[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#531942: FTBFS on mipsel due to missing -fPIC

On Mon, Jun 22, 2009 at 07:08:26AM +0200, Aurelien Jarno wrote:
> On Mon, Jun 22, 2009 at 07:05:05AM +0200, Aurelien Jarno wrote:
> > On Sat, Jun 13, 2009 at 11:59:10AM +0200, Luk Claes wrote:
> > > Colin Watson wrote:
> > > > On Fri, Jun 05, 2009 at 10:34:36PM +0200, Luk Claes wrote:
> > > >> Colin Watson wrote:
> > > >>> On Fri, Jun 05, 2009 at 08:11:43AM +0200, Luk Claes wrote:
> > > >>>> mips and mipsel do now also need the -fPIC compilation flag to make
> > > >>>> sure shared objects only contain position independent code.
> > > >>> It surprises me that -fPIE doesn't imply this. Anyway, I've committed a
> > > >>> fix, thanks.
> > > >> Apparently this does not fix it :-(
> > > >>
> > > >> Maybe it's a mips* specific binutils issue?
> > > > 
> > > > The build log
> > > > (https://buildd.debian.org/fetch.cgi?pkg=openssh;ver=1%3A5.1p1-6;arch=mips;stamp=1244203115)
> > > > says (reordering slightly to eliminate 'make -j' confusion):
> > > > 
> > > >   gcc -o sshd sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o sshpty.o sshlogin.o servconf.o serverloop.o auth.o auth1.o auth2.o auth-options.o session.o auth-chall.o auth2-chall.o groupaccess.o auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o auth2-none.o auth2-passwd.o auth2-pubkey.o monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o auth-krb5.o auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o -L. -Lopenbsd-compat/  -fPIC -fPIE -pie -lssh -lopenbsd-compat -lwrap -lpam -ldl -lselinux -lresolv -lcrypto -lutil -lz -lnsl  -lcrypt -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wno-pointer-sign -Wformat-security -fno-builtin-memset -std=gnu99 -O2 -fPIC -fPIE -DLOGIN_PROGRAM="/bin/login" -DLOGIN_NO_ENDOPT -DSSH_EXTRAVERSION="Debian-6" -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err
> > > >   /usr/bin/ld: non-dynamic relocations refer to dynamic symbol deny_severity
> > > >   /usr/bin/ld: failed to set dynamic section sizes: Bad value
> > > >   collect2: ld returned 1 exit status
> > > >   make[1]: *** [sshd] Error 1
> > > > 
> > > > deny_severity is a symbol defined in sshd.c, but it's there for the
> > > > benefit of libwrap. If I'm reading the warning correctly, it's
> > > > complaining that libwrap is "non-dynamic".
> > > > 
> > > > libwrap is currently built with -fpic. Perhaps it needs to be built with
> > > > -fPIC instead? Luk, would it be possible for you to try this out
> > > > experimentally and see if it makes a difference?
> > > 
> > > I'm going to Cc the mips list as I have currently no mips or mipsel
> > > machine ready to install a recompiled libwrap0-dev (and libwrap0) from
> > > tcp-wrappers (with -FPIC in debian/patches/13_shlib_weaksym instead of
> > > -fpic) as build dependency of openssh.
> > > 
> > > So can anyone rebuild tcp-wrappers on mips or mipsel as described above
> > > and use that to compile openssh to test if it builds successfully?
> > > 
> > 
> > On mips, -fpic and -fPIC should be the same, and this is confirmed by
> > tests this does not change the result.
> > 
> > The problem actually has nothing to do with -fpic, it is due to the fact
> > that deny_severity is exported by libwrap0, while being redeclared in 
> > in sshd.c. In <tcpd.h> it is defined as (debian specific change)
> > 
> > | #ifdef HAVE_WEAKSYMS
> > | extern int allow_severity __attribute__ ((weak)); /* for connection logging */
> > | extern int deny_severity __attribute__ ((weak)); /* for connection logging */
> > | #else
> > | extern int allow_severity;              /* for connection logging */
> > | extern int deny_severity;               /* for connection logging */
> > | #endif
> > 
> > When <tcpd.h> is included from inside of tcp-wrappers, HAVE_WEAKSYMS is
> > not defined. When included from sshd.c it is not, so the non-weak
> > declaration of allow_severity and deny_severity is used.
> > 
> > A quick workaround is to #define HAVE_WEAKSYMS before including
> > <tcpd.h>.
> > 
> 
> Actually this is wrong as it defines allow_severity and deny_severity as
> weak symbols in sshd.c, which is wrong. The problem is in tcp-wrappers
> which does not define them as weak for some unknown reason (not specific
> to mips).
> 

And here is a patch for tcp-wrappers. It seems that binutils on mips is
a bit more picky about weak symbols. OTOH, I wonder what happens on
other architectures which one of the two symbols is used in the link.

--- tcp-wrappers-7.6.q/debian/patches/13_shlib_weaksym
+++ tcp-wrappers-7.6.q/debian/patches/13_shlib_weaksym
@@ -236,7 +236,7 @@
 +#endif
 --- /dev/null
 +++ b/weak_symbols.c
-@@ -0,0 +1,11 @@
+@@ -0,0 +1,12 @@
 + /*
 +  * @(#) weak_symbols.h 1.5 99/12/29 23:50
 +  * 
@@ -245,6 +245,7 @@
 +
 +#ifdef HAVE_WEAKSYMS
 +#include <syslog.h>
++#include <tcpd.h>
 +int deny_severity = LOG_WARNING;
 +int allow_severity = SEVERITY; 
 +#endif


-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net
Reply to: