Skip to content

fix(installer): rknpu version check SIGPIPEs strings, aborting the first clean install (#1560)#1561

Merged
jaylfc merged 4 commits into
devfrom
fix/rknpu-strings-sigpipe
Jul 2, 2026
Merged

fix(installer): rknpu version check SIGPIPEs strings, aborting the first clean install (#1560)#1561
jaylfc merged 4 commits into
devfrom
fix/rknpu-strings-sigpipe

Conversation

@jaylfc

@jaylfc jaylfc commented Jul 2, 2026

Copy link
Copy Markdown
Owner

Root-causes the deterministic first-run abort of install-rknpu.sh that @mandresve reported across two clean Bookworm installs (#1560, formerly #1543). It was not ldconfig.

The librknnrt version check ran strings $tmp | awk '/librknnrt version: / { print $3; exit }'. awk exits on the first match and closes the pipe while strings still has ~7MB of the binary left to write, so strings takes SIGPIPE. Under set -o pipefail the substitution exits 141, and with set -e that aborts the whole install. It only triggers where binutils is present (mandresve's vendor image has it) and only on the first run: the second run finds librknnrt already at 2.3.0 and skips the entire pin block, which is exactly the reported deterministic-first / working-second pattern.

Fix: awk reads to EOF (first match, no early exit) and the assignment is guarded so a strings/awk hiccup is never fatal; the same early-exit pattern is removed from librknnrt_current_version. Proven with a set -e -o pipefail repro (old pattern exits 141, new returns the version, exits 0).

Fixes #1560.

Summary by CodeRabbit

  • Bug Fixes
    • Fixed an installer issue that could interrupt the first clean run when checking the RK3588 NPU runtime version with binutils installed.
    • Improved runtime version detection to prevent premature failures during version probe checks.
    • Strengthened pinned-runtime verification so installation continues when a version can’t be confirmed, using an automatic fallback.
  • Documentation
    • Added an Unreleased changelog entry describing the RK3588 NPU installer fix.

@qodo-code-review

Copy link
Copy Markdown

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@jaylfc, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 1 minute

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 48a4f3a7-11f5-4d84-8c1d-dc8ffbf95719

📥 Commits

Reviewing files that changed from the base of the PR and between aa6d532 and e06f4f7.

📒 Files selected for processing (2)
  • CHANGELOG.md
  • scripts/install-rknpu.sh
📝 Walkthrough

Walkthrough

The librknnrt version-check logic in scripts/install-rknpu.sh is updated to avoid early pipeline termination under set -euo pipefail, and CHANGELOG.md adds an entry for the installer fix.

Changes

Installer version-check fix

Layer / File(s) Summary
Version detection pipeline fix
scripts/install-rknpu.sh
librknnrt_current_version now reads to EOF and returns the first matching version instead of using an early exit in awk, avoiding SIGPIPE under pipefail.
Pinned-runtime verification fix and changelog
scripts/install-rknpu.sh, CHANGELOG.md
pin_librknnrt now wraps the verification probe in an if flow, warns on probe failure, and preserves the empty fallback path; CHANGELOG.md adds an Unreleased Fixed note for the RK3588 NPU install issue.

Estimated code review effort: 2 (Simple) | ~10 minutes

Possibly related issues

Possibly related PRs

  • jaylfc/taOS#786: Modifies the same librknnrt_current_version/pin_librnnrt version-detection logic to prevent premature pipeline failures.
  • jaylfc/taOS#1533: Modifies the same strings | awk version extraction/validation pipeline in install-rknpu.sh.
  • jaylfc/taOS#1534: Modifies the same librknnrt version-detection/pinning flow and strings|awk-based verification.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the installer SIGPIPE fix in rknpu version checking.
Linked Issues check ✅ Passed The changes address #1560 by preventing the first-run install from aborting during the librknnrt version probe.
Out of Scope Changes check ✅ Passed The PR stays focused on the installer fix and a brief changelog note, with no clear unrelated code changes.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/rknpu-strings-sigpipe

