On 13 May 2016 14:04, Manuel Bachmann wrote:
> I am building a C++ project [1] with libtool ; this project contains a
> shared library.
> 
> Since recently, and as I am building with the Yocto project, I am
> required to build with GCC security enforcement options ([2], see
> SECURITY_FLAGS line).
> It basically adds the following flags in CFLAGS and CXXFLAGS : "-pie -fpie"
> 
> This makes the build break on x86_64 with the following message (ARM
> has a similar one) :
> 
> /usr/lib64/libc_nonshared.a(elf-init.oS): In function `__libc_csu_init':
> (.text+0x14): undefined reference to `__init_array_start'
> /bin/ld: /usr/lib64/libc_nonshared.a(elf-init.oS): relocation
> R_X86_64_PC32 against undefined hidden symbol `__init_array_start' can
> not be used when making a shared object
> 
> Removing the "-pie" flag, alone, makes the build succeed.
> 
> I was told that "-pie" flag is reserved for executables, not shared
> libraries or modules. But build logs [3] show that libtool is
> propagating both "-pie -fpie" flags in all steps, but the final linker
> step.
> Is this a libtool bug, not removing "-pie" in this case ? Or should we
> not include "-pie" in our CFLAGS in the first place ?

currently, i'd say it's a bug in your build to add -pie/-fPIE when trying
to produce shared libs.

however, i think it's worthwhile to expand libtool to produce PIE objects
like it does with PIC/non-PIC.  then it should be able to gather inputs
correctly to produce shared libs (PIC/non-PIE) the same time as programs
(PIE).  whether that'll happen any time soon though ... :)
-mike