Public bug reported: This problem was first observed in Ubuntu 19.10 (Eoan) but persists in the current Focal development. The results are the same for the old Xen version (4.9.2) and the fresh 4.11 merge. As a test I took the xen- hypervisor binary from Debian Sid (which has been compiled with gcc-9 as well) and that succeeds in booting Xen (libraries and dom0 kernel are Ubuntu Focal).
There seems to be one major difference between build environments. The Xen hypervisor build is done with an external retpoline mitigation: # Compile with thunk-extern, indirect-branch-register if avaiable. ifneq ($(call cc-option,$(CC),-mindirect-branch-register,n),n) CFLAGS += -mindirect-branch=thunk-extern -mindirect-branch-register CFLAGS += -DCONFIG_INDIRECT_THUNK export CONFIG_INDIRECT_THUNK=y endif The use of -mindirect-branch is incompatible with -fcf-protection. To be able to build the hypervisor in Ubuntu, I have to add the following modifications to the make file: --- xen.orig/xen/arch/x86/Rules.mk +++ xen/xen/arch/x86/Rules.mk @@ -42,6 +42,10 @@ endif # Compile with thunk-extern, indirect-branch-register if avaiable. ifneq ($(call cc-option,$(CC),-mindirect-branch-register,n),n) +ifneq ($(call cc-option,$(CC),-fcf-protection,n),n) +CFLAGS += -fcf-protection=none +CXXFLAGS += -fcf-protection=none +endif CFLAGS += -mindirect-branch=thunk-extern -mindirect-branch-register CFLAGS += -DCONFIG_INDIRECT_THUNK export CONFIG_INDIRECT_THUNK=y I am wondering whether -fcf-protection=none is only partially effective and causes the binary to be unbootable (basically it causes an immediate reset when started). ** Affects: gcc-9 (Ubuntu) Importance: High Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1863260 Title: gcc-9 in Ubuntu generate unbootable xen hypervisor To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gcc-9/+bug/1863260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs