253737 – www-client/mozilla-firefox-3.0.5 and net-libs/xulrunner-1.9.0.5 have many text relocations

Bug 253737 - www-client/mozilla-firefox-3.0.5 and net-libs/xulrunner-1.9.0.5 have many text relocations

Summary: www-client/mozilla-firefox-3.0.5 and net-libs/xulrunner-1.9.0.5 have many tex...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Hardened (show other bugs)
Hardware:	x86 Linux

Importance:	High normal (vote)
Assignee:	The Gentoo Linux Hardened Team

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2009-01-04 15:56 UTC by René Rhéaume (a.k.a. repzilon, rener)
Modified:	2009-01-21 06:38 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
emerge --info (emerge-info.txt,3.46 KB, text/plain) 2009-01-04 15:56 UTC, René Rhéaume (a.k.a. repzilon, rener)	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description René Rhéaume (a.k.a. repzilon, rener) 2009-01-04 15:56:13 UTC

Were the hardened patches dropped in Firefox 3 ? Firefox 2.0.0.18 (before the upgrade) did not have any text relocations.

Reproducible: Always

Steps to Reproduce:
1. emerge >=www-client/mozilla-firefox-3.0
2. As root (th search everywhere), scanelf -aq -lpR | grep TEXTREL
3. Watch the scanelf output

Actual Results:  
 0755 LE  TEXTREL $ORIGIN:$ORIGIN/..:/usr/lib/nspr   /usr/lib/mozilla-firefox/components/libbrowserdirprovider.so
 0755 LE  TEXTREL $ORIGIN:$ORIGIN/..:/usr/lib/nspr   /usr/lib/mozilla-firefox/components/libbrowsercomps.so
 0755 LE  TEXTREL $ORIGIN   /usr/lib/mozilla-firefox/firefox
 0755 LE  TEXTREL $ORIGIN   /usr/lib/mozilla-firefox/libjemalloc.so
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nspr   /usr/lib/xulrunner-1.9/libmozjs.so
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nspr   /usr/lib/xulrunner-1.9/xulrunner-bin
 0755 LE  TEXTREL $ORIGIN   /usr/lib/xulrunner-1.9/xpidl
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nspr   /usr/lib/xulrunner-1.9/sdk/lib/libmozjs.so
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nss:/usr/lib/nspr   /usr/lib/xulrunner-1.9/sdk/lib/libxul.so
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nspr   /usr/lib/xulrunner-1.9/sdk/lib/libxpcom.so
 0755 LE  TEXTREL $ORIGIN:$ORIGIN/..:/usr/lib/nspr   /usr/lib/xulrunner-1.9/components/libxpctools.so
 0755 LE  TEXTREL $ORIGIN:$ORIGIN/..:/usr/lib/nspr   /usr/lib/xulrunner-1.9/components/libimgicon.so
 0755 LE  TEXTREL $ORIGIN   /usr/lib/xulrunner-1.9/xulrunner-stub
 0755 LE  TEXTREL $ORIGIN   /usr/lib/xulrunner-1.9/libjemalloc.so
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nss:/usr/lib/nspr   /usr/lib/xulrunner-1.9/libxul.so
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nspr   /usr/lib/xulrunner-1.9/plugins/libnullplugin.so
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nspr   /usr/lib/xulrunner-1.9/plugins/libunixprintplugin.so
 0755 LE  TEXTREL $ORIGIN:/usr/lib/nspr   /usr/lib/xulrunner-1.9/libxpcom.so
 0755 LE  TEXTREL $ORIGIN   /usr/lib/xulrunner-1.9/xpt_dump
 0755 LE  TEXTREL $ORIGIN   /usr/lib/xulrunner-1.9/xpt_link


Expected Results:  
No TEXTREL in scanelf output at least. Ideally, no output from scanelf (those annoying RPATHs)

Comment 1 René Rhéaume (a.k.a. repzilon, rener) 2009-01-04 15:56:34 UTC

Created attachment 177355 [details]
emerge --info

Comment 2 Vincent Strubel 2009-01-15 12:52:28 UTC

Same problem here on hardened x86 (gcc 3.4.6).

This seems to be related to the gcc visibility=hidden pragmas (that get included in every file through '-include $(top_srcdir)/config/gcc_hidden.h'. This pragma results in some non-PIC code even when built -fPIC.

Patching configure.in to remove the whole -fvisibility=hidden check (i.e. making sure that HAVE_VISIBILITY_HIDDEN_ATTRIBUTE is not defined, and that no VISIBILITY_FLAGS are passed) before eautoreconf gives me a quick-and-dirty workaround, which builds firefox-3.0.5 without TEXTRELS.

Some quick googling gave me this, which might be related :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=331460

Comment 3 Vincent Strubel 2009-01-19 11:11:58 UTC

Fixed properly by adding "-fno-stack-protector -fno-stack-protector-all" to CXXFLAGS, see bug #253639.

Comment 4 Gordon Malm (RETIRED) gentoo-dev

2009-01-21 06:38:10 UTC

Fixed in cvs, wait an hour and emerge --sync.  Thanks for reporting and testing.