[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2017-06-09 Thread via Digitalmars-d-bugs 
https://issues.dlang.org/show_bug.cgi?id=5278

Martin Nowak  changed:

   What|Removed |Added

 Status|REOPENED|RESOLVED
 Resolution|--- |FIXED

--- Comment #35 from Martin Nowak  ---
Should work now that we ship phobos with PIC by default (at least on X64).
Executables compiled with dmd's `-fPIC` do create PIEs.

--

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2017-06-09 Thread via Digitalmars-d-bugs 
https://issues.dlang.org/show_bug.cgi?id=5278
Issue 5278 depends on issue 7678, which changed state.

Issue 7678 Summary: Add -cflags switch for DMD that allows passing flags to GCC 
or ${CC}
https://issues.dlang.org/show_bug.cgi?id=7678

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |DUPLICATE

--

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2016-11-30 Thread via Digitalmars-d-bugs 
https://issues.dlang.org/show_bug.cgi?id=5278

hst...@quickfur.ath.cx changed:

   What|Removed |Added

 CC||hst...@quickfur.ath.cx

--- Comment #34 from hst...@quickfur.ath.cx ---
The only way I've found that works with statically-linked Phobos is to compile
druntime and phobos with PIC=1 so that libphobos.a is PIC, in addition to
putting -fPIC in dmd.conf (but not -defaultlib=libphobos.so, since that causes
phobos to be linked dynamically).  All other combinations seems to fail in one
place or another.

See: https://issues.dlang.org/show_bug.cgi?id=16794

Alternatively, it *may* be possible to get away with non-PIC libphobos.a if
there's a way to coax dmd to invoke gcc (used as the linker) with -no-pie.  I
tried -L-no-pie but that didn't seem to do the trick either.  Probably
something else is needed to make it work.

--

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2016-10-25 Thread via Digitalmars-d-bugs 
https://issues.dlang.org/show_bug.cgi?id=5278

Lodovico Giaretta  changed:

   What|Removed |Added

 CC||lodov...@giaretart.net

--- Comment #33 from Lodovico Giaretta  ---
I can confirm that putting `-fPIC -defaultlib=libphobos2.so` in dmd.conf makes
DMD work correctly on hardened systems (tested on Ubuntu 16.10).

Binaries built this way are PIE and have Phobos linked dynamically. I didn't
manage to find a configuration that allows me to statically link Phobos, with
or without PIE.

--

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2016-10-24 Thread via Digitalmars-d-bugs 
https://issues.dlang.org/show_bug.cgi?id=5278

--- Comment #32 from Martin Nowak  ---
This also affects Ubuntu 16.10 to some degree.

[Hardened system
tutorial/patch](http://forum.dlang.org/post/paeiukmlqrmgwieab...@forum.dlang.org)
[Cannot link with libphobos2.a with GCC 6.2 on Ubuntu
16.10](http://forum.dlang.org/post/tppsgztsbsdrtkpcb...@forum.dlang.org)

Using -fPIC -defaultlib=libphobos2.so (the normal shared flags) was reported to
be a workaround for the missing -fPIE support on Ubuntu 16.10.

https://github.com/rejectedsoftware/ddox/issues/134

--

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-08-05 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #31 from Chad Joan chadj...@gmail.com 2012-08-05 11:55:13 PDT ---
(In reply to comment #30)
 Does this pull resolve the issue for you?
 
 https://github.com/D-Programming-Language/dmd/pull/794

Hey, I didn't even realize this response was here.

Yes it does.  Or at least it gives me a reasonable workaround until the codegen
issues are fixed.

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-06-28 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278


Walter Bright bugzi...@digitalmars.com changed:

   What|Removed |Added

 CC||bugzi...@digitalmars.com


--- Comment #30 from Walter Bright bugzi...@digitalmars.com 2012-06-28 
12:44:00 PDT ---
Does this pull resolve the issue for you?

https://github.com/D-Programming-Language/dmd/pull/794

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-03-09 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278


Chad Joan chadj...@gmail.com changed:

   What|Removed |Added

 Depends on||7678
   Severity|blocker |major


-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-02-05 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #29 from Chad Joan chadj...@gmail.com 2012-02-05 14:06:08 PST ---
(In reply to comment #28)
 Yeah, it's a limitation that dmd doesn't let you pass flags to gcc. It's a
 different bug though.
 
 Have you actually tried to build PIE using dmd's -fPIC flag.
 You'd need to rebuild druntime and phobos with the fPIC too.
 I think PIE will work without further changes.

