939874 – sys-devel/gcc-13.3.1_p20240614 - emerge fails: -fcf-protection not compatible with target

Bug 939874 - sys-devel/gcc-13.3.1_p20240614 - emerge fails: -fcf-protection not compatible with target

Summary: sys-devel/gcc-13.3.1_p20240614 - emerge fails: -fcf-protection not compatible...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	x86 Linux

Importance:	Normal normal
Assignee:	Gentoo Toolchain Maintainers

URL:
Whiteboard:
Keywords:	PullRequest

Depends on:
Blocks:

Reported:	2024-09-19 22:08 UTC by Volker Ernst
Modified:	2024-10-01 06:59 UTC (History)
CC List:	0 users

See Also:	916381 https://github.com/gentoo/gentoo/pull/38830
Package list:
Runtime testing required:	---

Attachments
Build log for failed gcc emerge (build.log.xz,111.29 KB, application/x-xz) 2024-09-19 22:08 UTC, Volker Ernst	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Volker Ernst 2024-09-19 22:08:08 UTC

Created attachment 903397 [details]
Build log for failed gcc emerge

Portage 3.0.61 (python 3.11.8-final-0, default/linux/x86/17.0, gcc-13, glibc-2.38-r10, 6.6.13-gentoo i686)
=================================================================
System uname: Linux-6.6.13-gentoo-i686-Intel-R-_Celeron-R-_CPU_2.60GHz-with-glibc2.38
KiB Mem:     1014720 total,    768388 free
KiB Swap:    4193364 total,   4188552 free
Timestamp of repository gentoo: Wed, 18 Sep 2024 00:45:00 +0000
Head commit of repository gentoo: faf508962a593b0dfdc48d60ec4ebdd0d02d4f3b
sh bash 5.2_p26-r6
ld GNU ld (Gentoo 2.40 p7) 2.40.0
app-misc/pax-utils:        1.3.7::gentoo
app-shells/bash:           5.2_p26-r6::gentoo
dev-build/autoconf:        2.71-r7::gentoo
dev-build/automake:        1.16.5-r2::gentoo
dev-build/cmake:           3.27.9::gentoo
dev-build/libtool:         2.4.7-r4::gentoo
dev-build/make:            4.4.1-r1::gentoo
dev-build/meson:           1.3.1-r1::gentoo
dev-lang/perl:             5.38.2-r1::gentoo
dev-lang/python:           3.11.8_p1::gentoo, 3.12.2_p1::gentoo
sys-apps/baselayout:       2.15::gentoo
sys-apps/openrc:           0.54.2::gentoo
sys-apps/sandbox:          2.39::gentoo
sys-devel/binutils:        2.40-r9::gentoo, 2.42-r1::gentoo
sys-devel/binutils-config: 5.5::gentoo
sys-devel/gcc:             13.2.1_p20240113-r1::gentoo
sys-devel/gcc-config:      2.11::gentoo
sys-kernel/linux-headers:  6.6-r1::gentoo (virtual/os-headers)
sys-libs/glibc:            2.38-r10::gentoo
Repositories:

gentoo
    location: /var/db/repos/gentoo
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    volatile: False
    sync-rsync-verify-max-age: 24
    sync-rsync-extra-opts: 
    sync-rsync-verify-jobs: 1
    sync-rsync-verify-metamanifest: yes

Binary Repositories:

gentoobinhost
    priority: 1
    sync-uri: https://gentoo.osuosl.org/releases/x86/binpackages/17.0/i686

