whitequark[cis] changed the topic of #glasgow to: https://glasgow-embedded.org · digital interface explorer · https://www.crowdsupply.com/1bitsquared/glasgow · code https://github.com/GlasgowEmbedded/glasgow · logs https://libera.irclog.whitequark.org/glasgow · matrix #glasgow-interface-explorer:matrix.org · discord https://1bitsquared.com/pages/chat
GNUmoon has quit [Ping timeout: 260 seconds]
GNUmoon has joined #glasgow
trh has quit [Quit: weg]
trh has joined #glasgow
GNUmoon has quit [Ping timeout: 260 seconds]
GNUmoon has joined #glasgow
jstein has joined #glasgow
GNUmoon has quit [Remote host closed the connection]
GNUmoon has joined #glasgow
jn has quit []
jn has joined #glasgow
jn has quit [Changing host]
jn has joined #glasgow
whitequark[cis] has joined #glasgow
<whitequark[cis]> is anyone here interested in a https://github.com/whitequark/superlinker based distribution of glasgow interface explorer software?
<whitequark[cis]> would mean all you need is ./glasgow.run, not even a working copy of libusb or libc would be necessary
WilfriedKlaebe[m has joined #glasgow
<WilfriedKlaebe[m> I at least am quite happy with the way it works now.
q3k[cis] has joined #glasgow
<q3k[cis]> Catherine: i'd be curious to test it to see if it would actually work in practice on weird distros like NixOS
<q3k[cis]> but I don't really need it
<q3k[cis]> (also if that happens to be the solution to actually portable linux packaging i'll be mad)
<whitequark[cis]> so this isn't the full thing but `PYTHONPATH=py.run ./py.run
<whitequark[cis]> * `PYTHONPATH=py.run ./py.run`
<q3k[cis]> trustmeimadolphin.jpg.exe
<q3k[cis]> lemme spin up a VM real quick
<whitequark[cis]> it's like docker but you don't have to deal with things like docker
<whitequark[cis]> i want to add a way to interpose syscalls like filesystem access, for a fully universal way to make self-contained binaries
<whitequark[cis]> i think all i'd really need for that is intercept open and openat and return a memfd?
<q3k[cis]> i think exec(2) is still a problem
<q3k[cis]> i know some company had a custom syscall to support this exact usecase a while ago
<q3k[cis]> (an execat sort of deal)
<q3k[cis]> but maybe this has been upstreamed
<whitequark[cis]> i'm pretty sure i've seen some libc code or whatever do an exec of /proc/self/fd
<q3k[cis]> ah yeah i guess with memfd this might work
<whitequark[cis]> int r = __syscall(SYS_execveat, fd, "", argv, envp, AT_EMPTY_PATH);
<whitequark[cis]> so we have execveat
<whitequark[cis]> from musl
<q3k[cis]> right, but that's not exactly what i meant
<q3k[cis]> anyway i think you're right that /proc/self/fd with a memfd might work
<whitequark[cis]> oh right execveat is a different thing
<whitequark[cis]> or maybe it's not?
<q3k[cis]> <whitequark[cis]> "py.run" <- works on nixos, my congratulations/condolences
<whitequark[cis]> nice
<q3k[cis]> i should try packaging an llvm/clang distro this way
<q3k[cis]> this might solve my 'god i really need a portable C/C++ toolchain' problem
<whitequark[cis]> right now lldb doesn't work
<whitequark[cis]> because of TLS fuckery
<q3k[cis]> that's fine
<whitequark[cis]> let me see if clang has the same problem
<whitequark[cis]> also if you give me a bit of cash i can make sure it does work
<q3k[cis]> i would give you cash if i had cash
<whitequark[cis]> gotcha
<whitequark[cis]> q3k[cis]: it could also be a multicall binary!
<whitequark[cis]> which is another thing i really want
<q3k[cis]> yeah you'd probably need that, otherwise you'd end up with libLLVM.so in 20 copies in each tool
<q3k[cis]> you're currently embedding musl into this, right?
<whitequark[cis]> llvm actually includes its own multicall binary functionality, but it can't run an internal lld the way it can run internal as
<whitequark[cis]> q3k[cis]: you can. if you give superlinker musl (must be the last argument) then it embeds musl
<q3k[cis]> i don't insist
<q3k[cis]> just curious if glibc is happy to get superlink'd
<q3k[cis]> (i would assume not?)
<q3k[cis]> (because of libnss and friends)
<whitequark[cis]> there are several currently unimplemented relocations
<whitequark[cis]> re: libnss, this isn't a problem i think
<q3k[cis]> won't it blow up at runtime if it attempts to dlopen libnss which has been linked against possibly a different glibc?
<whitequark[cis]> the way it works when you superlink a libc, is that you have two ELF objects resident in the final binary
<whitequark[cis]> you have the dynamic linker (which in case of musl is also the libc) and you have the main object. the main object should, but currently does not, include DT_SONAME for all of the dynamic objects superlinked into it
<whitequark[cis]> so dlopen()ing any of those should just return a handle to the app
<q3k[cis]> ah, i see
<q3k[cis]> isn't the problem with shoving in libnss is that this might bring with it a bunch of crud, no?
