Just FYI, this isn't showing up yet in the bug entry but this
is the problem and the included patch fixes it.
--- Begin Message ---
The problem is how sha1.cc codes the SHA1 transform, it illegally
casts the on-stack workspace buffer to a type requiring more
alignment than 'workspace' is actually declared to have.
This only shows up recently because gcc-4.6 now does a really
aggressive optimization where it gets rid of the workspace
buffer entirely and just accesses 'buffer' directly, and assumes
it has the necessary alignment for 32-bit loads (which it
doesn't).
This patch fixes the bug:
--- apt-pkg/contrib/sha1.cc~ 2011-06-17 03:10:20.000000000 -0700
+++ apt-pkg/contrib/sha1.cc 2011-07-25 15:16:26.774548017 -0700
@@ -74,10 +74,9 @@ static void SHA1Transform(uint32_t state
uint32_t l[16];
}
CHAR64LONG16;
- CHAR64LONG16 *block;
+ CHAR64LONG16 workspace, *block;
- uint8_t workspace[64];
- block = (CHAR64LONG16 *)workspace;
+ block = &workspace;
memcpy(block,buffer,sizeof(workspace));
/* Copy context->state[] to working vars */
--- End Message ---