ACCEPT_KEYWORDS="x86"
ACCEPT_LICENSE="@BINARY-REDISTRIBUTABLE"
CBUILD="i486-pc-linux-gnu"
CFLAGS="-march=pentium4m -O2 -fomit-frame-pointer -pipe"
CHOST="i486-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=pentium4m -O2 -fomit-frame-pointer -pipe"
DISTDIR="/var/cache/distfiles"
EMERGE_DEFAULT_OPTS=" --jobs=1 --load-average=1"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GDK_PIXBUF_MODULE_FILE GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR XDG_STATE_HOME"
FCFLAGS="-march=pentium4m -O2 -fomit-frame-pointer -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs binpkg-multi-instance buildpkg-live config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox pkgdir-index-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-march=pentium4m -O2 -fomit-frame-pointer -pipe"
GENTOO_MIRRORS="http://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo rsync://ftp.wh2.tu-dresden.de/gentoo https://ftp.uni-hannover.de/gentoo/ http://ftp.uni-hannover.de/gentoo/ ftp://ftp.uni-hannover.de/gentoo/ https://ftp.halifax.rwth-aachen.de/gentoo/ http://ftp.halifax.rwth-aachen.de/gentoo/ ftp://ftp.halifax.rwth-aachen.de/gentoo/ rsync://ftp.halifax.rwth-aachen.de/gentoo/"
LANG="de_DE.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LEX="flex"
MAKEOPTS="-j1"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
SHELL="/bin/bash"
USE="acl bzip2 cdda cdr cli crypt css dvd dvdr gdbm iconv libtirpc man ncurses nls openmp pam pcre readline seccomp split-usr ssl test-rust unicode usb x86 xattr zip zlib" ABI_X86="32" ADA_TARGET="gcc_12" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 ntrip navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox" GUILE_SINGLE_TARGET="3-0" GUILE_TARGETS="3-0" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php8-2" POSTGRES_TARGETS="postgres15" PYTHON_SINGLE_TARGET="python3_12" PYTHON_TARGETS="python3_12" RUBY_TARGETS="ruby31 ruby32" VIDEO_CARDS="amdgpu fbdev intel nouveau radeon radeonsi vesa dummy" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account"
Unset:  ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LFLAGS, LIBTOOL, LINGUAS, MAKE, MAKEFLAGS, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PYTHONPATH, RANLIB, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS

Comment 1 Sam James archtester

2024-09-19 22:31:38 UTC

> [32m * [39;49;00mUSE:        abi_x86_32 cxx elibc_glibc kernel_linux nls openmp pie sanitize ssp x86

OK, so that's fine.

But -fcf-protection appears later... why?

Comment 2 Sam James archtester

2024-09-19 22:34:05 UTC

> checking for CET support... yes

AC_DEFUN([GCC_CET_HOST_FLAGS],[dnl
GCC_ENABLE(cet, auto, ,[enable Intel CET in host libraries],
           permit yes|no|auto)
AC_MSG_CHECKING([for CET support])
[...]
case "$host" in
  i[[34567]]86-*-linux* | x86_64-*-linux*)
    may_have_cet=yes
    cet_save_CFLAGS="$CFLAGS"
    CFLAGS="$CFLAGS -fcf-protection"
    case "$enable_cet" in
      auto)
        # Check if target supports multi-byte NOPs
        # and if compiler and assembler support CET.
        AC_COMPILE_IFELSE(
         [AC_LANG_PROGRAM(
          [],
          [
[...]

We should really just fix this. We know the kernel isn't going to bother supporting it for 32-bit. It will for x32 but that's all.

Comment 3 Sam James archtester

2024-09-19 22:54:05 UTC

(In reply to Sam James from comment #2)
> > checking for CET support... yes
> 
> AC_DEFUN([GCC_CET_HOST_FLAGS],[dnl
> GCC_ENABLE(cet, auto, ,[enable Intel CET in host libraries],
>            permit yes|no|auto)
> AC_MSG_CHECKING([for CET support])
> [...]
> case "$host" in
>   i[[34567]]86-*-linux* | x86_64-*-linux*)
>     may_have_cet=yes
>     cet_save_CFLAGS="$CFLAGS"
>     CFLAGS="$CFLAGS -fcf-protection"
>     case "$enable_cet" in
>       auto)
>         # Check if target supports multi-byte NOPs
>         # and if compiler and assembler support CET.
>         AC_COMPILE_IFELSE(
>          [AC_LANG_PROGRAM(
>           [],
>           [
> [...]
> 
> We should really just fix this. We know the kernel isn't going to bother
> supporting it for 32-bit. It will for x32 but that's all.

        if in_iuse cet ; then
                [[ ${CTARGET} == x86_64-*-gnu* ]] && confgcc+=( $(use_enable cet) )
                [[ ${CTARGET} == aarch64-*-gnu* ]] && confgcc+=( $(use_enable cet standard-branch-protection) )
        fi

Apparently we don't disable it for the other tuples...

