This patch http://sourceware.org/ml/binutils/2007-02/msg00006.html causes a serious memory corruption in linker. There are 2 problems in elf_create_symbuf: ssymbuf = bfd_malloc ((shndx_count + 1) * sizeof (*ssymbuf) + (indbufend - indbuf) * sizeof (*ssymbuf)); if (ssymbuf == NULL) { free (indbuf); return NULL; } ssym = (struct elf_symbuf_symbol *) (ssymbuf + shndx_count); ssymbuf->ssym = NULL; ssymbuf->count = shndx_count; ssymbuf->st_shndx = 0; 1. Only one combined buffer is allocated for both ssymbuf and ssym. But it is wrong to assume that size of ssym is the same as ssymbuf. 2. There are shndx_count + 1 entries in ssymbuf. ssym should start at ssymbuf + shndx_count + 1, not ssymbuf + shndx_count since the first entry is for shndx_count.
A patch is posted at http://sourceware.org/ml/binutils/2008-02/msg00228.html
Fixed.
Yes, fixed.