[Dovecot] crash in mail_cache_transaction_reset on rc22

Dan Price dp at eng.sun.com
Tue Feb 20 22:54:52 UTC 2007 

I've not been able to roll out rc23 yet (tonight, I hope) but I just
saw a crash which I'm not sure I've seen reported before, following a server
outage (that is to say, the server came back up and one of the users had a
dovecot core).

#0  0x0005d720 in mail_cache_transaction_reset (ctx=0xcf928)
    at mail-cache-transaction.c:71
No locals.
#1  0x0005e8bc in mail_cache_add (ctx=0xcf928, seq=233, field=4294967295, 
    data=0xb7600, data_size=1063) at mail-cache-transaction.c:752
        file_field = 19
        data_size32 = 1063
        fixed_size = 4294967295
        full_size = 831272
        __PRETTY_FUNCTION__ = "mail_cache_add"
#2  0x00057160 in index_mail_parse_header (part=0xe9, hdr=0x14, mail=0xd33e8)
    at index-mail-headers.c:125
        data = (struct index_mail_data *) 0xd3450
        cache_field_name = 0xe9 <Address 0xe9 out of bounds>
        field_idx = 0
        count = 21
        match = (uint8_t *) 0xcf928 ""
        __PRETTY_FUNCTION__ = "index_mail_parse_header"
#3  0x00079848 in _read (stream=0xe2aa0) at istream-header-filter.c:173
        ret = 0
        pos = 854336
#4  0x00085818 in i_stream_read (stream=0xe2ac8) at istream.c:58
        _stream = (struct _istream *) 0xcaf28
#5  0x00085ca4 in i_stream_read_data (stream=0xe2ac8, data=0xffbff5ec, 
    size=0xffbff5e8, threshold=1) at istream.c:250
        ret = 0
        read_more = false
#6  0x0007e8c4 in message_get_body_size (input=0xe2ac8, body=0xffbff660, 
    has_nuls=0x0) at message-size.c:105
        msg = (
    const unsigned char *) 0xe2cf7 "\ndary_(ID_/CFD74Co3EWCZqYkdHlE8A)\"\r\nt>\r\nSS at cox.net>,\r\nil.com>,\r\n\r\n"
        i = 0
---Type <return> to continue, or q <return> to quit---
        size = 1
        missing_cr_count = 0
        __PRETTY_FUNCTION__ = "message_get_body_size"
#7  0x0002e5e4 in fetch_body_header_fields (ctx=0xc6a08, mail=0xffbff660, 
    context=0xc6c98) at imap-fetch-body.c:448
        size = {physical_size = 1357, virtual_size = 0, lines = 26}
        old_offset = Unhandled dwarf expression opcode 0x93


-- 
Daniel Price - Solaris Kernel Engineering - dp at eng.sun.com - blogs.sun.com/dp

More information about the dovecot mailing list