Bug 202152 - buffer overflow detected while starting gnome
Summary: buffer overflow detected while starting gnome
Alias: None
Product: Fedora
Classification: Fedora
Component: fontconfig (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: powerpc Linux
Target Milestone: ---
Assignee: Behdad Esfahbod
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2006-08-11 03:06 UTC by Chris Lumens
Modified: 2008-08-02 23:40 UTC (History)
2 users (show)

Fixed In Version: 2.3.95-10
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-08-11 22:40:37 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
backtrace info (18.76 KB, text/plain)
2006-08-11 03:06 UTC, Chris Lumens
no flags Details
overflow patch that was built (1.08 KB, patch)
2006-08-11 16:04 UTC, Ray Strode [halfline]
no flags Details | Diff
patch take 2 (1.17 KB, patch)
2006-08-11 16:33 UTC, Ray Strode [halfline]
no flags Details | Diff
last try (1.52 KB, patch)
2006-08-11 17:29 UTC, Ray Strode [halfline]
no flags Details | Diff

Description Chris Lumens 2006-08-11 03:06:12 UTC
After a yum update to 20060810's stuff, I am no longer ablel to start GNOME on my G5.  I am getting the
attached backtrace from every program that starts, so I assume this is not just gnome-panel's fault, but 
some underlying library that everything is using.  Please reassign as appropriate, as I don't know which 
desktop-related component is to blame (I'm sure you feel the same way about installer stuff).  The result 
is a huge cycle of bug-buddy and gnome_sigsegv processes.  This also happens if I attempt to start XFCE.

Perhaps more font goofiness, as I have had font goofiness on this machine in the past.

Comment 1 Chris Lumens 2006-08-11 03:06:17 UTC
Created attachment 134001 [details]
backtrace info

Comment 2 Ray Strode [halfline] 2006-08-11 15:09:19 UTC
So this FcCacheMachineSignature function looks a little fishy

Comment 3 Ray Strode [halfline] 2006-08-11 15:58:54 UTC
i'm building a new package into rawhide that may fix this issue.

If it doesn't, i'd appreciate if you could do one or more of the following

1) install fontconfig-debuginfo and get a better backtrace from gdb
2) downgrade kernels and tell me if the problem vanishes
3) run a program that crashes through valgrind --tool=memcheck and see what it
spews out.

Comment 4 Ray Strode [halfline] 2006-08-11 16:04:45 UTC
Created attachment 134032 [details]
overflow patch that was built

Comment 5 Ray Strode [halfline] 2006-08-11 16:11:28 UTC

Also, i taked a bit with Uli on IRC, and he suggested you attach the output of

LD_SHOW_AUXV=1 /bin/echo

so that we can see what sysconf (_SC_PAGE_SIZE) would return.

Comment 6 Behdad Esfahbod 2006-08-11 16:13:26 UTC
Ray, your patch hides any problem.  I suggest you check that the signature is
correctly terminated by '\n' and otherwise print a warning.

Comment 7 Ray Strode [halfline] 2006-08-11 16:23:32 UTC
well, with my patch the \n will always be there.

The patch definitely isn't right though.  It will put 0000 for the page size
actually.  we should probably clamp the pagesize to ffff.

Comment 8 Ray Strode [halfline] 2006-08-11 16:33:12 UTC
Created attachment 134036 [details]
patch take 2

Comment 9 Ray Strode [halfline] 2006-08-11 17:29:06 UTC
Created attachment 134041 [details]
last try

So I talked with Behdad a bit on irc.  The strings contents aren't that
important.  It's just used to generate a unique key from a machine type.  by
removing the space in between the last two parts of the string we can support
64k page sizes fine.

Comment 10 Chris Lumens 2006-08-11 22:40:37 UTC
This is much better in the build I pulled from brew just now.  Thanks.

Comment 11 Ray Strode [halfline] 2006-08-28 17:53:31 UTC
Hi Chris,

Just had this conversation with keithp:
[13:46:24] <halfline> keithp: can you roll in
https://bugs.freedesktop.org/show_bug.cgi?id=7936 to your changes ?
[13:46:53] <keithp> halfline: already fixed
[13:47:09] <keithp> architecture detection is done at build time now
[13:47:34] <keithp> halfline: if you can, please attempt a build of
fc-2_4-keithp and send me the failure output
[13:48:50] <keithp> halfline: that would be cool; I need to have a list of all
prospective architectures for the autodetection code to work right
[13:49:30] <halfline> okay, i'll ping him about it
[13:49:51] <keithp> halfline: fc-2_4-keithp :-)

So would you mind doing a

yum -y install git-core
git-clone git://anongit.freedesktop.org/git/fontconfig
cd fontconfig
git-checkout fc-2_4-keithp

and then giving the output of the fc-arch failure?

Comment 12 Chris Lumens 2006-08-28 17:57:32 UTC
./fc-arch auto < ../fc-arch/fcarch.tmpl.h > fcarch.h
./fc-arch: unknown signature
        Please update fcarch.tmpl.h and rebuild

Comment 13 Need Real Name 2006-08-28 19:01:02 UTC
Could you suggest a short name for this architecture?

Comment 14 Chris Lumens 2006-08-28 19:06:36 UTC

Comment 15 Need Real Name 2006-08-28 19:10:52 UTC
How does this differ from a ppc with 4k pages? Different CPU or just a different
configuration? It's not a 64-bit CPU, so ppc64 doesn't make a lot of sense, but
perhaps ppc-64k would. And should we call a 4k page version ppc-4k?

Comment 16 Ray Strode [halfline] 2006-08-28 19:35:47 UTC
No, Chris is running on a 64-bit powerpc machine (with 64k page size).

Note there are (mostly) 64-bit ppc machines out there with 4k page size, just
not recent rawhide.

Comment 17 Need Real Name 2006-08-28 19:40:27 UTC
that doesn't jive with the signature output above; the first 00000004 is sizeof
(char *) for the machine. It looks like a 32-bit PPC with 64k pages to me.

Comment 18 Ray Strode [halfline] 2006-08-29 14:02:46 UTC
Oh right, it is a ppc64 machine, but in Fedora we only run a 64-bit kernel. Most
userspace apps are 32-bit by default.

Note we do have build environments without multilib packages that do run 64-bit

So i guess you'll need entries for

ppc-64k, ppc64-64k, ppc-4k, ppc64-4k (the last one for other distros, not rawhide)

Note You need to log in before you can comment on or make changes to this bug.