<q3k[cis]> like ldap and kerberos clients and whatnot
<q3k[cis]> either that, or you have to not support those and end up with 'incorrect' behaviour on some systems (which is fine, but you know)
<whitequark[cis]> q3k[cis]: it's just disk space. how much can it cost, ten cents per gigabyte?
<q3k[cis]> i'm thinking more about the combinatorial explosion of possible versions and behaviours of these versions
<whitequark[cis]> btw you should check out the way i get python to load extension modules
<q3k[cis]> yeah, i've seen that
<q3k[cis]> i have unfortunately used zipimport before
<whitequark[cis]> it was shockingly easy to get it to just dlopen itself whenever it needed an extension
<q3k[cis]> anyway, this sounds like a great start to actually solving portable binaries on linux
<q3k[cis]> i'm just sorry that you might've cursed yourself into maintaining yet another critical bit of duct tape :P
<whitequark[cis]> hahahahaha (sobs)
<whitequark[cis]> you know, superlinker could also be a way to run nix binaries on non-nix systems
<q3k[cis]> as a translation/interface layer?
<whitequark[cis]> like, nix can give me a closure of the subset of nix store an application uses, right?
<q3k[cis]> ah, sorry, read 'nix' as 'linux' for some readon
<whitequark[cis]> if nix gives me that i can superlink all of the binaries into The Binary and then embed the entire store using the read-only memfd mechanism
<q3k[cis]> yeah, as long as you redirect /nix/store/* accesses it should work
<q3k[cis]> (ie. dlopen and open and exec etc should be all redirected)
<whitequark[cis]> yep
<whitequark[cis]> i think this is by far the funniest way to distribute applications
<whitequark[cis]> forget flatpak, appimage, and snap
<q3k[cis]> also you'll probably have to work around some hacks where people run syscalls directly
<q3k[cis]> (not just in libc)
<whitequark[cis]> oh, it can use syscall user dispatch
<q3k[cis]> Catherine: also you might be able to do the same thing for docker/oci images
<q3k[cis]> probably semi-automatically
<whitequark[cis]> you've heard of unfork, now prepare for undocker
<q3k[cis]> (i have this long running brainworm that makes me want to make a docker compatible stub, call it 'focker' or something)
<q3k[cis]> ('focker' for 'fat docker binary')
<whitequark[cis]> do you wanna collab on this or something
<q3k[cis]> possibly! but you seem to be making fast progress now, and right now i'm super busy with other projects
<q3k[cis]> so i would probably only impede you
<whitequark[cis]> i ask because i have* depression* and it gets much easier if i don't have to stare at binaries all day alone
<whitequark[cis]> * not exactly but close enough for how long the description is
<whitequark[cis]> * i ask because i have* depression* and it gets much easier if i don't have to stare at binaries all day alone
<whitequark[cis]> * not exactly but close enough for how long the description is
<whitequark[cis]> s/*/\*/, s/*/\*/, s/*/\*/
<q3k[cis]> it sounds super interesting, but yeah, i have other things to finish for now :/
<whitequark[cis]> actually thinking more about it, seccomp would do the job better than syscall user dispatch
<q3k[cis]> yes
<whitequark[cis]> do a SECCOMP_RET_USER_NOTIF on open/openat/execve/execveat in the ranges that exclude only the shim itself
<q3k[cis]> an interesting experiment with the codebase right now would be to also slurp in all of mesa/libvk and see if that works
<whitequark[cis]> this relies on either (a) restricting the flexibility to interpose filesystem access to only straightforward things like "detect nix store" or (b) making the shim able to self-relocate
<whitequark[cis]> slurping in mesa will almost certainly break because of TLS
<q3k[cis]> peh
<whitequark[cis]> i mean i should just implement proper TLS handling
<whitequark[cis]> it's not that difficult, it's just finicky and weird
<whitequark[cis]> it's like within an executable image, you have a TLS image with its own address space and relocation rules
<whitequark[cis]> anyway i was looking at clang. so one other thing i currently just don't implement is exception handling
<whitequark[cis]> it's really not that difficult either, it's a table that i need to copy around and relocate. i think
<whitequark[cis]> actually i might be able to get away with just copying several PT_GNU_EH_FRAME into the final binary, i need to look at the libstdc++ unwinder again
<whitequark[cis]> lol. did you know that linux really doesn't like binaries with >60 phdrs?
<whitequark[cis]> wow, adding libclang really causes the emit stage to take a while
<whitequark[cis]> also the resulting binary spends 7.5 seconds (!!) launching
<q3k[cis]> https://github.com/whitequark/superlinker/blob/main/src/parse.rs#L195 i think you're missing translating elf_dynamic_rela from a virtual address into physical file address (via segments/headers)
<whitequark[cis]> this is correct
<q3k[cis]> it tries to index the elf by 0x400660
<whitequark[cis]> all of the DT_* addresses are currently treated as phys==virt and it's not right
<q3k[cis]> ah, ok
<whitequark[cis]> i first hit it with DT_INIT_ARRAY
<whitequark[cis]> and in fact init/fini handling does address translation properly
<whitequark[cis]> so yeah, linking in both libclang and libllvm fails because it can't merge TLS images
<whitequark[cis]> let me try glxgears
<whitequark[cis]> yeah so it instantly segfaults, because mesa is using TLS descriptors
galibert[m] has joined #glasgow
<galibert[m]> Cat, you're doing dark magic, again ?
