glibc 2.26 refuses to run on CentOS 6.8

DoneSubmitted by Ricardo Wurmus.
Details
8 participants
  • Danny Milosavljevic
  • Efraim Flashner
  • Jan Nieuwenhuizen
  • Leo Famulari
  • Ludovic Courtès
  • Mark H Weaver
  • Ricardo Wurmus
  • Ricardo Wurmus
Owner
unassigned
Severity
serious
R
R
Ricardo Wurmus wrote on 19 Feb 2018 19:46
(address . bug-guix@gnu.org)(address . guix-devel@gnu.org)
87eflgstqt.fsf@mdc-berlin.de
Hi Guix,
I have a bad day. After the upgrade to glibc 2.26 none of theGuix-installed software runs on the HPC cluster running CentOS 6.8.
The glibc 2.26 expects a minimum kernel version of 3.x on x86_64, butCentOS 6.8 only comes with a heavily patched 2.6.32.
The NixOS developers patch glibc to make sure that all software stillruns on Linux 2.6.32:
https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/development/libraries/glibc/allow-kernel-2.6.32.patch
Can we please also apply this? Without this Guix on HPC is pretty muchdead at the MDC.
Toggle diff (39 lines)diff --git a/sysdeps/unix/sysv/linux/configure b/sysdeps/unix/sysv/linux/configureindex cace758c01..38fe7fe0b0 100644--- a/sysdeps/unix/sysv/linux/configure+++ b/sysdeps/unix/sysv/linux/configure@@ -69,7 +69,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for kernel header at least $minimum_kernel" >&5 $as_echo_n "checking for kernel header at least $minimum_kernel... " >&6; } decnum=`echo "$minimum_kernel.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/(\1 * 65536 + \2 * 256 + \3)/'`;-abinum=`echo "$minimum_kernel.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1,\2,\3/'`;+abinum=`echo "2.6.32.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1,\2,\3/'`; cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include <linux/version.h>diff --git a/sysdeps/unix/sysv/linux/configure.ac b/sysdeps/unix/sysv/linux/configure.acindex 13abda0a51..6abc12eaed 100644--- a/sysdeps/unix/sysv/linux/configure.ac+++ b/sysdeps/unix/sysv/linux/configure.ac@@ -50,7 +50,7 @@ fi AC_MSG_CHECKING(for kernel header at least $minimum_kernel) changequote(,)dnl decnum=`echo "$minimum_kernel.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/(\1 * 65536 + \2 * 256 + \3)/'`;-abinum=`echo "$minimum_kernel.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1,\2,\3/'`;+abinum=`echo "2.6.32.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1,\2,\3/'`; changequote([,])dnl AC_TRY_COMPILE([#include <linux/version.h> #if LINUX_VERSION_CODE < $decnumdiff --git a/sysdeps/unix/sysv/linux/dl-osinfo.h b/sysdeps/unix/sysv/linux/dl-osinfo.hindex 823cd8224d..482caaeeec 100644--- a/sysdeps/unix/sysv/linux/dl-osinfo.h+++ b/sysdeps/unix/sysv/linux/dl-osinfo.h@@ -39,7 +39,7 @@ GLRO(dl_osversion) = version; \ \ /* Now we can test with the required version. */ \- if (__LINUX_KERNEL_VERSION > 0 && version < __LINUX_KERNEL_VERSION) \+ if (__LINUX_KERNEL_VERSION > 0 && version < __LINUX_KERNEL_VERSION && version != 0x020620) \ /* Not sufficent. */ \ FATAL ("FATAL: kernel too old\n"); \ } \
--Ricardo
R
R
Ricardo Wurmus wrote on 19 Feb 2018 20:41
(address . guix-devel@gnu.org)(address . 30537@debbugs.gnu.org)
878tbosr7h.fsf@mdc-berlin.de
Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:
Toggle quote (18 lines)> Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:>>> Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:>>>>> The NixOS developers patch glibc to make sure that all software still>>> runs on Linux 2.6.32:>>>>>> https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/development/libraries/glibc/allow-kernel-2.6.32.patch>>>>>> Can we please also apply this?>>>> We could also apply this conditionally to x86_64 only, because that’s>> probably the only architecture that’s used for HPC systems running>> CentOS.>> Here’s a patch to graft the glibc to apply the patch to allow the 2.6.32> kernel. I’m going to apply this at work now.
That patch had a couple of problems. Here’s a new version.
The main differences are:
* fix an undefined variable (“base” –> “glibc”)* use package/inherit for glibc-final and glibc-final-with-bootstrap-bash; don’t override the “replacement” field with “#f”
-- Ricardo
From 3cf46dce4129cb52574de52b4221f6c4dde566fe Mon Sep 17 00:00:00 2001From: Ricardo Wurmus <rekado@elephly.net>Date: Mon, 19 Feb 2018 20:04:06 +0100Subject: [PATCH] WIP graft glibc to allow execution on Linux 2.6.32.
* gnu/packages/patches/glibc-allow-kernel-2.6.32.patch: New file.* gnu/local.mk (dist_patch_DATA): Add it.* gnu/packages/base.scm (glibc/linux)[replacement]: New field.(glibc-2.26-patched): New variable.(glibc-2.25, glibc-2.24, glibc-2.23, glibc-2.22): Disable replacement.* gnu/packages/commencement.scm (glibc-final-with-bootstrap-bash,glibc-final): Use package/inherit to enable grafted glibc.--- gnu/local.mk | 3 +- gnu/packages/base.scm | 15 +++++++++ gnu/packages/commencement.scm | 5 +-- .../patches/glibc-allow-kernel-2.6.32.patch | 39 ++++++++++++++++++++++ 4 files changed, 59 insertions(+), 3 deletions(-) create mode 100644 gnu/packages/patches/glibc-allow-kernel-2.6.32.patch
Toggle diff (163 lines)diff --git a/gnu/local.mk b/gnu/local.mkindex f1834e368..c7bd4c6a9 100644--- a/gnu/local.mk+++ b/gnu/local.mk@@ -7,7 +7,7 @@ # Copyright © 2016, 2017 Kei Kebreau <kkebreau@posteo.net> # Copyright © 2016, 2017 Rene Saavedra <rennes@openmailbox.org> # Copyright © 2016 Adonay "adfeno" Felipe Nogueira <https://libreplanet.org/wiki/User:Adfeno> <adfeno@openmailbox.org>-# Copyright © 2016, 2017 Ricardo Wurmus <rekado@elephly.net>+# Copyright © 2016, 2017, 2018 Ricardo Wurmus <rekado@elephly.net> # Copyright © 2016 Ben Woodcroft <donttrustben@gmail.com> # Copyright © 2016, 2017, 2018 Alex Vong <alexvong1995@gmail.com> # Copyright © 2016, 2017 Efraim Flashner <efraim@flashner.co.il>@@ -705,6 +705,7 @@ dist_patch_DATA = \ %D%/packages/patches/glibc-CVE-2017-1000366-pt1.patch \ %D%/packages/patches/glibc-CVE-2017-1000366-pt2.patch \ %D%/packages/patches/glibc-CVE-2017-1000366-pt3.patch \+ %D%/packages/patches/glibc-allow-kernel-2.6.32.patch \ %D%/packages/patches/glibc-bootstrap-system.patch \ %D%/packages/patches/glibc-ldd-x86_64.patch \ %D%/packages/patches/glibc-locales.patch \diff --git a/gnu/packages/base.scm b/gnu/packages/base.scmindex b2c1d232f..111bbbcec 100644--- a/gnu/packages/base.scm+++ b/gnu/packages/base.scm@@ -12,6 +12,7 @@ ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com> ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com> ;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org>+;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> ;;; ;;; This file is part of GNU Guix. ;;;@@ -537,6 +538,7 @@ store.") ;; Note: Always use a dot after the minor version since various places rely ;; on "version-major+minor" to determine where locales are found. (version "2.26.105-g0890d5379c")+ (replacement glibc-2.26-patched) (source (origin (method url-fetch) (uri (string-append "https://alpha.gnu.org/gnu/guix/mirror/"@@ -839,10 +841,20 @@ GLIBC/HURD for a Hurd host" ;; Below are old libc versions, which we use mostly to build locale data in ;; the old format (which the new libc cannot cope with.) +(define glibc-2.26-patched+ (package+ (inherit glibc)+ (replacement #f)+ (source (origin+ (inherit (package-source glibc))+ (patches (cons (search-patch "glibc-allow-kernel-2.6.32.patch")+ (origin-patches (package-source glibc))))))))+ (define-public glibc-2.25 (package (inherit glibc) (version "2.25")+ (replacement #f) (source (origin (inherit (package-source glibc)) (uri (string-append "mirror://gnu/glibc/glibc-"@@ -862,6 +874,7 @@ GLIBC/HURD for a Hurd host" (package (inherit glibc) (version "2.24")+ (replacement #f) (source (origin (inherit (package-source glibc)) (uri (string-append "mirror://gnu/glibc/glibc-"@@ -882,6 +895,7 @@ GLIBC/HURD for a Hurd host" (package (inherit glibc) (version "2.23")+ (replacement #f) (source (origin (inherit (package-source glibc)) (uri (string-append "mirror://gnu/glibc/glibc-"@@ -905,6 +919,7 @@ GLIBC/HURD for a Hurd host" (package (inherit glibc) (version "2.22")+ (replacement #f) (source (origin (inherit (package-source glibc)) (uri (string-append "mirror://gnu/glibc/glibc-"diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scmindex 7286e954c..db43691fd 100644--- a/gnu/packages/commencement.scm+++ b/gnu/packages/commencement.scm@@ -4,6 +4,7 @@ ;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org> ;;; Copyright © 2014, 2015, 2017 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2017, 2018 Efraim Flashner <efraim@flashner.co.il>+;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net> ;;; ;;; This file is part of GNU Guix. ;;;@@ -486,7 +487,7 @@ the bootstrap environment." ;; built just below; the only difference is that this one uses the ;; bootstrap Bash. (package-with-bootstrap-guile- (package (inherit glibc)+ (package/inherit glibc (name "glibc-intermediate") (arguments `(#:guile ,%bootstrap-guile@@ -664,7 +665,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%" (define glibc-final ;; The final glibc, which embeds the statically-linked Bash built above.- (package (inherit glibc-final-with-bootstrap-bash)+ (package/inherit glibc-final-with-bootstrap-bash (name "glibc") (inputs `(("static-bash" ,static-bash-for-glibc) ,@(alist-deletediff --git a/gnu/packages/patches/glibc-allow-kernel-2.6.32.patch b/gnu/packages/patches/glibc-allow-kernel-2.6.32.patchnew file mode 100644index 000000000..ce18b874c--- /dev/null+++ b/gnu/packages/patches/glibc-allow-kernel-2.6.32.patch@@ -0,0 +1,39 @@+diff --git a/sysdeps/unix/sysv/linux/configure b/sysdeps/unix/sysv/linux/configure+index cace758c01..38fe7fe0b0 100644+--- a/sysdeps/unix/sysv/linux/configure++++ b/sysdeps/unix/sysv/linux/configure+@@ -69,7 +69,7 @@ fi+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for kernel header at least $minimum_kernel" >&5+ $as_echo_n "checking for kernel header at least $minimum_kernel... " >&6; }+ decnum=`echo "$minimum_kernel.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/(\1 * 65536 + \2 * 256 + \3)/'`;+-abinum=`echo "$minimum_kernel.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1,\2,\3/'`;++abinum=`echo "2.6.32.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1,\2,\3/'`;+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext+ /* end confdefs.h. */+ #include <linux/version.h>+diff --git a/sysdeps/unix/sysv/linux/configure.ac b/sysdeps/unix/sysv/linux/configure.ac+index 13abda0a51..6abc12eaed 100644+--- a/sysdeps/unix/sysv/linux/configure.ac++++ b/sysdeps/unix/sysv/linux/configure.ac+@@ -50,7 +50,7 @@ fi+ AC_MSG_CHECKING(for kernel header at least $minimum_kernel)+ changequote(,)dnl+ decnum=`echo "$minimum_kernel.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/(\1 * 65536 + \2 * 256 + \3)/'`;+-abinum=`echo "$minimum_kernel.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1,\2,\3/'`;++abinum=`echo "2.6.32.0.0.0" | sed 's/\([0-9]*\)\.\([0-9]*\)\.\([0-9]*\).*/\1,\2,\3/'`;+ changequote([,])dnl+ AC_TRY_COMPILE([#include <linux/version.h>+ #if LINUX_VERSION_CODE < $decnum+diff --git a/sysdeps/unix/sysv/linux/dl-osinfo.h b/sysdeps/unix/sysv/linux/dl-osinfo.h+index 823cd8224d..482caaeeec 100644+--- a/sysdeps/unix/sysv/linux/dl-osinfo.h++++ b/sysdeps/unix/sysv/linux/dl-osinfo.h+@@ -39,7 +39,7 @@+ GLRO(dl_osversion) = version; \+ \+ /* Now we can test with the required version. */ \+- if (__LINUX_KERNEL_VERSION > 0 && version < __LINUX_KERNEL_VERSION) \++ if (__LINUX_KERNEL_VERSION > 0 && version < __LINUX_KERNEL_VERSION && version != 0x020620) \+ /* Not sufficent. */ \+ FATAL ("FATAL: kernel too old\n"); \+ } \-- 2.16.2
J
J
Jan Nieuwenhuizen wrote on 19 Feb 2018 21:28
(name . Ricardo Wurmus)(address . ricardo.wurmus@mdc-berlin.de)
87tvucg1w6.fsf@gnu.org
Ricardo Wurmus writes:
Toggle quote (5 lines)>> Here’s a patch to graft the glibc to apply the patch to allow the 2.6.32>> kernel. I’m going to apply this at work now.>> That patch had a couple of problems. Here’s a new version.
Sad to hear of your troubles, thanks a lot for posting this. Wediscovered at Verum that a guix pack would not run on CentOS andtook another road in the end. Good to know there's still a wayto work around this.
Thanks,janneke
-- Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.orgFreelance IT http://JoyofSource.com| Avatar® http://AvatarAcademy.com
R
R
Ricardo Wurmus wrote on 19 Feb 2018 22:22
(name . Danny Milosavljevic)(address . dannym@scratchpost.org)
87606ssmi3.fsf@elephly.net
Hi Danny,
Toggle quote (4 lines)> Can you try just passing --enable-kernel=2.6.32 to "configure" of glibc instead?>> It should set the minimal version without any weird patching.
Does this work even though the official minimum kernel version for glibc2.26 is 3.2.0?
Toggle quote (4 lines)> But newer glibc has moved a lot of kernel definitions into glibc, might cause a> problem if glibc just assumes it's all there but in fact it's not there at> runtime (like the recent Haskell problem etc).
The Red Hat kernels are a bit special in that they are not just oldkernels, but heavily patched to work with newer software. The Nixpeople wrote that they have confirmed that 2.6.32 works up toglibc-2.26-131.
There are additional notes on how that was done:
# HOWTO: check glibc sources for changes in kernel requirements git log -p glibc-2.25.. sysdeps/unix/sysv/linux/x86_64/kernel-features.h sysdeps/unix/sysv/linux/kernel-features.h # get kernel sources (update the URL) mkdir tmp && cd tmp curl http://vault.centos.org/6.9/os/Source/SPackages/kernel-2.6.32-696.el6.src.rpm| rpm2cpio - | cpio -idmv tar xf linux-*.bz2 # check syscall presence, for example less linux-*?/arch/x86/kernel/syscall_table_32.S
If there was a way to test for kernel features instead of looking at thekernel version I’d do that instead of looking for a way to relax thelower kernel version bound.
--Ricardo
GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAChttps://elephly.net
D
D
Danny Milosavljevic wrote on 19 Feb 2018 23:46
(name . Ricardo Wurmus)(address . rekado@elephly.net)
20180219234603.69a821a7@scratchpost.org
Hi Ricardo,
Toggle quote (3 lines)> Does this work even though the official minimum kernel version for glibc> 2.26 is 3.2.0?
I think so, BUT the patchset looks pretty similar to what would happenif you specified the configure flag except for one spot.So maybe Nix found out some ill effects.
The most worrying part in glibc is
#if __LINUX_KERNEL_VERSION < 0x040300# undef __ASSUME_ACCEPT4_SYSCALL# undef __ASSUME_SENDMSG_SYSCALL# undef __ASSUME_RECVMSG_SYSCALL# undef __ASSUME_CONNECT_SYSCALL# undef __ASSUME_RECVFROM_SYSCALL# undef __ASSUME_SENDTO_SYSCALL#endif
So that would have to be watched out for.
__ASSUME_CONNECT_SYSCALL is some scary stuff. Getting it wrong could break allnetworking in the system.
Toggle quote (5 lines)> The Red Hat kernels are a bit special in that they are not just old> kernels, but heavily patched to work with newer software. The Nix> people wrote that they have confirmed that 2.6.32 works up to> glibc-2.26-131.
Oh, I didn't know that. If it's tested that way, let's use it that wayfor the time being.
Toggle quote (4 lines)> If there was a way to test for kernel features instead of looking at the> kernel version I’d do that instead of looking for a way to relax the> lower kernel version bound.
Yeah...
L
L
Leo Famulari wrote on 20 Feb 2018 02:22
(name . Ricardo Wurmus)(address . ricardo.wurmus@mdc-berlin.de)(address . 30537@debbugs.gnu.org)
20180220012229.GA28522@jasmine.lan
On Mon, Feb 19, 2018 at 07:46:02PM +0100, Ricardo Wurmus wrote:
Toggle quote (8 lines)> The NixOS developers patch glibc to make sure that all software still> runs on Linux 2.6.32:> > https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/development/libraries/glibc/allow-kernel-2.6.32.patch> > Can we please also apply this? Without this Guix on HPC is pretty much> dead at the MDC.
My questions are, how does the glibc team choose the minimum kernelversion? What could go wrong if we apply this patch and somebody usesGuix on a pre-3.2.0 kernel?
Perhaps they simply chose to not support glibc on any kernel that is notsupported upstream; 3.2.x is the oldest supported release series. But,we should have some idea of their reasoning, in my opinion.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlqLeFIACgkQJkb6MLrKfwgZsRAA4XKbDixlu85agTzhMnjIUFwE1XKvFcPGrIo2YPVLi4A9d5dmgpaZ1UDnurruOghvw6k1k+SBGQrmCKbkVcXrdVGCvPaBdhDHTdLGLWx3R+K8KaSgzVsUz3YTlJDcxE4utIil3C0ow/tHHgFhfGpqkdotA8XDKCS9B5mPZaXv0XLekTqb6RQ9hOOXcAnuOV5ZdaOBo0YvlGcYSMzY66fmaCNVHgtGzJM6w7UW4hrJdkvh1fzyF9Piw0k3j756f5JCbZYd2g2zy/4L7jsKuqW8STmAeMx95b5s34Fwa0flBHdh0NjVo63WKT9cKoUq9Xh/Ab9Nj+I3IyKef+7TpoBxOGMYNd+BB3CnB1U0gfnh2VsSbpu+KS4Eh2wBL7xl70XNCLBNm8ixAmfPicsD0ttrqNM9X2oWZ0F8KyWZXMFlJRFyZblKoj5HFc/0XdoJecVfuj+lt95BVVldED9zd9JiGdLdgw8NY8ZKxNHbUI8PtXoXaTjObQq9wjK/M9tYrv2JZdFusH8LAvVO7WhcxyWHoBNLbp05GUIiPs++jsfV1G1e69zhDoPBu0t53CM+1v9bDA7SHLPFN43RgBV60pR0ol+/C/ObL6KxlODl+fzsXt4DIeGY9BYaGr96OkGzcKiA7HvOMlTGUNC9/xdMTa+o0DwpOdour22btLl52CCJjxI==wNoz-----END PGP SIGNATURE-----

E
E
Efraim Flashner wrote on 20 Feb 2018 10:39
Re: bug#30537: glibc 2.26 refuses to run on CentOS 6.8
(name . Ricardo Wurmus)(address . ricardo.wurmus@mdc-berlin.de)
20180220093910.GA23825@macbook41
On Mon, Feb 19, 2018 at 07:46:02PM +0100, Ricardo Wurmus wrote:
Toggle quote (17 lines)> Hi Guix,> > I have a bad day. After the upgrade to glibc 2.26 none of the> Guix-installed software runs on the HPC cluster running CentOS 6.8.> > The glibc 2.26 expects a minimum kernel version of 3.x on x86_64, but> CentOS 6.8 only comes with a heavily patched 2.6.32.> > The NixOS developers patch glibc to make sure that all software still> runs on Linux 2.6.32:> > https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/development/libraries/glibc/allow-kernel-2.6.32.patch> > Can we please also apply this? Without this Guix on HPC is pretty much> dead at the MDC.>
We should also update the docs with the (new) minimum specs as needed.
-- Efraim Flashner <efraim@flashner.co.il> אפרים פלשנרGPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351Confidentiality cannot be guaranteed on emails sent or received unencrypted
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAlqL7LsACgkQQarn3Mo9g1F7lg//QFgxsZQO4TDtLFYxodl9DzOiTHX68bTvr+1SX/5VnlnkoPsNtGpoJZdQico8D/h9y9KySWJDkJrP+8sWyPRikiFWDHA4bQYXyvQdgXUN+54Msou0c8uXsbEy2dhLrDS7jXEmVB/POyprxvrMjypoGXMlPSf5WJhUOiCuBunrYlDmEOyMJ7AP3kpGykBe/6XaX3NATY5lQeojXaL6yQ/UTr0C4JqBHTKSoDwGfoq02i8wSi71a0sS97FOgIyQ2ZyGHvCTVPXJLD+Gh+fjbHa997XGbXN0Ht6ar0kwCJSI74Nz/WX8xqD7+Ec9W8hscYLoh9PeX1QDpiXJKDLP+D5E1++wbiNQTd3Eu7AfnmxboKERl6sJodTZaMRkJ2dqCT7PaU5OEygAl3r53UhM2NvFs/anQPV2aFTURyjHJRJxSKayurxU3rPuMK/jJdEuqWvAaJRRVmHjmwtIJ9F/vtpxItXSe8q/oiKbL68cbrkmZafE7UFRJR4NF9Op+k4FffocjoYMiFRfbtR5tGS2RUGK98gXHzhM4tM9Qx9vbAvAvF7+5dPH4LK5ZVrgI7MoV1eMWSxKYhD47rPP/0ivBtiR47zTkXo5kAvZWWp7XTgq3UbruBAUfNoramxgl1bZAluZM8aAUdE/lb9pHdbj0IeuOU+gD2xZ/C2fPtmFVXy6k9U==CYRM-----END PGP SIGNATURE-----

L
L
Leo Famulari wrote on 20 Feb 2018 12:52
Re: glibc 2.26 refuses to run on CentOS 6.8
(name . Ricardo Wurmus)(address . ricardo.wurmus@mdc-berlin.de)(address . 30537@debbugs.gnu.org)
20180220115221.GA17373@jasmine.lan
On Mon, Feb 19, 2018 at 08:22:29PM -0500, Leo Famulari wrote:
Toggle quote (8 lines)> My questions are, how does the glibc team choose the minimum kernel> version? What could go wrong if we apply this patch and somebody uses> Guix on a pre-3.2.0 kernel?> > Perhaps they simply chose to not support glibc on any kernel that is not> supported upstream; 3.2.x is the oldest supported release series. But,> we should have some idea of their reasoning, in my opinion.
As far as I can tell, the discussion started on the libc-alpha mailinglist in January 2016:
https://sourceware.org/ml/libc-alpha/2016-01/msg00885.html
... and continued into February:
https://sourceware.org/ml/libc-alpha/2016-02/msg00002.html
These messages can provide some useful context.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlqMC/EACgkQJkb6MLrKfwg4xA//c+wceGCluM0jJlFDxQe8OGGGp1CMbybfNB1ZQ5AKh2b57SH90gEdnKf4rs/C9gsuy2DSfQOSVy4Z8zEZQwAi8CgDqgFkkOFZtALXaujdEOlW9TAtM1lkikPWLVqn+18ZofElNtGPltVhcs713p7NwL03ZyH7TjquFt/gtvV/xgdDFNMLytKKUEHTj/zJygmIiRhmGDSdqwOWpaFlyhiz3nosX0spNRzTtRbAh2OG+fsG+rg8PRWynjCjD/KBXSDyO/g9sCSALD0Gvl2uCLt/h5bNYWoON7XjrdxBrHQQsZGKuLy7KgHD+25Xk1ZmOWoj6ai7PDqgkJkZB3nB0+c3rE713sSBaiLBINVzT7XU7uRrV3Em/pJU/KDwLFdryxyxOPY59+BqjKixP2j2EVAO3ITkwOmuYBYnGtHJM3MOdfgfueJJixRO7U8m4kLZYYQKghiLSRpMOdRmdEtqgcCNwbZJh8UpKYDFeZm81xHjinf0QuwSObTQ1qGXCSPxBiLUI+mHTuVArH6PMo8RHZaXCIa6/rDCXykznuQI5zjFZ2wihKuNOaLtVXHJ3bQ+IEfawuI+upth8/7CUUeeg+gCH94GPRxoTRSoB8qDgQbaofbKp3/zUgFeEO9wi8gmyIHfwMYTBBu34h4n4cmd+i0gYHzmahFVOdbabew6yTefts4==vc4j-----END PGP SIGNATURE-----

R
R
Ricardo Wurmus wrote on 20 Feb 2018 13:34
(name . Leo Famulari)(address . leo@famulari.name)(address . 30537@debbugs.gnu.org)
87woz7rga4.fsf@mdc-berlin.de
Leo Famulari <leo@famulari.name> writes:
Toggle quote (20 lines)> On Mon, Feb 19, 2018 at 08:22:29PM -0500, Leo Famulari wrote:>> My questions are, how does the glibc team choose the minimum kernel>> version? What could go wrong if we apply this patch and somebody uses>> Guix on a pre-3.2.0 kernel?>>>> Perhaps they simply chose to not support glibc on any kernel that is not>> supported upstream; 3.2.x is the oldest supported release series. But,>> we should have some idea of their reasoning, in my opinion.>> As far as I can tell, the discussion started on the libc-alpha mailing> list in January 2016:>> https://sourceware.org/ml/libc-alpha/2016-01/msg00885.html>> ... and continued into February:>> https://sourceware.org/ml/libc-alpha/2016-02/msg00002.html>> These messages can provide some useful context.
The only reason for moving the lower bound to Linux 3.2 is that 2.6 hasreached EOL. This allows the glibc developers to assume certainkernel features and simplify their code.
The RHEL kernels are special, though, in that they are continuouslypatched beyond recognition, backporting features. A RHEL 2.6.32 kernelis very different from a stock 2.6.32 kernel.
The patch explicitly permits a *single* extra kernel version (0x020620 =2.6.32) at runtime, not *all* older kernels, so it isn’t as bad as itmay seem.
For future updates to the glibc we would have to re-evaluate if thecurrent RHEL 6.x kernel still supports all features the glibc expects,and decide once more if we can justify patching glibc to allow that oneparticular kernel version.
--Ricardo
L
L
Leo Famulari wrote on 20 Feb 2018 13:51
(name . Ricardo Wurmus)(address . ricardo.wurmus@mdc-berlin.de)(address . 30537@debbugs.gnu.org)
20180220125136.GA7573@jasmine.lan
On Tue, Feb 20, 2018 at 01:34:27PM +0100, Ricardo Wurmus wrote:
Toggle quote (12 lines)> The only reason for moving the lower bound to Linux 3.2 is that 2.6 has> reached EOL. This allows the glibc developers to assume certain> kernel features and simplify their code.> > The RHEL kernels are special, though, in that they are continuously> patched beyond recognition, backporting features. A RHEL 2.6.32 kernel> is very different from a stock 2.6.32 kernel.> > The patch explicitly permits a *single* extra kernel version (0x020620 => 2.6.32) at runtime, not *all* older kernels, so it isn’t as bad as it> may seem.
