Re: Disabling -pie when linking?

Tue, 12 Feb 2013 03:00:43 -0800 

Hi!

On Mon, 11 Feb 2013 05:08:54 +0100, Samuel Thibault <samuel.thiba...@gnu.org> 
wrote:
> Samuel Thibault, le Mon 11 Feb 2013 03:06:59 +0100, a écrit :
> > Svante Signell, le Sun 20 Jan 2013 18:18:16 +0100, a écrit :
> > > A recent problem popping up is that executables using the -pie flag when
> > > linking segfaults when starting up. Examples are mktable in w3m
> > 
> > I've had a look, and suspect that it's the heuristics that libgc uses
> > which become bogus under PIE. We can probably fix it.
> > 
> > > and elinks (causing aptitude build to fail).
> > 
> > Is probably a similar problem (due to perl or such).
> 
> It's indeed the same issue: sbrk() was simply not working at all with
> PIE binaries.  I've pushed a fix to tg and debian.

Good catch!

| In PIE mode, the program gets loaded at very low address, and thus _end is 
very
| low, just before libraries, and thus initializing the brk to it does not make
| sense, since there is no room left there. Hardcode the brk to 0x800000 for now
| as a workaround.

(Typo: 0x800000[0].)

--- a/sysdeps/mach/hurd/brk.c
+++ b/sysdeps/mach/hurd/brk.c
@@ -143,8 +143,12 @@ init_brk (void)
   /* If _hurd_brk is already set, don't change it.  The assumption is that
      it was set in a previous run before something like Emacs's unexec was
      called and dumped all the data up to the break at that point.  */
-  if (_hurd_brk == 0)
+  if (_hurd_brk == 0) {
     _hurd_brk = (vm_address_t) &_end;
+    if (_hurd_brk < 0x8000000)
+      /* XXX: PIE case, get out of library area */
+      _hurd_brk = 0x8000000;
+  }
 
   pagend = round_page (_hurd_brk);
 

Confirming the functionality of your hack; the idea is now to figure out how to 
sensibly initialize
_hurd_brk in the PIE case.

What the Linux kernel is doing, at least the 3.2 kernel on x86 that I've
been testing on, is putting the "beginning of the program break" in the
512 MiB area, 0x2xxxxxxx.  I have not yet figured out why exactly this
region.  As I understand it, that would be mm->start_brk, initialized in
fs/binfmt_elf.c:set_brk, called from a few places.  Will continue to
track this down unless you already know.


When adding a test case to glibc, I noticed your hack doesn't play nicely
with setrlimit as used by test-skeleton.c, so that may need some
follow-up tweaking, too.


And then, I found GDB also doesn't like PIE binaries...  ;-)


Grüße,
 Thomas

Attachment: pgpp470SMR3t1.pgp
Description: PGP signature

Reply via email to