Comment 4 Larry the Git Cow gentoo-dev

2024-09-19 22:57:34 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d56d8f8e35fa4f7b8d65dbd6cd535ad6ac69cc9c

commit d56d8f8e35fa4f7b8d65dbd6cd535ad6ac69cc9c
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2024-09-19 22:55:44 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-09-19 22:57:19 +0000

    toolchain.eclass: disable automagic CET for x86
    
    It's not supported on 32-bit kernels anyway.
    
    This got lost in b6bf005b843e3d6ee10aa1f088d93c4f89055cc6 when wiring
    up arm64.
    
    Bug: https://bugs.gentoo.org/916381
    Closes: https://bugs.gentoo.org/939874
    Fixes: b6bf005b843e3d6ee10aa1f088d93c4f89055cc6
    Signed-off-by: Sam James <sam@gentoo.org>

 eclass/toolchain.eclass | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comment 5 Larry the Git Cow gentoo-dev

2024-10-01 06:59:42 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c52997d9b125de280d75b169b8bc6f3964d5d051

commit c52997d9b125de280d75b169b8bc6f3964d5d051
Author:     Andrei Horodniceanu <a.horodniceanu@proton.me>
AuthorDate: 2024-09-30 16:32:52 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-10-01 06:59:28 +0000

    toolchain.eclass: Try harder to disable cet automagic
    
    On arches that support USE=cet (those being amd64, arm64, and, x86)
    always pass --enable-cet or --disable-cet (or aarch64
    standard-branch-protection equivalent) to prevent any configure automagic
    from happening.
    
    Preserve the same CTARGET logic so only pass --enable-cet if the
    target environment supports it and if `use cet`.
    
    Also fix the regex `i[[34567]]86` as that matches an i, followed by any
    of the digits from 3 to 7 or the [ character, followed by ], followed by
    8, followed by 6. The regex originated in config/cet.m4 which uses []
    for quotes.
    
    The automatic specifically breaks gcc[d] on musl because it prevents the
    code from using an internal assembly implementation for a function and
    deferring to using an implementation that would be provided by
    sys-libs/libucontext which results in undefined symbol errors:
    
    ```
    /usr/lib/gcc/x86_64-pc-linux-musl/11/../../../../x86_64-pc-linux-musl/bin/ld:
    /usr/lib/gcc/x86_64-pc-linux-musl/11/libgphobos.a(fiber.o): in function `_D4core6thread5fiber5Fiber9initStackMFNbNiZv':
    (.text._D4core6thread5fiber5Fiber9initStackMFNbNiZv+0x2e): undefined reference to `getcontext'
    /usr/lib/gcc/x86_64-pc-linux-musl/11/../../../../x86_64-pc-linux-musl/bin/ld: (.text._D4core6thread5fiber5Fiber9initStackMFNbNiZv+0x5f): undefined reference to `makecontext'
    /usr/lib/gcc/x86_64-pc-linux-musl/11/../../../../x86_64-pc-linux-musl/bin/ld: /usr/lib/gcc/x86_64-pc-linux-musl/11/libgphobos.a(fiber.o): in function `_D4core6thread5fiber5Fiber12_staticCtor1FZv':
    (.text._D4core6thread5fiber5Fiber12_staticCtor1FZv+0x1c): undefined reference to `getcontext'
    ```
    
    Bug: https://bugs.gentoo.org/939874
    Closes: https://bugs.gentoo.org/918692
    Signed-off-by: Andrei Horodniceanu <a.horodniceanu@proton.me>
    Closes: https://github.com/gentoo/gentoo/pull/38830
    Signed-off-by: Sam James <sam@gentoo.org>

 eclass/toolchain.eclass | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)