I now use gentoo linux with gcc 4.3.4, which has FORTIFY_SOURCE feature. When I built gromacs 4.0.5 with this gcc, every command, like grompp, pdb2gmx and so on, makes buffer overflow and stoppes immediately. Reproducible: Always Steps to Reproduce: 1. emerge -av sci-chemistry/gromacs with KEYWORD="~AMD64" with gcc-4.3.4 2. run "grompp" or "pdb2gmx", which are the binary from gromacs package in any kinds of terminal software. 3. Actual Results: you can see the message, which tells us these commands stop because of buffer overflow. Expected Results: For example, in the case of grompp, you can see the message File input/output error: grompp.mdp araki@hoata ~ $ emerge --info Portage 2.2_rc40 (default/linux/amd64/2008.0, gcc-4.3.4, glibc-2.10.1-r0, 2.6.30-gentoo-r5 x86_64) ================================================================= System uname: Linux-2.6.30-gentoo-r5-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_4400+-with-gentoo-1.12.11.1 Timestamp of tree: Wed, 09 Sep 2009 03:00:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 3.2_p39 dev-lang/python: 2.6.2-r1 dev-util/ccache: 2.4-r7 dev-util/cmake: 2.6.4-r2 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.6.3, 1.7.9-r1, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=native" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-O2 -pipe -march=native" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests ccache distlocks fixpackages parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.ecc.u-tokyo.ac.jp/GENTOO http://ftp.iij.ad.jp/pub/linux/gentoo/ ftp://ftp.iij.ad.jp/pub/linux/gentoo/ " LANG="ja_JP.UTF-8" LDFLAGS="-Wl,-O1" LINGUAS="ja" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/science /home/araki/self-portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X accessibility acl acpi alsa amd64 anthy avahi avi bash-completion berkdb bitmap-fonts bzip2 cairo cdr cjk cli cracklib crypt cups dbus dlloader dri dvd dvdr dvdread eds emboss encode esd fam firefox fortran gdbm gfortran gif gnome gpm gstreamer gtk gtk2 hal iconv imap immqt-bc ipv6 isdnlog jpeg kde4 ldap libg++ mad mdnsresponder-compat mikmod mmx mp3 mpeg mudflap mule multilib ncurses nls nptl nptlonly ogg opengl openmp oss pam pcre pdf pdflib perl png pop ppds pppd python qt qt3support qt4 quicktime readline reflection samba sdl session spell spl sqlite sse sse2 ssl svg sysfs taglib tcltk tcpd tiff truetype truetype-fonts type1-fonts udev unicode utempter vorbis xcb xml xorg xpm xulrunner xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="ja" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
There are two ways to avoid this buffer overflow; 1: specify commands in absolute path, like /usr/bin/grompp. 2: kill FORTIFY_SOURCE feature with CFLAGS="-U_FORTIFY_SOURCE" when emerge gromacs
Please read the "Gentoo Bug Reporting Guide"[1] before opening a bug. [1] - http://www.gentoo.org/doc/en/bugzilla-howto.xml
Created attachment 203754 [details] buffer overflow message This is the buffer overflow message when I just type "grompp".
Created attachment 203756 [details] No buffer overflow occures when specifying absolute path When I type "grompp" command with an absolute path like "/usr/bin/grompp", no buffer overflow occures.
To avoid this buffer overflow, I already reported 2 cases in Comment #1. I have found new 2 cases. 3. super user does not get overflow. 4. running command on gdb have no overflow. Case 4 makes it difficult for me to report this issue more further. Regards,
comment #1 point 1 sounds very strange to me. What makes the difference between the full path and the normal call? I can not confirm the bug on x86! Is there someone with amd64?
(In reply to comment #6) > comment #1 point 1 sounds very strange to me. > What makes the difference between the full path and the normal call? > > I can not confirm the bug on x86! Is there someone with amd64? > Also i cannot see this bug on x86_64
Could this be some weird locale issue? The OP has LANG="ja_JP.UTF-8" LINGUAS="ja" cheers, Markus
I just re-emerge gromacs-4.0.5 with these environment variables, LANG="C" LINGUAS="en". In conclusion, the situations are the same as previous. Commands (grompp, pdb2gmx, and so on) make buffer overflow and stop. Does comment #7 mean this trouble depends on my local problems? The following is my now's emerge --info results. Thanks araki@hoata ~ $ echo $LANG C araki@hoata ~ $ echo $LINGUAS en araki@hoata ~ $ emerge --info Portage 2.2_rc40 (default/linux/amd64/2008.0, gcc-4.3.4, glibc-2.10.1-r0, 2.6.30-gentoo-r5 x86_64) ================================================================= System uname: Linux-2.6.30-gentoo-r5-x86_64-AMD_Athlon-tm-_64_X2_Dual_Core_Processor_4400+-with-gentoo-1.12.11.1 Timestamp of tree: Wed, 09 Sep 2009 03:00:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 3.2_p39 dev-lang/python: 2.6.2-r1 dev-util/ccache: 2.4-r7 dev-util/cmake: 2.6.4-r2 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.6.3, 1.7.9-r1, 1.9.6-r2, 1.10.2 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6a virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=native" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c /etc/udev/rules.d" CXXFLAGS="-O2 -pipe -march=native" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests ccache distlocks fixpackages parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.ecc.u-tokyo.ac.jp/GENTOO http://ftp.iij.ad.jp/pub/linux/gentoo/ ftp://ftp.iij.ad.jp/pub/linux/gentoo/ " LANG="C" LDFLAGS="-Wl,-O1" LINGUAS="en" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage/layman/science /home/araki/self-portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X accessibility acl acpi alsa amd64 anthy avahi avi bash-completion berkdb bitmap-fonts bzip2 cairo cdr cjk cli cracklib crypt cups dbus dlloader dri dvd dvdr dvdread eds emboss encode esd fam firefox fortran gdbm gfortran gif gnome gpm gstreamer gtk gtk2 hal iconv imap immqt-bc ipv6 isdnlog jpeg kde4 ldap libg++ mad mdnsresponder-compat mikmod mmx mp3 mpeg mudflap mule multilib ncurses nls nptl nptlonly ogg opengl openmp oss pam pcre pdf pdflib perl png pop ppds pppd python qt qt3support qt4 quicktime readline reflection samba sdl session spell spl sqlite sse sse2 ssl svg sysfs taglib tcltk tcpd tiff truetype truetype-fonts type1-fonts udev unicode utempter vorbis xcb xml xorg xpm xulrunner xv zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
(In reply to comment #9) > Does comment #7 mean this trouble depends on my local problems? > It is probably a bug in gromacs itself (I've seen reports like this on their list) and it would be best if you report the problem upstream. Since I am not able to reproduce it I can't really do much about it at this point. Upstream will hopefully know much better what the culprit might be. Please keep us posted. Cheers, Markus
I found a new but maybe important point. My gentoo + gromacs 4.0.5 system does not have GMXLIB environmental variables. In my /etc/env.d/80gromacs, 4 environmental variables are defined, like; GMXBIN=/usr/bin GMXLDLIB=/usr/lib64 GMXMAN=/usr/share/man GMXDATA=/usr/share. When I just set these 4 variables, I found gromacs makes overflow. Next, I set GMXLIB like export GMXLIB=/usr/share/gromacs/top, it worked fine! I also checked, if unset GMXLIB, overflow came again.
Ok, this is done by line 207 of gromacs-4.0.5.ebuild: sed -n -e '/^GMXBIN/,/^GMXDATA/p' "${D}"/usr/bin/GMXRC.bash > "${T}/80gromacs" Even having no problems with GMXLDLIB, I guess it should be GMXLIB instead, because GMXLDLIB appears nowhere in the gromacs source, while GMXLIB appears at the several (important) places. File a upstream bug?
I searched the origin of this issue in these days, however it was too heavy for me to understand the relationship between GMXLIB environmental variables and my encounterd bufferoverflow in a short time. Anyway, according to your advice, I would like to report this issue to the upstream. Thanks, > Even having no problems with GMXLDLIB, I guess it should be GMXLIB instead, > because GMXLDLIB appears nowhere in the gromacs source, while GMXLIB appears at > the several (important) places. > > File a upstream bug?
Keep us updated.... When using the Gromacs's Bug Tracker http://bugzilla.gromacs.org please add the link to the URL field in the top.
Excuse me. It's my simple mistake. I wanna reopen this report. thanks,
How long is your path ? echo $PATH | wc -m
(In reply to comment #16) > How long is your path ? > > echo $PATH | wc -m araki@hoata ~ $ echo $PATH | wc -m 1230 regards, Y. A.
My guess is that the get_libdir function has an overflow somewhere. Try to in increase the MAX_PATHBUF in line 68 of ./src/gmxlib/futil.c
(In reply to comment #18) > My guess is that the get_libdir function has an overflow somewhere. > Try to in increase the MAX_PATHBUF in line 68 of ./src/gmxlib/futil.c hi, I can not find MAX_PATHBUF in ./src/gmxlib/futil.c nor all of files in a tar ball. I now see the file in the tar ball of gromacs-4.0.5 downloaded from gromacs web site. Is that a file coming from developper version?
You are right, it was the devel version. Look in /src/gmxlib/futil.c line 393, the PATH is limited to 512 chars. In the devel version this is changed: http://repo.or.cz/w/gromacs.git?;a=commit;h=57164c59709fe9053ebbc9c33543d801c1692e62 Should I open a bug on http://bugzilla.gromacs.org and ask them to backport this commit?
Done: http://bugzilla.gromacs.org/show_bug.cgi?id=361
(In reply to comment #20) > You are right, it was the devel version. > Look in /src/gmxlib/futil.c line 393, the PATH is limited to 512 chars. > > In the devel version this is changed: > http://repo.or.cz/w/gromacs.git?;a=commit;h=57164c59709fe9053ebbc9c33543d801c1692e62 I am pleased to hear that. > Should I open a bug on http://bugzilla.gromacs.org and ask them to backport > this commit? Yes, Please.
Created attachment 209271 [details, diff] patch to fix buffer overflow in path Upstream bug was fixed, patch in stable branch: http://repo.or.cz/w/gromacs.git/commit/53a07a791c1b7e4ed832ed4842928ad5139c1f41 ebuild works with this patch -> version bump to gromacs-4.0.5-r1 ?
I checked gromacs-4.0.5-r1 ebuild appeared in layman repository (science). It worked fine for me. Thank you so much. Regards, Y. Araki > Upstream bug was fixed, patch in stable branch: > http://repo.or.cz/w/gromacs.git/commit/53a07a791c1b7e4ed832ed4842928ad5139c1f41 > > ebuild works with this patch -> version bump to gromacs-4.0.5-r1 ?
Its already fixed so closing