From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg1-x52b.google.com (mail-pg1-x52b.google.com [IPv6:2607:f8b0:4864:20::52b]) by sourceware.org (Postfix) with ESMTPS id E5CAF3858C54 for ; Fri, 4 Nov 2022 17:28:30 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org E5CAF3858C54 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=google.com Received: by mail-pg1-x52b.google.com with SMTP id h193so4913102pgc.10 for ; Fri, 04 Nov 2022 10:28:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=BF/SSi6gLsnKPtTLvYEg/YvPyAamB8pbjXaRLbRObws=; b=YClfGUGW4ZH+mhaJ9c53AAwbcmO+cYw9cMQXwWAGPYptA0vCyXHMH9Pa5nIOkfIne7 RJx+TteqZOtLMS0jyc9w0OA8cAZpJmYpu73UNFHR6+R1bOq++Qey8B9tS8YYw5UbN6mY F5fEpZte/ILpNTvglfAPD2vP80DdYMZc7rxReDOuo+Ocj/xjp4vJ9QcMphU+5eBROTsk mOqDtzF6t8XOWWR04+RqtFChCX9+ZWtjll/4B0WJfopAEbQll18sLr0bYAuCviE0pKEV GHKNAPE4WMhMSdXpeBYp1RbHiOplQmQFw9655bOrCpKAFV3T/EnbHFH7LjaIQe+Ua6k4 feXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=BF/SSi6gLsnKPtTLvYEg/YvPyAamB8pbjXaRLbRObws=; b=imZSw0OD+PfQYwR62qAWvNBhw/ISOFe/re9J0I1Y+91++HfG3qi5i0dAQUuGBOLV/d lKxPGPLIy7m0LAU/DY02ic7/F+uHtmoF6oPO+HO5iRtU42Ku9Y0mpts+AQ6J/bOphPor ResMMxeDwP5J4FYWVUPKTNazp7x6O4vjm4BWQPl1xOsDOnPsMjB3GEq529Pa7Xzuxgso SzomGIZqdTFOK3ZO6TvIldp0/ETJdc4FLqM3Tg2OWHGZ2fAK8RSt4yk8k1h007KPn42g Q2F8u13qJCpeCE+PeqSuH0s2HeYXf4QSPCRvXbDs/2fCUANYP5cwWLQn02NQBolpchJd XkVg== X-Gm-Message-State: ACrzQf2GTXk4p6aZUr+KFO5NyqAx/BHwMoqPyaDP0wjEnKudeQaYgzPI rxS5sxXHFEkqw+iw0juFPID4nA== X-Google-Smtp-Source: AMsMyM40oTUrXm7I4JnXzI8emvb1OumcamGyNnB0mZh1fY8Idv0/DnP6CZR8dXixQ+gEN5FlHhJ9ug== X-Received: by 2002:a05:6a00:810:b0:56c:df84:1b2d with SMTP id m16-20020a056a00081000b0056cdf841b2dmr37161119pfk.66.1667582909777; Fri, 04 Nov 2022 10:28:29 -0700 (PDT) Received: from google.com ([2620:15c:2ce:200:6f4d:5238:4dec:1ea5]) by smtp.gmail.com with ESMTPSA id u14-20020a170902e5ce00b00186c5e8a8d7sm18700plf.171.2022.11.04.10.28.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Nov 2022 10:28:28 -0700 (PDT) Date: Fri, 4 Nov 2022 10:28:25 -0700 From: Fangrui Song To: Florian Weimer Cc: "H.J. Lu" , Szabolcs Nagy , libc-alpha@sourceware.org, Joseph Myers Subject: Re: x86_64 / i686 no-PIE failures Message-ID: <20221104172825.7suwsbpdzvs5tqkt@google.com> References: <87a6572ny0.fsf@oldenburg.str.redhat.com> <87iljuzmos.fsf@oldenburg.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <87iljuzmos.fsf@oldenburg.str.redhat.com> X-Spam-Status: No, score=-19.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,ENV_AND_HDR_SPF_MATCH,FSL_HELO_FAKE,KAM_INFOUSMEBIZ,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2022-11-04, Florian Weimer wrote: >* H. J. Lu: > >> On Fri, Nov 4, 2022 at 2:29 AM Szabolcs Nagy wrote: >>> >>> The 11/04/2022 08:12, Florian Weimer via Libc-alpha wrote: >>> > * Joseph Myers: >>> > >>> > > Now that the uchar.h failures with mainline GCC are fixed, other failures >>> > > show up for x86_64 / i686 no-PIE with mainline GCC and binutils (I don't >>> > > know how long these have been there): >>> > > >>> > > /scratch/jmyers/glibc-bot/install/compilers/x86_64-linux-gnu/lib/gcc/x86_64-glibc-linux-gnu/13.0.0/../../../../x86_64-glibc-linux-gnu/bin/ld: /scratch/jmyers/glibc-bot/build/glibcs/x86_64-linux-gnu-no-pie/glibc/elf/ifuncmain1.o: non-canonical reference to canonical protected function `foo_protected' in /scratch/jmyers/glibc-bot/build/glibcs/x86_64-linux-gnu-no-pie/glibc/elf/ifuncmod1.so >>> > > /scratch/jmyers/glibc-bot/install/compilers/x86_64-linux-gnu/lib/gcc/x86_64-glibc-linux-gnu/13.0.0/../../../../x86_64-glibc-linux-gnu/bin/ld: failed to set dynamic section sizes: bad value >>> > > collect2: error: ld returned 1 exit status >>> > > ../Rules:238: recipe for target '/scratch/jmyers/glibc-bot/build/glibcs/x86_64-linux-gnu-no-pie/glibc/elf/ifuncmain1' failed >>> > > make[3]: *** [/scratch/jmyers/glibc-bot/build/glibcs/x86_64-linux-gnu-no-pie/glibc/elf/ifuncmain1] Error 1 >>> > > make[3]: Leaving directory '/scratch/jmyers/glibc-bot/src/glibc/elf' >>> > >>> > H.J., >>> > >>> > this test no longer seems valid with current binutils (or current >>> > binutils is broken). >>> > >>> > ifuncmain1.o has X86_64_32S and X86_64_PLT32 relocations for >>> > foo_protected, so the main program must contain a PLT stub for >>> > foo_protected. Apparently, ld no longer produces such binaries. >>> > >>> > What should we do about this? >>> >>> aarch64 has the same issue since >>> >>> binutils commit 90b7a5df152a64d2bea20beb438e8b81049a5c30 >>> aarch64: Disallow copy relocations on protected data >>> >>> which should be in the binutils 2.39 release >>> >>> ld.lld rejects such usage too, i think the plan was to not >>> support extern protected symbol refs with canonical address >>> moved to the main exe. >>> >>> so the tests should be changed, but i'm not sure what's >>> the best approach (completely dropping protected or just >>> ensure the address is not taken in no-pie case). >> >> Given the linker change, we should drop these tests for non-PIE. Agree. https://sourceware.org/git/?p=glibc.git;a=commit;h=66a273d16a63d1ed74a8d14a210a04c6a0f5dd45 ("elf: Disable ifuncmain{1,5,5pic,5pie} when using LLD") disabled some tests about exe's direct references to protected DSO symbols. binutils ports (aarch64 and x86) which have the strict behavior need to disable the tests as well. >If we don't take the address of foo_protected, we'd only have an >X86_64_PLT32 relocation. Would that be valid from a linker perspective? > >Thanks, >Florian > R_X86_64_PLT32 is a PLT-generating relocation, not a direct reference. It is compatible with a protected definition in a DSO. See https://maskray.me/blog/2021-01-09-copy-relocations-canonical-plt-entries-and-protected#protected-data-symbols-and-copy-relocations for a very long write-up.