Summary: | sci-electronics/quartus-prime-lite-15.1.0.185-r2: RTL simulator fails to launch; 15.1.0.185-r3 has no KEYWORDS | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Brendan Horan <brendan> |
Component: | Current packages | Assignee: | No maintainer - Look at https://wiki.gentoo.org/wiki/Project:Proxy_Maintainers if you want to take care of it <maintainer-needed> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | treecleaner |
Priority: | Normal | Keywords: | PMASKED |
Version: | unspecified | ||
Hardware: | AMD64 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 698100 | ||
Attachments: |
vco patch
vco.patch qenv.sh patch file quartus-prime-lite-15.1.0.185.ebuild quartus-prime-lite-15.1.0.185.ebuild quartus-prime-lite-15.1.0.185.ebuild quartus-prime-lite-15.1.0.185.ebuild quartus-prime-lite-15.1.0.185-r1.ebuild quartus-prime-lite-15.1.0.185-qenv-lib32.patch quartus-prime-lite-15.1.0.185-vso-launcher.patch Manifest metadata.xml metadata.xml Mainfest |
Description
Brendan Horan
2016-02-26 00:18:46 UTC
VSIM has many issues at this point in time. 1) freetype version In Quartus 15.x the VSIM tool depends on some an older freetype version. I have tested the following version : freetype-2.4.12 It uses the following shared object libfreetype.so Newer versions in the portage tree will not work. This also needs to be 32bit libs. (abi_x86_32) 2) x11-libs/libXft The ebuild needs to be modified to pull in "x11-libs/libXft" with "abi_x86_32". As vsim depends on 32bit libs of libxft. 3) vsim launch script This script is hard coded for redhat (officially supported distro) Edit the file "/opt/quartus-lite-15.1.0.185/modelsim_ase/vco" [LINE 206] Will attach patch Created attachment 426574 [details, diff] vco patch Patch for Issue number 3 in comment 1. I have two possible thoughts for issue 1 in comment 1 First and best option (IMO) is to re-introduce an old version of freetype into the tree. Unsure if the freetype people will want to do this or if its even a good idea Second and more "workaround-ish" option is to bundle the shared libs with the Quartus ebuild That would involve three things. 1) edit the ebuild to install the libs 2) create and populate "/opt/quartus-lite-15.1.0.185/modelsim_ase/lib32" 3) edit /opt/quartus-lite-15.1.0.185/quartus/adm/qenv.sh Edit the export LD_LIBRARY_PATH to include the above directory. I have emailed the maintainers of media-libs/freetype asking for feedback on this bug. There are at least three security bugs[1] related to this version. Thus I'd be not very happy about reintroducing a vulnerable freetype version to the tree. Bundling this version with sci-electronics/quartus-prime-lite would also impose these security issues on all users of that software. Is there no chance upstream could release a new version that uses freetype-2.6? [1] bug #504088 bug #532152 bug #539796 OK. Let me contract upstream. Lets see what they say. However I would like a solution if upstream do not "care/whatever". So far the thoughts of bundling the libs is frowned upon. I do agree and understand why. However at the end of the day, its this or a non working app. Let me contact upstream first :) So it seems you need a support contract to email them.... The web forums show quite a few people complaining or asking for help around the freetype issue. Looks like a bundle / warning / mask might be best ? I hope you don't mind me coping this email content k_f :
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 02/26/2016 02:16 PM, Brendan Horan wrote:
> I still feel maybe bundle the libs and have an einfo msg inform the
> user about what has happened and the risks.
>
> Thoughts?
You can do that but the package would have to be masked by no keywords
and present the danger to users in that case. It is really preferred
to avoid bundling in general.
- --
Kristian Fiskerstrand
OpenPGP certificate reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJW0FKOAAoJECULev7WN52FxqMIALngsj0owOA05c9c9bz33U1c
pn6Ja087c5Uy6r6HMlJc1QIkZiTvAAbhFe+Fz8pwN8osLr2oFMRMLpLeuCMPv20C
yXGHZUpt5mdVeih7lJhLWuWPtXnitBeuYWFjAqg2lOXSGselq+ZWhCQGl4EP3FCZ
NPnP7eHV7Vae8SBZRkXzkoC/hYvLEXqXJX+0vXUC8WTFplsngZRuQpqfINvHyOnG
u/meAVmScb8VRis6gyaRoy0pNF27Km9TtIyAbSzvNmO5/G7JrXGvejfOdcMJExsj
lum648q0Msd6iKPXvK6FaiPSC2zAPZebVOkIHLg2idIKg71o4pPyAAGaw3dmhBU=
=K0b2
-----END PGP SIGNATURE-----
> You can do that but the package would have to be masked by no keywords
> and present the danger to users in that case. It is really preferred
So I could do something like this :
KEYWORDS=""
Something like this to warn the user :
ewarn "This ebuild bundles a vulnerable and old freetype library"
I will work on the ebuild changes/ patches to support this and the bundle of the older library too.
Created attachment 427072 [details, diff]
vco.patch
Updated vco patch to address launching vsim from cli
Created attachment 427074 [details, diff]
qenv.sh patch file
Patch file for qenv.sh to allow vsim to be launched from the main quartus gui
Created attachment 427262 [details]
quartus-prime-lite-15.1.0.185.ebuild
This is a package fix update
this fixes issues with vsim been unable to launch.