Okay, thanks for the clarification.
Toggle quote (5 lines)> For future updates to the glibc we would have to re-evaluate if the> current RHEL 6.x kernel still supports all features the glibc expects,> and decide once more if we can justify patching glibc to allow that one> particular kernel version.
Yes... and this will probably continue for many years. But I do think weshould do something to work around the issue now, and reevaluate oursolution when the pressure is off.
It would be nice if the graft only applied to x86_64-linux, but I'venever considered if that is easy to do or not.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlqMGdUACgkQJkb6MLrKfwjUfRAA1S+p7fadQdisowygmBFOp54UUXFcaTep5zdt1Tl+IefCrYheaZMP+WF95a15m+WdtE6GyQUiw2hNShig2Sau7YIdJj8IR+LNXqbxogzbdnaQHeXe/sO4rUmocN4wPnnNPVOEs487eAUBcOT5j/i0HUTJlT7fjcyWirmHFfS2WtnZqnDo3qErW0rX2D7tiL55lXlfWpo71g9e+1Q2hZVdfwdsGFynhz6gehoZ8VvkaEPEetlBwLKfugMrefOhPCgvoSjJAFQ7CAZxnEZUrzuJRcXYTuPSl2/pwjDVVBHQsjTTL6SK/mfBcn4EJ8IH0b00/ii1GfEH1mT9cmtRKqzBAXqiY09QW6y3h4V5PVKIl0vmtd6GP+KG1hGe9KdXJcUkzT+O4Ztd088ic5w/3rgLb/QJEw37Kasus7h2fLdCxhVrUqZ/wj/EzbKUyvnxV95W2IuwrwDRADDDMdQDYr4u/8VlSUBFyWMEteyZwBTo5mJTpNwzhcjE1zwZTfUGqqD+dZNSyyHK3W6z0gP88YXp1KCOc9TEKsAQGRB0FzTfL0R4bp60Vr3MaCwMIGftNvF+7yPl5ZNY6WJHDBto5qfcmZhHX3vmSiV73kPX3Sk8kWLeQbI2xBrwLtlZE5BDDU7aoxEfG8aFjdza/YF43ErXKVx3nBnNVSZp+GG1L9s86rg==Pcen-----END PGP SIGNATURE-----

R
R
Ricardo Wurmus wrote on 20 Feb 2018 15:33
(name . Leo Famulari)(address . leo@famulari.name)(address . 30537@debbugs.gnu.org)
idj606r4tnv.fsf@bimsb-sys02.mdc-berlin.net
Leo Famulari <leo@famulari.name> writes:
Toggle quote (12 lines)>> For future updates to the glibc we would have to re-evaluate if the>> current RHEL 6.x kernel still supports all features the glibc expects,>> and decide once more if we can justify patching glibc to allow that one>> particular kernel version.>> Yes... and this will probably continue for many years. But I do think we> should do something to work around the issue now, and reevaluate our> solution when the pressure is off.>> It would be nice if the graft only applied to x86_64-linux, but I've> never considered if that is easy to do or not.
I don’t know if we can graft a package only for a single architecture.At least at the time of ungrafting we could apply the patch only onx86_64 (and only rebuild the world for that architecture).
FWIW: I’ve applied this patch to the installation at the MDC and itworks fine. The biggest downside here is the slowness of grafts overNFS (I still need to update the protocol to NFS 4.1) and the many linesof output that are amplified by communicating with a remote daemon.
Other than that I’m happy that this crisis could be temporarily averted.
I’d like to have this in master, though, so that people can run “guixpull” again and actually get working software.
--Ricardo
R
R
Ricardo Wurmus wrote on 20 Feb 2018 18:55
(address . 30537@debbugs.gnu.org)
87sh9vr1ej.fsf@mdc-berlin.de
Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:
Toggle quote (28 lines)> Leo Famulari <leo@famulari.name> writes:>>>> For future updates to the glibc we would have to re-evaluate if the>>> current RHEL 6.x kernel still supports all features the glibc expects,>>> and decide once more if we can justify patching glibc to allow that one>>> particular kernel version.>>>> Yes... and this will probably continue for many years. But I do think we>> should do something to work around the issue now, and reevaluate our>> solution when the pressure is off.>>>> It would be nice if the graft only applied to x86_64-linux, but I've>> never considered if that is easy to do or not.>> I don’t know if we can graft a package only for a single architecture.> At least at the time of ungrafting we could apply the patch only on> x86_64 (and only rebuild the world for that architecture).>> FWIW: I’ve applied this patch to the installation at the MDC and it> works fine. The biggest downside here is the slowness of grafts over> NFS (I still need to update the protocol to NFS 4.1) and the many lines> of output that are amplified by communicating with a remote daemon.>> Other than that I’m happy that this crisis could be temporarily averted.>> I’d like to have this in master, though, so that people can run “guix> pull” again and actually get working software.
I should note that now every Guix command first prints this:
GC Warning: pthread_getattr_np or pthread_attr_getstack failed for main thread
I suspect that this is not good. Guix was built with the grafted glibc.
--Ricardo
M
M
Mark H Weaver wrote on 22 Feb 2018 00:12
Re: bug#30537: glibc 2.26 refuses to run on CentOS 6.8
(name . Ricardo Wurmus)(address . ricardo.wurmus@mdc-berlin.de)
87bmgiey3k.fsf@netris.org
Hi Ricardo,
Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:
Toggle quote (7 lines)> Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:>>> Here’s a patch to graft the glibc to apply the patch to allow the 2.6.32>> kernel. I’m going to apply this at work now.>> That patch had a couple of problems. Here’s a new version.
[...]
