Fixed
Created: Aug 22, 2016
Updated: Dec 3, 2018
Resolved Date: Aug 24, 2016
Found In Version: 8.0.0.4
Fix Version: 8.0.0.9
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace
The backtrace looked something like: (edited)
#0 0xb6b9b10c in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:55
#1 0xb6b9eeb8 in __GI_abort () at abort.c:89
#2 0x7f6874e4 in __subvsi3 (a=<optimized out>, b=<optimized out>) at libgcc2.c:119
# 3 0x7f685a70 in strlcpy (dst=dst@entry=0xb6f07000 "", src=src@entry=0xb6cb2088 <lock> "", siz=siz@entry=214) at strlcpy.c:55
#4 0x7f6562cc in xstrdup (str=0xb6cb2088 <lock> "", str@entry=0x7fffff48 "..."...) at xmalloc.c:78
#5 0x7f64d258 in match_list (client=<optimized out>, server=0x7fffff48 "..."..., next=next@entry=0x0) at match.c:247
#6 0x7f67511c in choose_mac (ssh=<optimized out>, server=<optimized out>, client=<optimized out>, mac=0x80000de0) at kex.c:554
#7 kex_choose_conf (ssh=0x80002490) at kex.c:699
#8 kex_input_kexinit (type=<optimized out>, seq=<optimized out>, ctxt=0x80002490) at kex.c:425
#9 0x7f6586b8 in ssh_dispatch_run (ssh=ssh@entry=0x80002490, mode=0, done=0x7ffff7b8, ctxt=0x80002490) at dispatch.c:119
#10 0x7f65871c in ssh_dispatch_run_fatal (ssh=0x80002490, mode=<optimized out>, done=<optimized out>, ctxt=<optimized out>) at dispatch.c:140
#11 0x7f608734 in do_ssh2_kex () at sshd.c:2613
#12 main (ac=<optimized out>, av=<optimized out>) at sshd.c:2218
What can be seen is that the abort() is generated from a function
called __subvsi3. This function is generated by gcc when compiling
with the -ftrapv feature. This feature adds iverflow checks to
arithmentic operations.
This was reported from CI tests (on E/// site) that were doing ssh logins to target.
It happens in different times and was seemingly not related to the
specific tests run.
---
HW: VLM barcode 98981052
128.224.95.181
-
create a project and an SDK based likethis:
/opt/wrlinux_8_0_head/wrlinux/configure --enable-kernel=standard --enable-rootfs=glibc-std --enable-board=axxiaarm
then from the SDK environment build two executables using attached source code:
$CC -ftrapv ./temp.c strlcpy.c -o ./foo_trapv
$CC ./temp.c strlcpy.c -o ./foo_no_trapv
and you will get:
root@axxiaarm:~# ./foo_no_trapv
Found ptr ! ptr=0x7fffffa0 after 17657821 loops
ptr = 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789
dst = 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789
root@axxiaarm:~# ./foo_trapv
Found ptr ! ptr=0x7ffffff8 after 17710626 loops
ptr = 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789 0123456789
Aborted