[Dovecot] beta8: core, signal 11

Jeff A. Earickson jaearick at colby.edu
Fri May 19 16:12:26 EEST 2006 

Timo,

The gdb analysis is attached.  It looks like memory got seriously
stomped in this core dump.  There was no assert or other useful
information in the syslog.  My setup: Solaris 9, imap and imaps,
mbox format, INBOXes NFS mounted, index files on local ufs 
filesystem, beta8 configured like so:

VERSION=1.0.beta8
CC=gcc CFLAGS="-g -O" CPPFLAGS=-I/opt/openssl/include LDFLAGS=-L/opt/openssl/lib \
./configure --prefix=/opt/dovecot.$VERSION \
         --with-ssl=openssl \
         --with-ssldir=/opt/openssl/ssl \
         --with-sql-drivers=no \
         --disable-ipv6 \
          > configure.out

Jeff Earickson
Colby College
-------------- next part --------------
%gdb imap core.safaasse
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc-sun-solaris2.9"...
Core was generated by `imap'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libdl.so.1...done.
Loaded symbols for /usr/lib/libdl.so.1
Reading symbols from /usr/lib/libsocket.so.1...done.
Loaded symbols for /usr/lib/libsocket.so.1
Reading symbols from /usr/lib/libnsl.so.1...done.
Loaded symbols for /usr/lib/libnsl.so.1
Reading symbols from /usr/lib/librt.so.1...done.
Loaded symbols for /usr/lib/librt.so.1
Reading symbols from /usr/lib/libsendfile.so.1...done.
Loaded symbols for /usr/lib/libsendfile.so.1
Reading symbols from /usr/lib/libc.so.1...done.
Loaded symbols for /usr/lib/libc.so.1
Reading symbols from /usr/lib/libmp.so.2...done.
Loaded symbols for /usr/lib/libmp.so.2
Reading symbols from /usr/lib/libaio.so.1...done.
Loaded symbols for /usr/lib/libaio.so.1
Reading symbols from /usr/lib/libmd5.so.1...done.
Loaded symbols for /usr/lib/libmd5.so.1
Reading symbols from /usr/platform/SUNW,Ultra-1/lib/libc_psr.so.1...done.
Loaded symbols for /usr/platform/SUNW,Ultra-60/lib/libc_psr.so.1
#0  0xff1b455c in strlen () from /usr/lib/libc.so.1
(gdb) backtrace
#0  0xff1b455c in strlen () from /usr/lib/libc.so.1
#1  0xff207058 in _doprnt () from /usr/lib/libc.so.1
#2  0xff2090c8 in vsnprintf () from /usr/lib/libc.so.1
#3  0x00080f3c in str_vprintfa (str=0xa6be2, fmt=Cannot access memory at address 0x48
) at str.c:118
#4  0x00073f0c in internal_handler (log_type=-64 '?',
    format=0x2 <Address 0x2 out of bounds>, args=0x18) at failures.c:362
#5  0x00073f60 in i_internal_info_handler (
    fmt=0x49 <Address 0x49 out of bounds>, args=0x84288) at failures.c:400
#6  0x00074424 in i_info (format=0x84288 "Disconnected: %s") at failures.c:218
#7  0x000218c8 in client_disconnect (client=0x84288, reason=0x0)
    at client.c:119
#8  0x00021924 in client_disconnect_with_error (client=0xb1b40, msg=0x0)
    at client.c:130
#9  0x0001e818 in cmd_fetch_finish (ctx=Variable "ctx" is not available.
) at cmd-fetch.c:98
#10 0x0001eb0c in cmd_fetch (cmd=0x0) at cmd-fetch.c:176
#11 0x00022150 in _client_input (context=Variable "context" is not available.
) at client.c:375
#12 0x00079718 in io_loop_handler_run (ioloop=0xb1b40) at ioloop-poll.c:203
#13 0x00078f94 in io_loop_run (ioloop=0xaf440) at ioloop.c:274
#14 0x0002a560 in main (argc=717888, argv=0x1, envp=Variable "envp" is not available.
) at main.c:271
(gdb) up 4
#4  0x00073f0c in internal_handler (log_type=-64 '?',
    format=0x2 <Address 0x2 out of bounds>, args=0x18) at failures.c:362
362             str_vprintfa(str, format, args);
(gdb) print args
$1 = 0x18
(gdb) print *args
Attempt to dereference a generic pointer.
(gdb) print &args
Can't take address of "args" which isn't an lvalue.
(gdb) up
#5  0x00073f60 in i_internal_info_handler (
    fmt=0x49 <Address 0x49 out of bounds>, args=0x84288) at failures.c:400
400             (void)internal_handler('I', fmt, args);
(gdb) print *args
Attempt to dereference a generic pointer.
(gdb) print args
$2 = 0x84288
(gdb) print &args
Can't take address of "args" which isn't an lvalue.
(gdb) print **args
Attempt to dereference a generic pointer.
(gdb) up
#6  0x00074424 in i_info (format=0x84288 "Disconnected: %s") at failures.c:218
218             info_handler(format, args);
(gdb) print *format
$3 = 68 'D'
(gdb) up
#7  0x000218c8 in client_disconnect (client=0x84288, reason=0x0)
    at client.c:119
119             i_info("Disconnected: %s", reason);
(gdb) print *client
$4 = {fd_in = 1147761507, fd_out = 1869508197, io = 0x63746564,
  input = 0x3a202573, output = 0x0, namespaces = 0x0, mailbox = 0x2a204259,
  keywords = {pool = 0x45200000, keywords = {buffer = 0x42414420,
      element_size = 1165128303}}, select_counter = 1914726766,
  messages_count = 541674817, recent_count = 1344304225,
  last_input = 1731862528, last_output = 1111573536, bad_counter = 1165128303,
  parser = 0x7220696e, cmd = {client = 0x20494d41, pool = 0x5020636f,
    tag = 0x6d6d616e <Address 0x6d6d616e out of bounds>,
    name = 0x643a2000 <Address 0x643a2000 out of bounds>, func = 0,
    context = 0x42414420, uid = 0, param_error = 1}, disconnected = 0,
  destroyed = 1, command_pending = 1, input_pending = 1, output_pending = 0,
  rawlog = 0, input_skip_line = 1}
(gdb) up
#8  0x00021924 in client_disconnect_with_error (client=0xb1b40, msg=0x0)
    at client.c:130
130             client_disconnect(client, msg);
(gdb) print *client
$5 = {fd_in = 0, fd_out = 1, io = 0xaf4d8, input = 0xb1bd8, output = 0xb1d08,
  namespaces = 0xb1570, mailbox = 0xb8008, keywords = {pool = 0xb5dc0,
    keywords = {buffer = 0x0, element_size = 0}}, select_counter = 5,
  messages_count = 2, recent_count = 0, last_input = 1148017947,
  last_output = 0, bad_counter = 0, parser = 0xb1d58, cmd = {client = 0xb1b40,
    pool = 0xb3db8, tag = 0xb3de8 "0000000b", name = 0xb3df8 "FETCH",
    func = 0x1e864 <cmd_fetch>, context = 0x0, uid = 0, param_error = 0},
  disconnected = 0, destroyed = 0, command_pending = 0, input_pending = 0,
  output_pending = 0, rawlog = 0, input_skip_line = 1}
(gdb) up
#9  0x0001e818 in cmd_fetch_finish (ctx=Variable "ctx" is not available.
) at cmd-fetch.c:98
98                              client_disconnect_with_error(cmd->client, error);
(gdb) print ctx
Variable "ctx" is not available.
(gdb) print error
Variable "error" is not available.
(gdb) print cmd
$6 = (struct client_command_context *) 0x0
(gdb) quit

More information about the dovecot mailing list