The latest change in free_section function cause accesses to already
released memory and (occasionally) segfaults.
During execution of tcc_delete, when free_section is called on .rel.text
and .rel.data sections, each of these sections contains a link to the
already freed .symtab section, but free_section knows nothing that the
links are invalid.
My solution to this (see a patch below) is to reverse the order of
freeing the sections, so that .rel.text and .rel.data be freed before
.symtab.
As I don't know TCC internals well enough, this solution may be
incorrect. Another solution may be to revert the relevant changes to the
previous CVS version.
--- tcc-cvs.c Sat May 24 10:06:26 2008
+++ tcc.c Sat May 24 00:30:12 2008
@@ -10225,7 +10225,7 @@
/* free all sections */
free_section(s1->dynsymtab_section);
- for(i = 1; i < s1->nb_sections; i++)
+ for(i = s1->nb_sections - 1; i > 0; i--)
free_section(s1->sections[i]);
tcc_free(s1->sections);
--
Shmuel
_______________________________________________
Tinycc-devel mailing list
[email protected]
http://lists.nongnu.org/mailman/listinfo/tinycc-devel
