ELF package metadata failure: environment variable ‘DEB_HOST_ARCH’ not defined
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
asymptote (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
biosig (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
curl (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
deal.ii (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
doxygen (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
dpkg (Ubuntu) |
Triaged
|
High
|
Unassigned | ||
gcl27 (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
graphite2 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
gsequencer (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
gsl (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
haskell-devscripts (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
jose (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
ksmtuned (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
libreoffice (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
libtpms (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
mosh (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
mpich (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
mwrap (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
proftpd (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
proftpd-dfsg (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
quantlib (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
serf (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
setserial (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
speech-dispatcher (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
squid (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
swtpm (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
texinfo (Ubuntu) |
Triaged
|
High
|
Unassigned | ||
tix (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The ELF package note metadata introduced in dpkg 1.22.6ubuntu11 (refined in 1.22.6ubuntu14) can cause this failure:
```
gcc fatal error: environment variable ‘DEB_HOST_ARCH’ not defined
```
This happens when the `-specs=
1. Only the LDFLAGS is queried from dpkg-buildflags. Affected source packages builds: python3.12, openjdk-21, cdbs (causing dvbstreamer and rp-pppoe fail to build)
2. autopkgtests
3. debugging a crash of an application build with the -spec parameter
4. People like to iteratively continue building the software in the build dir while hacking on the package and then have no environment variable set.
This approach is too fragile. An alternative approach would be to specify the `--package-
```
-Wl,--package-
```
The following configure script call (non-relevant parameters deleted):
```
$ gcc -Wl,--package-
/usr/bin/ld: cannot find {type:deb: No such file or directory
/usr/bin/ld: cannot find os:ubuntu: No such file or directory
/usr/bin/ld: cannot find name:dpkg: No such file or directory
/usr/bin/ld: cannot find version:
/usr/bin/ld: cannot find architecture:
```
Proposed solution: Add support for an `--escaped-
```
-Wl,--encoded-
```
Solution (see comment #31)
=======
dpkg 1.22.11ubuntu1 stops passing the --specs option. It will be replaced by
- dpkg-buildpackage setting ELF_PACKAGE_
which gets picked up GCC and clang, and added as a linker option.
- the linkers ld.bfd, gold, mold and lld picking up ELF_PACKAGE_
if they don't see a package-metadata option.
This is committed, and will be uploaded later.
- dpkg-buildflags passing an option --encoded-
can be safely passed.
This option has to go upstream first into the linkers, so that we
don't have API incompatible linker versions in the archive.
If the fix for the other packages in this report is the only Ubuntu delta,
it can be safely dropped.
Related branches
- Benjamin Drung (community): Disapprove
- Daniel Draper (community): Approve
- MOTU: Pending requested
-
Diff: 48 lines (+11/-2)3 files modifieddebian/changelog (+7/-0)
debian/control (+2/-1)
debian/rules (+2/-1)
- Matthias Klose: Pending requested
-
Diff: 529 lines (+488/-3)5 files modifieddebian/changelog (+6/-0)
debian/patches/001_ld_makefile_patch.patch (+2/-3)
debian/patches/gold-add-encoded-package-metadata.patch (+223/-0)
debian/patches/ld-Add-encoded-package-metadata.patch (+255/-0)
debian/patches/series (+2/-0)
CVE References
description: | updated |
summary: |
- ELF package metadata failures + ELF package metadata failure: environment variable ‘DEB_HOST_ARCH’ not + defined |
description: | updated |
description: | updated |
tags: | added: update-excuse |
affects: | octave (Ubuntu) → mwrap (Ubuntu) |
Changed in mwrap (Ubuntu): | |
status: | New → Fix Committed |
importance: | Undecided → High |
Changed in asymptote (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in dpkg (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in gsequencer (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in mosh (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in mosh (Ubuntu): | |
status: | Triaged → Fix Committed |
description: | updated |
description: | updated |
description: | updated |
Changed in serf (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
tags: | added: ftbfs oracular |
Changed in texinfo (Ubuntu): | |
importance: | Undecided → High |
status: | New → Triaged |
Changed in squid (Ubuntu): | |
importance: | Undecided → High |
Changed in libreoffice (Ubuntu): | |
status: | New → Fix Released |
Changed in curl (Ubuntu): | |
status: | New → Triaged |
Changed in proftpd-dfsg (Ubuntu): | |
status: | New → Triaged |
Changed in curl (Ubuntu): | |
importance: | Undecided → High |
Changed in proftpd-dfsg (Ubuntu): | |
importance: | Undecided → High |
Changed in graphite2 (Ubuntu): | |
importance: | Undecided → High |
status: | New → Fix Released |
Changed in doxygen (Ubuntu): | |
status: | New → Fix Released |
description: | updated |
Changed in mpich (Ubuntu): | |
status: | New → Fix Released |
> Proposed solution: Add support for an `--escaped- package- metadata` parameter to the linkers that takes an URL encoded (RFC 3986) parameter.
It took months and a huge amount of fighting to get the option merged in all linkers, it was extremely hard. I am afraid this is just unrealistic.
The opt-out is there exactly to skip problematic packages, I recommend to just use it and skip those packages that are not doing standard debhelper builds. It's a small percentage nowadays anyway, so it's fine to just skip them.