No subject


Wed Sep 23 01:59:20 CEST 2009 

an overflow of namebuf, given the checks preceeding the call, but the 
debugger info you sent reports:

(gdb) p namebuf
$6 = "PageTables:     "
(gdb) p head
$7 = 0x60a808 "PageTables"

which make it appears that namebuf[16] contains 16 characters, excluding the 
terminating \0.

If you happen to have this still open in gdb a memory dump of namebuf and 
head for 20 bytes of each might be useful.

Was kst doing any number crunching at the time of the crash, ot just sitting 
essentially idle?

Thanks,

Andrew

----- Original Message ----- 
From: <bug.zilla.vynce at neverbox.com>
To: <kst at kde.org>
Sent: Tuesday, September 22, 2009 4:19 PM
Subject: [Kst] SIGABRT in meminfo()


> I'm running kst-1.8.0-3.fc12.i686.rpm recompiled for FC10 on Fedora
> 10. The same problem also occurred with kst-1.7.0-3.fc10.i386.rpm.
>
> After running for a few hours, Kst kills itself with a SIGABRT in the
> meminfo() function. Here's a backtrace from gdb:
>
> #0  0x0028f424 in __kernel_vsyscall ()
> #1  0x00e0b460 in raise (sig=6) at 
> ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> #2  0x00e0ce28 in abort () at abort.c:88
> #3  0x00e48fed in __libc_message (do_abort=2,
>    fmt=0xf2211c "*** %s ***: %s terminated\n")
>    at ../sysdeps/unix/sysv/linux/libc_fatal.c:170
> #4  0x00edd938 in __fortify_fail (msg=0xf220c6 "buffer overflow detected")
>    at fortify_fail.c:32
> #5  0x00edba30 in __chk_fail () at chk_fail.c:29
> #6  0x00edacf4 in __strcpy_chk (dest=0xbfffe248 "PageTables:     ",
>    src=0x60a808 "PageTables", destlen=11825) at strcpy_chk.c:61
> #7  0x005c9356 in strcpy () at /usr/include/bits/string3.h:106
> #8  meminfo () at sysinfo.c:537
> #9  0x03735ef9 in KstApp::updateMemoryStatus (this=0x80ccff0) at 
> kst.cpp:2699
> ...
>
> glibc thinks that the strcpy() overflowed its destination buffer, but
> I don't think it actually has. The __fortify_fail() call is part of a
> buffer overflow protection scheme in glibc that was introduced for C++
> in Fedora 8. See the FORTIFY_SOURCE section here:
> http://fedoraproject.org/wiki/Security/Features
>
> #8  meminfo () at sysinfo.c:537
> 537     strcpy(namebuf,head);
>
> (gdb) p namebuf
> $6 = "PageTables:     "
> (gdb) p head
> $7 = 0x60a808 "PageTables"
>
> I still have kst open in gdb at this point, so let me know if I can
> provide any more info. I have a core dump, but it's 132MB.
>
> Michael
>
> _______________________________________________
> Kst mailing list
> Kst at kde.org
> https://mail.kde.org/mailman/listinfo/kst
>

More information about the Kst mailing list