We used to have a policy that libbfd not terminate an app on error conditions but I see rather a lot of calls to xstrdup and xmalloc. Did the policy change? My opinion FWIW is that it's fine for libbfd to terminate on OOM for functions only called from ld, but rude to terminate on anything else, particularly on opncls.c functions. For example, you might be upset if your gdb session terminated due to attempting to load new symbols. $ find bfd -name \*.[ch] | xargs egrep 'x(strdup|malloc)' bfd/elf32-arm.c: sympp = (asymbol **) xmalloc (symsize); bfd/elf32-arm.c: xmalloc (sizeof (arm_unwind_table_edit)); bfd/elf32-tic6x.c: xmalloc (sizeof (tic6x_unwind_table_edit)); bfd/vms-lib.c: res->filename = xstrdup (name); bfd/arc-got.h: entry = (struct got_entry *) xmalloc (sizeof (struct got_entry)); bfd/elf32-m68hc1x.c: buf = xmalloc (strlen (msg) + strlen (name) + 10); bfd/elf32-m68hc1x.c: buf = xmalloc (strlen (msg) + 128); bfd/elf32-m68hc1x.c: buf = xmalloc (strlen (msg) + 128); bfd/elf32-m68hc1x.c: buf = xmalloc (strlen (msg) + 128); bfd/elf32-m68hc1x.c: buf = xmalloc (strlen (msg) + 128); bfd/archive.c: n_bfd->filename = xstrdup (filename); bfd/pef.c: unsigned char *buf = xmalloc (symbol->udata.i); bfd/som.c: char *tmp_space = xmalloc (tmp_space_size); bfd/som.c: char *tmp_space = xmalloc (tmp_space_size); bfd/elflink.c: sympp = (asymbol **) xmalloc (symsize); bfd/opncls.c: nbfd->filename = xstrdup (filename); bfd/opncls.c: nbfd->filename = xstrdup (filename); bfd/opncls.c: nbfd->filename = xstrdup (filename); bfd/opncls.c: nbfd->filename = xstrdup (filename); bfd/opncls.c: nbfd->filename = xstrdup (filename); bfd/peXXigen.c: buffer = xmalloc (size); bfd/elfcode.h: nbfd->filename = xstrdup ("<in-memory>"); bfd/pei-x86_64.c: xdata_arr = (bfd_vma *) xmalloc (sizeof (bfd_vma) * ((stop / onaline) + 1)); bfd/pei-x86_64.c: char *xdata_name = xmalloc (len + 1); bfd/mach-o.c: abfd->filename = xstrdup (ap->printable_name); bfd/mach-o.c: char *name = xmalloc (namelen); bfd/plugin.c: plugin_list_iter = (struct plugin_list_entry *) xmalloc (sizeof *plugin_list_iter); bfd/syms.c:| symbol_table = xmalloc (storage_needed); bfd/elf32-nds32.c: char *tmp = xmalloc (size); bfd/elfxx-riscv.c: char *subset = xstrdup (p); bfd/elfxx-riscv.c: riscv_subset_t *s = xmalloc (sizeof *s); bfd/elfxx-riscv.c: s->name = xstrdup (subset); bfd/elfxx-riscv.c: char *attr_str = xmalloc (arch_str_len); bfd/elfxx-riscv.c: char *buf = xmalloc (arch_str_len); bfd/elf64-ppc.c: calls xmalloc, which might cause the program to crash
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=89bdc77eabf5ede68322f6e47e003c1dc45b9ccb commit 89bdc77eabf5ede68322f6e47e003c1dc45b9ccb Author: Alan Modra <amodra@gmail.com> Date: Mon Sep 2 16:13:05 2019 +0930 PR24955, libbfd terminating program on out of memory This patch fixes the worst of the cases where libbfd might terminate a program due to calling xstrdup or xmalloc. I've also fixed some error paths that didn't clean up properly. PR 24955 * libbfd-in.h (bfd_strdup): New inline function. * archive.c (_bfd_get_elt_at_filepos): Use bfd_strdup. Close bfd on error. * elfcode.h (_bfd_elf_bfd_from_remote_memory): Use bfd_strdup. * opncls.c (bfd_fopen): Use bfd_strdup. Close fd and stream on error. (bfd_openstreamr): Use bfd_strdup. (bfd_openr_iovec, bfd_openw, bfd_create): Likewise. * plugin.c (try_load_plugin): Use bfd_malloc. * libbfd.h: Regenerate.
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ec9bd0a22dd42327ae9943937a96f1e865fb5d46 commit ec9bd0a22dd42327ae9943937a96f1e865fb5d46 Author: Alan Modra <amodra@gmail.com> Date: Mon Oct 14 13:34:30 2019 +1030 PR24955, libbfd terminating program on out of memory (part2) PR 24955 * elflink.c (elf_output_implib): Don't use xmalloc. Don't ignore return value of bfd_alloc2. * peXXigen.c (_bfd_XXi_write_codeview_record): Don't use xmalloc. * pef.c (bfd_pef_print_symbol): Likewise. Don't ignore return value of bfd_get_section_contents. * som.c (som_write_space_strings): Don't use xmalloc. (som_write_symbol_strings): Likewise.
The master branch has been updated by Alan Modra <amodra@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9a73315161bc07d958060847ae01996312e1b30f commit 9a73315161bc07d958060847ae01996312e1b30f Author: Alan Modra <amodra@gmail.com> Date: Tue Oct 15 15:57:35 2019 +1030 remove more xmalloc in bfd Also fixes m68hc1x printf arguments which would have bombed when compiling on a 32-bit host with --enable-64-bit-bfd. bfd/ PR 24955 * elf32-arm.c (set_cmse_veneer_addr_from_implib): Use bfd_malloc rather than xmalloc. * elf32-m68hc1x.c (reloc_warning): New function. (elf32_m68hc11_relocate_section): Use it here. Cast bfd_vma values corresponding to %lx in format strings. * elf32-nds32.c (nds32_insertion_sort): Use a stack temporary. gas/ * config/tc-nds32.c (nds32_set_section_relocs): Use relocs and n parameters rather than equivalent sec->orelocation and sec->reloc_count. Don't sort for n <= 1. Tidy.
There are a few remaining target bfd files using xmalloc, but I'm declaring this bug fixed.