Ubuntu
fwts package

fwts: stack smashing detected on 32 bit system

Bug #1461520 reported by dino99 on 2015-06-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	fwts (Ubuntu)	Fix Released	High	Colin Ian King

Bug Description

Testing the newest Wily fwts package from a terminal:

sudo fwts -f -r fwts0615.log
[sudo] password for oem:
Running 44 tests, results appended to fwts0615.log
Test: Gather kernel system information.
  Gather kernel signature. 1 info only
  Gather kernel system information. 1 info only
  Gather kernel boot command line. 1 info only
  Gather ACPI driver version. 1 info only
Test: Gather BIOS DMI information.
  Gather BIOS DMI information 1 info only
Test: Scan kernel log for Oopses.
  Kernel log oops check. 2 passed
Test: Scan kernel log for errors and warnings.
  Kernel log error check. 3 failed
Test: MTRR tests.
  Validate the kernel MTRR IOMEM setup. 1 passed
*** stack smashing detected ***: fwts terminated

Apport fails to report that issue: does not open the chromium launchpad report page, so i join the crash file
---
ApportVersion: 2.17.3-0ubuntu3
Architecture: i386
CurrentDesktop: GNOME
DistroRelease: Ubuntu 15.10
NonfreeKernelModules: nvidia
Package: fwts 15.06.00-0ubuntu1
PackageArchitecture: i386
ProcVersionSignature: Ubuntu 3.19.0-20.20-generic 3.19.8
Tags: wily package-from-proposed
Uname: Linux 3.19.0-20-generic i686
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
_MarkForUpload: True

See original description

Tags:

Related branches

lp:ubuntu/wily-proposed/fwts

Revision history for this message

dino99 (9d9) wrote on 2015-06-03:

_usr_bin_fwts.0.crash Edit (330.2 KiB, text/plain)

tags:	added: apport-collected package-from-proposed wily
description:	updated

Revision history for this message

dino99 (9d9) wrote on 2015-06-03: Dependencies.txt

Dependencies.txt Edit (715 bytes, text/plain)

apport information

Revision history for this message

dino99 (9d9) wrote on 2015-06-03: JournalErrors.txt

JournalErrors.txt Edit (22.6 KiB, text/plain)

apport information

Revision history for this message

dino99 (9d9) wrote on 2015-06-03: ProcEnviron.txt

ProcEnviron.txt Edit (328 bytes, text/plain)

apport information

Revision history for this message

Colin Ian King (colin-king) wrote on 2015-06-03: Re: stack smashing detected

The crash occurred while parsing the kernel log, so it would be useful if I could get a copy of that.

Can you attach the output from:

dmesg > dmesg.log

and also the /var/log/syslog

Thanks

Changed in fwts (Ubuntu):
status:	New → Incomplete
importance:	Undecided → High
assignee:	nobody → Colin Ian King (colin-king)

Revision history for this message

dino99 (9d9) wrote on 2015-06-03:

dmesg.log Edit (62.9 KiB, text/plain)

Here is dmesg & syslog; thanks for the quick reply

Revision history for this message

dino99 (9d9) wrote on 2015-06-03:

syslog Edit (635.7 KiB, text/plain)

Changed in fwts (Ubuntu):
status:	Incomplete → Confirmed

Revision history for this message

Colin Ian King (colin-king) wrote on 2015-06-04:

Can you also add the output to /proc/mtrr to the bug report too. Thanks!

Revision history for this message

Colin Ian King (colin-king) wrote on 2015-06-04:

Actually, I've now figured out the bug and can reproduce it on a 32 bit system. The regular expression engine used the the fwts klog scanner was using a vector of size 1, when the size should be a multiple of 3 ints, so this was causing the pcre regex execution to trash the end of the stack and hence cause this bug.

Changed in fwts (Ubuntu):
status:	Confirmed → Fix Committed
status:	Fix Committed → In Progress
summary:	- stack smashing detected + fwts: stack smashing detected on 32 bit system

Revision history for this message

dino99 (9d9) wrote on 2015-06-04:

#10

hm /proc/mtrr seems empty (0 byte) into nautilus , and when 'cat' is used. But double-clicking on that file is showing:

reg00: base=0x000000000 ( 0MB), size= 2048MB, count=1: write-back
reg01: base=0x080000000 ( 2048MB), size= 1024MB, count=1: write-back
reg02: base=0x100000000 ( 4096MB), size= 1024MB, count=1: write-back

Revision history for this message

Colin Ian King (colin-king) wrote on 2015-06-04:

#11

Fix sent to mailing list for inclusion into the next release of fwts

https://lists.ubuntu.com/archives/fwts-devel/2015-June/006209.html

Revision history for this message

Colin Ian King (colin-king) wrote on 2015-06-04:

#12

Aside note, /proc/mttr is not readable in nautilus probably because it does stat() on the file and gets zero bytes (which is what /proc/mttr returns), where as cat just reads the data and ignores the bogus stat size.

Revision history for this message

Colin Ian King (colin-king) wrote on 2015-06-12:

#13

Fix committed: http://kernel.ubuntu.com/git/hwe/fwts.git/commit/?id=8d5c68c4ecd43b96665b0e7fc8487f92a0c28041

Changed in fwts (Ubuntu):
status:	In Progress → Fix Committed

Colin Ian King (colin-king) on 2015-07-08

Changed in fwts (Ubuntu):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntufwts package

fwts: stack smashing detected on 32 bit system

Bug Description

Related branches

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
fwts package