On Thu, 29 Oct 2009 12:38:22 -0400 Timo Sirainen tss@iki.fi wrote:
On Thu, 2009-10-29 at 12:11 +0200, Nikita Koshikov wrote:
On Wed, 28 Oct 2009 14:17:52 -0400 Timo Sirainen tss@iki.fi wrote:
On Wed, 2009-10-28 at 10:39 +0200, Nikita Koshikov wrote:
Oct 26 15:26:38 IMAP(gozhda.a@domain.com): Panic: data stack: Out of memory when allocating 268435472 bytes Oct 26 15:26:38 IMAP(gozhda.a@domain.com): Error: *** glibc detected *** imap: double free or corruption (!prev): 0x0812ba00 ***
Oh, the double free is because of broken handling of out-of-memory error. http://hg.dovecot.org/dovecot-1.2/rev/acfef2f0fec3 probably fixes that.
Sorry, but this patch didn't help.
Not with the "out of memory", but did it get rid of the "double free or corruption" error?
Hmm. So I guess there's no memory corruption causing this, but I don't really see why it would try to allocate that much memory. 268435472 in hex is 0x10000010, which is an interesting number but doesn't really help much either. 268435456 is 256M which is max mail_process_size config setting, maybe this values is in use ?
I guess it's just exponentially increasing the buffer size then until it reaches mail_process_size.
I recompile dovecot binaries with debug symbols, but seemed that gdb backtrace is broken.
Yeah, it is. Hmm. Since the core isn't working, can you attach gdb to imap process while it's still running? So something like:
- open the account so imap process starts
- gdb -p <imap process pid>
- gdb command: c
- cause imap to crash -> gdb should stop
- gdb command: bt full
I found I way, to switch crash under telnet session and attach gdb to process, but this didn't produce valid trace:
GNU gdb 6.8 Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu". Attaching to process 29952 Reading symbols from /usr/libexec/dovecot/imap...(no debugging symbols found)...done. Reading symbols from /lib/libdl.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/libdl.so.2 Reading symbols from /lib/librt.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/librt.so.1 Reading symbols from /lib/libc.so.6...(no debugging symbols found)...done. Loaded symbols for /lib/libc.so.6 Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done. Loaded symbols for /lib/ld-linux.so.2 Reading symbols from /lib/libpthread.so.0... (no debugging symbols found)...done. [Thread debugging using libthread_db enabled] [New Thread 0xb7dccac0 (LWP 29952)] Loaded symbols for /lib/libpthread.so.0 Reading symbols from /usr/lib/dovecot/imap/lib10_quota_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib/dovecot/imap/lib10_quota_plugin.so Reading symbols from /usr/lib/dovecot/imap/lib11_imap_quota_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib/dovecot/imap/lib11_imap_quota_plugin.so Reading symbols from /usr/lib/dovecot/imap/lib11_trash_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib/dovecot/imap/lib11_trash_plugin.so Reading symbols from /usr/lib/dovecot/imap/lib20_autocreate_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib/dovecot/imap/lib20_autocreate_plugin.so Reading symbols from /usr/lib/dovecot/imap/lib20_expire_plugin.so... (no debugging symbols found)...done. Loaded symbols for /usr/lib/dovecot/imap/lib20_expire_plugin.so Reading symbols from /usr/lib/dovecot/imap/lib20_virtual_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib/dovecot/imap/lib20_virtual_plugin.so Reading symbols from /usr/lib/dovecot/imap/lib20_zlib_plugin.so...(no debugging symbols found)...done. Loaded symbols for /usr/lib/dovecot/imap/lib20_zlib_plugin.so Reading symbols from /lib/libz.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libz.so.1 Reading symbols from /lib/libbz2.so.1...(no debugging symbols found)...done. Loaded symbols for /lib/libbz2.so.1
(no debugging symbols found) 0xffffe424 in __kernel_vsyscall () (gdb) cont Continuing. (no debugging symbols found)
Program received signal SIGABRT, Aborted. [Switching to Thread 0xb7dccac0 (LWP 29952)] 0xffffe424 in __kernel_vsyscall () (gdb) quit The program is running. Quit anyway (and detach it)? (y or n) yes Detaching from program: /usr/libexec/dovecot/imap, process 29952