https://sourceware.org/bugzilla/show_bug.cgi?id=31009
--- Comment #11 from Jonny Weir <jonny.weir at clearpool dot io> ---
Hi Michael,
(In reply to Michael Matz from comment #10)
> (In reply to Jonny Weir from comment #7)
> > I made the following change:
>
> Thanks!
>
> > XXX resize 1: count=1598 added=1086327410 newnb=1048576
>
> ...
>
> The error is in another overflow in the check:
>
> if (bfdtab->count + added > table->nbuckets * 2 / 3)
> {
> unsigned i;
> unsigned long newnb = table->nbuckets * 2;
> ... rest of resize code ...
>
> as table->nbuckets is 2G at entry to this, the expression table->nbuckets * 2
> is going to be zero, so once nbuckets goes to 2G (the max supported size)
> the above expression will always be true, we always go into the resize case,
> and we always will fail it (with the followup errors then occurring).
>
> Let's rewrite it into "/ 3 * 2" to avoid overflow in the check. Can you test
> this, please? (patch still contains the printf debugs):
I have just tested this and I now have the following output along with a fully
built binary:
XXX resize 1: count=566 added=6620 newnb=16384
XXX resize 2: newnb=16384
XXX resize 1: count=1136 added=28767 newnb=32768
XXX resize 2: newnb=65536
XXX resize 1: count=113 added=7711 newnb=16384
XXX resize 2: newnb=16384
XXX resize 1: count=264 added=10768 newnb=32768
XXX resize 2: newnb=32768
XXX resize 1: count=441 added=40265 newnb=65536
XXX resize 2: newnb=65536
XXX resize 1: count=677 added=120326 newnb=131072
XXX resize 2: newnb=262144
XXX resize 1: count=1047 added=212455 newnb=524288
XXX resize 2: newnb=524288
XXX resize 1: count=1594 added=1124529454 newnb=1048576
XXX resize 2: newnb=2147483648
This fix appears to do the job! Many thanks for the fast resolution of this
issue.
> ...
--
You are receiving this mail because:
You are on the CC list for the bug.
