Bug#581240: marked as done ([gdc-4.3] Calculation of MD5 sums seriously broken)
Your message dated Mon, 24 May 2010 09:36:04 + with message-id e1ogu4q-0006et...@ries.debian.org and subject line Bug#581240: fixed in gdc-4.3 1:1.046-4.3.5-1 has caused the Debian Bug report #581240, regarding [gdc-4.3] Calculation of MD5 sums seriously broken to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 581240: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581240 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: gdc-4.3 Version: 1:1.046-4.3.4-5 Severity: serious The MD5-sums calculated by std.md5 are seriously broken - they're not only wrong, they're different on each run.. gdc-4.1 and the closed-source dmd do *not* have this bug. Because md5.d in the gdc-4.1 and gdc-4.3 package sources are identical I file this as a bug in the compiler, not libphobos. I consider this a serious bug because it makes std.md5 unusable and probably affects other code as well (why should it only break the MD5 code). I attached a simple testcase to demonstrate this bug. When it's build with gdc-4.1 I get the following output: 900150983CD24FB0D6963F7D28E17F72, when it's built with gdc-4.3 I get: 9BB8D85B9EC69BAAE48AFD6DC642C4B7 Error: AssertError Failure md5test.d(8) or 73295B9A9D13003D9E6065260759FBD4 Error: AssertError Failure md5test.d(8) ... (a different sum on each run). Cheers, - Daniel --- System information. --- Architecture: i386 Kernel: Linux 2.6.32-3-686 Debian Release: squeeze/sid 500 testing security.debian.org 500 testing ftp.de.debian.org --- Package information. --- Depends (Version) | Installed =-+- gcc-4.3-base (= 4.3.4-1) | 4.3.4-10 g++-4.3 (= 4.3.4-1) | 4.3.4-10 libphobos-4.3-dev (= 1:1.046-4.3.4-5) | 1:1.046-4.3.4-5 libc6(= 2.3) | 2.10.2-6 libgcc1 (= 1:4.1.1) | 1:4.4.2-9 libgmp3c2 | 2:4.3.2+dfsg-1 libmpfr1ldbl | 2.4.2-3 libstdc++6 (= 4.1.1) | 4.4.2-9 Package's Recommends field is empty. Package's Suggests field is empty. import std.md5; import std.stdio; void main(){ // testcase from md5.d unittests ubyte[16] digest; sum (digest, abc); writefln(digestToString(digest)); assert(digest == cast(ubyte[])x900150983cd24fb0d6963f7d28e17f72); } ---End Message--- ---BeginMessage--- Source: gdc-4.3 Source-Version: 1:1.046-4.3.5-1 We believe that the bug you reported is fixed in the latest version of gdc-4.3, which is due to be installed in the Debian FTP archive: gdc-4.3_1.046-4.3.5-1.diff.gz to main/g/gdc-4.3/gdc-4.3_1.046-4.3.5-1.diff.gz gdc-4.3_1.046-4.3.5-1.dsc to main/g/gdc-4.3/gdc-4.3_1.046-4.3.5-1.dsc gdc-4.3_1.046-4.3.5-1_amd64.deb to main/g/gdc-4.3/gdc-4.3_1.046-4.3.5-1_amd64.deb gdc-4.3_1.046-4.3.5.orig.tar.gz to main/g/gdc-4.3/gdc-4.3_1.046-4.3.5.orig.tar.gz libphobos-4.3-dev_1.046-4.3.5-1_amd64.deb to main/g/gdc-4.3/libphobos-4.3-dev_1.046-4.3.5-1_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 581...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Matthias Klose d...@debian.org (supplier of updated gdc-4.3 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Sun, 23 May 2010 09:50:27 +0200 Source: gdc-4.3 Binary: gdc-4.3 libphobos-4.3-dev Architecture: source amd64 Version: 1:1.046-4.3.5-1 Distribution: unstable Urgency: low Maintainer: Debian GCC Maintainers debian-...@lists.debian.org Changed-By: Matthias Klose d...@debian.org Description: gdc-4.3- The D compiler libphobos-4.3-dev - The phobos D standard library Closes: 581240 581698 Changes: gdc-4.3 (1:1.046-4.3.5-1) unstable; urgency=low . * Based on GCC-4.3.5. . [ Iain Buclaw ] * Fix some wrong-code bugs. Closes: #581240, #581698. Checksums-Sha1: 5cb0edcbeed0fd764d8f046dada5d2c8e6b17f04 2251 gdc-4.3_1.046-4.3.5-1.dsc 831aa5339059f1f72b007229d8e9aba87de485d4 2972925 gdc-4.3_1.046-4.3.5.orig.tar.gz 3ff5ef52e8e083a98acbaeb09383110bbfe0e61e 642771 gdc-4.3_1.046-4.3.5-1.diff.gz a4c5ccc151cbf1139a07734d5c5f7374a74fd34c 3769672
Bug#581240: marked as done ([gdc-4.3] Calculation of MD5 sums seriously broken)
Your message dated Sun, 23 May 2010 11:02:49 + with message-id e1og8xf-6i...@ries.debian.org and subject line Bug#581240: fixed in gcc-4.3 4.3.5-1 has caused the Debian Bug report #581240, regarding [gdc-4.3] Calculation of MD5 sums seriously broken to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 581240: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581240 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: gdc-4.3 Version: 1:1.046-4.3.4-5 Severity: serious The MD5-sums calculated by std.md5 are seriously broken - they're not only wrong, they're different on each run.. gdc-4.1 and the closed-source dmd do *not* have this bug. Because md5.d in the gdc-4.1 and gdc-4.3 package sources are identical I file this as a bug in the compiler, not libphobos. I consider this a serious bug because it makes std.md5 unusable and probably affects other code as well (why should it only break the MD5 code). I attached a simple testcase to demonstrate this bug. When it's build with gdc-4.1 I get the following output: 900150983CD24FB0D6963F7D28E17F72, when it's built with gdc-4.3 I get: 9BB8D85B9EC69BAAE48AFD6DC642C4B7 Error: AssertError Failure md5test.d(8) or 73295B9A9D13003D9E6065260759FBD4 Error: AssertError Failure md5test.d(8) ... (a different sum on each run). Cheers, - Daniel --- System information. --- Architecture: i386 Kernel: Linux 2.6.32-3-686 Debian Release: squeeze/sid 500 testing security.debian.org 500 testing ftp.de.debian.org --- Package information. --- Depends (Version) | Installed =-+- gcc-4.3-base (= 4.3.4-1) | 4.3.4-10 g++-4.3 (= 4.3.4-1) | 4.3.4-10 libphobos-4.3-dev (= 1:1.046-4.3.4-5) | 1:1.046-4.3.4-5 libc6(= 2.3) | 2.10.2-6 libgcc1 (= 1:4.1.1) | 1:4.4.2-9 libgmp3c2 | 2:4.3.2+dfsg-1 libmpfr1ldbl | 2.4.2-3 libstdc++6 (= 4.1.1) | 4.4.2-9 Package's Recommends field is empty. Package's Suggests field is empty. import std.md5; import std.stdio; void main(){ // testcase from md5.d unittests ubyte[16] digest; sum (digest, abc); writefln(digestToString(digest)); assert(digest == cast(ubyte[])x900150983cd24fb0d6963f7d28e17f72); } ---End Message--- ---BeginMessage--- Source: gcc-4.3 Source-Version: 4.3.5-1 We believe that the bug you reported is fixed in the latest version of gcc-4.3, which is due to be installed in the Debian FTP archive: cpp-4.3_4.3.5-1_amd64.deb to main/g/gcc-4.3/cpp-4.3_4.3.5-1_amd64.deb g++-4.3-multilib_4.3.5-1_amd64.deb to main/g/gcc-4.3/g++-4.3-multilib_4.3.5-1_amd64.deb g++-4.3_4.3.5-1_amd64.deb to main/g/gcc-4.3/g++-4.3_4.3.5-1_amd64.deb gcc-4.3-base_4.3.5-1_amd64.deb to main/g/gcc-4.3/gcc-4.3-base_4.3.5-1_amd64.deb gcc-4.3-locales_4.3.5-1_all.deb to main/g/gcc-4.3/gcc-4.3-locales_4.3.5-1_all.deb gcc-4.3-multilib_4.3.5-1_amd64.deb to main/g/gcc-4.3/gcc-4.3-multilib_4.3.5-1_amd64.deb gcc-4.3-source_4.3.5-1_all.deb to main/g/gcc-4.3/gcc-4.3-source_4.3.5-1_all.deb gcc-4.3_4.3.5-1.diff.gz to main/g/gcc-4.3/gcc-4.3_4.3.5-1.diff.gz gcc-4.3_4.3.5-1.dsc to main/g/gcc-4.3/gcc-4.3_4.3.5-1.dsc gcc-4.3_4.3.5-1_amd64.deb to main/g/gcc-4.3/gcc-4.3_4.3.5-1_amd64.deb gcc-4.3_4.3.5.orig.tar.gz to main/g/gcc-4.3/gcc-4.3_4.3.5.orig.tar.gz gfortran-4.3-multilib_4.3.5-1_amd64.deb to main/g/gcc-4.3/gfortran-4.3-multilib_4.3.5-1_amd64.deb gfortran-4.3_4.3.5-1_amd64.deb to main/g/gcc-4.3/gfortran-4.3_4.3.5-1_amd64.deb gobjc++-4.3-multilib_4.3.5-1_amd64.deb to main/g/gcc-4.3/gobjc++-4.3-multilib_4.3.5-1_amd64.deb gobjc++-4.3_4.3.5-1_amd64.deb to main/g/gcc-4.3/gobjc++-4.3_4.3.5-1_amd64.deb gobjc-4.3-multilib_4.3.5-1_amd64.deb to main/g/gcc-4.3/gobjc-4.3-multilib_4.3.5-1_amd64.deb gobjc-4.3_4.3.5-1_amd64.deb to main/g/gcc-4.3/gobjc-4.3_4.3.5-1_amd64.deb lib32stdc++6-4.3-dbg_4.3.5-1_amd64.deb to main/g/gcc-4.3/lib32stdc++6-4.3-dbg_4.3.5-1_amd64.deb libmudflap0-4.3-dev_4.3.5-1_amd64.deb to main/g/gcc-4.3/libmudflap0-4.3-dev_4.3.5-1_amd64.deb libstdc++6-4.3-dbg_4.3.5-1_amd64.deb to main/g/gcc-4.3/libstdc++6-4.3-dbg_4.3.5-1_amd64.deb libstdc++6-4.3-dev_4.3.5-1_amd64.deb to main/g/gcc-4.3/libstdc++6-4.3-dev_4.3.5-1_amd64.deb libstdc++6-4.3-doc_4.3.5-1_all.deb to main/g/gcc-4.3/libstdc++6-4.3-doc_4.3.5-1_all.deb libstdc++6-4.3-pic_4.3.5-1_amd64.deb to main/g/gcc-4.3/libstdc++6-4.3-pic_4.3.5-1_amd64.deb A summary of the changes between