[pkg-fgfs-crew] Bug#837452: Bug#837452: simgear: Please build libSimGearCore.a and libSimGearScene.a with -fPIC

Bálint Réczey balint at balintreczey.hu
Sun Sep 11 22:25:47 UTC 2016 

Hi Markus,

2016-09-11 22:46 GMT+02:00 Markus Wanner <markus at bluegap.ch>:
> Control: tags -1 +moreinfo
>
> On 11.09.2016 20:11, Balint Reczey wrote:
>> During a rebuild of all packages in sid, several packages
>> failed to build on amd64 with patched GCC and dpkg. The root
>> cause seems to be that libSimGearCore.a is shipped as a non-PIC library.
>
> I think that matches the current policy (10.2 Libraries: "therefore the
> static version must not be compiled with the -fPIC flag"). I'm hesitant
> to violate that policy, even if I generally welcome the move to PIE.

The policy is a bit more permissive :-):
---
As to the static libraries, the common case is not to have relocatable
code, since there is no benefit, unless in specific cases; therefore
the static version must not be compiled with the -fPIC flag. Any
exception to this rule should be discussed on the mailing list
debian-devel at lists.debian.org, and the reasons for compiling with the
-fPIC flag must be recorded in the file README.Debian. [86]
---

I have filed a bug to change the Policy:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=837478

Even if the policy is not changed simgear's situation is special in
that regard since it does not provide shared libs, just static ones
thus shipping something with PIC can be done only in the static lib.

In case the policy can't be changed I'll raise all static - PIC issues
on debian-devel in one shot for discussion thus enabling PIC static
libs won't violate it.

>
> Also note that simgear well respects DEB_BUILD_MAINT_OPTIONS via
> dpkg-buildflags. A simgear compiled with DEB_BUILD_MAINT_OPTIONS
> including hardening=+pie will generate a PIE-enabled library. That in
> turn allows compiling fgrun with the same options, leading to a
> PIE-enabled executable.
>
>> The rebuild tested if packages are ready for a transition
>> enabling PIE and bindnow for amd64.
>
> Are you sure this tested against a re-built simgear?

You are absolutely right. I intentionally tested with not rebuilt
build-dependencies to catch such issues.
Rebuilding simgear with modified GCC would make the static library PIC
and this is what is happening in Ubuntu.
OTOH this does not help enabling PIE in fgrun on architectures where
PIE won't be the default and would also violate the policy :-).

Cheers,
Balint

More information about the pkg-fgfs-crew mailing list