Hopefully, there is some fix for issue 3 which is beyond my skill to fix. Issue 1) Need recent gcc version Building Dovecot versions <=2.2.x using gcc 3.4.4 worked, but this gcc version fails to build 2.3.x properly: symptoms include compile failures and executable crashes that depended on the amount of optimization used, which is usually a sign of compiler bugs. (It could also be issue 3 in disguise.) Either way, I updated to gcc 9.1.0. Issue 2) Cannot build with --enable-hardening Using gcc 9.1.0, "configure" step fails because fd passing was broken, but the real problem was a compilation failure when "--enable-hardening" is used. Demonstration: # echo 'int main(){char a[1]; strcpy(a,a);} ' | gcc -w -fstack-protector-strong -x c - Undefined first referenced symbol in file __stack_chk_guard /var/tmp//cc12L9zV.o (symbol scope specifies local binding) ld: fatal: symbol referencing errors. No output written to a.out collect2: error: ld returned 1 exit status I'm not sure if this is a Solaris10 fumble, but configuring "--disable-hardening" removes the "-fstack-protector-strong" compiler option, which resolves this issue. Issue 3) dovecot/doveconf segfaults on startup It crashes here while processing dovecot.conf, as does "doveconf" (settings-parser.c:1519 in setting_copy()) *dest_size = *src_size; It appears *src_size is not an 8-byte address aligned (0x5597c). It inherits this value from the calling routine as the sum of "set" (8-byte aligned) + "def->offset"=20 => misaligned address. (settings-parser.c:1597 in settings_dup_full()) src = CONST_PTR_OFFSET(set, def->offset); (gdb) p set $2 = (const void *) 0x55968 (gdb) p *def $3 = {type = SET_SIZE, key = 0x2d548 "submission_max_mail_size", offset = 20, list_info = 0x0} (gdb) bt full #0 0xff190690 in setting_copy (type=SET_SIZE, src=0x5798c, dest=0xf7ed4, pool=0xf29a0, keep_values=false) at settings-parser.c:1519 src_size = 0x5798c dest_size = 0xf7ed4 __func__ = "setting_copy" #1 0xff190bc4 in settings_dup_full (info=0x2d9ac <submission_setting_parser_info>, set=0x57978, pool=0xf29a0, keep_values=false) at settings-parser.c:1600 def = 0x2d7d4 <submission_setting_defines+80> src = 0x5798c dest_set = 0xf7ec0 dest = 0xf7ed4 children = 0x2c i = 1105688 count = 4279837964 #2 0xff192724 in settings_parser_dup (old_ctx=0x9ec08, new_pool=0xf29a0) at settings-parser.c:1946 new_ctx = 0x10def0 iter = 0x0 links = {_table = 0xa23c0, _key = 0xa23c0, _keyp = 0xa23c0, _const_key = 0xa23c0, _value = 0xa23c0, _valuep = 0xa23c0} new_link = 0x10b488 value = 0x0 key = 0x0 i = 0 parser_pool = 0x10ded8 keep_values = false __func__ = "settings_parser_dup" #3 0x0001fc0c in config_filter_parsers_get (ctx=0x657a8, pool=0xf29a0, modules=0x0, filter=0x583e8, parsers_r=0xffbff9c4, output_r=0xffbff9bc, error_r=0xffbffa44) at config-filter.c:372 src = 0xf29d8 dest = 0xf2a48 error = 0x0 error_p = 0x52cfc i = 26 count = 33 __func__ = "config_filter_parsers_get" #4 0x00021be4 in config_all_parsers_check (ctx=0xffbffac8, new_filter=0x657a8, error_r=0xffbffa44) at config-parser.c:441 parsers = 0x58180 tmp_parsers = 0x4 output = {specific_services = 0xf2a20, service_uses_local = false, service_uses_remote = false, used_local = false, used_remote = false, permission_denied = false} i = 0 count = 3 ssl_set = 0x4 <error: Cannot access memory at address 0x4> global_ssl_set = 0x32188 "" tmp_pool = 0xf29a0 ssl_warned = false ret = 0 __func__ = "config_all_parsers_check" #5 0x00022ec8 in config_parse_finish (ctx=0xffbffac8, error_r=0xffbffb98) at config-parser.c:747 new_filter = 0x657a8 error = 0x33c22 "/user=%s" ret = 0 #6 0x00024230 in config_parse_file (path=0x50468 "/local/dovecot/etc/dovecot/dovecot.conf", expand_values=false, modules=0x0, error_r=0xffbffb98) at config-parser.c:1064 root = {prev = 0x0, input = 0x0, path = 0x50468 "/local/dovecot/etc/dovecot/dovecot.conf", linenum = 400} ctx = {pool = 0x52b58, path = 0x50468 "/local/dovecot/etc/dovecot/dovecot.conf", , all_parsers = {arr = {buffer = 0x58160, element_size = 4}, v = 0x58160, v_modifiable = 0x58160}, root_parsers = 0x52b70, cur_section = 0x58388, cur_input = 0x0, str = 0x58458, pathlen = 0, section_counter = 6, error = 0x0, old = 0x58580, seen_settings = {_table = 0x0, _key = 0x0, _keyp = 0x0, _const_key = 0x0, _value = 0x0, _valuep = 0x0}, filter = 0x0, expand_values = false, hide_errors = false} i = 33 count = 33 key = 0x0 value = 0x0 full_line = 0x0 type = CONFIG_LINE_TYPE_SKIP line = 0x0 fd = -1 ret = 0 handled = false #7 0x000188dc in main (argc=1, argv=0xffbffc94) at doveconf.c:979 master_service_flags = (MASTER_SERVICE_FLAG_STANDALONE | MASTER_SERVICE_FLAG_NO_INIT_DATASTACK_FRAME | MASTER_SERVICE_FLAG_DONT_SEND_STATS) scope = CONFIG_DUMP_SCOPE_ALL orig_config_path = 0x46300 "/local/dovecot/etc/dovecot/dovecot.conf" config_path = 0x50468 "/local/dovecot/etc/dovecot/dovecot.conf" module = 0x1c00 <error: Cannot access memory at address 0x1c00> module_names = {arr = {buffer = 0x46338, element_size = 4}, v = 0x46338, v_modifiable = 0x46338} filter = {service = 0x0, local_name = 0x0, local_host = 0x0, remote_host = 0x0, local_net = {family = 0, u = {ip6 = {_S6_un = {_S6_u8 = '\000' <repeats 15 times>, _S6_u32 = {0, 0, 0, 0}, __S6_align = 0}}, ip4 = {S_un = {S_un_b = { s_b1 = 0 '\000', s_b2 = 0 '\000', s_b3 = 0 '\000', s_b4 = 0 '\000'}, S_un_w = { s_w1 = 0, s_w2 = 0}, S_addr = 0}}}}, remote_net = {family = 0, u = {ip6 = { _S6_un = {_S6_u8 = '\000' <repeats 15 times>, _S6_u32 = {0, 0, 0, 0}, __S6_align = 0}}, ip4 = {S_un = {S_un_b = {s_b1 = 0 '\000', s_b2 = 0 '\000', s_b3 = 0 '\000', s_b4 = 0 '\000'}, S_un_w = {s_w1 = 0, s_w2 = 0}, S_addr = 0}}}}, local_bits = 0, remote_bits = 0} wanted_modules = 0x0 error = 0xfef47940 <_uberdata> "" exec_args = 0x0 setting_name_filters = 0x0 i = 5 c = -1 ret = -4195172 ret2 = 4 config_path_specified = false expand_vars = false hide_key = false parse_full_config = false simple_output = false dump_defaults = false host_verify = false print_plugin_banner = true hide_passwords = true Joseph Tam <jtam.home at gmail.com>
On 9.7.2019 3.02, Joseph Tam via dovecot wrote:> > Hopefully, there is some fix for issue 3 which is beyond my > skill to fix. > > Issue 1) Need recent gcc version > > ????Building Dovecot versions <=2.2.x using gcc 3.4.4 worked, > ????but this gcc version fails to build 2.3.x properly: symptoms > ????include compile failures and executable crashes that depended > ????on the amount of optimization used, which is usually a sign of > ????compiler bugs.??? (It could also be issue 3 in disguise.) > > ????Either way, I updated to gcc 9.1.0. > > Issue 2) Cannot build with --enable-hardening > > ????Using gcc 9.1.0, "configure" step fails because fd passing was > ????broken, but the real problem was a compilation failure when > ????"