unsubscribe end > On Mar 30, 2014, at 8:56, Kirill Smelkov <[email protected]> wrote: > > Hi Thomas, > >> On Thu, Mar 20, 2014 at 10:20:21PM +0800, Thomas Preud'homme wrote: >> Le dimanche 19 janvier 2014, 17:03:32 Kirill Smelkov a écrit : >> >> Hi Kirill, >> >>> >>> Sorry for being silent for so long. I've started looking into the >>> problem today, but before I've ever got to mksh, I've found one new bug >>> wrt bcheck which is now fixed. Could you please see, does it maybe fixes >>> mksh? If not, I'm willing to continue digging, only it will be very >>> slow, as my time is very tight this days... >> >> I've looked into it this week and managed to fix one bug with regards to >> relocation of __bound_init (see commit >> ec1c83081dd741bd18ca1821bf52535c444dc111) but there is still at least one >> other bug. As I understand it the problem is that mksh loop over argv >> entries >> in main with something like "while (!*argv)". This triggers a segfault by >> bound_ptr_indir returning INVALID_POINTER. So I guess there is nothing right >> now to add argv[] and environ[] among the ok zones. I was thinking about >> doing >> it in __bound_init but there is some difficulty. From the environ variable >> it's >> easy to find the beginning and end of environ array by browsing it. >> Alternatively setenv of a new variable could do it in a faster way but there >> is the risk of the array to be already full so the browsing seems more >> reliable. The problem is to find the beginning and end of argv[]. For >> instance, >> I don't know if with address space randomization the environ follows >> immediately the end of argv (it seems to be the case on my machine). As to >> the >> beginning of argv, I can only think of taking the address of a local >> variable >> but that's only an approximation. >> >> Alternatively, a different prologue could be generated for the main function >> that calls a __bound_new_argument_region that would take as parameter argv >> and >> then environ. What do you think about it? Do you feel like trying? >> >> Best regards, >> >> Thomas > > Just a quick note, that I've got your message and was able to reproduce > mksh 0.38-3 breakage with `tcc -b`, and also, as I hope, found a small > test-case for argv v.s. bcheck crash which is below. > > When I have my next free time, I'll try to analyze it, but that should > not be soon as I'm currently very busy... > > Thanks, > Kirill > > ---- 8< ---- > /* то работает - то выпадает > kirr@mini:~/src/tools/tinycc$ ./a.out > stack: 0xffceb3f4 > argv: 0xffceb494 > e: .start: 0 .size: ffffffff invalid: 0 > region dump: > 0804b400: 0804b43b:0804b449 0804b430:0804b43a 0804b424:0804b42f > argv[0]: 0xffced297 > kirr@mini:~/src/tools/tinycc$ ./a.out > stack: 0xfffbfee4 > argv: 0xfffbff84 > e: .start: 0 .size: 0 invalid: 1 > region dump: > 0804b400: 0804b43b:0804b449 0804b430:0804b43a 0804b424:0804b42f > E: __bound_ptr_indir4(0xfffbff84, 0x0) > Ошибка сегментирования (core dumped) > */ > > #include <stdio.h> > > int main(int argc, const char *argv[]) > { > int i; > > printf("stack:\t%p\n", &i); > printf("argv:\t%p\n", argv); > for (i = 0; i<argc; ++i) > printf("argv[%i]:\t%p\n", i, argv[i]); > > return 0; > } > > _______________________________________________ > Tinycc-devel mailing list > [email protected] > https://lists.nongnu.org/mailman/listinfo/tinycc-devel
_______________________________________________ Tinycc-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/tinycc-devel
