[Bug binutils/15356] BFD's decompress_contents can maybe leak memory

2013-04-19 Thread cvs-commit at gcc dot gnu.org 
http://sourceware.org/bugzilla/show_bug.cgi?id=15356

--- Comment #1 from cvs-commit at gcc dot gnu.org  2013-04-19 08:12:32 UTC ---
CVSROOT:/cvs/src
Module name:src
Changes by:ni...@sourceware.org2013-04-19 08:12:30

Modified files:
bfd: ChangeLog 

Log message:
PR binutils/15356
* compress.c (decompress_contents): Always call inflateEnd, even
when another inflation operation fails.

[Note - the actual patch to compress.c was accidentally committed
previously].

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/src/bfd/ChangeLog.diff?cvsroot=src&r1=1.6030&r2=1.6031

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug binutils/15356] BFD's decompress_contents can maybe leak memory

2013-04-19 Thread nickc at redhat dot com 
http://sourceware.org/bugzilla/show_bug.cgi?id=15356

Nick Clifton  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 CC||nickc at redhat dot com
 Resolution||FIXED

--- Comment #2 from Nick Clifton  2013-04-19 08:13:45 
UTC ---
Hi Tom,

  Thanks for filing this bug report.  I have checked in the patch you
suggested, with a little bit of extra logic in order to make sure that
decompress_contents returns a failure result if one of the inflation operations
failed.

Cheers
  Nick

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/15382] New: ld segfaults with .debug_types sections

2013-04-19 Thread jan.sm...@alcatel-lucent.com 
http://sourceware.org/bugzilla/show_bug.cgi?id=15382

 Bug #: 15382
   Summary: ld segfaults with .debug_types sections
   Product: binutils
   Version: 2.23
Status: NEW
  Severity: normal
  Priority: P2
 Component: ld
AssignedTo: unassig...@sourceware.org
ReportedBy: jan.sm...@alcatel-lucent.com
Classification: Unclassified


The segfault happens in 2.23.2. 

Starting program: ld -m elf64btsmip -X -N -r --fatal-warnings -o ../lib/x.a
/tmp/a.o /tmp/b.o

Program received signal SIGSEGV, Segmentation fault.
elf_link_input_bfd (input_bfd=0xc109d0, flinfo=0x7fffd430) at
elflink.c:9771
9771  irela->r_info = 0;
(gdb) bt
#0  elf_link_input_bfd (input_bfd=0xc109d0, flinfo=0x7fffd430) at
elflink.c:9771
#1  bfd_elf_final_link (abfd=0x7767f0, info=0x7603e0 ) at
elflink.c:10852
#2  0x00458834 in _bfd_mips_elf_final_link (abfd=,
info=0x7603e0 ) at elfxx-mips.c:13571
#3  0x0041766b in ldwrite () at ldwrite.c:582
#4  0x0041656a in main (argc=11, argv=0x7fffdd88) at ./ldmain.c:420

(gdb) p /x irela
$27 = 0x71790ff8
(gdb) p /x *irela
$8 = {
  r_offset = 0x, 
  r_info = 0xde020109, 
  r_addend = 0x2d90038
}


elflink.c in 2.23.2

 9763   if (irela->r_offset >= (bfd_vma) -2)
 9764 {
 9765   /* This is a reloc for a deleted entry or somesuch.
 9766  Turn it into an R_*_NONE reloc, at the same
 9767  offset as the last reloc.  elf_eh_frame.c and
 9768  bfd_elf_discard_info rely on reloc offsets
 9769  being ordered.  */
 9770   irela->r_offset = last_offset;
 9771   irela->r_info = 0;
 9772   irela->r_addend = 0;
 9773   continue;
 9774 }


The key difference between crashing/asserting and working just fine is that I
have enabled debugging. Dwarf-4 debug symbols where each type is placed into
its own .debug_types section. I'm using GCC 4.6.

In binutils 2.22 there is an assert at 
ld: BFD (GNU Binutils) 2.22 assertion fail elf64-mips.c:2521
ld: BFD (GNU Binutils) 2.22 assertion fail elf64-mips.c:2522
ld: BFD (GNU Binutils) 2.22 assertion fail elf64-mips.c:2527
ld: BFD (GNU Binutils) 2.22 assertion fail elf64-mips.c:2528

2512 /* Swap out a MIPS 64-bit Rela reloc.  */
2513 
2514 static void
2515 mips_elf64_be_swap_reloca_out (bfd *abfd, const Elf_Internal_Rela *src,
2516bfd_byte *dst)
2517 {
2518   Elf64_Mips_Internal_Rela mirela;
2519 
2520   mirela.r_offset = src[0].r_offset;
2521   BFD_ASSERT(src[0].r_offset == src[1].r_offset);
2522   BFD_ASSERT(src[0].r_offset == src[2].r_offset);
2523 
2524   mirela.r_type = ELF64_MIPS_R_TYPE (src[0].r_info);
2525   mirela.r_sym = ELF64_R_SYM (src[0].r_info);
2526   mirela.r_addend = src[0].r_addend;
2527   BFD_ASSERT(src[1].r_addend == 0);
2528   BFD_ASSERT(src[2].r_addend == 0);
2529 
2530   mirela.r_type2 = ELF64_MIPS_R_TYPE (src[1].r_info);
2531   mirela.r_ssym = ELF64_MIPS_R_SSYM (src[1].r_info);
2532   mirela.r_type3 = ELF64_MIPS_R_TYPE (src[2].r_info);
2533 
2534   mips_elf64_swap_reloca_out (abfd, &mirela,
2535   (Elf64_Mips_External_Rela *) dst);
2536 }

Unfortunately this bug is preventing me to roll out a new debugging
infrastructure. Thank you for your help.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

[Bug ld/15382] ld segfaults with .debug_types sections

2013-04-19 Thread jan.sm...@alcatel-lucent.com 
http://sourceware.org/bugzilla/show_bug.cgi?id=15382

Jan Smets  changed:

   What|Removed |Added

 Target||mips64

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are on the CC list for the bug.

___
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils