[gmx-users] Using gromacs 4.0.5 built with FORTIFY_SOURCE feature

[Mark Abraham]

Yasuyuki Araki wrote:
> hi,
> 
> I now use gentoo linux with gcc 4.3.4, which has FORTIFY_SOURCE feature.
> 
> When I built gromacs 4.0.5 with this gcc, every command, like grompp, pdb2gmx
> and so on, makes buffer overflow and stoppes immediately.

Whatever FORTIFY_SOURCE does, either it is poorly-constructed or the way 
you're using it is.

> I saw the archives of this mailing list and found this situation was
> quite similar to
>  the report by Adam on July 6, 2009.
> Simply summarized like;
> 1: In some case, commands including gromacs make buffer overflow on Fedora 10.
> 2: Even in such a case, commands running on gdb seems no problems on Fedora 10.

If you have a link, you should provide us with it :-) Right-click on the 
frame to copy a URL.

> I found these two additional troubles;
> 3: Commands including gromacs make no problems when I appoint it by
> absolute path, for example /usr/bin/grompp (in my gentoo box),
> however in this case,
> just typing command only "grompp" makes buffer overflow.
> 4: Super user has no problems to use gromacs in my gentoo box.

Probably you are calling different versions with different PATH 
variables. Use "which" to find out.

> As it happened I re-build gromacs with the environmental variable
> CFLAGS="-U_FORTIFY_SOURCE" to turn off the FORTIFY_SOURCE feature,
> all problems mentioned above seem clear.

My Googling suggests -U-FORTIFY-SOURCE is the way to turn it off.

> Can I ask you I should turn off the FORTIFY_SOURCE feature to build and use
> gromacs with such a gcc version or I can find the other way?

This "feature" is probably a security thing to prevent malicious code 
using buffer overruns to get access to do bad things. Unless you're 
making GROMACS freely available to a potential hacker, if you trust the 
GROMACS developers, then you don't want FORTIFY_SOURCE enabled if it 
causes problems.

Mark