[Dovecot] IMAP crashes with signal 10 (SIGBUS)

Joseph Tam tam at math.ubc.ca
Sat Jan 8 01:59:11 EET 2005


I wrote:

> Any idea on what's causing this?
> 
> Description:
>  	imap process crashed with SIGBUS.
> 
> Versions:
>  	OS: Solaris 8, 9
>  	Dovecot: 1.0-test57
>  	Gcc: 3.2

 	same with 3.4.3

> 
> Backtrace:
>  	#0  mbox_file_seek (ibox=0x8d9b0, view=0x8dc38, seq=2, deleted_r=0xffbef40c) at mbox-file.c:119
>	...

Subsequent versions still crashed and I looked into the problem further.  Specifically it
crashes at this line

 	offset = *((const uint64_t *)data);

when "data" assumes a non-64 bit aligned value.  At first I thought that 64-bit
ints should always be aligned on 64-bit boundaries, but when I isolated this code
into a standalone executable to demonstrate it (no arguments to cause a crash, one
argument is OK):

 	int main (int argc, char *argv[]) {
 		int		a[]={1,2,3,4};
 		long long int	i64;
 		void 		*p=(void *) (&a[argc]);;

 		printf("Pointer to 32-bit int = %x\n",p);
 		i64 = *((long long int *)p);
 		printf("Successful casting to 64-bit int: value=%016llx\n",i64);
 	}

I found out that the presence of any optimisation (-O, -O2, -O3) will cause this to
crash, yet it will work if no optimisation is present even though a pointer being cast
is still not aligned on a 64-bit boundary (but aligned on a 32-bit boundary).

I check the gcc bug web page page came up with this reference which may explain this
behaviour.

 	http://gcc.gnu.org/bugs.html#known
 		- see section "Casting does not work as expected when optimization is turned on"
 	http://mail-index.netbsd.org/tech-kern/2003/08/11/0001.html

They claim that this casting violates ISO aliasing rules and the results like
crashing are to be expected.  Maybe this statement ought to be rewritten

 	memcpy(&offset,data,sizeof(uint64_t));

There is one other statement at

 	mbox-synbc.c:319 (1.0-test59)

that may need this consideration.

Joseph Tam <tam at math.ubc.ca>


More information about the dovecot mailing list