aespipe failed to build from source in Fedora rawhide/f34 https://koji.fedoraproject.org/koji/taskinfo?taskID=60908590 For details on the mass rebuild see: https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Please fix aespipe at your earliest convenience and set the bug's status to ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks, aespipe will be orphaned. Before branching of Fedora 35, aespipe will be retired, if it still fails to build. For more details on the FTBFS policy, please visit: https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails_to_install/
Created attachment 1753157 [details] build.log
Created attachment 1753158 [details] root.log file root.log too big, will only attach last 32768 bytes
Created attachment 1753159 [details] state.log
This bug appears to have been reported against 'rawhide' during the Fedora 34 development cycle. Changing version to 34.
Dear Maintainer, your package has an open Fails To Build From Source bug for Fedora 34. Action is required from you. If you can fix your package to build, perform a build in koji, and either create an update in bodhi, or close this bug without creating an update, if updating is not appropriate [1]. If you are working on a fix, set the status to ASSIGNED to acknowledge this. If you have already fixed this issue, please close this Bugzilla report. Following the policy for such packages [2], your package will be orphaned if this bug remains in NEW state more than 8 weeks (not sooner than 2021-03-29). A week before the mass branching of Fedora 35 according to the schedule [3], any packages not successfully rebuilt at least on Fedora 33 will be retired regardless of the status of this bug. [1] https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ [2] https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails_to_install/ [3] https://fedorapeople.org/groups/schedule/f-35/f-35-key-tasks.html
This message is a reminder that Fedora Linux 34 is nearing its end of life. Fedora will stop maintaining and issuing updates for Fedora Linux 34 on 2022-06-07. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a 'version' of '34'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, change the 'version' to a later Fedora Linux version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora Linux 34 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora Linux, you are encouraged to change the 'version' to a later version prior to this bug being closed.
Fedora Linux 34 entered end-of-life (EOL) status on 2022-06-07. Fedora Linux 34 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. Thank you for reporting this bug and we are sorry it could not be fixed.
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 365 days
The build process got broken because of GCC bug. when compiling aespipe from sources (https://loop-aes.sourceforge.net/aespipe/), GCC produces a wrong binary that generates the wrong cipher text when encrypting known text. This happens with these two compilation flags used TOGETHER: CFLAGS="-O2 -flto=auto" Interstingly, i686 and x86_64 arches are NOT AFFECTED. Only these arches are known to be affected: armv7hl aarch64 ppc64le s390x The problem was first spotted when compiling aespipe package for Fedora-34: https://koji.fedoraproject.org/koji/taskinfo?taskID=62266480 On Fedora-33, the package has compiled without problems. gcc v10 is known as the last working version gcc v11 is known as the first broken version The issue persists when compiling aespipe for Fedora rawhide with GCC v13. WORKAROUND is to use CFLAGS="-O1 -flto=auto" or CFLAGS="-O0 -flto=auto" or omit -flto=auto: CFLAGS="-O2" Reproducer: wget https://loop-aes.sourceforge.net/aespipe/aespipe-v2.4f.tar.bz2 tar xvf aespipe-v2.4f.tar.bz2 cd aespipe-v2.4f make clean; ./configure CFLAGS="-O2 -flto=auto"; make; make tests When binary is correct (expected output): *** Test results ok *** aespipe was compiled correctly and has generated the desired output when encrypting and decrypting messages. When the binary is wrong (reproducing the issue): make[1]: Entering directory '/root/A/aespipe-v2.4f' ./aespipe -v -p 3 -e AES128 -K ./gpgkey2.asc -G test-dir1 <test-file3 >test-file1 3<test-file4 ./aespipe: C-language AES, 128 key bits, encrypting, multi-key-v2 mode, RAM not locked make test-part3 make[2]: Entering directory '/root/A/aespipe-v2.4f' md5sum test-file1 >test-file2 echo "f9825b79873f5c439ae9371c1a929a6c test-file1" >test-file5 make[2]: Leaving directory '/root/A/aespipe-v2.4f' cmp test-file2 test-file5 test-file2 test-file5 differ: byte 1, line 1 make[1]: *** [Makefile:120: test-part2] Error 1 make[1]: Leaving directory '/root/A/aespipe-v2.4f' make: *** [Makefile:87: tests] Error 2 It means that aespipe has NOT generated the expected output. The message was encrypted wrongly. WORKAROUND: - use -O0 optimization. Here is the build section of the aespipe.spec file: %build %set_build_flags # If you use multiple -O options, with or without level numbers, the last such option is the one that is effective. # https://gcc.gnu.org/onlinedocs/gcc-11.2.0/gcc/Optimize-Options.html#Optimize-Options # https://issues.redhat.com/browse/RHEL-14046 CFLAGS="$CFLAGS -O0" # Package calls CC to link %configure LDFLAGS="${CFLAGS}" %global make_target %{nil} %ifarch x86_64 %global make_target amd64 %endif %ifarch %{ix86} %global make_target x86 %endif make %{?_smp_mflags} %{make_target} See also: Bug 2244729 - Review Request: aespipe - AES encrypting or decrypting pipe https://bugzilla.redhat.com/show_bug.cgi?id=2244729
(In reply to Jiri Hladky from comment #15) > The build process got broken because of GCC bug. Do you have a link to the upstream GCC bug report? In many cases, behavioral changes after compiler upgrades are results of package bugs (incorrect use of the C language).
Hi Florian, thanks for looking into it! Here is the Jira issue: https://issues.redhat.com/browse/RHEL-14046 gcc with CFLAGS="-O2 -flto=auto" produces a binary with changed function I'm adding summary what we have discussed in the chat: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Florian Weimer has suggested following: ================================================================================================= Try building with -fno-strict-aliasing or -fno-ipa-modref or both. If that fixes it, it's likely a source code issue. The code for DATA_ALWAYS_ALIGNED does not look correct. It would be better to undefine it and rely on GCC generating unaligned accesses. It recognizes the byte-wise access construct. ================================================================================================= I have confirmed that building both with CFLAGS="-O2 -flto=auto -fno-strict-aliasing" and CFLAGS="-O2 -flto=auto -fno-ipa-modref" fixes the issue. I have contacted the author of aespipe to review the DATA_ALWAYS_ALIGNED in aes.c source file. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Thanks a lot Jirka
FEDORA-EPEL-2023-725614ab0d has been submitted as an update to Fedora EPEL 9. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-725614ab0d
FEDORA-2023-06d5b0e15e has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-06d5b0e15e
FEDORA-2023-951d88f408 has been submitted as an update to Fedora 38. https://bodhi.fedoraproject.org/updates/FEDORA-2023-951d88f408
FEDORA-2023-3f568e2a3f has been submitted as an update to Fedora 37. https://bodhi.fedoraproject.org/updates/FEDORA-2023-3f568e2a3f
FEDORA-2023-951d88f408 has been pushed to the Fedora 38 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-951d88f408` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-951d88f408 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-EPEL-2023-725614ab0d has been pushed to the Fedora EPEL 9 testing repository. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-725614ab0d See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-3f568e2a3f has been pushed to the Fedora 37 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-3f568e2a3f` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-3f568e2a3f See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-06d5b0e15e has been pushed to the Fedora 39 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-06d5b0e15e` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-06d5b0e15e See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2023-951d88f408 has been pushed to the Fedora 38 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-EPEL-2023-725614ab0d has been pushed to the Fedora EPEL 9 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2023-3f568e2a3f has been pushed to the Fedora 37 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2023-06d5b0e15e has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report.