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@gitar-bot

gitar-bot Bot commented Jul 2, 2026

Copy link
Copy Markdown

Gitar is working

Gitar

@kilo-code-bot

kilo-code-bot Bot commented Jul 2, 2026

Copy link
Copy Markdown

Code Review Summary

Status: No Issues Found | Recommendation: Merge

The previous review's outstanding suggestion at scripts/install-rknpu.sh:105 — that the strings "$LIBRKNNRT_DEST" 2>/dev/null in librknnrt_current_version was inconsistent with the version-verify site's policy of letting strings's real diagnostic surface — is fully resolved in commit 4/4 (final HEAD). librknnrt_current_version now calls strings "$LIBRKNNRT_DEST" | awk ... with no 2>/dev/null, matching the rationale documented at the pin site. Both call sites are consistent: strings errors on a corrupt/vendored binary now propagate to the log instead of being silently swallowed. The warn + if-capture flow in pin_librknnrt distinguishes a genuine strings/awk failure from a missing version string, and the redundant verified="" reset is gone. No new issues found in the changed code.

Files Reviewed (2 files)
  • CHANGELOG.md
  • scripts/install-rknpu.sh
Previous Review Summaries (4 snapshots, latest commit 62f8775)

Current summary above is authoritative. Previous snapshots are kept for context only.

Previous review (commit 62f8775)

Status: 1 Issue Found | Recommendation: Address before merge (minor)

Overview

Severity Count
CRITICAL 0
WARNING 0
SUGGESTION 1
Issue Details (click to expand)

SUGGESTION

File Line Issue
scripts/install-rknpu.sh 105 Newly-added strings "$LIBRKNNRT_DEST" 2>/dev/null is inconsistent with commit 3/3's rationale at line 358 (which explicitly removed 2>/dev/null so strings's real diagnostic surfaces). If strings fails on the installed library (vendor perms, corrupted ELF), the env banner silently shows no NPU runtime line. Under set -o pipefail + set -e in unguarded callers, this also reintroduces the same abort class the rest of this PR fixes.
Files Reviewed (2 files)
  • CHANGELOG.md - 0 issues
  • scripts/install-rknpu.sh - 1 issue

Fix these issues in Kilo Cloud

Previous review (commit aa6d532)

Status: No Issues Found | Recommendation: Merge

The previous review's outstanding suggestion (the strings 2>/dev/null swallowing of strings's real error and the redundant verified="" reset, on scripts/install-rknpu.sh:357) has been fully addressed in commit 3/3 of this PR: 2>/dev/null is no longer applied to strings, and the redundant verified="" reset was removed. The warn now fires only on a genuine strings/awk failure and strings's real diagnostic surfaces alongside it. No new issues were found in the changed code.

Files Reviewed (2 files)
  • CHANGELOG.md
  • scripts/install-rknpu.sh

Previous review (commit bc57d76)

Status: 1 Issue Found | Recommendation: Address before merge (minor)

Overview

Severity Count
CRITICAL 0
WARNING 0
SUGGESTION 1
Issue Details (click to expand)

SUGGESTION

File Line Issue
scripts/install-rknpu.sh 357 The warn improves on the previous silent `
Files Reviewed (2 files)
  • CHANGELOG.md - 0 issues
  • scripts/install-rknpu.sh - 1 issue

Fix these issues in Kilo Cloud

Previous review (commit 744e1eb)

Status: 1 Issue Found | Recommendation: Address before merge (minor)

Overview

Severity Count
CRITICAL 0
WARNING 0
SUGGESTION 1
Issue Details (click to expand)

SUGGESTION

File Line Issue
scripts/install-rknpu.sh 350 `
Files Reviewed (2 files)
  • CHANGELOG.md - 0 issues
  • scripts/install-rknpu.sh - 1 issue

Fix these issues in Kilo Cloud


Reviewed by minimax-m3 · Input: 47.6K · Output: 2.7K · Cached: 439.7K

Comment thread scripts/install-rknpu.sh Outdated
# #1543). The second run only worked because librknnrt was already at
# 2.3.0 and this whole pin block was skipped. Read to EOF (no early
# exit) and guard the assignment so a strings/awk hiccup is never fatal.
verified="$(strings "$tmp" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }')" || true

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SUGGESTION: The || true on this command substitution combined with 2>/dev/null on strings means a genuine strings/awk failure on the downloaded runtime is now indistinguishable from a missing version string. The fallback at line 353 reads the same binary content from $LIBRKNNRT_DEST, so if strings truly can't read this file it'll likely fail there too, and the only operator-visible signal becomes the "skipping version-string re-check" log — which previously meant "binutils missing" and now also means "strings/awk failed silently". Consider logging a warn when the primary substitution returns empty so future first-run failures aren't masked during diagnostics.

Suggested change
verified="$(strings "$tmp" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }')" || true
if verified_output="$(strings "$tmp" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }')"; then
verified="$verified_output"
else
warn "strings/awk version probe failed on $tmp; falling back to installed path"
fi

Reply with @kilocode-bot fix it to have Kilo Code address this issue.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
scripts/install-rknpu.sh (1)

105-105: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Consider deduplicating the version-parsing awk pattern.

The same strings | awk '/librknnrt version: / && !seen {...}' logic now exists in two places. Since this exact duplication is what let the original early-exit bug slip into only one of the two nearly-identical pipelines historically, extracting a small shared helper (e.g., _librknnrt_parse_version <file>) would reduce the chance of future fixes only being applied to one site.

♻️ Example consolidation
+# Reads librknnrt version string from a binary via `strings`. Reads to EOF
+# (no early awk exit) to avoid SIGPIPE under `set -o pipefail`.
+_librknnrt_parse_version() {
+    strings "$1" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }'
+}
+
 librknnrt_current_version() {
     if [[ -f "$LIBRKNNRT_DEST" ]] && command -v strings >/dev/null 2>&1; then
-        strings "$LIBRKNNRT_DEST" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }'
+        _librknnrt_parse_version "$LIBRKNNRT_DEST"
     fi
 }
-        verified="$(strings "$tmp" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }')" || true
+        verified="$(_librknnrt_parse_version "$tmp")" || true

Also applies to: 350-350

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/install-rknpu.sh` at line 105, The version-parsing logic in the
install script is duplicated, so update the two `strings | awk '/librknnrt
version: / && !seen { ... }'` call sites to use a shared helper such as
`_librknnrt_parse_version`. Keep the helper focused on extracting the first
`librknnrt version` match from a given file, and have both existing version
checks call it instead of repeating the awk pipeline directly.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@scripts/install-rknpu.sh`:
- Line 105: The version-parsing logic in the install script is duplicated, so
update the two `strings | awk '/librknnrt version: / && !seen { ... }'` call
sites to use a shared helper such as `_librknnrt_parse_version`. Keep the helper
focused on extracting the first `librknnrt version` match from a given file, and
have both existing version checks call it instead of repeating the awk pipeline
directly.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 71df4a6a-a9b8-4066-b9ce-2e16774f7c08

📥 Commits

Reviewing files that changed from the base of the PR and between 2b5659f and 744e1eb.

📒 Files selected for processing (2)
  • CHANGELOG.md
  • scripts/install-rknpu.sh

Comment thread scripts/install-rknpu.sh
if verified="$(strings "$tmp" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }')"; then
:
else
warn "strings/awk version probe failed on the downloaded runtime; falling back to the installed path"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SUGGESTION: The warn here is a step up from silent failure, but it still loses the root cause: strings "$tmp" 2>/dev/null discards strings's own stderr, so when the probe genuinely fails (truncated download, perms, corrupted ELF, etc.) the operator only sees "strings/awk version probe failed on the downloaded runtime" with no clue why. Either drop the 2>/dev/null on strings so its real error surfaces, or capture and include it in the warn, e.g. if ! err="$(strings "$tmp" 2>&1 >/dev/null)"; then warn "strings failed: $err"; fi paired with a separate stdout-only capture. Also, verified="" on the next line is redundant — when the if-condition fails, verified is already empty from the failed substitution.

Suggested change
warn "strings/awk version probe failed on the downloaded runtime; falling back to the installed path"
if verified="$(strings "$tmp" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }')"; then
:
else
warn "strings/awk version probe failed on the downloaded runtime; falling back to the installed path"
fi

Reply with @kilocode-bot fix it to have Kilo Code address this issue.

