337020 – x11-base/xorg-server-1.9.0 build fails "/usr/include/bits/string3.h:52:3: warning: call to __builtin___memcpy_chk will always overflow destination buffer" when built with GCC 4.5

Bug 337020 - x11-base/xorg-server-1.9.0 build fails "/usr/include/bits/string3.h:52:3: warning: call to __builtin___memcpy_chk will always overflow destination buffer" when built with GCC 4.5

Summary: x11-base/xorg-server-1.9.0 build fails "/usr/include/bits/string3.h:52:3: war...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	x86 Linux

Importance:	High normal
Assignee:	Gentoo X packagers

URL:	https://bugs.freedesktop.org/show_bug...
Whiteboard:
Keywords:	InVCS

Duplicates (1):	336883 (view as bug list)
Depends on:
Blocks:	fortify-source
	Show dependency tree

Reported:	2010-09-12 23:02 UTC by Alex Barbieri
Modified:	2010-09-28 12:43 UTC (History)
CC List:	5 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
build log (build.log,118.63 KB, text/plain) 2010-09-12 23:03 UTC, Alex Barbieri	Details
xorg-server-1.9-fortify-source.patch (xorg-server-1.9-fortify-source.patch,414 bytes, patch) 2010-09-12 23:35 UTC, Chí-Thanh Christopher Nguyễn	Details \| Diff
xorg-server-1.9-fix-VbeModeInfoBlock-memcpy.patch (xorg-server-1.9-fix-VbeModeInfoBlock-memcpy.patch,1.32 KB, patch) 2010-09-13 04:20 UTC, Alexandre Rostovtsev (RETIRED)	Details \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alex Barbieri 2010-09-12 23:02:59 UTC

emerge x11-base/xorg-server fails with a QA error:
 * QA Notice: Package has poor programming practices which may compile
 *            fine but exhibit random runtime failures.
 * 
 * /usr/include/bits/string3.h:52:3: warning: call to __builtin___memcpy_chk will always overflow destination buffer
 * /usr/include/bits/string3.h:52:3: warning: call to __builtin___memcpy_chk will always overflow destination buffer
 * 
 *  Please file a bug about this at http://bugs.gentoo.org/
 *  with the maintaining herd of the package.
 * 
 * ERROR: x11-base/xorg-server-1.9.0 failed:
 *   install aborted due to poor programming practices shown above


Reproducible: Always




emerge --info =x11-base/xorg-server-1.9.0
Portage 2.1.9.4 (default/linux/x86/10.0, gcc-4.5.1, glibc-2.12.1-r1, 2.6.35-gentoo-r5 i686)
=================================================================
                        System Settings
=================================================================
System uname: Linux-2.6.35-gentoo-r5-i686-Intel-R-_Atom-TM-_CPU_N270_@_1.60GHz-with-gentoo-2.0.1
Timestamp of tree: Sun, 12 Sep 2010 21:45:01 +0000
app-shells/bash:     4.1_p7
dev-java/java-config: 2.1.11
dev-lang/python:     2.6.5-r3, 3.1.2-r4
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.6.3
sys-apps/sandbox:    2.3-r1
sys-devel/autoconf:  2.13, 2.67
sys-devel/automake:  1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.4-r1, 4.5.1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.35 (sys-kernel/linux-headers)
ACCEPT_KEYWORDS="x86 ~x86"
ACCEPT_LICENSE="*"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=native -pipe -mssse3 -mfpmath=sse -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -march=native -pipe -mssse3 -mfpmath=sse -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests distlocks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
GENTOO_MIRRORS="http://gentoo.osuosl.org/    ftp://mirror.its.uidaho.edu/gentoo/    http://gentoo.cites.uiuc.edu/pub/gentoo/"
LANG="en_US.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en en_US"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.us.gentoo.org/gentoo-portage"
USE="X aac acl acpi alsa bash-completion berkdb bluetooth bzip2 cli clucene consolekit cracklib crypt cups custom-optimization cxx dbus dri encode extras fam firefox flac fontconfig fortran gdbm gif gpm gstreamer gtk hal iconv inotify ipv6 joystick jpeg kde laptop lastfm lcms mikmod mmx mmxext mng modules mp3 mpeg mudflap ncurses nls nptl nptlonly nsplugin ogg openal opengl openmp pam pcre pdf perl phonon plasma pm-utils png policykit pppd python qt3support qt4 rdp readline reflection scsi semantic-desktop session smp spell sse sse2 sse3 ssl ssse3 startup-notification svg symlink sysfs tcpd theora threads truetype unicode usb v4l v4l2 vnc vorbis webkit wicd win32codecs wma x86 xft xorg xv zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en en_US" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 1 Alex Barbieri 2010-09-12 23:03:54 UTC

Created attachment 247071 [details]
build log

Comment 2 Chí-Thanh Christopher Nguyễn gentoo-dev

2010-09-12 23:10:07 UTC

Does it build with gcc-4.4?

Comment 3 Alex Barbieri 2010-09-12 23:12:21 UTC

(In reply to comment #2)
> Does it build with gcc-4.4?
> 

I'm attempting to build with 4.4 currently. Will update.

Comment 4 Alexandre Rostovtsev (RETIRED) gentoo-dev

2010-09-12 23:28:19 UTC

(In reply to comment #2)
> Does it build with gcc-4.4?

Yes, for me it builds with gcc-4.4.4-r1.
With gcc-4.5.1, I'm getting the same QA error as Alex Barbieri.

# emerge --info
Portage 2.2_rc80 (default/linux/amd64/10.0/desktop/gnome, gcc-4.5.1, glibc-2.12.1-r1, 2.6.35-gentoo-r5 x86_64)
=================================================================
System uname: Linux-2.6.35-gentoo-r5-x86_64-Intel-R-_Core-TM-2_Quad_CPU_Q6600_@_2.40GHz-with-gentoo-2.0.1
Timestamp of tree: Sun, 12 Sep 2010 22:30:01 +0000
distcc 3.1 x86_64-pc-linux-gnu [disabled]
ccache version 2.4 [disabled]
app-shells/bash:     4.1_p7
dev-java/java-config: 1.3.7-r1, 2.1.11
dev-lang/python:     2.4.6, 2.5.4-r4, 2.6.5-r3, 3.1.2-r4
dev-util/ccache:     2.4-r8
dev-util/cmake:      2.8.1-r2
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.6.3
sys-apps/sandbox:    2.3-r1
sys-devel/autoconf:  2.13, 2.67
sys-devel/automake:  1.4_p6-r1, 1.5-r1, 1.6.3-r1, 1.7.9-r2, 1.8.5-r4, 1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.16.1-r3, 2.17-r2, 2.18-r4, 2.19.1-r1, 2.20-r1, 2.20.1-r1
sys-devel/gcc:       3.3.6-r1, 3.4.6-r2, 4.1.2, 4.2.4-r1, 4.3.5, 4.4.4-r1, 4.5.1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.81-r2
virtual/os-headers:  2.6.35 (sys-kernel/linux-headers)
ABI="amd64"
ACCEPT_KEYWORDS="amd64 ~amd64"

Comment 5 Alex Barbieri 2010-09-12 23:30:59 UTC

(In reply to comment #3)
> (In reply to comment #2)
> > Does it build with gcc-4.4?
> > 
> 
> I'm attempting to build with 4.4 currently. Will update.
> 

Can confirm - builds with gcc-4.4.4. 

I suppose this lowers the probability of it being fixed quickly.

Comment 6 Alexandre Rostovtsev (RETIRED) gentoo-dev

2010-09-12 23:34:02 UTC

(In reply to comment #4)

I forgot to post my CFLAGS and LDFLAGS:

CFLAGS="-march=native -O2 -pipe"
CFLAGS_x86="-m32"
CXXFLAGS="-march=native -O2 -pipe"
LDFLAGS="-Wl,--as-needed -Wl,-O1"
LDFLAGS_x86="-m elf_i386

Comment 7 Chí-Thanh Christopher Nguyễn gentoo-dev

2010-09-12 23:35:36 UTC

Created attachment 247079 [details, diff]
xorg-server-1.9-fortify-source.patch

Can you try with this patch?

Comment 8 Alexandre Rostovtsev (RETIRED) gentoo-dev

2010-09-12 23:47:34 UTC

(In reply to comment #7)
> Created an attachment (id=247079) [details]
> xorg-server-1.9-fortify-source.patch
> 
> Can you try with this patch?

Doesn't help. Same QA error with gcc-4.5.1.

Comment 9 Alexandre Rostovtsev (RETIRED) gentoo-dev

2010-09-13 04:20:43 UTC

Created attachment 247093 [details, diff]
xorg-server-1.9-fix-VbeModeInfoBlock-memcpy.patch

Found the problem.

The attached patch fixes some ancient (present in all xorg-server versions since at least 2003!) one-off errors in memcpy in vbe.c that cause gcc-4.5.1 with -O1 or higher optimization level to complain about a potential buffer overflow. With this patch applied, I can emerge xorg-server-1.9.0 with gcc-4.5.1.

Comment 10 Chí-Thanh Christopher Nguyễn gentoo-dev

2010-09-13 09:44:33 UTC

Comment on attachment 247079 [details, diff]
xorg-server-1.9-fortify-source.patch

Thank you for the patch. I reported the issue upstream and attached your patch.

Comment 11 Chí-Thanh Christopher Nguyễn gentoo-dev

2010-09-13 16:07:10 UTC

It appears that upstream wants the process for submitting patches followed: http://www.x.org/wiki/Development/Documentation/SubmittingPatches
If you could submit this patch to xorg-devel mailing list it would be nice. Otherwise I or another x11 team member can do this, but probably I won't have time this week.

Comment 12 Chí-Thanh Christopher Nguyễn gentoo-dev

2010-09-13 16:11:14 UTC

*** Bug 336883 has been marked as a duplicate of this bug. ***

Comment 13 Alexandre Rostovtsev (RETIRED) gentoo-dev

2010-09-14 15:51:46 UTC

(In reply to comment #11)
> If you could submit this patch to xorg-devel mailing list it would be nice.

Done, see http://lists.x.org/archives/xorg-devel/2010-September/012920.html

Comment 14 Tomáš Chvátal (RETIRED) gentoo-dev

2010-09-28 12:43:29 UTC

Added to main tree. Thanks Alexandre.