Bug 613452

Created attachment 467882 [details]
www-client_firefox-52.0.1_20170321-090648.log

(the attachment promised in the previous post)

Created attachment 467884 [details]
emerge--info_4.9.16-hardened

It doesn't work (all the errors are the same) with all the latest updates, including the hardened kernel.

Same error here, but I doubt it's related to python mmap:

configure:6567: checking for PIE support
configure:6578: [...]x86_64-pc-linux-gnu-gcc -std=gnu99 -o conftest -fno-lifetime-dse -fno-strict-aliasing -fno-math-errno  -Wl,-O1 -Wl,--as-needed -Wl,-rpath=/usr/lib64/firefox,--enable-new-dtags -Wl,-z,relro,-z,now -Wl,-z,noexecstack -Wl,-z,text -pie conftest.c  1>&5
/usr/lib/gcc/x86_64-pc-linux-gnu/5.4.0/../../../../x86_64-pc-linux-gnu/bin/ld: error: /var/tmp/portage/www-client/firefox-52.0.1/temp/xxxxxx.o: requires dynamic R_X86_64_PC32 reloc against '__stack_chk_fail' which may overflow at runtime; recompile with -fPIC
/usr/lib/gcc/x86_64-pc-linux-gnu/5.4.0/../../../../x86_64-pc-linux-gnu/bin/ld: error: read-only segment has dynamic relocations
collect2: error: ld returned 1 exit status

As suggested, I added -fPIC to that check in old-configure and it was able to go past the PIE check to die later in js/src dir with same symptoms.

Wrong number, overlooked Bug 613340 somehow.

GOOD NEWS

I had the same error message, but ran "emerge -e @world" and the problem went away -- firefox-52.0.1 compiled fine when its turn came in the world rebuild.


Background More Detailed Information (might or might not be relevant):

On March 11 I switched from gcc-4.9.4 to gcc-5.4.0-r3 and, per the Wiki directions for changing from gcc 4 to gcc 5, I generated the list of programs using C++ (which included firefox-51.0.1) and emerged them.  Firefox-51.0.1 compiled fine.

I then immediately ran an "emerge -e @system".

On March 20 I attempted to compile firefox-52.0.1 and encountered the subject difficulty with an error message indicating missing PIE support in the linker.

I then ran another "emerge -e @system" followed by an "emerge -e @world".
When the "emerge -e @world" reached firefox-52.0.1 it compiled with no problems indicated.

(I don't believe it would be solved by just emerge -e @system in my case, as per the latter email.)

(In reply to ak from comment #4)
> Wrong number, overlooked Bug 613340 somehow.

Good that you made that mistake! For me, it solved it after I bumped the old (not in portage testing, but i keep portage snapshots in the distfiles/) 51.0.1, and as per:
www-client/firefox-52.0.1: relocation R_X86_64_PC32 against undefined symbol `__stack_chk_fail@@GLIBC_2.4' can not be used when making a shared object; recompile with -fPIC
https://bugs.gentoo.org/show_bug.cgi?id=613340#c6

I added where this line (and the previous backslash) was missing (but I best give it with the context):

diff -u portage-20170227/www-client/firefox/firefox-51.0.1.ebuild  /usr/portage/www-client/firefox/firefox-52.0.1.ebuild
 src_prepare() {
 	# Apply our patches
-	eapply "${WORKDIR}/firefox" \
-		"${FILESDIR}"/fix_hardened_pie_detection.patch
+	eapply "${WORKDIR}/firefox"
 
 	# Enable gnomebreakpad

And... And now firefox-2.0.1 is compiling.

Of course, the relevant lines in configure looked like this:

grep -C3 PIE /var/log/portage/www-client\:firefox-52.0.1-r1\:20170322-114149.log
checking if toolchain supports -mssse3 option... yes
checking if toolchain supports -msse4.1 option... yes
checking for x86 AVX2 asm support in compiler... yes
checking for PIE support... yes

I'll be back only it would not build successfuly.

Regards!

Correct me if I'm wrong, pls. but I think this bug is the duplicate of that other one:
www-client/firefox-52.0.1: relocation R_X86_64_PC32 against undefined symbol `__stack_chk_fail@@GLIBC_2.4' can not be used when making a shared object; recompile with -fPIC
https://bugs.gentoo.org/show_bug.cgi?id=613340
and thus, this bug is resolve as well...

(Pls. do correct me if I'm wrong.)

*** This bug has been marked as a duplicate of bug 613340 ***