Toggle quote (66 lines)> diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm> index b2c1d232f..111bbbcec 100644> --- a/gnu/packages/base.scm> +++ b/gnu/packages/base.scm> @@ -12,6 +12,7 @@> ;;; Copyright © 2017 Mathieu Othacehe <m.othacehe@gmail.com>> ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>> ;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org>> +;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>> ;;;> ;;; This file is part of GNU Guix.> ;;;> @@ -537,6 +538,7 @@ store.")> ;; Note: Always use a dot after the minor version since various places rely> ;; on "version-major+minor" to determine where locales are found.> (version "2.26.105-g0890d5379c")> + (replacement glibc-2.26-patched)> (source (origin> (method url-fetch)> (uri (string-append "https://alpha.gnu.org/gnu/guix/mirror/"> @@ -839,10 +841,20 @@ GLIBC/HURD for a Hurd host"> ;; Below are old libc versions, which we use mostly to build locale data in> ;; the old format (which the new libc cannot cope with.)> > +(define glibc-2.26-patched> + (package> + (inherit glibc)> + (replacement #f)> + (source (origin> + (inherit (package-source glibc))> + (patches (cons (search-patch "glibc-allow-kernel-2.6.32.patch")> + (origin-patches (package-source glibc))))))))> +> (define-public glibc-2.25> (package> (inherit glibc)> (version "2.25")> + (replacement #f)> (source (origin> (inherit (package-source glibc))> (uri (string-append "mirror://gnu/glibc/glibc-"> @@ -862,6 +874,7 @@ GLIBC/HURD for a Hurd host"> (package> (inherit glibc)> (version "2.24")> + (replacement #f)> (source (origin> (inherit (package-source glibc))> (uri (string-append "mirror://gnu/glibc/glibc-"> @@ -882,6 +895,7 @@ GLIBC/HURD for a Hurd host"> (package> (inherit glibc)> (version "2.23")> + (replacement #f)> (source (origin> (inherit (package-source glibc))> (uri (string-append "mirror://gnu/glibc/glibc-"> @@ -905,6 +919,7 @@ GLIBC/HURD for a Hurd host"> (package> (inherit glibc)> (version "2.22")> + (replacement #f)> (source (origin> (inherit (package-source glibc))> (uri (string-append "mirror://gnu/glibc/glibc-"
These (replacement #f) fields should not be needed. 'replacement' isnow an 'innate' field of the package record type, which means that it isnot inherited.
Toggle quote (31 lines)> diff --git a/gnu/packages/commencement.scm b/gnu/packages/commencement.scm> index 7286e954c..db43691fd 100644> --- a/gnu/packages/commencement.scm> +++ b/gnu/packages/commencement.scm> @@ -4,6 +4,7 @@> ;;; Copyright © 2012 Nikita Karetnikov <nikita@karetnikov.org>> ;;; Copyright © 2014, 2015, 2017 Mark H Weaver <mhw@netris.org>> ;;; Copyright © 2017, 2018 Efraim Flashner <efraim@flashner.co.il>> +;;; Copyright © 2018 Ricardo Wurmus <rekado@elephly.net>> ;;;> ;;; This file is part of GNU Guix.> ;;;> @@ -486,7 +487,7 @@ the bootstrap environment."> ;; built just below; the only difference is that this one uses the> ;; bootstrap Bash.> (package-with-bootstrap-guile> - (package (inherit glibc)> + (package/inherit glibc> (name "glibc-intermediate")> (arguments> `(#:guile ,%bootstrap-guile> @@ -664,7 +665,7 @@ exec ~a/bin/~a-~a -B~a/lib -Wl,-dynamic-linker -Wl,~a/~a \"$@\"~%"> > (define glibc-final> ;; The final glibc, which embeds the statically-linked Bash built above.> - (package (inherit glibc-final-with-bootstrap-bash)> + (package/inherit glibc-final-with-bootstrap-bash> (name "glibc")> (inputs `(("static-bash" ,static-bash-for-glibc)> ,@(alist-delete
We seem to be oscillating on the question of whether to graft theseearly GLIBCs. In June 2017, I switched to using 'package/inherit' herein commit 13f7f2fd2b208c29361ef2290f55911879a6adf2, and in October thosechanges were reverted in commit 848f550f2c105326dc3be4033c8aaf35ec21cde4by Efraim, although I'm not sure why.
It'll be painful to have *everything* grafted until the nextcore-updates cycle, but I suppose it's necessary.
Thanks, Mark
E
E
Efraim Flashner wrote on 22 Feb 2018 21:30
(name . Mark H Weaver)(address . mhw@netris.org)
20180222203054.GC4154@macbook41
On Wed, Feb 21, 2018 at 06:12:31PM -0500, Mark H Weaver wrote:
Toggle quote (2 lines)> Hi Ricardo,>
...
Toggle quote (8 lines)> > We seem to be oscillating on the question of whether to graft these> early GLIBCs. In June 2017, I switched to using 'package/inherit' here> in commit 13f7f2fd2b208c29361ef2290f55911879a6adf2, and in October those> changes were reverted in commit 848f550f2c105326dc3be4033c8aaf35ec21cde4> by Efraim, although I'm not sure why.>
Probably a misunderstanding on my part, I assumed it was switched topackage/inherit as part of the grafting, and then should be switchedback.
Toggle quote (7 lines)> It'll be painful to have *everything* grafted until the next> core-updates cycle, but I suppose it's necessary.> > Thanks,> Mark>
We could also have an 'ungraft everything' branch before we get to thenext round of core-updates.
