447775 – BOINC Stack Overflow

Bug 447775 - BOINC Stack Overflow

Summary: BOINC Stack Overflow

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	boinc-client
Sub Component:
Version:	9
Hardware:	i386
OS:	Linux
Priority:	low
Severity:	high
Target Milestone:	---
Assignee:	Milos Jakubicek
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2008-05-21 18:18 UTC by Lyos Gemini Norezel
Modified:	2008-05-27 20:14 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-05-22 18:07:26 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Lyos Gemini Norezel 2008-05-21 18:18:58 UTC

Description of problem:
Attempt to run boinc in Fedora 9 i386 gives buffer overflow.

Version-Release number of selected component (if applicable):
5.10.45

How reproducible:
Occurs once, then gives this error:
~]$ boinc
21-May-2008 13:40:04 [---] Starting BOINC client version 5.10.45 for
i686-pc-linux-gnu
21-May-2008 13:40:04 [---] log flags: task, file_xfer, sched_ops
21-May-2008 13:40:04 [---] Libraries: libcurl/7.18.1 NSS/3.12 Beta 3 zlib/1.2.3
libidn/0.6.14
21-May-2008 13:40:04 [---] Data directory: /home/<user>
21-May-2008 13:40:04 [---] Processor: 1 GenuineIntel Intel(R) Pentium(R) M
processor 1.40GHz [Family 6 Model 13 Stepping 6]
21-May-2008 13:40:04 [---] Processor features: fpu vme de pse tsc msr mce cx8
apic mtrr pge mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss tm pbe up bts
est tm2
21-May-2008 13:40:04 [---] OS: Linux: 2.6.25.3-18.fc9.i686
21-May-2008 13:40:04 [---] Memory: 977.79 MB physical, 5.05 GB virtual
21-May-2008 13:40:04 [---] Disk: 58.55 GB total, 36.56 GB free
21-May-2008 13:40:04 [---] Local time is UTC -4 hours
21-May-2008 13:40:08 [World Community Grid] URL:
http://www.worldcommunitygrid.org/; Computer ID: not assigned yet; location:
(none); project prefs: default
21-May-2008 13:40:08 [---] No general preferences found - using BOINC defaults
21-May-2008 13:40:08 [---] Preferences limit memory usage when active to 488.89MB
21-May-2008 13:40:08 [---] Preferences limit memory usage when idle to 880.01MB
21-May-2008 13:40:08 [---] Preferences limit disk usage to 9.31GB
21-May-2008 13:40:37 [---] [error] GUI RPC bind failed: 98
gstate.init() failed: -180

until computer is rebooted. Upon reboot... same cycle of errors occurs.


Steps to Reproduce:
1. Terminal -> boinc -> Initial Error
2. boinc -> second error <<-- repeats until reboot
3. Reboot -> terminal -> boinc -> initial error
  
