Public bug reported:
== Comment: #0 - Christian Rund <[email protected]> - 2016-04-19
04:39:32 ==
When building the included test cases from the libica-2.6.1 package we ran into
a bad memory access scenario (segmentation fault).
To reproduce:
1) Unpack and compile libica-2.6.1.tar.gz from Sourceforge on an Ubuntu 16.04
instance, kernel 4.4.0-17-generic.
2) cd libica-2.6.1/src/tests
3) ./icastats_test
To enable writing core files, enter ulimit -c unlimited
Observe:
libicastats_test core dumps as follows:
ulimit -c unlimited
less /var/log/apport.log
ERROR: apport (pid 21597) Mon Apr 11 11:02:14 2016: called for pid 21596,
signal 11, core limit 0
ERROR: apport (pid 21597) Mon Apr 11 11:02:14 2016: executable:
/root/crypto/libica-2.6.0/src/tests/icastats_test (command line
"./icastats_test")
ERROR: apport (pid 21597) Mon Apr 11 11:02:14 2016: executable does not belong
to a package, ignoring
(gdb) run
Starting program: /root/crypto/libica-2.6.1/src/tests/icastats_test
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/s390x-linux-gnu/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x000003fffde979fa in set_switches () from /usr/lib/s390x-linux-gnu/libica.so.2
(gdb) bt
#0 0x000003fffde979fa in set_switches () from
/usr/lib/s390x-linux-gnu/libica.so.2
#1 0x000003fffde863a2 in icainit () from /usr/lib/s390x-linux-gnu/libica.so.2
#2 0x000003fffdf90aba in call_init (l=<optimized out>, argc=argc@entry=1,
argv=argv@entry=0x3fffffff5d8,
env=env@entry=0x3fffffff5e8) at dl-init.c:72
#3 0x000003fffdf90bc8 in call_init (env=<optimized out>, argv=<optimized out>,
argc=<optimized out>, l=<optimized out>)
at dl-init.c:30
#4 _dl_init (main_map=0x3fffdfa6158, argc=<optimized out>, argv=0x3fffffff5d8,
env=0x3fffffff5e8) at dl-init.c:120
#5 0x000003fffdf80f7c in _dl_start_user () from /lib/ld64.so.1
Dump of assembler code for function set_switches:
0x000003fffde97988 <+0>: stmg %r9,%r15,72(%r15)
0x000003fffde9798e <+6>: ear %r1,%a0
0x000003fffde97992 <+10>: lay %r15,-464(%r15)
0x000003fffde97998 <+16>: sllg %r1,%r1,32
0x000003fffde9799e <+22>: ear %r1,%a1
0x000003fffde979a2 <+26>: la %r11,440(%r15)
0x000003fffde979a6 <+30>: mvc 456(8,%r15),40(%r1)
0x000003fffde979ac <+36>: xc 440(16,%r15),440(%r15)
0x000003fffde979b2 <+42>: lgr %r13,%r2
0x000003fffde979b6 <+46>: cgijne %r2,0,0x3fffde97ace <set_switches+326>
0x000003fffde979bc <+52>: lgrl %r5,0x3fffdea3400
0x000003fffde979c2 <+58>: lhi %r0,128
0x000003fffde979c6 <+62>: aghik %r2,%r5,4
0x000003fffde979cc <+68>: aghi %r5,244
0x000003fffde979d0 <+72>: l %r1,0(%r2)
0x000003fffde979d4 <+76>: lg %r3,4(%r2)
0x000003fffde979da <+82>: risbgn %r4,%r1,60,191,125
0x000003fffde979e0 <+88>: nilf %r1,7
0x000003fffde979e6 <+94>: llc %r4,440(%r4,%r15)
0x000003fffde979ec <+100>: srak %r1,%r0,0(%r1)
0x000003fffde979f2 <+106>: nr %r1,%r4
0x000003fffde979f4 <+108>: lcr %r1,%r1
0x000003fffde979f6 <+110>: srl %r1,31
=> 0x000003fffde979fa <+114>: st %r1,0(%r3)
0x000003fffde979fe <+118>: aghi %r2,16
0x000003fffde97a02 <+122>: cgrjne %r5,%r2,0x3fffde979d0 <set_switches+72>
(gdb) info line *0x000003fffde979fa
No line number information available for address 0x3fffde979fa
<set_switches+114>
// I tried to add the src directory, change gcc Options and recompiled - but
did not get line
// numbers in - sorry.
(gdb) info registers
r0 0x80 128
r1 0xffffffff00000001 18446744069414584321
r2 0x2aa000082e4 2929167729380
r3 0x0 0
r4 0xf0 240
r5 0x2aa000083d4 2929167729620
r6 0x0 0
r7 0x3fffffff5e8 4398046508520
r8 0x3fffffff5e8 4398046508520
r9 0x3fffffff220 4398046507552
r10 0x3fffffff2a0 4398046507680
r11 0x3fffffff338 4398046507832
r12 0x3fffdfa5000 4398012583936
r13 0x5 5
r14 0x3fffde97b14 4398011480852
r15 0x3fffffff180 4398046507392
pc 0x3fffde979fa 0x3fffde979fa <set_switches+114>
cc 0x1 1
== Comment: #1 - Ingo Tuchscherer <[email protected]> - 2016-04-19
05:12:46 ==
The initialization of the s390 hardware switches was not done correctly.
This could lead to illegal access and segmentation fault.
Changed declaration of hardware switches to ensure uniqueness across compile
units and thereby proper initialization.
An appropriate fix is available on sourceforge:
https://sourceforge.net/p/opencryptoki/libica/ci/b73a9c6bcfded1f15cb02692fe5ed38fad05c8a0/
== Comment: #2 - Heinz-Werner Seeck <[email protected]> -
2016-04-19 05:16:35 ==
Canonical, when can this be integrated?
** Affects: ubuntu
Importance: Undecided
Assignee: Skipper Bug Screeners (skipper-screen-team)
Status: New
** Tags: architecture-s39064 bugnameltc-140457 severity-medium
targetmilestone-inin1604
** Tags added: architecture-s39064 bugnameltc-140457 severity-medium
targetmilestone-inin1604
** Changed in: ubuntu
Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1572039
Title:
segmentation fault occurred during libica-2.6.1 tests
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/1572039/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
