Re: (ITS#8819) LMDB seg fault with MDB_DUPSORT on -O3 - openldap-bugs

20 Mar 2018


      nic@nicwatson.org wrote:
...
That's news to me. Then I googled it. You're right.
...
From https://wiki.sei.cmu.edu/confluence/display/c/EXP36-C.+Do+not+cast+pointers+...
The C Standard, 6.3.2.3, paragraph 7 [ISO/IEC 9899:2011], states
A pointer to an object or incomplete type may be converted to a
pointer to a different object or incomplete type. If the resulting
pointer is not correctly aligned for the referenced type, the behavior
is undefined.
Nic
On Tue, Mar 20, 2018 at 9:41 AM, Hallvard Breien Furuseth
h.b.furuseth@usit.uio.no wrote:
...
Looks like another type aliasing problem to me.  The data is accessed
through an MDB_page* variable.  This tells the compiler that the data
is word-aligned, like struct MDB_page.  Fix: Use a void/char pointer,
don't lie to the compiler.
Good catch.
We once discussed padding odd-length keys to make sure the data was still 
word-aligned. Maybe should do that in LMDB 1.0. This particular crash is now 
fixed in mdb.master. I've left other derefs of *fp alone for the moment but 
may need to revisit that later; older ARM and SPARC would probably choke on them.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/