Created attachment 427264 [details]
quartus-prime-lite-15.1.0.185.ebuild
Created attachment 427266 [details]
quartus-prime-lite-15.1.0.185.ebuild
updated EAPI and a few typo's
Created attachment 427268 [details]
quartus-prime-lite-15.1.0.185.ebuild
fixed one more typo
Run test -- passed. repoman gives the following error : RepoMan scours the neighborhood... KEYWORDS.missing 1 sci-electronics/quartus-prime-lite/quartus-prime-lite-15.1.0.185.ebuild However that is expected as I was asked to remove they keywords. Created attachment 427270 [details]
quartus-prime-lite-15.1.0.185-r1.ebuild
This needs a revbump, has changes on file system.
Created attachment 427288 [details, diff]
quartus-prime-lite-15.1.0.185-qenv-lib32.patch
Created attachment 427290 [details, diff]
quartus-prime-lite-15.1.0.185-vso-launcher.patch
@ K_F, Can you please advise on this bug why removing keywords is the best way vs a package mask. Since this currently causes repoman full to fail. I have done "KEYWORDS=""" inside the ebuild. If this is wrong please advise. RepoMan scours the neighborhood... KEYWORDS.missing 1 sci-electronics/quartus-prime-lite/quartus-prime-lite-15.1.0.185-r1.ebuild digest.missing [fatal] 1 /home/testuser/github/gentoo/sci-electronics/quartus-prime-lite::libfreetype.so.6 ebuild.notadded 1 sci-electronics/quartus-prime-lite/quartus-prime-lite-15.1.0.185-r1.ebuild Note: use --include-dev (-d) to check dependencies for 'dev' profiles Please fix these important QA issues first. (In reply to Brendan Horan from comment #20) > @ K_F, > > Can you please advise on this bug why removing keywords is the best way vs a > package mask. > Fundamentally it would have the same end result, but package.masks are supposed to be temporary in nature. As this case is not temporary it falls in the same category as e.g live ebuilds that also are masked by no keywords. > Since this currently causes repoman full to fail. > I have done "KEYWORDS=""" inside the ebuild. > If this is wrong please advise. Yes, masked by no keywords means an empty string of keywords, not the absence of a keywords variable, so that is correct (In reply to Kristian Fiskerstrand from comment #22) > Fundamentally it would have the same end result, but package.masks are > supposed to be temporary in nature. As this case is not temporary it falls > in the same category as e.g live ebuilds that also are masked by no keywords. Just to add some more context. This is the latest version from upstream. Upstream gives us (free users) no way to contact them with issues. I do not see any evidence of upstream resolving the issue any time soon. Created attachment 427304 [details]
Manifest
Attaching Manifest file.
Created attachment 427306 [details]
metadata.xml
attached metadata.xml, hope its correct.
Created attachment 427308 [details]
metadata.xml
Created attachment 427310 [details]
Mainfest
commit c342db75dbab7154d007baf80f95732fd72512aa Author: Ian Delaney <idella4@gentoo.org> Date: Thu Mar 3 20:57:41 2016 +0800 sci-electronics/quartus-prime-lite: revbump to 15.1.0.185-r1 This fixes the issues with launching vsim Masked via no keywords as we bundle insecure old versions of lib freetype, new entry in SRC_URI to acquire lib file libfreetype.so.6 Gentoo bug: #575684 ...rright. No one else is packaging this. https://repology.org/project/quartus-prime-lite/versions The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a3c42e585a768c056aeb8be0ec7b28f9ab9a3084 commit a3c42e585a768c056aeb8be0ec7b28f9ab9a3084 Author: Jakov Smolić <jsmolic@gentoo.org> AuthorDate: 2021-10-21 09:44:10 +0000 Commit: Jakov Smolić <jsmolic@gentoo.org> CommitDate: 2021-10-21 09:55:26 +0000 package.mask: Last rite sci-electronics/quartus-prime-lite Bug: https://bugs.gentoo.org/575684 Signed-off-by: Jakov Smolić <jsmolic@gentoo.org> profiles/package.mask | 5 +++++ 1 file changed, 5 insertions(+) The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ea44cd388828cd1cc4f0ef1b45b63d58ca325efa commit ea44cd388828cd1cc4f0ef1b45b63d58ca325efa Author: Jakov Smolić <jsmolic@gentoo.org> AuthorDate: 2021-11-19 17:52:43 +0000 Commit: Jakov Smolić <jsmolic@gentoo.org> CommitDate: 2021-11-19 17:52:43 +0000 sci-electronics/quartus-prime-lite: treeclean Closes: https://bugs.gentoo.org/575684 Signed-off-by: Jakov Smolić <jsmolic@gentoo.org> profiles/package.mask | 5 -- sci-electronics/quartus-prime-lite/Manifest | 2 - .../quartus-prime-lite-15.1.0.185-qenv-lib32.patch | 11 ---- ...uartus-prime-lite-15.1.0.185-vso-launcher.patch | 19 ------ sci-electronics/quartus-prime-lite/metadata.xml | 8 --- .../quartus-prime-lite-15.1.0.185-r2.ebuild | 48 -------------- .../quartus-prime-lite-15.1.0.185-r3.ebuild | 76 ---------------------- 7 files changed, 169 deletions(-) |