[Dovecot] IMAP crashes with signal 10 (SIGBUS)
I wrote:
Any idea on what's causing this?
Description: imap process crashed with SIGBUS.
Versions: OS: Solaris 8, 9 Dovecot: 1.0-test57 Gcc: 3.2
same with 3.4.3
Backtrace: #0 mbox_file_seek (ibox=0x8d9b0, view=0x8dc38, seq=2, deleted_r=0xffbef40c) at mbox-file.c:119 ...
Subsequent versions still crashed and I looked into the problem further. Specifically it crashes at this line
offset = *((const uint64_t *)data);
when "data" assumes a non-64 bit aligned value. At first I thought that 64-bit ints should always be aligned on 64-bit boundaries, but when I isolated this code into a standalone executable to demonstrate it (no arguments to cause a crash, one argument is OK):
int main (int argc, char *argv[]) {
int a[]={1,2,3,4};
long long int i64;
void *p=(void *) (&a[argc]);;
printf("Pointer to 32-bit int = %x\n",p);
i64 = *((long long int *)p);
printf("Successful casting to 64-bit int: value=%016llx\n",i64);
}
I found out that the presence of any optimisation (-O, -O2, -O3) will cause this to crash, yet it will work if no optimisation is present even though a pointer being cast is still not aligned on a 64-bit boundary (but aligned on a 32-bit boundary).
I check the gcc bug web page page came up with this reference which may explain this behaviour.
http://gcc.gnu.org/bugs.html#known
- see section "Casting does not work as expected when optimization is turned on"
http://mail-index.netbsd.org/tech-kern/2003/08/11/0001.html
They claim that this casting violates ISO aliasing rules and the results like crashing are to be expected. Maybe this statement ought to be rewritten
memcpy(&offset,data,sizeof(uint64_t));
There is one other statement at
mbox-synbc.c:319 (1.0-test59)
that may need this consideration.
Joseph Tam <tam@math.ubc.ca>
On 8.1.2005, at 01:59, Joseph Tam wrote:
Subsequent versions still crashed and I looked into the problem further. Specifically it crashes at this line
offset = *((const uint64_t *)data);
when "data" assumes a non-64 bit aligned value. At first I thought that 64-bit ints should always be aligned on 64-bit boundaries, but when I isolated this code into a standalone executable to demonstrate it (no arguments to cause a crash, one argument is OK):
The bug is that the data pointer in there should always be 64bit aligned. There exists code which tries to keep it 64bit aligned, but apparently there's a bug somewhere. I haven't yet tried to find it. So many other things to do..
They claim that this casting violates ISO aliasing rules and the results like crashing are to be expected. Maybe this statement ought to be rewritten
memcpy(&offset,data,sizeof(uint64_t));
That's a good workaround until it's really fixed.
On Sat, 8 Jan 2005, Timo Sirainen wrote:
On 8.1.2005, at 01:59, Joseph Tam wrote:
Subsequent versions still crashed and I looked into the problem further. Specifically it crashes at this line
offset = *((const uint64_t *)data);
when "data" assumes a non-64 bit aligned value. At first I thought that 64-bit ints should always be aligned on 64-bit boundaries, but when I isolated this code into a standalone executable to demonstrate it (no arguments to cause a crash, one argument is OK):
The bug is that the data pointer in there should always be 64bit aligned. There exists code which tries to keep it 64bit aligned, but apparently there's a bug somewhere. I haven't yet tried to find it. So many other things to do..
Thanks, Timo. If it helps, I traced the non-64 aligned value to this statement,
dovecot-1.0-test59/src/lib-index/mail-index-view.c:394
*data_r = offset == 0 ? NULL : CONST_PTR_OFFSET(rec, offset);
rec=ff2500bc offset=8 -> *data_r=ff2500c4
Joseph Tam <tam@math.ubc.ca>
participants (2)
-
Joseph Tam
-
Timo Sirainen