I have two systems running the AMD Geode processor¹ and consequently the non-PAE kernel: ``` Linux gig 5.10.0-23-686 #1 SMP Debian 5.10.179-2 (2023-07-14) i586 GNU/Linux ``` and ``` Linux emily 6.1.0-10-686 #1 SMP PREEMPT_DYNAMIC Debian 6.1.38-2 (2023-07-27) i586 GNU/Linux ``` Both have had the bookworm upgrade, but I've not rebooted the former yet, hence the 5.x kernel. Anywhow, I cannot use sudo on either anymore, because if I do: ``` emily:~% sudo -l #(132 pts/0) 08 14:05:20.790 [1] 29199 illegal hardware instruction sudo -l ``` which shows up in `dmesg` like so: ``` 2023-08-08T14:06:32.666253+02:00 emily kernel: [206827.519200] traps: sudo[29332] trap invalid opcode ip:4ac030 sp:bfb3eedc error:0 in sudo[4ab000+2e000] ``` The system otherwise works fine, it's just `sudo` that's not usable. ¹) Here's the CPU data ``` emily:~% cat /proc/cpuinfo processor : 0 vendor_id : AuthenticAMD cpu family : 5 model : 10 model name : Geode(TM) Integrated Processor by AMD PCS stepping : 2 cpu MHz : 498.036 cache size : 128 KB physical id : 0 siblings : 1 core id : 0 cpu cores : 1 apicid : 0 initial apicid : 0 fdiv_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 1 wp : yes flags : fpu de pse tsc msr cx8 sep pge cmov clflush mmx mmxext 3dnowext 3dnow cpuid 3dnowprefetch vmmcall bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass bogomips : 996.07 clflush size : 32 cache_alignment : 32 address sizes : 32 bits physical, 32 bits virtual power management: ```
Is this probably a duplicate of #1004894? If so, this probably boils down on a GCC bug, see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104713 Greetings Marc
Regarding the following, written by "Marc Haber" on 2023-08-08 at 14:57 Uhr +0200: Thanks and sorry for the duplicate. Not sure it is. I did a search, but "opcode" only appeared on my radar later…
Hi, What makes you unsure it is? Can you try recompiling for i586 or i386, or disabling the hardening option as suggested in 1004894? If either works, we have a duplicate and sudo sadly cannot do anything about that.I'd rather not disable hardening for sudo to make it run on obscure old CPUs until the ctte tells me to. Greetings Marc
Regarding the following, written by "Marc Haber" on 2023-08-14 at 14:03 Uhr +0200: Lack of knowledge? It's not important what I am sure and unsure of ;) I won't have time to recompile any time soon, and in part because I won't be close to those systems in the foreseeable future. They are not important (both are just IPMI jumphosts). I agree that you shouldn't loosen security on sudo just for a few older systems. It's probably time I replaced them anyway, where are the raspberry pis with two LAN interfaces? ;)
Would you be willing to try a .deb delivered by me? The APU just had its plug pulled as well. Greetings Marc
Regarding the following, written by "Marc Haber" on 2023-08-15 at 14:11 Uhr +0200: Yes of course.
Es gibt eine Familienspende in Höhe von 1.850.000,00 USD von Cheng Charlie Saephan. Bitte antworten Sie für weitere Informationen. Denken Sie daran, Ihrer Familie und den Bedürftigen in Ihrer Umgebung Gutes zu tun. Dies ist bereits der zweite Versuch, Sie zu erreichen. Bitte antworten Sie für weitere Details.
A fix that may resolve your issues is now at least in bookworm and trixie. Can you confirm this? I am planning to close this bug by the end of May 2026 unless you confirm that the issue still exists. Greetings Marc
A fix that may resolve your issues is now at least in bookworm and trixie. Can you confirm this? I am planning to close this bug by the end of May 2026 unless you confirm that the issue still exists. Greetings Marc
Regarding the following, written by "Marc Haber" on 2026-03-28 at 11:44 Uhr +0100: Yes, version 1.9.13p3-1+deb12u3 on bookworm does not have the problem anymore. Wow. Thank you so much for following up on this, and for your succinct message! I'm herewith closing the bug, hope that's alright.
Control: tags -1 upstream confirmed Control: found -1 1.9.17p2-1 The upstream fix is f1c82d8d434d5e7d9b50b4c79066f0f82eb981d0, not yet in unstable and testing, but it looks like it will be in sudo 1.9.17p3 or the next non-maintenance release. This bug will thus stay open until that version has landed in unstable. If upstream delays their release until the forky freeze approaches, I will cherry-pick. Greetings Marc
Control: tags -1 upstream confirmed Control: found -1 1.9.17p2-1 The upstream fix is f1c82d8d434d5e7d9b50b4c79066f0f82eb981d0, not yet in unstable and testing, but it looks like it will be in sudo 1.9.17p3 or the next non-maintenance release. This bug will thus stay open until that version has landed in unstable. If upstream delays their release until the forky freeze approaches, I will cherry-pick. Greetings Marc