It seemed like it was working before, but I did it again with more rigor to try
and confirm that all of the flags are what I think they are.  It didn't work
too well.

Here's what happened:
druntime compile: http://pastebin.com/e5HjcVRb
phobos compile: http://pastebin.com/4uATCBt1
executable compile: 

chad@Hugin /mnt/bulk/dprojects/helloD2 $ dmd -fPIC -c main.d
chad@Hugin /mnt/bulk/dprojects/helloD2 $ gcc main.o -o main -m32 -Xlinker
-L/usr/local/share/dcompilers/dmd/linux/bin/../lib -lphobos2 -lpthread -lm -lrt
-fPIC -pie
/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3/../../../../x86_64-pc-linux-gnu/bin/ld:
warning: creating a DT_TEXTREL in object.
chad@Hugin /mnt/bulk/dprojects/helloD2 $ main
main: error while loading shared libraries: cannot make segment writable for
relocation: Permission denied
chad@Hugin /mnt/bulk/dprojects/helloD2 $ sudo paxctl -m main
chad@Hugin /mnt/bulk/dprojects/helloD2 $ main
Killed
chad@Hugin /mnt/bulk/dprojects/helloD2 $

If I did something wrong, please let me know a better way.


What's the issue# for the bug preventing DMD from forwarding arguments to GCC? 
It's actually really easy to write a patch for that.  In fact, I did it so that
I could continue working on my system.  Otherwise there is no way for me to
have DMD work on my system without hardcoding -fno-pie into dmd/src/link.c
and compiling from git.

Now, this is probably the wrong place for it, and I could stand to improve it
slightly and make sure it works off of the latest git sources (I was working
offline with this), but here is the patch for adding a -cflags parameter in
DMD, just in case anyone wants it:
http://pastebin.com/U6cTmryQ

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-01-25 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #26 from Chad Joan chadj...@gmail.com 2012-01-25 21:05:07 PST ---
(In reply to comment #25)
 I suspect this -fno-pie thing will make shared libraries impossible on my 
 setup
 until this gets resolved though, right?
 No, it doesn't.
 PIE simply means randomized address space for the executable.
 I do even think that PIE should work out of the box if you
 compile phobos and you executables with -fPIC.

Oh, my bad.  I confused PIE with PIC.  

So, just to be clear, -fpie is not passed by default on most systems, but it is
on mine (a feature of the hardened GCC).  DMD's binary release of phobos is
then compiled WITHOUT -fpie because that's the usual course of things, thus
causing it to complain when I link it with something that compiles WITH -fpie.  

Is there any chance that -fno-pie could make it into the list of things DMD
passes to GCC by default?  

Assuming I understand this all correctly, then other systems won't care if
-fno-pie gets passed because they don't use PIE anyways.  On my system it will
convert a dead-on-arrival binary release into something that works.  

If someone still wanted to build with PIE then the ideal, I suppose, would be
to have portage (the package manager) build everything from source, adding
-fpie and -fPIC as necessary and adjusting the dmd.conf file to reflect it.

Also, is it even possible to get -fno-pie in there through dmd.conf?

When I add -L-fno-pie in dmd.conf it adds -Xlinker -fno-pie instead of just
-fno-pie to the GCC args and it seems to end up going to the wrong place. 
Then I get linker errors and stuff won't build: http://pastebin.com/wEcuyUqp

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-01-22 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #24 from Chad Joan chadj...@gmail.com 2012-01-22 09:41:55 PST ---
(In reply to comment #22)

Additional info:
I can get basic stack traces now.  Yay!  And I don't have to use paxctl -m
anymore.  Also yay!
http://pastebin.com/tt784wYr

More line numbers in the stack trace would be nice though.  

I suspect this -fno-pie thing will make shared libraries impossible on my setup
until this gets resolved though, right?

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-01-22 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278


d...@dawgfoto.de changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution||FIXED


--- Comment #25 from d...@dawgfoto.de 2012-01-22 16:57:07 PST ---
I suspect this -fno-pie thing will make shared libraries impossible on my setup
until this gets resolved though, right?
No, it doesn't.
PIE simply means randomized address space for the executable.
I do even think that PIE should work out of the box if you
compile phobos and you executables with -fPIC.

