Mass rebuild for Fedora 12

Ondřej Vašík ovasik at redhat.com
Tue Jul 21 09:43:02 UTC 2009 

Jakub Jelinek wrote:
> On Tue, Jul 21, 2009 at 10:39:35AM +0200, Ondřej Vašík wrote:
> > Bill Nottingham wrote:
> > > Fedora Release Enginerering is going to be starting a mass rebuild this
> > > Thursday, July 28th, for the following Fedora 12 features:
> > > 	- XZ RPM Payloads
> > > 	- x86 Architecture Support
> > 
> > I'm a bit aware of quite recent change in FORTIFY_SOURCES - which added
> > some checks to prevent buffer overflows. It caused (many) testsuite
> > failures in tar and sigabrting TCL's (and I'm sure some more). Source
> > code was almost without change, compiled just fine, but application was
> > later SIGABRTing. There is a lot of applications without testsuite
> > coverage, so they likely just compile well and rpm will be tagged. Later
> > it would mean troubles for users (and potentially unstable situation) as
> > the response time of some Fedora maintainers is quite high.
> 
> See http://gcc.gnu.org/ml/gcc-patches/2009-07/msg01136.html
> Due to popular demand, constructs similar to flexible array members in
> unions at the end of structures are allowed again for str*/stp* with
> -D_FORTIFY_SOURCE=2, will be in the next rawhide build (today or
> tomorrow).

Ok, thanks for info, it will reduce the number of unwanted failures a
bit...

> > I guess that gcc warning should be changed to error before that rebuild:
> > FILE:LINE: warning: call to __builtin___strcpy_chk will always overflow
> > destination buffer
> 
> It shouldn't be an error, this warning (rarely) has false positives and
> warns even about code that is never executed.  That doesn't mean we
> shouldn't be grepping build logs for those warnings and letting maintainers
> know that they should analyse them (a job for rpmdiff or similar).

Ok, not possible to make it an error. 
So what about not tagging automatically packages with those "always
overflow destination buffer" warnings in Mass rebuild to prevent
possible later mass SIGABRTs? Just greping for that message and later
posting suspicious packages on fedora-devel-list - to let those package
maintainers choose whether it is false positive or thing affecting the
package functionality...

Greetings,
         Ondřej Vašík
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Toto je =?UTF-8?Q?digit=C3=A1ln=C4=9B?=
	=?ISO-8859-1?Q?_podepsan=E1?= =?UTF-8?Q?_=C4=8D=C3=A1st?=
	=?ISO-8859-1?Q?_zpr=E1vy?=
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20090721/3fea5111/attachment.bin

More information about the devel mailing list