5e8
i = 0
nb_syms = 77
nb_dts = 29
sym_bind = 1
ret = 0
sym = (Elf32_Sym *) 0x808fdb8
dynsym = (Elf32_Sym *) 0x808f8e8
dt = (Elf32_Dyn *) 0x8085b10
dynamic = (Elf32_Dyn *) 0x8085a20
dynstr = (unsigned char *) 0x80857d8 ""
name = 0x6c6ac144 <Address 0x6c6ac144 out of bounds>
soname = 0x80859de "libguile-ltdl.so.1"
p = 0xbf7fc4ec "/libguile-ltdl.so.1"
dllref = (DLLReference *) 0x8086af8
(gdb) print/x [EMAIL PROTECTED]
$1 = {{d_tag = 0x1, d_un = {d_val = 0x1b1, d_ptr = 0x1b1}},
{d_tag = 0x1, d_un = {d_val = 0x1bc, d_ptr = 0x1bc}},
{d_tag = 0x1, d_un = {d_val = 0x1cc, d_ptr = 0x1cc}},
{d_tag = 0x1, d_un = {d_val = 0x1da, d_ptr = 0x1da}},
{d_tag = 0x1, d_un = {d_val = 0x1e4, d_ptr = 0x1e4}},
{d_tag = 0xe, d_un = {d_val = 0x206, d_ptr = 0x206}},
{d_tag = 0xc, d_un = {d_val = 0xd34, d_ptr = 0xd34}},
{d_tag = 0xd, d_un = {d_val = 0x5130, d_ptr = 0x5130}},
{d_tag = 0x4, d_un = {d_val = 0xb4, d_ptr = 0xb4}},
{d_tag = 0x5, d_un = {d_val = 0x7cc, d_ptr = 0x7cc}},
{d_tag = 0x6, d_un = {d_val = 0x2fc, d_ptr = 0x2fc}},
{d_tag = 0xa, d_un = {d_val = 0x243, d_ptr = 0x243}},
{d_tag = 0xb, d_un = {d_val = 0x10, d_ptr = 0x10}},
{d_tag = 0x3, d_un = {d_val = 0x6980, d_ptr = 0x6980}},
{d_tag = 0x2, d_un = {d_val = 0xf8, d_ptr = 0xf8}},
{d_tag = 0x14, d_un = {d_val = 0x11, d_ptr = 0x11}},
{d_tag = 0x17, d_un = {d_val = 0xc3c, d_ptr = 0xc3c}},
{d_tag = 0x11, d_un = {d_val = 0xb2c, d_ptr = 0xb2c}},
{d_tag = 0x12, d_un = {d_val = 0x110, d_ptr = 0x110}},
{d_tag = 0x13, d_un = {d_val = 0x8, d_ptr = 0x8}},
{d_tag = 0x6ffffffe, d_un = {d_val = 0xaac, d_ptr = 0xaac}},
{d_tag = 0x6fffffff, d_un = {d_val = 0x2, d_ptr = 0x2}},
{d_tag = 0x6ffffff0, d_un = {d_val = 0xa10, d_ptr = 0xa10}},
{d_tag = 0x6ffffffa, d_un = {d_val = 0x1c, d_ptr = 0x1c}},
{d_tag = 0x0, d_un = {d_val = 0x0, d_ptr = 0x0}},
{d_tag = 0x0, d_un = {d_val = 0x0, d_ptr = 0x0}},
{d_tag = 0x0, d_un = {d_val = 0x0, d_ptr = 0x0}},
{d_tag = 0x0, d_un = {d_val = 0x0, d_ptr = 0x0}},
{d_tag = 0x0, d_un = {d_val = 0x0, d_ptr = 0x0}}}
(gdb) print dt - dynamic
$2 = 30
(gdb) quit
The program is running. Exit anyway? (y or n) y
$
Obviously, dt == dynamic + i was intended, but the inner loop
messes this up by using the same loop variable.
--- tccelf.c.~1~ 2005-06-18 01:09:15.000000000 +0300
+++ tccelf.c 2007-04-09 14:03:33.000000000 +0300
@@ -2095,7 +2095,7 @@ static int tcc_load_dll(TCCState *s1, in
{
Elf32_Ehdr ehdr;
Elf32_Shdr *shdr, *sh, *sh1;
- int i, nb_syms, nb_dts, sym_bind, ret;
+ int i, j, nb_syms, nb_dts, sym_bind, ret;
Elf32_Sym *sym, *dynsym;
Elf32_Dyn *dt, *dynamic;
unsigned char *dynstr;
@@ -2184,8 +2184,8 @@ static int tcc_load_dll(TCCState *s1, in
switch(dt->d_tag) {
case DT_NEEDED:
name = dynstr + dt->d_un.d_val;
- for(i = 0; i < s1->nb_loaded_dlls; i++) {
- dllref = s1->loaded_dlls[i];
+ for(j = 0; j < s1->nb_loaded_dlls; j++) {
+ dllref = s1->loaded_dlls[j];
if (!strcmp(name, dllref->name))
goto already_loaded;
}
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.12-1-k7
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages tcc depends on:
ii libc6 2.3.6-7 GNU C Library: Shared libraries
Versions of packages tcc recommends:
ii libc6-dev [libc-dev] 2.3.6-7 GNU C Library: Development Librari
-- no debconf information
pgpB9sfdwcR0W.pgp
Description: PGP signature