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-01-21 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #22 from d...@dawgfoto.de 2012-01-21 22:50:46 PST ---
What's linker flags are passed by gcc if you use --export-dynamic vs. not using
it?

dmd -c main
--
gcc main.o -o main -m32 -Xlinker
-L/usr/local/share/dcompilers/dmd/linux/bin32/../lib32 -Xlinker
-L/usr/local/share/dcompilers/dmd/linux/bin32/../lib64 -Xlinker
--no-warn-search-mismatch -Xlinker --export-dynamic -lphobos2 -lpthread -lm
-lrt -v
--
vs.
--
gcc main.o -o main -m32 -Xlinker
-L/usr/local/share/dcompilers/dmd/linux/bin32/../lib32 -Xlinker
-L/usr/local/share/dcompilers/dmd/linux/bin32/../lib64 -Xlinker
--no-warn-search-mismatch -lphobos2 -lpthread -lm -lrt -v
--

Also did passing -fno-pie to gcc resolve your problems?

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2012-01-20 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #21 from Chad Joan chadj...@gmail.com 2012-01-20 19:32:30 PST ---
(In reply to comment #20)
 The core issue is that your gcc is linking PIE by default but
 PIC support for dmd still has some bug and probably would need
 more that -fPIC to support PIE. Currently you should pass
 -fno-pie to gcc for linking.
 
 Please help to find out why --export-dynamic is involved.
 Does it trigger alter the PIE behavior?

How do I find this out?

 What's the backtrace of your segfault core dumps?

Also, how do I find this out?
Running the program just makes it print Segmentation fault; there is no
backtrace for me to copy.  Maybe I am missing something (where would I find a
core dump for this?).

 Please list any linker warnings you get
 (-Wl,--verbose for gcc or -L--verbose for dmd).

Stock DMD v2.057
64-bit:
chad@Hugin /mnt/bulk/dprojects/helloD2 $ which dmd
/usr/local/share/dcompilers/dmd/linux/bin64/dmd

chad@Hugin /mnt/bulk/dprojects/helloD2 $ cat main.d
import std.stdio;

void main()
{
writefln(hello world!);
}

Without -m32 it isn't able to compile my program:
http://pastebin.com/GqP5JC3z

With -m32 it does, but segfaults:
http://pastebin.com/hd5zEtD2

32-bit dmd:
chad@Hugin /mnt/bulk/dprojects/helloD2 $ which dmd
/usr/local/share/dcompilers/dmd/linux/bin32/dmd

Segfaults:
http://pastebin.com/d7miSKtH

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2011-12-18 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #19 from Chad Joan chadj...@gmail.com 2011-12-18 07:42:42 PST ---
Well, I tried bisecting dmd to find which change caused this.  It didn't work
because this problem does not care which version of dmd I am using, it cares
which RELEASE I am using.

I narrowed it down to the -L--export-dynamic flag in 
$DPATH/linux/bin64/dmd.conf

If I remove that export-dynamic flag AND rebuild druntime/phobos from scratch,
everything is fine.  

Of course, if I remove -L--export-dynamic AND I do NOT rebuild druntime/phobos
from scratch, I get this:
/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3/../../../../x86_64-pc-linux-gnu/bin/ld:
main.o: relocation R_X86_64_32 against `.data' can not be used when making a
shared object; recompile with -fPIC
main.o: could not read symbols: Bad value
collect2: ld returned 1 exit status
--- errorlevel 1

I take it this means that the executable and the library must agree on whether
or not to use -L--export-dynamic.  I guess it makes sense.

By removing -L--export-dynamic and building dmd/druntime/phobos all from git at
v2.057, I was able to get the recent release of dmd to run on my machine
without using a special GCC.

Any chance we can remove -L--export-dynamic or fix it so that it does not do
this?  (I have no idea how to fix it, but removing it is easy enough!)

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2011-10-24 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #16 from Chad Joan chadj...@gmail.com 2011-10-24 01:33:51 PDT ---
I'm afraid it doesn't seem to be working.

It went something like this:

chad@Hugin /mnt/bulk/dprojects/helloD2 $ ls
main.d
chad@Hugin /mnt/bulk/dprojects/helloD2 $ cat main.d
import std.stdio;

void main()
{
writefln(hello world!);
}
chad@Hugin /mnt/bulk/dprojects/helloD2 $ dmd
DMD64 D Compiler v2.056
Copyright (c) 1999-2011 by Digital Mars written by Walter Bright
Documentation: http://www.digitalmars.com/d/2.0/index.html
Usage:
  dmd files.d ... { -switch }

  files.dD source files
  @cmdfile   read arguments from cmdfile
  -c do not link
  -cov   do code coverage analysis
  -D generate documentation
  -Dddocdir  write documentation file to docdir directory
  -Dffilenamewrite documentation file to filename
  -d allow deprecated features
  -debug compile in debug code
  -debug=level   compile in debug code = level
  -debug=ident   compile in debug code identified by ident
  -debuglib=nameset symbolic debug library to name
  -defaultlib=name  set default library to name
  -deps=filename write module dependencies to filename
  -fPIC  generate position independent code
  -g add symbolic debug info
  -gcadd symbolic debug info, pretend to be C
  -gsalways emit stack frame
  -H generate 'header' file
  -Hddirectory   write 'header' file to directory
  -Hffilenamewrite 'header' file to filename
  --help print help
  -Ipath where to look for imports
  -ignoreignore unsupported pragmas
  -inlinedo function inlining
  -Jpath where to look for string imports
  -Llinkerflag   pass linkerflag to link
  -lib   generate library rather than object files
  -man   open web browser on manual page
  -map   generate linker .map file
  -noboundscheck turns off array bounds checking for all functions
  -nofloat   do not emit reference to floating point
  -O optimize
  -o-do not write object file
  -odobjdir  write object  library files to directory objdir
  -offilenamename output file to filename
  -opdo not strip paths from source file
  -profile   profile runtime performance of generated code
  -property  enforce property syntax
  -quiet suppress unnecessary messages
  -release   compile release version
  -run srcfile args...   run resulting program, passing args
  -unittest  compile in unit tests
  -v verbose
  -version=level compile in version code = level
  -version=ident compile in version code identified by ident
  -vtls  list all variables going into thread local storage
  -w enable warnings
  -wienable informational warnings
  -X generate JSON file
  -Xffilenamewrite JSON file to filename
chad@Hugin /mnt/bulk/dprojects/helloD2 $ dmd main.d -ofmain
/usr/lib/gcc/x86_64-pc-linux-gnu/4.4.5/../../../../x86_64-pc-linux-gnu/bin/ld:
main.o: relocation R_X86_64_32 against `.data' can not be used when making a
shared object; recompile with -fPIC
main.o: could not read symbols: Bad value
collect2: ld returned 1 exit status
--- errorlevel 1
chad@Hugin /mnt/bulk/dprojects/helloD2 $ ls
main.d  main.o
chad@Hugin /mnt/bulk/dprojects/helloD2 $ dmd main.d -ofmain -m32
/usr/lib/gcc/x86_64-pc-linux-gnu/4.4.5/../../../../x86_64-pc-linux-gnu/bin/ld:
warning: creating a DT_TEXTREL in object.
chad@Hugin /mnt/bulk/dprojects/helloD2 $ ls
main  main.d  main.o
chad@Hugin /mnt/bulk/dprojects/helloD2 $ main
main: error while loading shared libraries: cannot make segment writable for
relocation: Permission denied
chad@Hugin /mnt/bulk/dprojects/helloD2 $ sudo paxctl -m main
chad@Hugin /mnt/bulk/dprojects/helloD2 $ main
Segmentation fault
chad@Hugin /mnt/bulk/dprojects/helloD2 $ ls
main  main.d  main.o
chad@Hugin /mnt/bulk/dprojects/helloD2 $


(I don't have any other 2.056 D compilers on my system; so the part where I ran
dmd to get the help text should confirm that the correct compiler is in use.)

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2011-10-24 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #17 from Chad Joan chadj...@gmail.com 2011-10-24 01:36:49 PDT ---
Created an attachment (id=1043)
More detailed info of dmd run on hardened gentoo 64-bit.

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2011-10-24 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278



--- Comment #18 from Chad Joan chadj...@gmail.com 2011-10-24 01:37:39 PDT ---
Here is the output of dmd -v for both 32-bit (-m32) and 64-bit runs, just
in-case it helps.

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---

[Issue 5278] gentoo's 'hardended' gcc doesn't work with dmd

2011-10-23 Thread d-bugmail 
http://d.puremagic.com/issues/show_bug.cgi?id=5278


Brad Roberts bra...@puremagic.com changed:

   What|Removed |Added

Summary|DMD generates programs that |gentoo's 'hardended' gcc
   |immediately segfault.   |doesn't work with dmd


--- Comment #15 from Brad Roberts bra...@puremagic.com 2011-10-23 14:47:31 
PDT ---
I recall some changes going in that addressed some hardening issues along the
way.  I don't have a gentoo based system to test this on.  Please try the most
recent beta to see if the problem still exists.

http://ftp.digitalmars.com/dmd2beta.zip

-- 
Configure issuemail: http://d.puremagic.com/issues/userprefs.cgi?tab=email
--- You are receiving this mail because: ---