OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Incoming/8784
Full headers

From: balaret@gmail.com
Subject: SIGBUS in mdb_page_touch
Compose comment
Download message
State:
0 replies:
1 followups: 1

Major security issue: yes  no

Notes:

Notification:


Date: Thu, 07 Dec 2017 17:19:48 +0000
From: balaret@gmail.com
To: openldap-its@OpenLDAP.org
Subject: SIGBUS in mdb_page_touch
Full_Name: Sergey Z
Version: LMDB_0.9.19
OS: Android
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2620:119:5001:2242:9215:2763:ff1b:ae35)


Hey guys,

We are using LMDB 0.9.19 in our Android project and sometimes we are getting
SIGBUS in mdb_page_touch(). We can't reproduce this issue on our side but we
have plenty of crash reports from our users (about 400 daily):

SIGBUS
	libLMDBAndroid.so.mdb_page_touch ( mdb .c :2412)
	libLMDBAndroid.so.mdb_page_search ( mdb .c :5610)
	libLMDBAndroid.so.mdb_freelist_save ( mdb .c :3128)
	libLMDBAndroid.so.mdb_txn_commit ( mdb .c :3606)

This is probably a platform specific issue because 95% of crashes happened on
Android 7.0. 

I would greatly appreciate if you help to shed a light on this - any ideas what
might goes wrong or what might cause such an issue.

Thank you,
Sergey

Followup 1

Download message
Subject: Re: (ITS#8784) SIGBUS in mdb_page_touch
To: balaret@gmail.com, openldap-its@OpenLDAP.org
From: Howard Chu <hyc@symas.com>
Date: Fri, 8 Dec 2017 18:35:14 +0000
balaret@gmail.com wrote:
> Full_Name: Sergey Z
> Version: LMDB_0.9.19
> OS: Android
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (2620:119:5001:2242:9215:2763:ff1b:ae35)
> 
> 
> Hey guys,
> 
> We are using LMDB 0.9.19 in our Android project and sometimes we are
getting
> SIGBUS in mdb_page_touch(). We can't reproduce this issue on our side but
we
> have plenty of crash reports from our users (about 400 daily):
> 
> SIGBUS
> 	libLMDBAndroid.so.mdb_page_touch ( mdb .c :2412)
> 	libLMDBAndroid.so.mdb_page_search ( mdb .c :5610)
> 	libLMDBAndroid.so.mdb_freelist_save ( mdb .c :3128)
> 	libLMDBAndroid.so.mdb_txn_commit ( mdb .c :3606)
> 
> This is probably a platform specific issue because 95% of crashes happened
on
> Android 7.0.
> 
> I would greatly appreciate if you help to shed a light on this - any ideas
what
> might goes wrong or what might cause such an issue.

I've encountered this as well. I believe there's a bug in the Android FUSE 
filesystem driver. Every time I've analyzed one of these crashes in the 
debugger, the relevant addresses are perfectly valid, which leads me to 
believe there's a race condition in their page fault handler. I.e., eventually 
the handler returns a valid memory page but the application has been killed 
before the handler completes. Then, by the time the debugger gets control, all 
of memory looks valid.

If you root the device and mount the storage partition directly, bypassing the 
Android FUSE filesystem, you'll find that these crashes all disappear - even 
if using the same storage device as before. Which again points to a bug in 
their FUSE filesystem driver. But I haven't been able to pinpoint the bug in 
their FUSE driver source code yet. I suggest you focus your debugging efforts 
there.
> 
> Thank you,
> Sergey
> 
> 


-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/


Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org