Actual results:
~]$ boinc
21-May-2008 13:48:29 [---] Starting BOINC client version 5.10.45 for
i686-pc-linux-gnu
21-May-2008 13:48:29 [---] log flags: task, file_xfer, sched_ops
21-May-2008 13:48:29 [---] Libraries: libcurl/7.18.1 NSS/3.12 Beta 3 zlib/1.2.3
libidn/0.6.14
21-May-2008 13:48:29 [---] Data directory: /home/<user>
21-May-2008 13:48:29 [---] Processor: 1 GenuineIntel Intel(R) Pentium(R) M
processor 1.40GHz [Family 6 Model 13 Stepping 6]
21-May-2008 13:48:29 [---] Processor features: fpu vme de pse tsc msr mce cx8
apic mtrr pge mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss tm pbe up bts
est tm2
21-May-2008 13:48:29 [---] OS: Linux: 2.6.25.3-18.fc9.i686
21-May-2008 13:48:29 [---] Memory: 977.79 MB physical, 5.05 GB virtual
21-May-2008 13:48:29 [---] Disk: 58.55 GB total, 36.57 GB free
21-May-2008 13:48:29 [---] Local time is UTC -4 hours
21-May-2008 13:48:29 [World Community Grid] URL:
http://www.worldcommunitygrid.org/; Computer ID: not assigned yet; location:
(none); project prefs: default
21-May-2008 13:48:29 [---] No general preferences found - using BOINC defaults
21-May-2008 13:48:29 [---] Preferences limit memory usage when active to 488.89MB
21-May-2008 13:48:29 [---] Preferences limit memory usage when idle to 880.01MB
21-May-2008 13:48:29 [---] Preferences limit disk usage to 9.31GB
21-May-2008 13:48:29 [---] Running CPU benchmarks
*** buffer overflow detected ***: boinc terminated
======= Backtrace: =========
/lib/libc.so.6(__fortify_fail+0x48)[0xb4bce8]
/lib/libc.so.6[0xb49de0]
/lib/libc.so.6[0xb494d8]
/lib/libc.so.6(_IO_default_xsputn+0xc8)[0xac0e48]
/lib/libc.so.6(_IO_vfprintf+0x3ad0)[0xa97220]
/lib/libc.so.6(__vsprintf_chk+0xa7)[0xb49587]
/lib/libc.so.6(__sprintf_chk+0x2d)[0xb494cd]
boinc[0x8092cfe]
boinc[0x8092d2d]
boinc[0x8092d2d]
boinc[0x8092d2d]
boinc[0x8092d2d]
boinc[0x8092d2d]
boinc[0x806da11]
boinc[0x806f303]
boinc[0x8084cc7]
boinc[0x806edeb]
boinc[0x805cca0]
boinc[0x808282e]
boinc[0x8082aa0]
/lib/libc.so.6(__libc_start_main+0xe6)[0xa6b5d6]
boinc(_ZNSt8ios_base4InitD1Ev+0x51)[0x804b171]
======= Memory map: ========
00110000-00111000 r-xp 00110000 00:00 0          [vdso]
00111000-0011b000 r-xp 00000000 08:03 2760825    /lib/libnss_files-2.8.so
0011b000-0011c000 r--p 0000a000 08:03 2760825    /lib/libnss_files-2.8.so
0011c000-0011d000 rw-p 0000b000 08:03 2760825    /lib/libnss_files-2.8.so
002cd000-002da000 r-xp 00000000 08:03 2763147    /lib/libgcc_s-4.3.0-20080428.so.1
002da000-002db000 rw-p 0000c000 08:03 2763147    /lib/libgcc_s-4.3.0-20080428.so.1
00362000-00373000 r-xp 00000000 08:03 2763151    /lib/libresolv-2.8.so
00373000-00374000 r--p 00010000 08:03 2763151    /lib/libresolv-2.8.so
00374000-00375000 rw-p 00011000 08:03 2763151    /lib/libresolv-2.8.so
00375000-00377000 rw-p 00375000 00:00 0 
00379000-00460000 r-xp 00000000 08:03 2503744    /usr/lib/libstdc++.so.6.0.10
00460000-00464000 r--p 000e6000 08:03 2503744    /usr/lib/libstdc++.so.6.0.10
00464000-00466000 rw-p 000ea000 08:03 2503744    /usr/lib/libstdc++.so.6.0.10
00466000-0046b000 rw-p 00466000 00:00 0 
007e9000-007ff000 r-xp 00000000 08:03 2760920    /lib/libnsl-2.8.so
007ff000-00800000 r--p 00015000 08:03 2760920    /lib/libnsl-2.8.so
00800000-00801000 rw-p 00016000 08:03 2760920    /lib/libnsl-2.8.so
00801000-00803000 rw-p 00801000 00:00 0 
00873000-00875000 r-xp 00000000 08:03 2763159    /lib/libcom_err.so.2.1
00875000-00876000 rw-p 00001000 08:03 2763159    /lib/libcom_err.so.2.1
008db000-008dd000 r-xp 00000000 08:03 2763158    /lib/libkeyutils-1.2.so
008dd000-008de000 rw-p 00001000 08:03 2763158    /lib/libkeyutils-1.2.so
008e0000-0090d000 r-xp 00000000 08:03 2918437    /usr/lib/libgssapi_krb5.so.2.2
0090d000-0090f000 rw-p 0002d000 08:03 2918437    /usr/lib/libgssapi_krb5.so.2.2
00911000-00935000 r-xp 00000000 08:03 2918435    /usr/lib/libk5crypto.so.3.1
00935000-00936000 rw-p 00024000 08:03 2918435    /usr/lib/libk5crypto.so.3.1
00938000-009d5000 r-xp 00000000 08:03 2918436    /usr/lib/libkrb5.so.3.3
009d5000-009d8000 rw-p 0009c000 08:03 2918436    /usr/lib/libkrb5.so.3.3
009da000-009e2000 r-xp 00000000 08:03 2918434    /usr/lib/libkrb5support.so.0.1
009e2000-009e3000 rw-p 00007000 08:03 2918434    /usr/lib/libkrb5support.so.0.1
00a35000-00a51000 r-xp 00000000 08:03 2763133    /lib/ld-2.8.so
00a51000-00a52000 r--p 0001c000 08:03 2763133    /lib/ld-2.8.so
00a52000-00a53000 rw-p 0001d000 08:03 2763133    /lib/ld-2.8.so
00a55000-00bb8000 r-xp 00000000 08:03 2763134    /lib/libc-2.8.so
00bb8000-00bba000 r--p 00163000 08:03 2763134    /lib/libc-2.8.so
00bba000-00bbb000 rw-p 00165000 08:03 2763134    /lib/libc-2.8.so
00bbb000-00bbe000 rw-p 00bbb000 00:00 0 
00bc0000-00be7000 r-xp 00000000 08:03 2763146    /lib/libm-2.8.so
00be7000-00be8000 r--p 00026000 08:03 2763146    /lib/libm-2.8.so
00be8000-00be9000 rw-p 00027000 08:03 2763146    /lib/libm-2.8.so
00beb000-00bee000 r-xp 00000000 08:03 2763137    /lib/libdl-2.8.so
00bee000-00bef000 r--p 00002000 08:03 2763137    /lib/libdl-2.8.so
00bef000-00bf0000 rw-p 00003000 08:03 2763137    /lib/libdl-2.8.so
00bf2000-00c07000 r-xp 00000000 08:03 2763135    /lib/libpthread-2.8.so
00c07000-00c08000 r--p 00014000 08:03 2763135    /lib/libpthread-2.8.so
00c08000-00c09000 rw-p 00015000 08:03 2763135    /lib/libpthread-2.8.so
00c09000-00c0b000 rw-p 00c09000 00:00 0 
00c0d000-00c20000 r-xp 00000000 08:03 2763145    /lib/libz.so.1.2.3
00c20000-00c21000 rw-p 00012000 08:03 2763145    /lib/libz.so.1.2.3
00c23000-00c3d000 r-xp 00000000 08:03 2763138    /lib/libselinux.so.1
00c3d000-00c3e000 r--p 00019000 08:03 2763138    /lib/libselinux.so.1
00c3e000-00c3f000 rw-p 0001a000 08:03 2763138    /lib/libselinux.so.1
044b4000-045eb000 r-xp 00000000 08:03 2763160    /lib/libcrypto.so.0.9.8g
045eb000-045ff000 rw-p 00136000 08:03 2763160    /lib/libcrypto.so.0.9.8g
045ff000-04602000 rw-p 045ff000 00:00 0 
04604000-0464b000 r-xp 00000000 08:03 2763161    /lib/libssl.so.0.9.8g
0464b000-0464f000 rw-p 00046000 08:03 2763161    /lib/libssl.so.0.9.8g
0510d000-0514d000 r-xp 00000000 08:03 2918464    /usr/lib/libldap-2.4.so.2.0.4
