[Bug 1940029] Re: Default of fcf-protection should only be enabled where it can work

Christian Ehrhardt  1940029 at bugs.launchpad.net
Fri Jul 14 09:24:36 UTC 2023 

root at f:~# apt install gcc-10 libc6-dev-i386
...
root at f:~# gcc-10 -Wall -Werror test.c -o test.o
root at f:~# gcc-10 -march=i486 -Wall -Werror test.c -o test.o
cc1: error: CPU you selected does not support x86-64 instruction set
cc1: error: ‘-fcf-protection=full’ is not supported for this target

^^ issue
gcc-10 -v |& tail -n 1
gcc version 10.3.0 (Ubuntu 10.3.0-1ubuntu1~20.04)


Upgrade to 10.5.0-1ubuntu1~20.04 worked fine (but was a bit much output
as I move to all in proposed)

root at f:~# gcc-10 -v |& tail -n 1
gcc version 10.5.0 (Ubuntu 10.5.0-1ubuntu1~20.04) 
root at f:~# gcc-10 -march=i486 -Wall -Werror test.c -o test.o
cc1: error: CPU you selected does not support x86-64 instruction set
cc1: error: ‘-fcf-protection=full’ is not supported for this target



Hmm, is this bug really fixed.
Sorry I didn't have the time to manually verify any of the before.
But it seems it was released without a verification due to that :-/

Checking latest Jammy as I had it around:


$ gcc-11 -v |& tail -n 1
gcc version 11.3.0 (Ubuntu 11.3.0-1ubuntu1~22.04.1) 
$ gcc-11 -march=i486 -Wall -Werror test.c -o test.o
cc1: error: CPU you selected does not support x86-64 instruction set
cc1: error: ‘-fcf-protection=full’ is not supported for this target

$ gcc-12 -v |& tail -n 1
gcc version 12.1.0 (Ubuntu 12.1.0-2ubuntu1~22.04) 
$ gcc-12 -march=i486 -Wall -Werror test.c -o test.o
cc1: error: CPU you selected does not support x86-64 instruction set
cc1: error: ‘-fcf-protection=full’ is not supported for this target

** Tags removed: verification-needed verification-needed-focal verification-needed-jammy
** Tags added: verification-failed verification-failed-focal verification-failed-jammy

** Changed in: gcc-11 (Ubuntu)
       Status: Fix Released => New

** Changed in: gcc-12 (Ubuntu)
       Status: Fix Released => New

** Changed in: gcc-12 (Ubuntu Jammy)
       Status: Fix Released => New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gcc-10 in Ubuntu.
https://bugs.launchpad.net/bugs/1940029

Title:
  Default of fcf-protection should only be enabled where it can work

Status in gcc-10 package in Ubuntu:
  Fix Released
Status in gcc-11 package in Ubuntu:
  New
Status in gcc-12 package in Ubuntu:
  New
Status in qemu package in Ubuntu:
  Fix Released
Status in gcc-10 source package in Focal:
  Fix Committed
Status in gcc-12 source package in Jammy:
  New

Bug description:
  Hi,
  I've happened to find this breaking a qemu build that was breaking like:

  
  c -MMD -MP -MT linuxboot_dma.o -MF ./linuxboot_dma.d -O2 -g -march=i486 -Wall -Wstrict-prototypes -Wredundant-decls -Wundef -Wwrite-strings -Wmissing-prototypes -Wformat -Werror=format-security -Wdate-time -Wold-style-declaration -Wold-style-definition -Wtype-limits -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wempty-body -Wnested-externs -Wendif-labels -Wexpansion-to-defined -Wimplicit-fallthrough=2 -Wno-missing-include-dirs -Wno-shift-negative-value -Wno-psabi -fno-pie -ffreestanding -I/<<PKGBUILDDIR>>/pc-bios/optionrom//../../include   -fno-stack-protector   -m16   -Wa,-32 -c /<<PKGBUILDDIR>>/pc-bios/optionrom/linuxboot_dma.c -o linuxboot_dma.o
  cc1: error: ‘-fcf-protection’ is not compatible with this target                 

  As usual this looks complex but it can be reduced to your favorite C
  hello world.

  It should work if you build it with:
    $ cc -Wall -Werror test.c -o test.o

  But the following will fail:
    $ cc -Wall -Werror -march=i486 -m16 test.c -o test.o
  cc1: error: ‘-fcf-protection’ is not compatible with this target

  
  This is some of the always crazy boot blobs that virtualization needs here and there - and I hope I can resolve it for qemu in the build. But in general while I think the fcf default (https://wiki.ubuntu.com/ToolChain/CompilerFlags#A-fcf-protection) is ok, it should not be default on arch combinations where it can never work.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gcc-10/+bug/1940029/+subscriptions

More information about the foundations-bugs mailing list