[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#331519: libc6.1: unaligned access in nscd_helper's get_mapping

Package: libc6.1
Version: 2.3.5-6
Severity: minor


On ia64, we keep getting kernel messages like this:
zsh(23995): unaligned access to 0x60000fffffffb264, ip=0x200000000040e8d1
zsh(23995): unaligned access to 0x60000fffffffb264, ip=0x200000000040e8d1

Running it through gdb reveals that lines 186 and 204 or nscd/nscd_helper.c
hold the issue:

     char buf[CMSG_SPACE (sizeof (int))];
     struct msghdr msg = { .msg_iov = iov, .msg_iovlen = 1,
                           .msg_control = buf, .msg_controllen = sizeof (buf) };
     struct cmsghdr *cmsg = CMSG_FIRSTHDR (&msg);

     cmsg->cmsg_level = SOL_SOCKET;
     cmsg->cmsg_type = SCM_RIGHTS;
186  cmsg->cmsg_len = CMSG_LEN (sizeof (int));
     *(int *) CMSG_DATA (cmsg) = -1;
     msg.msg_controllen = cmsg->cmsg_len;

     if (TEMP_FAILURE_RETRY (__recvmsg (sock, &msg, 0)) != keylen)
       goto out_close2;
     mapfd = *(int *) CMSG_DATA (cmsg);
204  if (CMSG_FIRSTHDR (&msg)->cmsg_len != CMSG_LEN (sizeof (int)))
       goto out_close;
     struct stat64 st;
     if (strcmp (resdata, key) != 0

The problem seems to be that, since it is a char array, buf is not necessarily
8-byte aligned, while it needs to be for ia64 to access the 8-byte wide
cmsg_len field.


-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable')
Architecture: ia64
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-1-mckinley-smp
Locale: LANG=fr_FR@euro, LC_CTYPE=fr_FR@euro (charmap=ISO-8859-15)

-- no debconf information

Reply to: