libglib2.0-0 2.25.12-1ubuntu1 failed to install: *** buffer overflow detected ***: /usr/lib/glib-2.0/gio-querymodules terminated

Occurs on i386, not amd64. Buildlog shows:

libtool: compile: gcc -DHAVE_CONFIG_H -I. -I/build/buildd/glib2.0-2.25.12/gobject -I.. -DG_LOG_DOMAIN=\"GLib-GObject\" -I/build/buildd/glib2.0-2.25.12 -I/build/buildd/glib2.0-2.25.12/glib -I.. -DG_ENABLE_DEBUG -DG_THREADS_MANDATORY -DG_DISABLE_DEPRECATED -DGOBJECT_COMPILATION -DG_DISABLE_CONST_RETURNS -DG_DISABLE_SINGLE_INCLUDES -pthread -g -O2 -Wall -g -O2 -MT gtype.lo -MD -MP -MF .deps/gtype.Tpo -c /build/buildd/glib2.0-2.25.12/gobject/gtype.c -fPIC -DPIC -o .libs/gtype.o
In file included from //usr/include/string.h:642,
                 from /build/buildd/glib2.0-2.25.12/gobject/gsignal.c:29:
In function 'memset',
    inlined from 'g_bsearch_array_create' at /build/buildd/glib2.0-2.25.12/glib/gbsearcharray.h:137,
    inlined from 'g_signal_init' at /build/buildd/glib2.0-2.25.12/gobject/gsignal.c:775:
//usr/include/bits/string3.h:86: warning: call to __builtin___memset_chk will always overflow destination buffer

(http://launchpadlibrarian.net/53144885/buildlog_ubuntu-maverick-i386.glib2.0_2.25.12-1ubuntu1_FULLYBUILT.txt.gz)

Function in question:
/* --- implementation --- */
/* helper macro to cut down realloc()s */
#ifdef DISABLE_MEM_POOLS
#define G_BSEARCH_UPPER_POWER2(n) (n)
#else /* !DISABLE_MEM_POOLS */
#define G_BSEARCH_UPPER_POWER2(n) ((n) ? 1 << g_bit_storage ((n) - 1) : 0)
#endif /* !DISABLE_MEM_POOLS */
#define G_BSEARCH_ARRAY_NODES(barray) (((guint8*) (barray)) + sizeof (GBSearchArray))
static inline GBSearchArray*
g_bsearch_array_create (const GBSearchConfig *bconfig)
{
  GBSearchArray *barray;
  guint size;

  g_return_val_if_fail (bconfig != NULL, NULL);

  size = sizeof (GBSearchArray) + bconfig->sizeof_node;
  if (bconfig->flags & G_BSEARCH_ARRAY_ALIGN_POWER2)
    size = G_BSEARCH_UPPER_POWER2 (size);
  barray = (GBSearchArray *) g_malloc (size);
  memset (barray, 0, sizeof (GBSearchArray));

  return barray;
}

Looks safe, trying patch now that replaces g_malloc/memset with g_malloc0

On maverick doing daily upgade i get this buffer overflow and after at reboot i cannot start X

This bug is very serious. On my 32 bit laptop, it goes into a command line, and not the Ubuntu login screen.

I hope, this thing gets fixed asap.

in order to be able to start my system, i had to downgrade that package libglib2.0-0 to version 2.24.0 until this one is fixed
http://mirrors.kernel.org/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.24.0-0ubuntu4_i386.deb

By the looks of the bug reports on Debian, it seems that this is caused by an over-eager compiler optimization (which probably explains why the amd64 works whilst the i386 doesn't). It ought to be possible to bypass this optimization for the one section of the code so I would expect a pretty quick fix. Fingers crossed in any case...

(Sorry for OT) Seriously, what's the rush? Just downgrade (should be no problem for typical alpha users) and wait. I'd prefer a thorough fix for the release than a quick hack!

> I'd prefer a thorough fix for the release than a quick hack!
I'm sure that we all agree with that... *If* the problem is that the compiler is optimizing incorrectly for the i386 code, however, disabling the optimization locally to that routine is surely a fair enough solution pending a compiler fix.

Ah well. I haven't seen too many show stoppers in Alpha releases for a while now so I guess one was overdue ;-)

A good explanation about the bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=591075#32

Upstream bugs:
https://bugzilla.gnome.org/show_bug.cgi?id=625988
https://bugzilla.gnome.org/show_bug.cgi?id=626107

Fixed in 2.25.12.is2.25.11.