Created attachment 5101 [details]
"hello.c" and "test.o" for test case described in report

If you can manage to construct an object file where one of the symbols is both STB_LOCAL and SHN_COMMON, then feeding that object file to ld will cause a segfault. It might be sensible to give an error message instead. Ideally, ld would be able to allocate the local common symbol to .bss as usual.

Interestingly, the GNU assembler has an ".lcomm" directive which does *not* create local common symbols.  Also worth a mention: The tool "elflint" considers local commons "nonsense".  I tend to agree, but I still don't think ld should segfault.


% uname -a
Linux redacted 2.6.24-28-generic #1 SMP Thu Sep 16 15:01:14 UTC 2010 i686 GNU/Linux
% ld --version
GNU ld (GNU Binutils for Debian) 2.19.51.20090508
Copyright 2008 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License version 3 or (at your option) a later version.
This program has absolutely no warranty.
% gcc --version
gcc (GCC) 4.2.4 (Ubuntu 4.2.4-1ubuntu4)
Copyright (C) 2007 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

% readelf -s test.o

Symbol table '.symtab' contains 7 entries:
   Num:    Value  Size Type    Bind   Vis      Ndx Name
     0: 00000000     0 NOTYPE  LOCAL  DEFAULT  UND 
     1: 00000000     0 FILE    LOCAL  DEFAULT  ABS test.s
     2: 00000000     0 SECTION LOCAL  DEFAULT    1 .text
     3: 00000000     0 SECTION LOCAL  DEFAULT    2 .data
     4: 00000000     0 SECTION LOCAL  DEFAULT    3 .bss
     5: 00000004     4 OBJECT  LOCAL  DEFAULT  COM foo
     6: 00000000     6 FUNC    GLOBAL DEFAULT    1 get_foo

% gcc hello.c test.o
collect2: ld terminated with signal 11 [Segmentation fault]