GNU bug report logs - #17793
Gentoo gcc 4.8.3 build problem: -fstack-protector [also, Re: bug#17754]

Previous Next

Package: grep;

Reported by: behoffski <behoffski <at> grouse.com.au>

Date: Tue, 17 Jun 2014 10:48:02 UTC

Severity: normal

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 17793 in the body.
You can then email your comments to 17793 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to bug-grep <at> gnu.org:
bug#17793; Package grep. (Tue, 17 Jun 2014 10:48:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to behoffski <behoffski <at> grouse.com.au>:
New bug report received and forwarded. Copy sent to bug-grep <at> gnu.org. (Tue, 17 Jun 2014 10:48:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: behoffski <behoffski <at> grouse.com.au>
To: bug-grep <at> gnu.org
Subject: Gentoo gcc 4.8.3 build problem: -fstack-protector [also,
 Re: bug#17754]
Date: Tue, 17 Jun 2014 20:16:37 +0930

G'day,

[Re: bug#17754: There is a bugfix in 4.8.3 regarding code flow analysis
that covers the reported case.  Now that Gentoo has added gcc 4.8.3 to
its package database, I've rebuilt, and the compiler now correctly
detects that the variable will always be initialised before it is used.
The unwanted behaviour in gcc 4.8.2 was part of the new "-Og" feature.]

----

New potential portability problem:  When Gentoo released their
repackaged gcc 4.8.3 (in the last 48 hours or so), they also released a
warning NEWS item regarding gcc 4.8.3 defaulting to -fstack-protector,
and gcc 4.9 onwards defaulting to -fstack-protector-strong:

        2014-06-15-gcc48_ssp
          Title                     GCC 4.8.3 defaults to -fstack-protector
          Author                    Ryan Hill <rhill <at> gentoo.org>
          Posted                    2014-06-15
          Revision                  1

        Beginning with GCC 4.8.3, Stack Smashing Protection (SSP) will be
        enabled by default.  The 4.8 series will enable -fstack-protector
        while 4.9 and later enable -fstack-protector-strong. [...]

        [...] these features [...] can be disabled with -fno-stack-protector.

I've just installed gcc 4.8.3, and have found that the -fstack-protector
feature results in a compilation error in lib/mbsstr.c:

        In file included from mbsstr.c:32:0:
        str-kmp.h: In function 'knuth_morris_pratt':
        str-kmp.h:35:1: error: stack protector not protecting local variables: variable length buffer [-Werror=stack-protector]
         knuth_morris_pratt (const UNIT *haystack,
         ^
        mbsstr.c: In function 'knuth_morris_pratt_multibyte':
        mbsstr.c:40:1: error: stack protector not protecting local variables: variable length buffer [-Werror=stack-protector]
         knuth_morris_pratt_multibyte (const char *haystack, const char *needle,
         ^
        cc1: all warnings being treated as errors

Re-running './configure CFLAGS="-Og -fsanitize=address -fno-stack-protector"
results in a clean build, and "make check" passes.

On a slightly-related note, Valgrind and -fsanitize=address are incompatible
(overlapping memory space usage).  Configuring with
"CFLAGS=-Og -fno-stack-protector" (no "-fsanitize=address") lets "make check"
run successfully  with Jim's Valgrind scripts referencing built images in
grep/src/.vg-tmp/.

cheers,

behoffski (Brenton Hoff)
Programmer, Grouse Software
Reply sent to Paul Eggert <eggert <at> cs.ucla.edu>:
You have taken responsibility. (Tue, 17 Jun 2014 19:30:04 GMT) Full text and rfc822 format available.
Notification sent to behoffski <behoffski <at> grouse.com.au>:
bug acknowledged by developer. (Tue, 17 Jun 2014 19:30:10 GMT) Full text and rfc822 format available.

Message #10 received at 17793-done <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: behoffski <behoffski <at> grouse.com.au>, 17793-done <at> debbugs.gnu.org
Subject: Re: bug#17793: Gentoo gcc 4.8.3 build problem: -fstack-protector
 [also, Re: bug#17754]
Date: Tue, 17 Jun 2014 12:28:54 -0700

[Message part 1 (text/plain, inline)]
behoffski wrote:

>          In file included from mbsstr.c:32:0:
>          str-kmp.h: In function 'knuth_morris_pratt':
>          str-kmp.h:35:1: error: stack protector not protecting local
> variables: variable length buffer [-Werror=stack-protector]
>           knuth_morris_pratt (const UNIT *haystack,
>           ^

These warnings don't indicate any bugs in the code; they're merely about 
incomplete run-time checking in the underlying implementation.  I was 
particularly amused by a refusal to compile a function on the grounds 
that its code doesn't use the stack!

So let's just disable the warnings.  I pushed the attached patch.

> Valgrind and -fsanitize=address are incompatible

Thanks, I didn't know that.  Too bad, but understandable.  Neither tool 
dominates the other, so I guess we'll have to use them separately.

[0001-build-avoid-Wstack-protector.patch (text/plain, attachment)]
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Wed, 16 Jul 2014 11:24:04 GMT) Full text and rfc822 format available.
This bug report was last modified 9 years and 286 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.