thr3ads.net - dovecot - Segmentation fault in "make check" test_istream_multiplex for 2.3.0 on Solaris Sparc [Feb 2018]

If this information is useful, please help other people find it:
Share via:

Rainer Jung

2018-Feb-06 20:37 UTC

Segmentation fault in "make check" test_istream_multiplex for 2.3.0 on Solaris Sparc

Hi there,

I get a crash when doing "make check" for version 2.3.0 on Solaris
Sparc.

The build was done with gcc 7.3.0.

The crash happens in ioloop-poll.c line 181 when running 
test_istream_multiplex.c:

#0  io_loop_handler_run_internal (ioloop=ioloop at entry=0x130dd0) at 
ioloop-poll.c:181
181                     if (pollfd->revents != 0) {

Due to the code

    180                  pollfd = &ctx->fds[ctx->fd_index[io->fd]];
    181                  if (pollfd->revents != 0) {

I can see in gdb, that io->fd is "-1", so using it as an array
index
doesn't make much sense:

(gdb) print io->fd
$2 = -1

and the resulting address of pollfd is not valid. The full io struct is:

(gdb) print *io
$3 = {io = {condition = IO_READ, source_filename = 0x8c680 
"test-multiplex.c", source_linenum = 84, pending = false, callback = 
0x33c14 <test_istream_multiplex_stream_read>,
     context = 0xc4b80 <test_channel+48>, ioloop = 0x130dd0, ctx = 0x0}, 
prev = 0xecfc0, next = 0xd3548, refcount = 1, fd = -1, istream = 0xd31e8}

Full stack:

[Current thread is 2 (Thread 1 (LWP 1))]
(gdb) bt full
#0  io_loop_handler_run_internal (ioloop=ioloop at entry=0x130dd0) at 
ioloop-poll.c:181
         ctx = 0xd05b8
         pollfd = 0x526cd8b0
         tv = {tv_sec = 2147483, tv_usec = 0}
         io = 0xecd50
         msecs = <optimized out>
         ret = 1
         call = <optimized out>
#1  0x000574a8 in io_loop_handler_run (ioloop=<optimized out>) at 
ioloop.c:666
No locals.
#2  0x0005779c in io_loop_run (ioloop=0x130dd0) at ioloop.c:639
         __func__ = "io_loop_run"
#3  0x00033f7c in test_multiplex_stream () at test-multiplex.c:147
         ioloop = 0x130dd0
         fds = {6, 7}
         os = 0x0
         is = 0x0
         ichan1 = 0xd31e8
         ochan1 = 0xd3470
         io = 0xd34c8
         ichan0 = 0x1b10e8
         ochan0 = 0x1b1290
#4  test_multiplex () at test-multiplex.c:164
No locals.
#5  0x0003e3d4 in test_run_named_funcs (tests=tests at entry=0x80444 
<test_functions>, match=match at entry=0x7fd38 "") at
test-common.c:255
         _data_stack_cur_id = 2
         i = <optimized out>
#6  0x0003f1d8 in test_run_named_with_fatals (match=0x7fd38 "", 
tests=0x80444 <test_functions>, fatals=0x7fde0 <fatal_functions>) at
test-common.c:337
No locals.
#7  0x0001e024 in _start ()

I unfortunately don't know, why the fd field is "-1".

Regards and thanks

Rainer

Aki Tuomi

2018-Feb-07 06:58 UTC

head link

Segmentation fault in "make check" test_istream_multiplex for 2.3.0 on Solaris Sparc

Hi!

Thank you for these, we'll look into them!

Aki


On 06.02.2018 22:37, Rainer Jung wrote:> Hi there,
>
> I get a crash when doing "make check" for version 2.3.0 on
Solaris Sparc.
>
> The build was done with gcc 7.3.0.
>
> The crash happens in ioloop-poll.c line 181 when running
> test_istream_multiplex.c:
>
> #0? io_loop_handler_run_internal (ioloop=ioloop at entry=0x130dd0) at
> ioloop-poll.c:181
> 181???????????????????? if (pollfd->revents != 0) {
>
> Due to the code
>
> ?? 180????????????????? pollfd =
&ctx->fds[ctx->fd_index[io->fd]];
> ?? 181????????????????? if (pollfd->revents != 0) {
>
> I can see in gdb, that io->fd is "-1", so using it as an array
index
> doesn't make much sense:
>
> (gdb) print io->fd
> $2 = -1
>
> and the resulting address of pollfd is not valid. The full io struct is:
>
> (gdb) print *io
> $3 = {io = {condition = IO_READ, source_filename = 0x8c680
> "test-multiplex.c", source_linenum = 84, pending = false,
callback > 0x33c14 <test_istream_multiplex_stream_read>,
> ??? context = 0xc4b80 <test_channel+48>, ioloop = 0x130dd0, ctx >
0x0}, prev = 0xecfc0, next = 0xd3548, refcount = 1, fd = -1, istream >
0xd31e8}
>
> Full stack:
>
> [Current thread is 2 (Thread 1 (LWP 1))]
> (gdb) bt full
> #0? io_loop_handler_run_internal (ioloop=ioloop at entry=0x130dd0) at
> ioloop-poll.c:181
> ??????? ctx = 0xd05b8
> ??????? pollfd = 0x526cd8b0
> ??????? tv = {tv_sec = 2147483, tv_usec = 0}
> ??????? io = 0xecd50
> ??????? msecs = <optimized out>
> ??????? ret = 1
> ??????? call = <optimized out>
> #1? 0x000574a8 in io_loop_handler_run (ioloop=<optimized out>) at
> ioloop.c:666
> No locals.
> #2? 0x0005779c in io_loop_run (ioloop=0x130dd0) at ioloop.c:639
> ??????? __func__ = "io_loop_run"
> #3? 0x00033f7c in test_multiplex_stream () at test-multiplex.c:147
> ??????? ioloop = 0x130dd0
> ??????? fds = {6, 7}
> ??????? os = 0x0
> ??????? is = 0x0
> ??????? ichan1 = 0xd31e8
> ??????? ochan1 = 0xd3470
> ??????? io = 0xd34c8
> ??????? ichan0 = 0x1b10e8
> ??????? ochan0 = 0x1b1290
> #4? test_multiplex () at test-multiplex.c:164
> No locals.
> #5? 0x0003e3d4 in test_run_named_funcs (tests=tests at entry=0x80444
> <test_functions>, match=match at entry=0x7fd38 "") at
test-common.c:255
> ??????? _data_stack_cur_id = 2
> ??????? i = <optimized out>
> #6? 0x0003f1d8 in test_run_named_with_fatals (match=0x7fd38 "",
> tests=0x80444 <test_functions>, fatals=0x7fde0
<fatal_functions>) at
> test-common.c:337
> No locals.
> #7? 0x0001e024 in _start ()
>
> I unfortunately don't know, why the fd field is "-1".
>
> Regards and thanks
>
> Rainer

dovecot - Feb 2018 - Segmentation fault in "make check" test_istream_multiplex for 2.3.0 on Solaris Sparc

Segmentation fault in "make check" test_istream_multiplex for 2.3.0 on Solaris Sparc

Segmentation fault in "make check" test_istream_multiplex for 2.3.0 on Solaris Sparc