@jaylfc jaylfc force-pushed the fix/rknpu-strings-sigpipe branch from aa6d532 to 62f8775 Compare July 2, 2026 22:41
Comment thread scripts/install-rknpu.sh Outdated
# No early awk exit: it SIGPIPEs strings and trips pipefail (see the
# note at the version-verify site). Read to EOF and print the first
# match only.
strings "$LIBRKNNRT_DEST" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }'

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SUGGESTION: The newly-added 2>/dev/null on strings "$LIBRKNNRT_DEST" is inconsistent with the rationale in commit 3/3 at line 358, which explicitly removed 2>/dev/null so strings's real diagnostic surfaces on a failed probe ("if the probe fails (truncated download, bad perms, corrupted ELF) its real error is the diagnostic"). The same logic applies here: if strings fails on the installed library (vendor image with unusual perms, corrupted ELF, etc.), the env banner that consumes this output will silently show no NPU runtime line with no operator-visible cause. Either drop the 2>/dev/null to match the line 358 policy, or capture and surface the error like the pin-site does. Note: under set -o pipefail + set -e, a failed strings here would also abort the whole script if the caller didn't guard it, which is the same class of bug the rest of this PR is fixing.

Suggested change
strings "$LIBRKNNRT_DEST" 2>/dev/null | awk '/librknnrt version: / && !seen { print $3; seen=1 }'
strings "$LIBRKNNRT_DEST" | awk '/librknnrt version: / && !seen { print $3; seen=1 }'

Reply with @kilocode-bot fix it to have Kilo Code address this issue.

jaylfc added 4 commits July 3, 2026 00:05
…irst install

The deterministic first-run abort of install-rknpu.sh (#1560, #1543) was NOT
ldconfig. The librknnrt version check ran:

    verified="$(strings "$tmp" | awk '/librknnrt version: / { print $3; exit }')"

awk exits on the first match, closing the pipe while strings still has ~7MB to
write, so strings dies with SIGPIPE. Under set -o pipefail the substitution
exits 141, and with set -e that aborted the entire install. It only mattered
where binutils (strings) is present, and only on the FIRST run: the second run
found librknnrt already pinned to 2.3.0 and skipped this whole block, which is
exactly the deterministic-first-run / working-second-run pattern reported.

Fix: awk reads to EOF (prints the first match without exiting) and the
assignment is guarded, so a strings/awk hiccup can never be fatal. Same
early-exit pattern removed from librknnrt_current_version for consistency.
Proven with a set -e -o pipefail repro: old pattern exits 141, new returns the
version and exits 0.

Fixes #1560.
…robe fails

Folds Kilo: distinguishing a genuine strings/awk failure from a missing
version string, so a future first-run problem is not masked as the benign
binutils-absent case. The pipeline status is captured via the if-condition
(still no early awk exit, so no SIGPIPE abort).
…; drop redundant reset

- remove 2>/dev/null from the strings probe so a genuine failure (truncated
  download, bad perms, corrupted ELF) shows its real diagnostic in the log
  instead of only the ambiguous warn
- drop the redundant verified="" reset: a failed command substitution already
  leaves the variable empty
… probe too

Fold Kilo nit: librknnrt_current_version() kept 2>/dev/null, inconsistent with
the version-verify site that dropped it so a real strings failure (vendor perms,
corrupted ELF) surfaces in the log instead of the banner silently dropping the
runtime line. The awk already reads to EOF and both callers guard with || true,
so a probe failure still cannot abort the install.
@jaylfc jaylfc force-pushed the fix/rknpu-strings-sigpipe branch from 62f8775 to e06f4f7 Compare July 2, 2026 23:05
@jaylfc jaylfc merged commit e6e44a6 into dev Jul 2, 2026
9 checks passed
@jaylfc jaylfc deleted the fix/rknpu-strings-sigpipe branch July 2, 2026 23:29
@github-project-automation github-project-automation Bot moved this from Todo to Done in TinyAgentOS Roadmap Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Development

Successfully merging this pull request may close these issues.

1 participant