- Package:
- libdpkg-perl
- Source:
- dpkg
- Submitter:
- Andreas Beckmann
- Date:
- 2022-06-06 10:57:03 UTC
- Severity:
- important
Hi, gpgme1.0 FTBFS on hurd-i386: https://buildd.debian.org/status/fetch.php?pkg=gpgme1.0&arch=hurd-i386&ver=1.8.0-3&stamp=1486062988&raw=0 configure:19582: checking whether a simple qt program can be built configure:19593: g++ -o conftest -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=. -specs=/usr/share/dpkg/pie-compile.specs -fstack-protector-strong -Wformat -Werror=format-security -I/usr/include/i386-gnu/qt5/QtCore -I/usr/include/i386-gnu/qt5 -fpic -specs=/usr/share/dpkg/pie-link.specs -Wl,-z,relro -Wl,-z,now conftest.cpp -lQt5Core >&5 In file included from /usr/include/i386-gnu/qt5/QtCore/qcoreapplication.h:43:0, from /usr/include/i386-gnu/qt5/QtCore/QCoreApplication:1, from conftest.cpp:32: /usr/include/i386-gnu/qt5/QtCore/qglobal.h:1113:4: error: #error "You must build your code with position independent code if Qt was built with -reduce-relocations. " "Compile your code with -fPIC (-fPIE is not enough)." # error "You must build your code with position independent code if Qt was built with -reduce-relocations. "\ Andreas
control: tags -1 patch Hello, the patch from Ubuntu seems enough to do the trick, can you please forward upstream? I'm still waiting for my account to get accepted on dev.gnupg.org (I just registered) diff -pruN 1.13.1-7/debian/patches/0006-PIC-and-shared.patch 1.13.1-7ubuntu2/debian/patches/0006-PIC-and-shared.patch --- 1.13.1-7/debian/patches/0006-PIC-and-shared.patch 1970-01-01 00:00:00.000000000 +0000 +++ 1.13.1-7ubuntu2/debian/patches/0006-PIC-and-shared.patch 2017-05-12 07:22:23.000000000 +0000 @@ -0,0 +1,19 @@ +Description: Use -fPIC instead of -fpic. +Author: Adam Conrad <adconrad@ubuntu.com> +Last-Update: 2017-05-12 + +Index: gpgme1.0-1.8.0/m4/qt.m4 +=================================================================== +--- gpgme1.0-1.8.0.orig/m4/qt.m4 ++++ gpgme1.0-1.8.0/m4/qt.m4 +@@ -24,8 +24,9 @@ AC_DEFUN([FIND_QT], + [have_qt5test_libs="no"]) + + if ! test "$have_w32_system" = yes; then ++ GPGME_QT_CFLAGS="$GPGME_QT_CFLAGS -shared" + if "$PKG_CONFIG" --variable qt_config Qt5Core | grep -q "reduce_relocations"; then +- GPGME_QT_CFLAGS="$GPGME_QT_CFLAGS -fpic" ++ GPGME_QT_CFLAGS="$GPGME_QT_CFLAGS -fPIC" + fi + fi + if test "$have_qt5_libs" = "yes"; then diff -pruN 1.13.1-7/debian/patches/series 1.13.1-7ubuntu2/debian/patches/series --- 1.13.1-7/debian/patches/series 2020-01-30 16:37:46.000000000 +0000 +++ 1.13.1-7ubuntu2/debian/patches/series 2020-02-14 00:43:13.000000000 +0000 @@ -5,3 +5,4 @@ 0005-tests-json-Bravo-key-does-not-have-secret-key-materi.patch 0006-gpg-Send-with-keygrip-when-listing-keys.patch 0007-use-FULL_PATH_NAMES-NO-for-reproducible-doxygen-docu.patch +0006-PIC-and-shared.patch thanks Gianfranco
control: forwarded -1 https://dev.gnupg.org/T4982 thanks G.
Hi! I've split (to reuse both instead of cloning a new one) and reassigned the bugs where it seems they belong. See below for context. Yes this is what I had locally, thanks for testing! I'm including a fix in the next upload. I'm leaving this for the src:qtbase-opensource-src maintainers to decide whether to pick up or not. Thanks, Guillem
Hi! Bug #870383 in package dpkg reported by you has been fixed in the dpkg/dpkg.git Git repository. You can see the changelog below, and you can check the diff of the fix at: https://git.dpkg.org/cgit/dpkg/dpkg.git/diff/?id=73ff957bb data: Prefix the specs file spec string self_spec with + instead of * Using * as a prefix for the spec entry makes it override any previous setting. This is problematic when we pass two or more -specs options to the compiler (f.ex. to link and compile on the same run), as then only the last one will take effect, breaking the builds. Closes: #870383 Ref: https://dev.gnupg.org/T4982 Prompted-by: NIIBE Yutaka <gniibe@fsij.org> Tested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> diff --git a/debian/changelog b/debian/changelog index 57f14010f..b3c90561c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,11 @@ dpkg (1.20.4) UNRELEASED; urgency=medium [ Guillem Jover ] + * Improve PIE flags support: + - Prefix the specs file spec string self_spec with + instead of *. + This way we do not override any previous setting, otherwise when + passing the -specs options twice (f.ex. to compile and link), only the + last one will take effect, which can break the build. Closes: #870383 * Perl modules: - Dpkg::Source::Package: Explicitly initialize constructor options to their implicit values, otherwise other code end up assuming different
We believe that the bug you reported is fixed in the latest version of
dpkg, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 870383@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Guillem Jover <guillem@debian.org> (supplier of updated dpkg package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
Format: 1.8
Date: Tue, 07 Jul 2020 07:57:48 +0200
Source: dpkg
Architecture: source
Version: 1.20.4
Distribution: unstable
Urgency: medium
Maintainer: Dpkg Developers <debian-dpkg@lists.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Closes: 870383 964017 964111 964234
Changes:
dpkg (1.20.4) unstable; urgency=medium
.