--enable-hardening" is used.? Demonstration: > > ????# echo 'int main(){char a[1]; strcpy(a,a);} ' | gcc -w > -fstack-protector-strong -x c - > ????Undefined?????????????????????? first referenced > ???? symbol???????????????????????????? in file > ????__stack_chk_guard?????????????????? /var/tmp//cc12L9zV.o? (symbol > scope specifies local binding) > ????ld: fatal: symbol referencing errors. No output written to a.out > ????collect2: error: ld returned 1 exit status > > ????I'm not sure if this is a Solaris10 fumble, but configuring > ????"--disable-hardening" removes the "-fstack-protector-strong" > ????compiler option, which resolves this issue. > > Issue 3) dovecot/doveconf segfaults on startup > > ????It crashes here while processing dovecot.conf, as does "doveconf" > >Just to be sure ...? You did gmake clean; ./configure <opts>; gmake We'll look at the 3rd issue, the 2nd issue looks really odd, and I'm verging on compiler bug there. As for 1st, isn't gcc 3 rather old? Aki
On Tue, 9 Jul 2019, Aki Tuomi wrote:>> Hopefully, there is some fix for issue 3 which is beyond my >> skill to fix. >> >> Issue 1) Need recent gcc version >> Issue 2) Cannot build with --enable-hardening >> Issue 3) dovecot/doveconf segfaults on startup > > Just to be sure ... > > You did gmake clean; ./configure <opts>; gmakeI did a bazillion iterations of "make distclean; make; make install", so it's no problem to do it once more to make sure.> We'll look at the 3rd issue,Thank you.> the 2nd issue looks really odd, verging on compiler bug there.Googling "-fstack-protector-strong" and "__stack_chk_guard" brings up this issue often.> As for 1st, isn't gcc 3 rather old?Yeah. I hoped we could retire together, but gcc3 violated the adage "if it ain't broke, don't fix it". It broke, so ... Thanks again for looking into this. Joseph Tam <jtam.home at gmail.com>
On 9 Jul 2019, at 3.02, Joseph Tam via dovecot <dovecot at dovecot.org> wrote:> > Issue 3) dovecot/doveconf segfaults on startup > > It crashes here while processing dovecot.conf, as does "doveconf" > > (settings-parser.c:1519 in setting_copy()) > *dest_size = *src_size;This is correct code.> It appears *src_size is not an 8-byte address aligned (0x5597c). > It inherits this value from the calling routine as the sum of > "set" (8-byte aligned) + "def->offset"=20 => misaligned address. > > (settings-parser.c:1597 in settings_dup_full()) > src = CONST_PTR_OFFSET(set, def->offset); > > (gdb) p set > $2 = (const void *) 0x55968 > (gdb) p *def > $3 = {type = SET_SIZE, key = 0x2d548 "submission_max_mail_size", offset = 20, list_info = 0x0}This is unexpected. But I don't see how it's a Dovecot bug. It seems as if your compiler doesn't do padding correctly and then crashes because it didn't do it correctly. I guess you're compiling this as 32bit? Is size_t 32bit or 64bit? Can you try with the below small test program if it prints the same 20? #include <stdio.h> #include <stdbool.h> #include <stddef.h> #define in_port_t unsigned short struct submission_settings { bool verbose_proctitle; const char *rawlog_dir; const char *hostname; const char *login_greeting; const char *login_trusted_networks; /* submission: */ size_t submission_max_mail_size; unsigned int submission_max_recipients; const char *submission_client_workarounds; const char *submission_logout_format; /* submission backend: */ const char *submission_backend_capabilities; /* submission relay: */ const char *submission_relay_host; in_port_t submission_relay_port; bool submission_relay_trusted; const char *submission_relay_user; const char *submission_relay_master_user; const char *submission_relay_password; const char *submission_relay_ssl; bool submission_relay_ssl_verify; const char *submission_relay_rawlog_dir; unsigned int submission_relay_max_idle_time; unsigned int submission_relay_connect_timeout; unsigned int submission_relay_command_timeout; /* imap urlauth: */ const char *imap_urlauth_host; in_port_t imap_urlauth_port; int parsed_workarounds; }; int main(void) { struct submission_settings set; printf("offset = %ld\n", offsetof(struct submission_settings, submission_max_mail_size)); printf("size = %ld\n", sizeof(set.submission_max_mail_size)); return 0; }
On 09/07/2019 01:02, Joseph Tam via dovecot wrote:> Issue 2) Cannot build with --enable-hardening > > Using gcc 9.1.0, "configure" step fails because fd passing was > broken, but the real problem was a compilation failure when > "--enable-hardening" is used. Demonstration:See: https://dovecot.org/pipermail/dovecot/2019-January/114121.html> Issue 3) dovecot/doveconf segfaults on startup > > It crashes here while processing dovecot.conf, as does "doveconf" > > (settings-parser.c:1519 in setting_copy()) > *dest_size = *src_size; > > It appears *src_size is not an 8-byte address aligned (0x5597c). > It inherits this value from the calling routine as the sum of > "set" (8-byte aligned) + "def->offset"=20 => misaligned address.32 bit or 64bit? cflags? I use 32 bit cc 12.6 and have no problem. My test with gcc 9.1.0 didn't dump core either.
On 09/07/2019 06:35, Aki Tuomi via dovecot wrote:> As for 1st, isn't gcc 3 rather old?As is Solaris 10. Solaris 10 predates gcc4 and comes/came with gcc3. No one says we have keep using the system gcc3 exclusively. 9.1.0 works too. Solaris 10 03/05 = March 2005, release January 31, 2005 [1] gcc 4.0.0: April 20, 2005 [2] $ pkginfo -l SUNWgcc PKGINST: SUNWgcc NAME: gcc - The GNU C compiler CATEGORY: system ARCH: i386 VERSION: 11.10.0,REV=2005.01.08.01.09 BASEDIR: / VENDOR: Oracle Corporation DESC: GNU C - The GNU C compiler 3.4.3 PSTAMP: sfw10-patch-x20121120060015 ... 1. https://en.wikipedia.org/wiki/Solaris_%28operating_system%29#Version_history "supported until 2021" 2. https://www.gnu.org/software/gcc/releases.html
On Wed, 10 Jul 2019, Timo Sirainen wrote:> This is unexpected. But I don't see how it's a Dovecot bug. It seems > as if your compiler doesn't do padding correctly and then crashes > because it didn't do it correctly. I guess you're compiling this as > 32bit?Yes, 32-bit.> Is size_t 32bit or 64bit? > ... > Can you try with the below small test program if it prints the same 20? > ...(Output without compile flags -m64) offset = 20 size = 4 (Output with compile flags -m64) offset = 40 size = 8 Same output whether I use gcc 9.1.0 or Solaris c99. I'll try building 64bit executables but I think that means I'll have to build 64bit versions of third-party libraries. Joseph Tam <jtam.home at gmail.com>