Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
On Sun, Mar 19, 2023 at 11:47:21PM +, James Addison wrote: > Package: gcc-11 > Followup-For: Bug #1005863 > X-Debbugs-Cc: debian-...@lists.debian.org, debian-rele...@lists.debian.org, > debian-pol...@lists.debian.org > > Hi folks, > > Bug #1005863 describes a gcc-11 behaviour that results in software that exits > ungracefully on Geode LX i686 hardware. Despite self-reporting as i586 > sometimes, Geode LX is in fact an i686 CPU (without physical address > extensions > and multi-instruction noops -- both optional per spec). > > My assessment -- which may be incorrect -- is that something like 20% of > packages in the bookworm i386 suite are susceptible to the bug, so I think > that > installing bookworm on a Geode LX system would present users with a poor > experience of Debian. > > Would it be fair to raise the severity of this bug to a release-critical > level? >From a purely engineering perspective, without a way to address this problem, increasing the severity will not achieve much. Instead this should be documented in the release notes, with any relevant information. However, the fact that the the CPU is 15 year old is not a sufficient rationale to stop supporting it. It is more useful for debian-i386 to focus on CPUs that cannot run debian-amd64 than on CPUs that can. Cheers, -- Bill. Imagine a large red swirl here.
Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
On Mon, 20 Mar 2023 at 07:22, Bastian Blank wrote: > > On Sun, Mar 19, 2023 at 11:47:21PM +, James Addison wrote: > > Would it be fair to raise the severity of this bug to a release-critical > > level? > > No, it would be fair to remove Geode LX from the set of supported > processors. Those are now over 15 years old. Ok, thank you; understood. It looks like this was previously documented[1] for the Debian 9.0 (stretch) release in 2017, and later discussed[2] further. I'll continue following the upstream bug, but I clearly don't fully understand the problem yet. My hope was that we could continue to maintain (in fact, with my updated understanding: restore) support for the affected Geode LX platform. I can accept that that may not be possible. [1] - https://www.debian.org/releases/stretch/i386/release-notes/ch-information.html#i386-is-now-almost-i686 [2] - https://lists.debian.org/debian-user/2019/04/msg01091.html
Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
On Sun, Mar 19, 2023 at 11:47:21PM +, James Addison wrote: > Would it be fair to raise the severity of this bug to a release-critical > level? No, it would be fair to remove Geode LX from the set of supported processors. Those are now over 15 years old. Bastian -- No one wants war. -- Kirk, "Errand of Mercy", stardate 3201.7
Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
Package: gcc-11 Followup-For: Bug #1005863 X-Debbugs-Cc: debian-...@lists.debian.org, debian-rele...@lists.debian.org, debian-pol...@lists.debian.org Hi folks, Bug #1005863 describes a gcc-11 behaviour that results in software that exits ungracefully on Geode LX i686 hardware. Despite self-reporting as i586 sometimes, Geode LX is in fact an i686 CPU (without physical address extensions and multi-instruction noops -- both optional per spec). My assessment -- which may be incorrect -- is that something like 20% of packages in the bookworm i386 suite are susceptible to the bug, so I think that installing bookworm on a Geode LX system would present users with a poor experience of Debian. Would it be fair to raise the severity of this bug to a release-critical level? I understand that toolchains are an important part of the ecosystem and that changes to them -- especially ones that may affect many packages -- should be undertaken with care, and that we are into bookworm's pre-release hard freeze. Thank you, James
Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
Package: gcc-11 Followup-For: Bug #1005863 X-Debbugs-Cc: martin-eric.rac...@iki.fi > So my guess is that approximately 6-7% of i386 packages in bookworm _that > contain binaries or shared libraries_ are susceptible to this bug. ... > It's also a larger number of packages than we could expect individual > maintainers to adjust their buildflags for on any realistic timescale - so > either a Debian-specific patch or upstream fix would be required to continue > to > support Geode LX (in my opinion, and assuming that the script and report are > accurate-enough to be guiding indicators). This reporting was, in fact, too optimistic; the check.sh script had a bug that meant it wasn't inspecting '*.a' files (even though it was including them in the per-package binary/library counts). With this fix in place: -done < <(find "${PACKAGE}" -type f -a -executable -o -name '*.so' -print0) 2>/dev/null; +done < <(find "${PACKAGE}" -type f -a \( -executable -o -name '*.so' -o -name '*.a' \) -print0) 2>/dev/null; ... the report summary at the time-of-writing is: 2467 1639 345 ... and so it seems that the percentage of susceptible packages for arch i386 in bookworm could be closer to 20%.
Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
Package: gcc-11 Followup-For: Bug #1005863 X-Debbugs-Cc: martin-eric.rac...@iki.fi Ok; I should have realised that scanning the entire contents of the i386 bookworm archive for particular opcodes across _all_ files on a single machine seemed to complete surprisingly quickly.. Please find attached an updated check-script (check.sh) that is running currently. It makes some tradeoffs for scanning performance reasons: in particular, it's only inspecting files that have the executable bit set, or that end with the suffix '.so' or '.a'. It seems that it's going to take a while to run to completion on the available hardware here: my estimate would be approximately another two days (48 hours). I'm uncertain whether the script will run to completion uninterrupted, and also it is not written to be easily-resumable, so.. let's at least gather some summary statistics from the output while it's in progress. Please also find attached a reporting script (report.sh) that summarises the total number of packages scanned, the number of packages where at least one file was inspected, and the number of packages where at least one inspected file contained a 'nopl' opcode. The current report.sh output at the time of writing is: 2441 2042 130 So my guess is that approximately 6-7% of i386 packages in bookworm _that contain binaries or shared libraries_ are susceptible to this bug. The opcode may not be encountered at runtime when those packages are used, and analysis of the packages to determine where they sit in Debian's dependency graph would indicate the level of impact on a system, however my initial sense is that this could indeed be a fairly critical issue on Geode LX hardware for Debian bookworm. It's also a larger number of packages than we could expect individual maintainers to adjust their buildflags for on any realistic timescale - so either a Debian-specific patch or upstream fix would be required to continue to support Geode LX (in my opinion, and assuming that the script and report are accurate-enough to be guiding indicators). #!/bin/bash FULLPATH="$1" PACKAGE=$(basename "${FULLPATH}" .deb) dpkg -x "${FULLPATH}" "${PACKAGE}"; echo -n "Checking ${PACKAGE} ... "; find "$PACKAGE" -type f -a \( -executable -o -name '*.so' -o -name '*.a' \) -print | wc -l while IFS= read -r -d '' file; do objdump --architecture=i386 --disassemble-all "$file" | grep -q -w "nopl" && echo "E $file" done < <(find "${PACKAGE}" -type f -a -executable -o -name '*.so' -print0) 2>/dev/null; rm -rf "${PACKAGE}"; #!/bin/bash # total number of packages checked grep "^Checking" affected.txt | wc -l # packages that contained at least one binary/shared-library to inspect grep "^Checking" affected.txt | grep -v " 0$" | wc -l # packages where at least one error was found in a binary/shared-library grep "^Checking" affected.txt -A 1 | grep "^E" | wc -l
Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
Package: gcc-11 Followup-For: Bug #1005863 X-Debbugs-Cc: martin-eric.rac...@iki.fi Control: affects -1 + sudo > That's three potential positives; in total, the check ran on approximately > thirty-two thousand (32340, to be more precise) packages. My apologies: there was a bug in the script to run these checks, and it had not, in fact, run on every one of the 32340 packages -- instead only a sample (of yet-to-be-determined size) were checked. Complete results should follow; initial output appears to show that, in fact, many more than three packages (including a recent 'sudo' package) are indeed affected.
Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
Package: gcc-11 Followup-For: Bug #1005863 X-Debbugs-Cc: martin-eric.rac...@iki.fi Control: affects -1 - sudo net-tools Control: affects -1 + libjavascriptcoregtk-4.0-18 Control: affects -1 + gobjc++-12-x86-64-linux-gnu Control: affects -1 + libfsapfs-dev Dear Maintainer and Martin-Éric, Using a recent (2023-03-19) mirror of i386 packages from 'main' and 'contrib' of bookworm, in combination with an ad-hoc script[1], the following packages currently appear susceptible to this bug: * libjavascriptcoregtk-4.0-18_2.38.5-1_i386 /usr/lib/i386-linux-gnu/libjavascriptcoregtk-4.0.so.18.21.8 * gobjc++-12-x86-64-linux-gnu_12.2.0-14cross1_i386 /usr/lib/gcc-cross/x86_64-linux-gnu/12/cc1objplus * libfsapfs-dev_20201107-1+b3_i386 /usr/lib/i386-linux-gnu/libfsapfs.a That's three potential positives; in total, the check ran on approximately thirty-two thousand (32340, to be more precise) packages. Thanks, James [1] - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033065#22
Bug#1005863: gcc-11: invalid opcode for Geode LX on i386
Package: gcc-11 Version: 11.2.0-16 Severity: important -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Via "Bug#1004894: sudo: [i386] invalid opcode", at the suggestion of the maintainer, I'm opening this bug. Since 1.9.9-1 'sudo' dumps core on a Geode LX host on i386. Attempts to build from source on the Geode LX host itself, to test for possible autotool issues, crashes early during the build. Logs attached. Martin-Éric - -- System Information: Debian Release: bookworm/sid APT prefers testing-debug APT policy: (500, 'testing-debug'), (500, 'stable-security'), (500, 'testing') Architecture: i386 (i586) Kernel: Linux 5.15.0-3-686 (SMP w/1 CPU thread) Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8), LANGUAGE=fi:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gcc-11 depends on: ii binutils 2.38-1 ii cpp-11 11.2.0-16 ii gcc-11-base11.2.0-16 ii libc6 2.33-5 ii libcc1-0 11.2.0-16 ii libgcc-11-dev 11.2.0-16 ii libgcc-s1 11.2.0-16 ii libgmp10 2:6.2.1+dfsg-3 ii libisl23 0.24-2 ii libmpc31.2.1-1 ii libmpfr6 4.1.0-3 ii libstdc++6 11.2.0-16 ii libzstd1 1.4.8+dfsg-3 ii zlib1g 1:1.2.11.dfsg-2 Versions of packages gcc-11 recommends: ii libc6-dev 2.33-5 Versions of packages gcc-11 suggests: pn gcc-11-doc pn gcc-11-locales pn gcc-11-multilib - -- no debconf information -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEEyJACx3qL7GpObXOQrh+Cd8S017YFAmIMu+UACgkQrh+Cd8S0 17ZBMA//Qg31Dc8/ozNURUGQ/RosW+BGVHoLpQdjngUQ5vv50h4VGX/bIdko0s9L VvACLi75VYsmQXyfyGNiKUk9QeHlQoNyf7x2WZ9WF440vMoL09+mgBYkTiA6ZrWR y+m4ljo9UdzwI0gNgOXaLYZzFKX2Nl14DhcU1WhDFwszVa/ju2Kq0KUg8NQR9Pe1 1iJtDIY+ktimRa8fV15W+AgGDRPu9cH4f75sRFI/CTMdbn98zRHyIcD7KvtHLAaJ 5iIdM/cX70PnNetzaX+TXPtWoxQZ4Q7Bc6yqzshvb2RP59Ok1UGwfwPAZ24PFD7E fXgxqWT+2FZW5w6RDyajfqIrUIczDPyaf7UNGiZXocsv9fneCMhMYPG8XRXzvela puajm94NyjY9ozNx2MsOjr+lSpgnhNXnY4g+2OugKVCSIoNy9gzIJTsYnrFG9rys /3FJaC+YZ+clFbtnysi1TWJuJJJiOWN3LLgkMrGFx7AUBQtA0wAxiZBH34jLZ34g 0TTmC+FmxiskKzhVmebyMzA4vaPPQ3rPYKwrRaG436ZnA189pztq17jdW5il8QNT yVJ7QZzaeDHdFpVCJ9zH0xzOkcOn2vZNC3djiI6f1sDXFvT4GGkj5VSEg/YUpaNF jTUxwXMUQdrA+2MnO6/DJBX/ZvkRpEZlihJ3eRv/TPR1Vh/6Z24= =IJ1+ -END PGP SIGNATURE- dpkg-buildpackage -us -uc -ui dpkg-buildpackage: info: source package sudo dpkg-buildpackage: info: source version 1.9.9-1 dpkg-buildpackage: info: source distribution unstable dpkg-buildpackage: info: source changed by Marc Haber dpkg-source --before-build . dpkg-buildpackage: info: host architecture i386 fakeroot debian/rules clean dh clean debian/rules override_dh_auto_clean make[1]: Entering directory '/home/perkelix/sudo-1.9.9' dh_auto_clean --builddirectory build-simple dh_auto_clean --builddirectory build-ldap make[1]: Leaving directory '/home/perkelix/sudo-1.9.9' dh_autoreconf_clean dh_clean dpkg-source -b . dpkg-source: info: using source format '3.0 (quilt)' dpkg-source: info: building sudo using existing ./sudo_1.9.9.orig.tar.gz dpkg-source: info: building sudo using existing ./sudo_1.9.9.orig.tar.gz.asc dpkg-source: info: using patch list from debian/patches/series dpkg-source: warning: ignoring deletion of file configure, use --include-removal to override dpkg-source: warning: ignoring deletion of file aclocal.m4, use --include-removal to override dpkg-source: warning: ignoring deletion of file m4/libtool.m4, use --include-removal to override dpkg-source: warning: ignoring deletion of file scripts/ltmain.sh, use --include-removal to override dpkg-source: info: building sudo in sudo_1.9.9-1.debian.tar.xz dpkg-source: info: building sudo in sudo_1.9.9-1.dsc debian/rules build dh build dh_update_autotools_config dh_autoreconf libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, 'scripts'. libtoolize: copying file 'scripts/ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'm4'. libtoolize: copying file 'm4/libtool.m4' libtoolize: copying file 'm4/ltoptions.m4' libtoolize: copying file 'm4/ltsugar.m4' libtoolize: copying file 'm4/ltversion.m4' libtoolize: copying file 'm4/lt~obsolete.m4' libtoolize: Consider adding '-I m4' to ACLOCAL_AMFLAGS in Makefile.am. debian/rules override_dh_auto_configure make[1]: Entering directory '/home/perkelix/sudo-1.9.9' dh_auto_configure --builddirectory build-simple -- -v --with-all-insults --with-pam --with-pam-login --with-fqdn --with-logging=syslog --with-logfac=authpriv --with-env-editor --with-editor=/usr/bin/editor --with-exampledir=/usr/share/doc/sudo/examples --with-timeout=15 --with-password-timeout=0 --with-passprompt="[sudo] password for %p: " --disable-root-mailer --with-sendmail=/usr/sbin/sendmail --with-rundir=/run/sudo --with-sssd --with-sssd-lib=/usr/lib/i386-linux-gnu --enable-zlib=system --with-selinux --with-linux-audit --enable-tmpfiles.d=yes cd build-simple && ../configure --build=i686-linux-gnu