-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Arch package] stack smashing detected by Fortify #2549
Comments
That's odd because the failure is from Fortify, but we always compile with Fortify enabled already (and test that it is actually enabled). The trace linked from the Arch ticket is from a stripped executable. Can you recompile the Arch package without stripping symbols? Also, can you link to any patches that were applied to build the Arch package? |
Arch uses three patches: https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/zcash#n24 It's not doing anything other than using system libraries for libgmp, libsodium, and rust (I assume because your build system doesn't inherently have any way to do that), and fix a boost linker flag. |
Hmm, what versions are the system Boost, libsodium, and Rust? It is plausible that memory safety bugs in one of those dependencies have been fixed between the system versions and the ones we normally use (i.e. Boost 1.62.0, libsodium 1.0.11, and Rust 1.16.0). |
Also, what gcc/g++ and binutils are you using? |
BTW, if the system Boost is compiled with single-threaded option then that would definitely cause a problem. But I suspect that it's compiled for multi-threaded and just lacks the "-mt" on the library name. |
Our repos are at: Our boost package is compiled with (Also note that I don't use this software, I am here because I triaged the bug on our bugtracker and followed the link here.) |
Arch package works after rebuilding, issue https://bugs.archlinux.org/task/54835 has been closed. |
Any idea what was different between the original build and the rebuild? |
@daira I'm not sure if this is related, but the default Arch's CFLAGS recently changed, and glibc was rebuilt with the new flags. |
This is now resolved. Closing. |
Can you reliably reproduce the issue?
If so, please list the steps to reproduce below:
Expected behaviour
zcash should be running
Machine specs:
Here is the issue on the Arch Linux Bug tracker including a stack trace.
https://bugs.archlinux.org/task/54835
The text was updated successfully, but these errors were encountered: