sys-libs/glibc: using -fno-semantic-interposition flag produces broken glibc with _nss_getcanonname_r symbol not found error (system-wide critical)
sys-libs/glibc: using -fno-semantic-interposition flag produces broken glibc with _nss_getcanonname_r symbol not found error (system-wide critical) 1. add -fno-semantic-interposition to CFLAGS 2. add custom-cflags to USE 3. emerge glibc (beware, system become unusable due to broken glibc) after u will get _nss_getcanonname_r symbol not found error
(In reply to n05ph3r42 from comment #1) > sys-libs/glibc: using -fno-semantic-interposition flag produces broken glibc > with _nss_getcanonname_r symbol not found error (system-wide critical) > > 1. add -fno-semantic-interposition to CFLAGS > 2. add custom-cflags to USE > 3. emerge glibc (beware, system become unusable due to broken glibc) > > after u will get _nss_getcanonname_r symbol not found error I have a few points: 1. -fno-semantic-interposition is not the flag you should use system-wide (or at all). It will break dynamic loading of the plugins and other LD_PRELOAD hacks like sandbox. If you do it you get the broken system and keep the pieces. 2. USE=custom-cflags is not a safe USE= flag for glibc. If you enable it it's on you to make sure you pass flags that don't break glibc. Thus it's expected to get the system broken for this setup. I would prefer not to add extra safety checks. You can debug in more detail what symbol is not interposed as expected. Maybe there is a weak symbol declaration missing. Ir it's an intended interposition use. Otherwise I suggest closing the bug as INVALID.
> 1. -fno-semantic-interposition is not the flag you should use system-wide > (or at all). It will break dynamic loading of the plugins and other > LD_PRELOAD hacks like sandbox. If you do it you get the broken system and > keep the pieces. I used it globally for a long time (about a year) w/o any problems, until custom-cflags USE flag returned to glibc (glibc dropped extra flags before) > 2. USE=custom-cflags is not a safe USE= flag for glibc. If you enable it > it's on you to make sure you pass flags that don't break glibc. > > Thus it's expected to get the system broken for this setup. I would prefer > not to add extra safety checks. I expected this. And asked on gentoo channel, should i report it - no answer was given, so i decided to report it. > > You can debug in more detail what symbol is not interposed as expected. > Maybe there is a weak symbol declaration missing. Ir it's an intended > interposition use. > > Otherwise I suggest closing the bug as INVALID. You can do that, i have no time to debug this case, but the reason, why i use this flag - it gives significant performance impact on libraries, in particular it can boost libpython up to 30%. You can google this cases, there is lots nfo about it.
(In reply to n05ph3r42 from comment #1) > sys-libs/glibc: using -fno-semantic-interposition flag produces broken glibc > with _nss_getcanonname_r symbol not found error (system-wide critical) > > 1. add -fno-semantic-interposition to CFLAGS > 2. add custom-cflags to USE > 3. emerge glibc (beware, system become unusable due to broken glibc) with USE=custom-cflags you're on your own, that switches off all the safeties.
(In reply to n05ph3r42 from comment #3) > > 1. -fno-semantic-interposition is not the flag you should use system-wide > > (or at all). It will break dynamic loading of the plugins and other > > LD_PRELOAD hacks like sandbox. If you do it you get the broken system and > > keep the pieces. > slyfox is exactly right here. It makes sense *in some cases*. > > You can debug in more detail what symbol is not interposed as expected. > > Maybe there is a weak symbol declaration missing. Ir it's an intended > > interposition use. > > > > Otherwise I suggest closing the bug as INVALID. > > You can do that, i have no time to debug this case, but the reason, why i > use this flag - it gives significant performance impact on libraries, in > particular it can boost libpython up to 30%. You can google this cases, > there is lots nfo about it. It does for Python, yep. That doesn't mean it makes sense *everywhere*.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=527762d587507d168575f7d32440dbfade4134ad commit 527762d587507d168575f7d32440dbfade4134ad Author: Sam James <sam@gentoo.org> AuthorDate: 2024-07-28 03:34:08 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-07-28 03:34:08 +0000 sys-libs/glibc: filter -fno-semantic-interposition It makes no sense for glibc itself and will break e.g. NSS. Bug: https://bugs.gentoo.org/798774 Signed-off-by: Sam James <sam@gentoo.org> sys-libs/glibc/glibc-2.39-r9.ebuild | 3 +++ sys-libs/glibc/glibc-2.40.ebuild | 3 +++ sys-libs/glibc/glibc-9999.ebuild | 3 +++ 3 files changed, 9 insertions(+)
