Created attachment 6259 [details] testcase i'm using binutils-2.22.52.0.1 on x86_64-gnu-linux for i686-w64-mingw32 crossbuild. for one executable (from testsuite) linker crashes: Program received signal SIGSEGV, Segmentation fault. [Switching to process 7458] bfd_hash_lookup (table=0xa0e8c0, string=0x1d252039 <Address 0x1d252039 out of bounds>, create=1, copy=0) at hash.c:467 467 hash.c: No such file or directory. in hash.c (gdb) bt #0 bfd_hash_lookup (table=0xa0e8c0, string=0x1d252039 <Address 0x1d252039 out of bounds>, create=1, copy=0) at hash.c:467 #1 0x0000000000439153 in _bfd_stringtab_add (tab=0xa0e8c0, str=0x1d252039 <Address 0x1d252039 out of bounds>, hash=<optimized out>, copy=<optimized out>) at hash.c:823 #2 0x000000000044e4d8 in _bfd_coff_link_input_bfd (finfo=0x7fffffffcc30, input_bfd=<optimized out>) at cofflink.c:1861 #3 0x000000000045037f in _bfd_coff_final_link (abfd=<optimized out>, info=0x6f6be0) at cofflink.c:927 #4 0x0000000000418686 in ldwrite () at ldwrite.c:582 #5 0x00000000004030d5 in main (argc=36, argv=0x7fffffffcf88) at ./ldmain.c:391
here's valgrind report: ==5844== For counts of detected and suppressed errors, rerun with: -v ==5844== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) .c:474) ==5845== by 0x42A843: bfd_slurp_armap (archive.c:950) ==5845== by 0x42A59C: bfd_generic_archive_p (archive.c:800) ==5845== by 0x433145: bfd_check_format_matches (format.c:202) ==5845== by 0x4112D0: load_symbols (ldlang.c:2724) ==5845== by 0x412002: open_input_bfds (ldlang.c:3317) ==5845== by 0x414409: lang_process (ldlang.c:6591) ==5845== by 0x4030B7: main (ldmain.c:382) ==5845== Uninitialised value was created by a stack allocation ==5845== at 0x42A120: _bfd_generic_read_ar_hdr (archive.c:439) ==5845== ==5845== Invalid read of size 2 ==5845== at 0x4326DA: coff_find_nearest_line_with_names (coffgen.c:2216) ==5845== by 0x4329A7: coff_find_nearest_line (coffgen.c:2345) ==5845== by 0x41B56F: vfinfo (ldmisc.c:305) ==5845== by 0x41BFEA: einfo (ldmisc.c:456) ==5845== by 0x41739B: multiple_definition (ldmain.c:910) ==5845== by 0x43A710: _bfd_generic_link_add_one_symbol (linker.c:1846) ==5845== by 0x44C936: coff_link_add_symbols (cofflink.c:482) ==5845== by 0x44D5B6: _bfd_coff_link_add_symbols (cofflink.c:184) ==5845== by 0x411323: load_symbols (ldlang.c:2857) ==5845== by 0x412002: open_input_bfds (ldlang.c:3317) ==5845== by 0x414409: lang_process (ldlang.c:6591) ==5845== by 0x4030B7: main (ldmain.c:382) ==5845== Address 0x5489df0 is not stack'd, malloc'd or (recently) free'd ==5845== ==5845== Invalid read of size 8 ==5845== at 0x4326DF: coff_find_nearest_line_with_names (coffgen.c:2214) ==5845== by 0x4329A7: coff_find_nearest_line (coffgen.c:2345) ==5845== by 0x41B56F: vfinfo (ldmisc.c:305) ==5845== by 0x41BFEA: einfo (ldmisc.c:456) ==5845== by 0x41739B: multiple_definition (ldmain.c:910) ==5845== by 0x43A710: _bfd_generic_link_add_one_symbol (linker.c:1846) ==5845== by 0x44C936: coff_link_add_symbols (cofflink.c:482) ==5845== by 0x44D5B6: _bfd_coff_link_add_symbols (cofflink.c:184) ==5845== by 0x411323: load_symbols (ldlang.c:2857) ==5845== by 0x412002: open_input_bfds (ldlang.c:3317) ==5845== by 0x414409: lang_process (ldlang.c:6591) ==5845== by 0x4030B7: main (ldmain.c:382) ==5845== Address 0x5489de8 is not stack'd, malloc'd or (recently) free'd ==5845== ==5845== Invalid read of size 8 ==5845== at 0x44F1E8: _bfd_coff_link_input_bfd (cofflink.c:2463) ==5845== by 0x45037E: _bfd_coff_final_link (cofflink.c:927) ==5845== by 0x418685: ldwrite (ldwrite.c:582) ==5845== by 0x4030D4: main (ldmain.c:391) ==5845== Address 0x2726d1718 is not stack'd, malloc'd or (recently) free'd ==5845== ==5845== ==5845== Process terminating with default action of signal 11 (SIGSEGV) ==5845== Access not within mapped region at address 0x2726D1718 ==5845== at 0x44F1E8: _bfd_coff_link_input_bfd (cofflink.c:2463) ==5845== by 0x45037E: _bfd_coff_final_link (cofflink.c:927) ==5845== by 0x418685: ldwrite (ldwrite.c:582) ==5845== by 0x4030D4: main (ldmain.c:391)
valgrind doesn't give errors with current sources