[Dovecot] A few rc17 imap crashes

Chris Wakelin c.d.wakelin at reading.ac.uk
Wed Jan 17 18:49:01 UTC 2007



Chris Wakelin wrote:
> If I'm right, and it's the processing of these index files causing the
> memory corruption, I should be able to reproduce it using the recovered
> files on my test server. I can then try your debugging patches and the
> latest fixes.
> 
> Best Wishes,
> Chris
> 

Just thought I'd update you with what I've managed!

Well I've got one folder plus index directory that causes a segfault
crash both times I've tried on the test machine (just "SELECT"/"UID
FETCH * BODY[]"/"LOGOUT"):

> #0  0xff1c2974 in t_splay () from /usr/lib/libc.so.1
> #1  0xff1c27e0 in t_delete () from /usr/lib/libc.so.1
> #2  0xff1c23e4 in realfree () from /usr/lib/libc.so.1
> #3  0xff1c2cb8 in cleanfree () from /usr/lib/libc.so.1
> #4  0xff1c1dec in _malloc_unlocked () from /usr/lib/libc.so.1
> #5  0xff1c1ce0 in malloc () from /usr/lib/libc.so.1
> #6  0xff1b617c in calloc () from /usr/lib/libc.so.1
> #7  0x89c18 in pool_system_malloc (pool=0xb66f0, size=28)
>     at mempool-system.c:67
> #8  0x86d7c in timeout_add (msecs=1000,
>     callback=0x55660 <index_removal_timeout>, context=0x0) at ioloop.c:146
> #9  0x55734 in index_storage_unref (index=0xb6800) at index-storage.c:192
> #10 0x55d54 in index_storage_mailbox_free (box=0xc8708) at index-storage.c:395
> #11 0x38efc in mbox_storage_close (box=0x0) at mbox-storage.c:1086
> #12 0x715f8 in mailbox_close (_box=0xc2778) at mail-storage.c:373
> #13 0x20e00 in cmd_logout (cmd=0xc27a4) at cmd-logout.c:18
> #14 0x23334 in client_handle_input (cmd=0xc27a4) at client.c:331
> #15 0x232b4 in client_handle_input (cmd=0xc27a4) at client.c:388
> #16 0x23430 in _client_input (context=0xc2760) at client.c:428
> #17 0x87924 in io_loop_handler_run (ioloop=0xbf838) at ioloop-poll.c:199
> #18 0x87184 in io_loop_run (ioloop=0xbf838) at ioloop.c:281
> #19 0x2c658 in main (argc=0, argv=0xffbef5dc, envp=0xffbef5ec) at main.c:280

but no "Corrupted Index" error message like there was on the original.

I've tried adding the memdebug*.diff patches, but hit problems with the
lack of a walkcontext function (after originally having problems with
Makefile.am and a broken autoreconf on the Solaris box - I ran
autoreconf on a Linux box in the end!)

I tried the same folder on a Linux installation of 1.0-rc17, but that
was 64-bit, whereas my Solaris version is 32-bit, and so the index was
just invalid. I'm now trying to compile a 32-bit Linux version to try
instead.

I've tried to apply the patches you suggested from CVS, but they fail.
You've not been building nightly CVS snapshots, so I guess I'll have to
use cvs and autoreconf on the Linux box to make my own!

Best Wishes,
Chris

-- 
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin,                           c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading,  Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK              Fax: +44 (0)118 975 3094


More information about the dovecot mailing list