-- Efraim Flashner <efraim@flashner.co.il> אפרים פלשנרGPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351Confidentiality cannot be guaranteed on emails sent or received unencrypted
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAlqPKHsACgkQQarn3Mo9g1EpqBAAj58A7DWMu6MZ+ufrQjxROiiZtHEIFTQYUSKvh+YSdmqyhfQpWotFm9h6XHxqiVt/kfi/e0fH3axkLYtHeJptIHxFuYj94mqLLv4Ho6qMyrdi5xIjX5s+CN9ohsnl7RbFrH3MHbPL39cVWgdDi3nJwLzqCvgFxyPbxrTtmrlesW/GdfzqMSn+6gZ06h68KuRQjTW/1UJb7XNjUS0fLXoUlHPGSPk6KtaGugIWfgVHDV8WxgZ6yaH1+abYhOByw6vDCYeyt2jW1vhjRi8SsvmXKjGVNdX+LgLN5eIxk5gpBke0K0tfBSJfrybPgCEDTtUzxsO7WMVCIbU8Lf7DRTubtZfiqoZIdDPEygY5xq0Al9WsF8oBgae3Wuyk3NE4iwiI0QWwlb/z17H/3Zi7E2YRYqsy+xgEGoyRFhW+3ekLrM6vN1l/moz2JfPFxRoAN2H9kY7nouwfMnsbsABLgyuOllJdZgtfdRhoOSG+uCEcLuoU0QzMEXtyrPigtQx3MsJ1UH0Z8+GBgSFUC6wEXDapYDZ/zl6bqWHxe6X4N4P6CqQlkLxU/k1PRgO2/3BLNrSzCfpkBwDHKsuYof7fHPSuBv/ecW1dkHgCz/KASRP2hbg+Bxv+NUIF1JbiY7PpkJ47RpLfR/TbBCb8CpO61zWI0myaxeVU6QOiZeOyG7lVAo8==JZey-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote on 23 Feb 2018 23:01
Grafts vs. early bootstrapping packages
(name . Mark H Weaver)(address . mhw@netris.org)
87muzz9xhm.fsf_-_@gnu.org
Hello,
Mark H Weaver <mhw@netris.org> skribis:
Toggle quote (2 lines)>> Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:
[...]
Toggle quote (14 lines)>> (define glibc-final>> ;; The final glibc, which embeds the statically-linked Bash built above.>> - (package (inherit glibc-final-with-bootstrap-bash)>> + (package/inherit glibc-final-with-bootstrap-bash>> (name "glibc")>> (inputs `(("static-bash" ,static-bash-for-glibc)>> ,@(alist-delete>> We seem to be oscillating on the question of whether to graft these> early GLIBCs. In June 2017, I switched to using 'package/inherit' here> in commit 13f7f2fd2b208c29361ef2290f55911879a6adf2, and in October those> changes were reverted in commit 848f550f2c105326dc3be4033c8aaf35ec21cde4> by Efraim, although I'm not sure why.
I doesn’t make sense to graft “glibc-intermediate” because it’s onlyused in ‘static-bash-for-glibc’, which statically links against it. Thesituation is similar with the “-boot0” packages: they are not referencedby the packages we use.
So I think 848f550f2c105326dc3be4033c8aaf35ec21cde4 was a good idea.f00b85ff8d34df0a1879e593d4a85629b8586af7 does something similar.
Ludo’.
L
L
Ludovic Courtès wrote on 23 Feb 2018 23:26
Re: glibc 2.26 refuses to run on CentOS 6.8
(name . Ricardo Wurmus)(address . ricardo.wurmus@mdc-berlin.de)
87fu5r9wcb.fsf@gnu.org
Hello,
Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> skribis:
Toggle quote (3 lines)> I have a bad day. After the upgrade to glibc 2.26 none of the> Guix-installed software runs on the HPC cluster running CentOS 6.8.
Bah. :-(
Toggle quote (3 lines)> The glibc 2.26 expects a minimum kernel version of 3.x on x86_64, but> CentOS 6.8 only comes with a heavily patched 2.6.32.
It’s annoying, but we can surely apply the patch you sent (though ratherby passing ‘--enable-kernel’ if possible, as Danny suggested.)

personality(2) has a knob to change the kernel version reported byuname(2) to 2.6. Here it’s a case where we’d need the reverse:reporting 3.2 instead of 2.6. That doesn’t seem to exist.
Looking for other hacks (or kludges), I found the kernel module below athttps://www.linuxquestions.org/questions/linux-general-1/uname-hack-modules-in-kernel-2-6-a-172167/,which could be adjusted to report a different kernel version:
Toggle snippet (26 lines)#include <linux/kernel.h>#include <linux/module.h>#include <linux/utsname.h>
#ifndef UNAME_DUMB_STEPPING#define UNAME_DUMB_STEPPING '5';#endif
MODULE_AUTHOR("The one who invented the uname hack");MODULE_DESCRIPTION("Changes the uname output");MODULE_LICENSE("GPL");
static int uname_hack_init() { save = system_utsname.machine[1]; system_utsname.machine[1] = UNAME_DUMB_STEPPING; return 0;}
static void uname_hack_cleanup() { system_utsname.machine[1] = save;}
module_init(uname_hack_init);module_exit(uname_hack_cleanup);
Another option would be to ptrace processes, handle the first ‘uname’call, and then PTRACE_DETACH. Ugly.
Ludo’.
L
L
Ludovic Courtès wrote on 26 Feb 2018 16:13
control message for bug #30537
(address . control@debbugs.gnu.org)
87a7vvwzq4.fsf@gnu.org
severity 30537 serious
R
R
Ricardo Wurmus wrote on 9 Mar 2018 23:19
(address . control@debbugs.gnu.org)
E1euQMI-0003EH-OW@debbugs.gnu.org
tags 30537 fixedclose 30537
?
Your comment

This issue is archived.

To comment on this conversation send email to 30537@debbugs.gnu.org