[ Guillem Jover ]
* Improve PIE flags support:
- Prefix the specs file spec string self_spec with + instead of *.
This way we do not override any previous setting, otherwise when
passing the -specs options twice (f.ex. to compile and link), only the
last one will take effect, which can break the build. Closes: #870383
* Perl modules:
- Dpkg::Source::Package: Explicitly initialize constructor options to
their implicit values, otherwise other code end up assuming different
defaults. Closes: #964017
- Dpkg::OpenPGP: Use a temporary directory for the GnuPG homedir in
verify_signature(), to make sure we do not write to the user home
directory, except for the trustkeys.db file if present.
- Dpkg::Path: Refactor new check_directory_traversal() function out of
Dpkg::Source::Package->extract().
- Dpkg::Path: Do not do partial matches for directory traversal checks,
expect a trailing slash after the base directory name.
- Dpkg::Path: Catch uncanonicanizable pathnames with a proper error.
Closes: #964111
- Dpkg::Path: Do not consider missing symlink targets a directory
traversal attempt. Closes: #964234
- Dpkg::Path: Allow /dev/null for directory traversals.
Reported by Holger Levsen <holger@layer-acht.org>.
* Build system:
- Add Module::Signature as configure recommends for CPAN.
* Test suite:
- Use File::Path::make_path() instead of chained mkdir() in Dpkg_Path.t.
- Add unit tests for Dpkg::Path::check_directory_traversal().
.
[ Updated programs translations ]
* German (Sven Joachim).
Checksums-Sha1:
12983dabc712157582b2bcff0c1b0e6f1de9e65c 2109 dpkg_1.20.4.dsc
41a445efe3c51e07b38948defd51e601683a5448 4715020 dpkg_1.20.4.tar.xz
413c302f34195f09a53ef23943c9ebda3f811802 7501 dpkg_1.20.4_amd64.buildinfo
Checksums-Sha256:
2762a810d5c151316d170bc0ab6e610283e6454c5df5c34edd2fd33d0c79a64a 2109 dpkg_1.20.4.dsc
3430d76d75b66eeccad8382dad7148e6f46fedce90587964608f0c5c733abe52 4715020 dpkg_1.20.4.tar.xz
e78395058970d3c8dc03b462de8459104fbe12edc71f88af9c0617264da2bc2b 7501 dpkg_1.20.4_amd64.buildinfo
Files:
19ca3ea2f56ee6cf181a4e5dc14e16e6 2109 admin required dpkg_1.20.4.dsc
58f92b5d3d464629119148a1fa3eb331 4715020 admin required dpkg_1.20.4.tar.xz
6b8be7267af03c5acb91430f3d8e2325 7501 admin required dpkg_1.20.4_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAl8EET0ACgkQuXK/PqSu
V6Ms6g//Y1YBiJHcObBffo1yrWIVQxmDJx1V52NMjMQcZiJEoRDsCkHJzoBoeyHq
VzI807ztMGXpr4P9+2kdgN1N0JcG6vKEB/VtnIbNdoEmIx13RoBM5WVnG04oRevL
Sh6lCsFkET/in71O/CO6hpMV5KsNaoXuiLsJwZ3ggTeuKBinRhlCRfphU28gM8hE
8HvM+oBnitmuCLItoOT9MUps4B0LU1cCLf+mpsbKcJiTIZinbH8EyDx5BvNxf4fe
avX2++4WTJirlesXkkOh3A/PjwRER6QGJqV24unDDjStQSab2TVKKk5pmna+V0kT
ifI8qqOvLDbflT7MAyOklHTxnVK6TDUNSSNC+CyzO/g+vDuFweIpNQF7fcbtMT8w
HF37am4F6UjiQiVpKEAhlVPK1dunG37IYZAQWAY069ywQ48WJPc9KdsbuEPSqH8J
oAdrdx4OFLwz4KD9c31mMnzPzmJjWNtNMf/rxh0/fHypSbftF1ylVHcmVdy0mk7t
9JdHTS3PV37aQnOS4O450IujaUrbBkSU56By+jfsKaDW9W/nsk0+M2MHHAHfvV4f
qNjopmgDbi8CwIZcf8z4aWbXNSWstMa1fXrDQvMPsCDd20qeH9N6Cb//800l5/jF
E00ilFm/yykwBgBJxR/ujv7R0sWB3oxnXAN9cMT9cAB8qR2A1ZA=
=ra/4
-----END PGP SIGNATURE-----
Control: reopen -1 Control: tag -1 - patch Ok, so Thorsten Glaser very helpfully pointed out that this is actually bogus, as the + is supposed to go with the text not the spec name (which was already there!). In this case I assume it gets interpreted as a «[SUFFIX]:» entry, and then this get completely ignored (w/o an error diagnostic), disabling all the specs files (confirmed by Thorsten on x32), that's why the specific problem with gpgme+Qt stopped failing in Daniel's tests. I'll revert this in a quick .5 upload later today, and then try to track down what's going on, and add some unit tests for the specs files, so that this gets tested on architectures where it truly affects them. Thanks, Guillem
Hello, After two years, gpgme1.0 now builds fine, so maybe its time to close this bug? G.
Closing then G.