0514d000-0514f000 rw-p 0003f000 08:03 2918464    /usr/lib/libldap-2.4.so.2.0.4
05151000-0515f000 r-xp 00000000 08:03 2501269    /usr/lib/liblber-2.4.so.2.0.4
0515f000-05160000 rw-p 0000d000 08:03 2501269    /usr/lib/liblber-2.4.so.2.0.4
0526e000-05277000 r-xp 00000000 08:03 2760857    /lib/libcrypt-2.8.so
05277000-05278000 r--p 00009000 08:03 2760857    /lib/libcrypt-2.8.so
05278000-05279000 rw-p 0000a000 08:03 2760857    /lib/libcrypt-2.8.so
05279000-052a0000 rw-p 05279000 00:00 0 
055c3000-055fa000 r-xp 00000000 08:03 2760875    /lib/libnspr4.so
055fa000-055fb000 rw-p 00037000 08:03 2760875    /lib/libnspr4.so
055fb000-055fd000 rw-p 055fb000 00:00 0 
055ff000-05603000 r-xp 00000000 08:03 2763168    /lib/libplc4.so
05603000-05604000 rw-p 00003000 08:03 2763168    /lib/libplc4.so
05606000-05608000 r-xp 00000000 08:03 2763169    /lib/libplds4.so
05608000-05609000 rw-p 00002000 08:03 2763169    /lib/libplds4.so
0560b000-0563c000 r-xp 00000000 08:03 2763166    /lib/libidn.so.11.5.28
0563c000-0563d000 rw-p 00030000 08:03 2763166    /lib/libidn.so.11.5.28
0563f000-05770000 r-xp 00000000 08:03 2763171    /lib/libnss3.so
05770000-05775000 rw-p 00131000 08:03 2763171    /lib/libnss3.so
05777000-0578d000 r-xp 00000000 08:03 2763170    /lib/libnssutil3.so
0578d000-05790000 rw-p 00015000 08:03 2763170    /lib/libnssutil3.so
05eb1000-05ee0000 r-xp 00000000 08:03 2763172    /lib/libssl3.so
05ee0000-05ee2000 rw-p 0002e000 08:03 2763172    /lib/libssl3.so
05ee4000-05f0a000 r-xp 00000000 08:03 2763173    /lib/libsmime3.so
05f0a000-05f0c000 rw-p 00026000 08:03 2763173    /lib/libsmime3.so
05f0e000-05f26000 r-xp 00000000 08:03 2918463    /usr/lib/libsasl2.so.2.0.22
05f26000-05f27000 rw-p 00017000 08:03 2918463    /usr/lib/libsasl2.so.2.0.22
06065000-060a5000 r-xp 00000000 08:03 2918465    /usr/lib/libcurl.so.4.0.1
060a5000-060a7000 rw-p 0003f000 08:03 2918465    /usr/lib/libcurl.so.4.0.1
08048000-080c0000 r-xp 00000000 08:03 2499393    /usr/bin/boinc_client
080c0000-080c1000 rw-p 00078000 08:03 2499393    /usr/bin/boinc_client
080c1000-080ca000 rw-p 080c1000 00:00 0 
08bfb000-08c1c000 rw-p 08bfb000 00:00 0          [heap]
b802a000-b8033000 rw-p b802a000 00:00 0 
b8049000-b804a000 rw-p b8049000 00:00 0 
bfc2c000-bfc49000 rw-p bffe3000 00:00 0          [stack]
SIGABRT: abort called
Stack trace (28 frames):
boinc[0x80916ee]
[0x110400]
[0x110416]
/lib/libc.so.6(gsignal+0x50)[0xa7f660]
/lib/libc.so.6(abort+0x188)[0xa81028]
/lib/libc.so.6[0xabc5bd]
/lib/libc.so.6(__fortify_fail+0x48)[0xb4bce8]
/lib/libc.so.6[0xb49de0]
/lib/libc.so.6[0xb494d8]
/lib/libc.so.6(_IO_default_xsputn+0xc8)[0xac0e48]
/lib/libc.so.6(_IO_vfprintf+0x3ad0)[0xa97220]
/lib/libc.so.6(__vsprintf_chk+0xa7)[0xb49587]
/lib/libc.so.6(__sprintf_chk+0x2d)[0xb494cd]
boinc[0x8092cfe]
boinc[0x8092d2d]
boinc[0x8092d2d]
boinc[0x8092d2d]
boinc[0x8092d2d]
boinc[0x8092d2d]
boinc[0x806da11]
boinc[0x806f303]
boinc[0x8084cc7]
boinc[0x806edeb]
boinc[0x805cca0]
boinc[0x808282e]
boinc[0x8082aa0]
/lib/libc.so.6(__libc_start_main+0xe6)[0xa6b5d6]
boinc(_ZNSt8ios_base4InitD1Ev+0x51)[0x804b171]
 
Exiting...


Expected results:


Additional info:

Comment 1 Milos Jakubicek 2008-05-21 20:50:19 UTC

How did you start it?
Please follow http://fedoraproject.org/wiki/MilosJakubicek/HowToUseBoinc

Comment 2 Lyos Gemini Norezel 2008-05-22 14:19:01 UTC

(In reply to comment #1)
> How did you start it?
> Please follow http://fedoraproject.org/wiki/MilosJakubicek/HowToUseBoinc

I looked... and of course... I was attempting to start it in the wrong fashion. 

Perhaps some startup detection code is called for? 
Lyos Gemini Norezel

P.S.- Seeing as this 'bug' is only reproducible via the incorrect startup
method... I suspect this one can be closed. Though I would strongly advise the
above suggested startup detection code to determine how it is being started.

Comment 3 Milos Jakubicek 2008-05-22 18:07:26 UTC

You're not the first to report this -- I know about, therefore I've written the
Wiki. IMO the reason is that boinc_client takes your current working directory
as its working directory -- not only it tries to create new files there (which
can fail on "permission denied"), it also parses the directory recursively in
order to find its files (project files etc.) and tries using them...no wonder it
fails.

Comment 4 Lyos Gemini Norezel 2008-05-23 14:15:45 UTC

(In reply to comment #3)
> You're not the first to report this -- I know about, therefore I've written the
> Wiki. 

Interesting... there's no other, even remotely, similar bug reports in bugzilla.

> IMO the reason is that boinc_client takes your current working directory
> as its working directory -- not only it tries to create new files there (which
> can fail on "permission denied"), it also parses the directory recursively in
> order to find its files (project files etc.) and tries using them...no wonder 
> it fails.

Hmmm.... perhaps the solution would be to move boinc to it's own folder, and
symlink where needed. 

I'm not much of a coder... but perhaps I can help. 

Lyos Gemini Norezel
AIM: LyosNorezel

Comment 5 Milos Jakubicek 2008-05-27 20:14:54 UTC

(In reply to comment #4)
> (In reply to comment #3)
> > You're not the first to report this -- I know about, therefore I've written the
> > Wiki. 
> 
> Interesting... there's no other, even remotely, similar bug reports in bugzilla.

There are some...#444021 for example.

> > IMO the reason is that boinc_client takes your current working directory
> > as its working directory -- not only it tries to create new files there (which
> > can fail on "permission denied"), it also parses the directory recursively in
> > order to find its files (project files etc.) and tries using them...no wonder 
> > it fails.
> 
> Hmmm.... perhaps the solution would be to move boinc to it's own folder, and
> symlink where needed. 

??? I don't understand...once more: it takes YOUR cwd, not the directory where
boinc is located. Therefore (not only) there is the init script which sets
proper working directory (--dir parameter).

Note You need to log in before you can comment on or make changes to this bug.