memory access woes in bogofilter or db-4.0.14?

Matthias Andree matthias.andree at gmx.de
Wed Jan 8 03:41:25 CET 2003 

Hi,

I have a tough one. gcc 3.2, gcc 2.95.4 (FreeBSD), db-4.0.14, current
CVS (i. e. 2003-01-08 02:20 GMT), ix86 Linux or FreeBSD. I am running
make check under valgrind 1.9.3 or ElectricFence 2.2.2 supervision and
get illegal accesses.  Here's the patch that I'm using on top of the CVS
code. If I run efence (LD_PRELOAD=...) instead of valgrind, I get a
SIGSEGV on Linux and a SIGBUS on FreeBSD, with identical location and
backtrace. Is that our bug or a SleepyCat bug? Can anyone confirm this?
Whose make check passes in spite of valgrind or efence being used and
without complaining? If so, which DB version are you using? I suspect an
off-by-one error somewhere. If there is such a problem, we might also
figure if that causes the DB corruption we're observing.

Index: t.systest
===================================================================
RCS file: /cvsroot/bogofilter/bogofilter/tests/t.systest.d/Attic/t.systest,v
retrieving revision 1.1.2.6
diff -u -r1.1.2.6 t.systest
--- t.systest	4 Jan 2003 02:49:25 -0000	1.1.2.6
+++ t.systest	8 Jan 2003 02:29:08 -0000
@@ -20,7 +20,7 @@
 mkdir -p ${TMPDIR}/tests
 
 CONFIG="${TMPDIR}/test.cf"
-BOGOFILTER="${relpath}/bogofilter -c ${CONFIG} -y 0"
+BOGOFILTER="valgrind --num-callers=32 ${relpath}/bogofilter -c ${CONFIG} -y 0"
 BOGOUTIL="${relpath}/bogoutil"
 SYSTEST="${srcdir}"
 
valgrind report:

==21505== Invalid read of size 1
==21505==    at 0x804B8ED: db_get_dbvalue (datastore_db.c:174)
==21505==    by 0x804B7F6: db_getvalue (datastore_db.c:133)
==21505==    by 0x804BC01: db_getcount (datastore_db.c:291)
==21505==    by 0x804DBC3: register_words (register.c:72)
==21505==    by 0x804DCC2: register_messages (register.c:162)
==21505==    by 0x8049628: main (main.c:172)
==21505==    by 0x403024A1: __libc_start_main (in /lib/libc.so.6)
==21505==    by 0x8049390: (within /home/emma/cvs-3rdparty/bogofilter-mime/bogofilter)
==21505==    Address 0x411B3EF4 is 0 bytes after a block of size 4 alloc'd
==21505==    at 0x4015D50F: malloc (vg_clientfuncs.c:100)
==21505==    by 0x402C53F7: __os_malloc (in /usr/lib/libdb-4.0.so)
==21505==    by 0x402C54C5: __os_realloc (in /usr/lib/libdb-4.0.so)
==21505==    by 0x40293131: __db_retcopy (in /usr/lib/libdb-4.0.so)
==21505==    by 0x40292FA4: __db_ret (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4028481E: __db_c_get (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4027EC55: __db_get (in /usr/lib/libdb-4.0.so)
==21505==    by 0x804B8B7: db_get_dbvalue (datastore_db.c:170)
==21505==    by 0x804B7F6: db_getvalue (datastore_db.c:133)
==21505==    by 0x804BC01: db_getcount (datastore_db.c:291)
==21505==    by 0x804DBC3: register_words (register.c:72)
==21505==    by 0x804DCC2: register_messages (register.c:162)
==21505==    by 0x8049628: main (main.c:172)
==21505==    by 0x403024A1: __libc_start_main (in /lib/libc.so.6)
==21505==    by 0x8049390: (within /home/emma/cvs-3rdparty/bogofilter-mime/bogofilter)
==21505== 
==21505== Invalid read of size 1
==21505==    at 0x804B8ED: db_get_dbvalue (datastore_db.c:174)
==21505==    by 0x804B7F6: db_getvalue (datastore_db.c:133)
==21505==    by 0x804BB59: db_increment (datastore_db.c:267)
==21505==    by 0x804DB1E: register_words (register.c:107)
==21505==    by 0x804DCC2: register_messages (register.c:162)
==21505==    by 0x8049628: main (main.c:172)
==21505==    by 0x403024A1: __libc_start_main (in /lib/libc.so.6)
==21505==    by 0x8049390: (within /home/emma/cvs-3rdparty/bogofilter-mime/bogofilter)
==21505==    Address 0x411B3EF4 is 0 bytes after a block of size 4 alloc'd
==21505==    at 0x4015D50F: malloc (vg_clientfuncs.c:100)
==21505==    by 0x402C53F7: __os_malloc (in /usr/lib/libdb-4.0.so)
==21505==    by 0x402C54C5: __os_realloc (in /usr/lib/libdb-4.0.so)
==21505==    by 0x40293131: __db_retcopy (in /usr/lib/libdb-4.0.so)
==21505==    by 0x40292FA4: __db_ret (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4028481E: __db_c_get (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4027EC55: __db_get (in /usr/lib/libdb-4.0.so)
==21505==    by 0x804B8B7: db_get_dbvalue (datastore_db.c:170)
==21505==    by 0x804B7F6: db_getvalue (datastore_db.c:133)
==21505==    by 0x804BC01: db_getcount (datastore_db.c:291)
==21505==    by 0x804DBC3: register_words (register.c:72)
==21505==    by 0x804DCC2: register_messages (register.c:162)
==21505==    by 0x8049628: main (main.c:172)
==21505==    by 0x403024A1: __libc_start_main (in /lib/libc.so.6)
==21505==    by 0x8049390: (within /home/emma/cvs-3rdparty/bogofilter-mime/bogofilter)
==21505== 
==21505== Syscall param pwrite(buf) contains uninitialised or unaddressable byte(s)
==21505==    at 0x403A79E1: __libc_pwrite64 (in /lib/libc.so.6)
==21505==    by 0x402C6C5F: __os_io (in /usr/lib/libdb-4.0.so)
==21505==    by 0x402BF81D: __memp_pgwrite (in /usr/lib/libdb-4.0.so)
==21505==    by 0x402C4A84: __memp_fsync_int (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4027F25F: __db_sync (in /usr/lib/libdb-4.0.so)
==21505==    by 0x804BC55: db_flush (datastore_db.c:315)
==21505==    by 0x804DB85: register_words (register.c:114)
==21505==    by 0x804DCC2: register_messages (register.c:162)
==21505==    by 0x8049628: main (main.c:172)
==21505==    by 0x403024A1: __libc_start_main (in /lib/libc.so.6)
==21505==    by 0x8049390: (within /home/emma/cvs-3rdparty/bogofilter-mime/bogofilter)
==21505==    Address 0x41145B7A is 215762 bytes inside a block of size 270336 alloc'd
==21505==    at 0x4015D50F: malloc (vg_clientfuncs.c:100)
==21505==    by 0x402C53F7: __os_malloc (in /usr/lib/libdb-4.0.so)
==21505==    by 0x402C693B: __os_r_attach (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4029F215: __db_r_attach (in /usr/lib/libdb-4.0.so)
==21505==    by 0x402C270A: __memp_open (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4029AEFB: __dbenv_open (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4027BE40: __db_dbenv_setup (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4027B650: __db_dbopen (in /usr/lib/libdb-4.0.so)
==21505==    by 0x4027B42D: __db_open (in /usr/lib/libdb-4.0.so)
==21505==    by 0x804B760: db_open (datastore_db.c:98)
==21505==    by 0x804EC90: open_wordlist (wordlists.c:32)
==21505==    by 0x804EE4C: open_wordlists (wordlists.c:118)
==21505==    by 0x80495C8: main (main.c:84)
==21505==    by 0x403024A1: __libc_start_main (in /lib/libc.so.6)
==21505==    by 0x8049390: (within /home/emma/cvs-3rdparty/bogofilter-mime/bogofilter)
==21505== 
==21505== ERROR SUMMARY: 445 errors from 3 contexts (suppressed: 0 from 0)

-- 
Matthias Andree

More information about the bogofilter-dev mailing list