<whitequark[cis]> again? i never stopped
<galibert[m]> Oh, carry on then
<whitequark[cis]> i really need a working TLS impl
<q3k[cis]> Catherine: is there also an issue where the resulting segments get moved to a virtaddr 0 base?
<q3k[cis]> (i have a test_exec.elf with base of 0x40000 as above, but it seems like merged.elf these get remapped to 0x0)
<whitequark[cis]> q3k[cis]: superlinker assumes that any ELF you feed it is position-independent and so it moves the segments to be sequential starting at roughly 0, with a phys==virt correspondence
<q3k[cis]> hm, so i don't know why the merged elf tries to jump to a higher address
<whitequark[cis]> are you compiling a PIE?
<q3k[cis]> i'm using whatever Makefile in data does
<whitequark[cis]> oh that's fascinating. can you give me the elf
<whitequark[cis]> and also symbolize the backtrace
<whitequark[cis]> (you do that by `cat /proc/<pid>/maps` then telling gdb `file` and then `symbol-file -o <offset> <file>`)
<whitequark[cis]> (and offset is the start address of the non-x mapping you see in the output)
<whitequark[cis]> you know
<q3k[cis]> i'll do that after i have my breakfast
<whitequark[cis]> i should just write a symbolizer that doesn't depend on gdb or something
<whitequark[cis]> the shim could install a SEGV handler that does dl_iterate_phdr to get the relocated addresses of all the constituent libraries and then like return a JSON of it or whatever
<whitequark[cis]> so the merged.elf has a lot of PT_LOAD segments at 400000
<whitequark[cis]> the last four should be musl
<q3k[cis]> yeah but none of the original .elf it seems
<q3k[cis]> well, they do exist, but earlier on, i think
<whitequark[cis]> i'm actually kind of confused about what's going on
<q3k[cis]> it is totally appropriate to blame nix
<q3k[cis]> i'm pretty sure musl/musl-gcc has been fucked with on nix
<whitequark[cis]> i mean if it works any worse than musl's ldso it is a bug
<whitequark[cis]> oh, hm
<whitequark[cis]> so for some reason i actually do track virtual addresses of segments
<whitequark[cis]> y-yeah, this is kind of broken
zerobytesecurity has quit [Quit: Idle timeout reached: 172800s]
<whitequark[cis]> i'm definitely making some unsound assumptions about virtual addresses. i think
<whitequark[cis]> this is very useful to have to test against
funkeleinhorn[m] has quit [Quit: Idle timeout reached: 172800s]
<q3k[cis]> i've got bad news, the generated binaries (before merging) are also segfaulting :/
<q3k[cis]> so it's probably a wild goose chase, sorry
<whitequark[cis]> oh
<whitequark[cis]> that's... huh.
<whitequark[cis]> musl-gcc on nix is broken?
<q3k[cis]> apparently
<q3k[cis]> not unsurprising
<q3k[cis]> * not surprising
<whitequark[cis]> rip
<q3k[cis]> -static helps it
<q3k[cis]> ah, and starting it under musl ldso helps
<whitequark[cis]> oh, does it ... replace PT_INTERP with the nix glibc?
<q3k[cis]> yeah, seems like it
<whitequark[cis]> wtf
<whitequark[cis]> does anyone ever like. use musl-gcc
<whitequark[cis]> i guess if you only use it with -static it would work fine
<whitequark[cis]> cursed
<q3k[cis]> i think in nixpkgs you're expected to use it with some kind of environment wrapper
<q3k[cis]> or derivation wrapper or whatever
<q3k[cis]> while standalone musl-gcc seems bork
<q3k[cis]> https://github.com/NixOS/nixpkgs/issues/94228 that might be related
<q3k[cis]> - musl-gcc -fPIC -fPIE -o $@ $^
<q3k[cis]> + musl-gcc -fPIC -fPIE -Wl,-dynamic-linker,/nix/store/b0yps7aa1kcvdrspna9gakzf8bl1ddzi-musl-1.2.3/lib/ld-musl-x86_64.so.1 -o $@ $^
<q3k[cis]> let's see now
<q3k[cis]> same thing after merging
<q3k[cis]> would you like the 'fixed' files?
<whitequark[cis]> yep
redstarcomrade has joined #glasgow
esden[m] has quit [Quit: Idle timeout reached: 172800s]
wiebel[m] has quit [Quit: Idle timeout reached: 172800s]
redstarcomrade has quit [Read error: Connection reset by peer]
redstarcomrade has joined #glasgow
trh has quit [Ping timeout: 252 seconds]
redstarcomrade has quit [Read error: Connection reset by peer]
<chipb> jfc. this channel buffer has turned into an exorcism in reverse.