Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 63569 - Imagemagick fails to compile with the hardened USE-flag
Summary: Imagemagick fails to compile with the hardened USE-flag
Status: RESOLVED CANTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-09-10 10:32 UTC by His_royal_evilness
Modified: 2004-09-24 00:27 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description His_royal_evilness 2004-09-10 10:32:36 UTC 
when trying to compile Imagemagick-6.0.5.2/6.0.7.1
with the hardened-x86-2004.0 profile after a while it states : {standard input}: Assembler messages:
{standard input}:995: Error: value of ffffffffffffff78 too large for field of 1 bytes at 0000000000000b27
make[2]: *** [draw.lo] Error 1
make[2]: *** Waiting for unfinished jobs....
make[2]: Leaving directory `/var/tmp/portage/imagemagick-6.0.5.2/work/ImageMagick-6.0.5/magick'
make[1]: *** [all] Error 2
make[1]: Leaving directory `/var/tmp/portage/imagemagick-6.0.5.2/work/ImageMagick-6.0.5/magick'
make: *** [all-recursive] Error 1

!!! ERROR: media-gfx/imagemagick-6.0.5.2 failed.
!!! Function src_compile, Line 70, Exitcode 2
!!! compile problem

SYSINFO : 
Gentoo Base System version 1.4.16
Portage 2.0.50-r11 (hardened-x86-2004.0, gcc-3.3.4, glibc-2.3.3.20040420-r1, 2.4.26-gentoo-r9)
=================================================================
System uname: 2.4.26-gentoo-r9 i586 AMD-K6(tm) 3D processor
distcc 2.16 i586-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
ccache version 2.3 [enabled]
Autoconf: sys-devel/autoconf-2.59-r4
Automake: sys-devel/automake-1.8.5-r1
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-march=k6-2 -O3 -pipe -fomit-frame-pointer -fstack-protector"
CHOST="i586-pc-linux-gnu"
COMPILER=""
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/bind /var/qmail/alias /var/qmail/control /var/vpopmail/domains /var/vpopmail/etc"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-march=k6-2 -O3 -pipe -fomit-frame-pointer -fstack-protector"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache cvs sandbox sfperms strict"
GENTOO_MIRRORS="http://ftp.easynet.nl/mirror/gentoo/ ftp://ftp.easynet.nl/mirror/gentoo/ http://gentoo.tiscali.nl/gentoo/"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="3dnow 3ds aavm acl apache2 bcmath berkdb bitmap-fonts bzlib calendar caps cdb chroot clearpasswd cpdflib crypt curl curlwrappers dbase dbm exif expat fastcgi flash ftp gd gdbm gif gmp hardened hardenedphp iconv imagemagick imap inifile innodb ipalias ipv6 ipv6arpa java javascript jpeg kerberos krb4 ldap lzw lzw-tiff maildir memlimit mhash ming mng mysql nagios-dns nagios-ntp nagios-ping nagios-ssh nls oav pam pear-db perl pg-hier pg-intdatetime pg-vacuumdelay php pic pie png postgres postgresql pwdb python qdbm readline samba session shared sharedmem slang snmp soap sockets spamassassin ssl szip tcpd tiff virus-scan x86 xfs xml xml2 xmlrpc xprint xsl zlib"
Comment 1 solar (RETIRED) gentoo-dev 2004-09-11 09:15:09 UTC 
The hardened herd does not use -fstack-protector in CFLAGS (it's handled by the USE flag automatic)
The profile your using is outdated and no longer maintained.
The error you got to me looks to almost be of the 32 vs 64bit nature.

I see nothing in this bug report that shows any relation to any hardening efforts.
So what did you do and why do you think it's related to the hardened USE flag?
Comment 2 Scott Taylor (RETIRED) gentoo-dev 2004-09-11 10:55:42 UTC 
I had exectly that same problem, also on a k6-2 machine. It was fixed when I
changed the cflags to:

CFLAGS="-march=k6-2 -O2"

(previous, troublesome cflags were the same but with -mcpu instead of -march. and i've generally had better luck and performance across the board with -O2 instead of -O3)

Linux xyz.net 2.6.7-hardened-r8 #2 Mon Sep 6 19:34:29 MDT 2004 i586 AMD-K6(tm) 3D processor AuthenticAMD GNU/Linux

[ebuild   R   ] media-gfx/imagemagick-6.0.7.1  +X +cups -debug -graphviz +jbig +jpeg +lcms +mpeg +perl +png +tiff +truetype +wmf -xml2  5,617 kB
Comment 3 His_royal_evilness 2004-09-12 09:47:56 UTC 
ok , -O2 works with hardened profile , still leaves open : -O3 works without using hardened profile , why not WITH hardened?
Comment 4 Alexander Gabert (RETIRED) gentoo-dev 2004-09-23 19:35:51 UTC 
-O3 has problems with SSP.

python has the same problem.

Rule of thumb: if you use -O3 and hardened, if it breaks, it breaks.

Sincerely,

Alex
Comment 5 solar (RETIRED) gentoo-dev 2004-09-24 00:27:46 UTC 
tocharian
Can you add comment #4 to the hardenedfaq.xml please. (it's also documented in the upstream ssp docs) but people seem to miss this point all to often.