Created attachment 10322 [details] Test data ld from binutils-2.29 can be made to crash when attempting to link the attached test data. The test data needs to be decompressed and then ld commanded as follows: x86_64-linux-gnu-ld -m elf_i386 -N --no-check-sections --section-start=.prefix=0 --gc-sections -static -o usbdisk.bin --oformat binary -e 0 usbdisk.o Note that the ld being used here is an x86_64-on-x86_64 cross. Poking around in the crashed ld process with gdb shows: Program received signal SIGSEGV, Segmentation fault. 0x000000000042e3a4 in gldelf_i386_place_orphan (s=0x82cea0, secname=0x82c692 ".prefix", constraint=382) at eelf_i386.c:1978 1978 && (elf_section_data (os->bfd_section)->this_hdr.sh_info (gdb) bt #0 0x000000000042e3a4 in gldelf_i386_place_orphan (s=0x82cea0, secname=0x82c692 ".prefix", constraint=382) at eelf_i386.c:1978 #1 0x0000000000412bfa in lang_place_orphans () at ../../binutils-2.29/ld/ldlang.c:6396 #2 0x0000000000416f21 in lang_process () at ../../binutils-2.29/ld/ldlang.c:7198 #3 0x0000000000403ee0 in main (argc=<optimized out>, argv=<optimized out>) at ../../binutils-2.29/ld/ldmain.c:413 The fault apparently occurs on line 1978 in the following: 1977 if (os->bfd_section != NULL 1978 && (elf_section_data (os->bfd_section)->this_hdr.sh_info 1979 == elf_section_data (s)->this_hdr.sh_info) 1980 && (os->bfd_section->flags == 0 1981 || ((!bfd_link_relocatable (&link_info) 1982 || (iself && (((elf_section_flags (s) 1983 ^ elf_section_flags (os->bfd_section)) 1984 & SHF_EXCLUDE) == 0))) (gdb) p os $1 = (lang_output_section_statement_type *) 0x81e168 (gdb) p os->bfd_section $2 = (asection *) 0x820720 (gdb) p s $3 = (asection *) 0x82cea0 Looking at the disassembly, line 1977 starts here: 0x000000000042e386 <+822>: mov 0x38(%rbx),%rsi 0x000000000042e38a <+826>: test %rsi,%rsi 0x000000000042e38d <+829>: je 0x42e448 <gldelf_i386_place_orphan+1016> 0x000000000042e393 <+835>: mov 0xe0(%rsi),%rax 0x000000000042e39a <+842>: mov 0xe0(%rbp),%rdx 0x000000000042e3a1 <+849>: mov 0x2c(%rdx),%ecx => 0x000000000042e3a4 <+852>: cmp %ecx,0x2c(%rax) So %rbx holds 'os', %rsi holds 'os->bfd_section' and %rbp holds 's'. (gdb) p/x *(long*)($rsi+0xe0) $13 = 0x0 (gdb) p/x *(long*)($rbp+0xe0) $14 = 0x82f170 So elf_section_data (os->bfd_section) returns NULL and a SEGV occurs when we try and dereference it.
binutils was configured thusly: + LDFLAGS='-Wl,-z,relro ' + ../binutils-2.29/configure --disable-dependency-tracking --disable-silent-rules --enable-checking --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu --target=x86_64-linux-gnu --program-prefix=x86_64-linux-gnu- --disable-shared --disable-install_libbfd --with-sysroot=/usr/x86_64-linux-gnu/sys-root --enable-deterministic-archives=no --enable-compressed-debug-sections=none --enable-lto --with-bugurl=http://bugzilla.redhat.com/bugzilla/
Please try binutils 2.29 branch.
Alread fixed both master and branch.