On 10/2/20 6:31 AM, Vitaly Zaitsev via devel wrote:
On 01.10.2020 22:48, Jeff Law wrote:
What you want to do to fix this is force -fPIC into the build flags.
That inhibits local symbol resolution and the copy relocs that are so
problematical for QT. You can see examples of how to do this in the
clementine package.
Telegram Desktop already uses -fPIC:
I would suggest looking for any uses of -fPIE when compiling the C/C++
sources. PIE allows local binding for some object acceses (and again,
its local binding of objects that runs afoul of key aspects of the QT
libraries).
The package I've been looking at (nextcloud) has this gem in a couple of
its CMakeLists.txt files:
if(UNIX AND NOT APPLE)
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIE")
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -pie")
endif()
Which means we pass -fPIE when building .o files and thus the flag is
ultimately passed through to LTO compiles which in turn enables the
problematic symbol binding. -fPIC is the right thing for QT
applications given the way the library works. Note that in the case of
nextcloud, I don't think that was a global setting across the entire
package -- it was used in just specific subdirectories and thus didn't
show up in every invocation of the compiler.
Note that compiling the objects with -fPIC still allows creating a PIE
executable via the -pie option at link time. This is critically
important from a security standpoint.
jeff
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
