[Dovecot] 1.1.3: imap crashes with SIGSEGV

Ralf Hildebrandt Ralf.Hildebrandt at charite.de
Tue Sep 9 17:03:19 EEST 2008


2 backtraces:

GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
Reading symbols from /lib/i686/cmov/libdl.so.2...Reading symbols from /usr/lib/debug/lib/i686/cmov/libdl-2.7.so...done.
done.
Loaded symbols for /lib/i686/cmov/libdl.so.2
Reading symbols from /lib/i686/cmov/libc.so.6...Reading symbols from /usr/lib/debug/lib/i686/cmov/libc-2.7.so...done.
done.
Loaded symbols for /lib/i686/cmov/libc.so.6
Reading symbols from /lib/ld-linux.so.2...Reading symbols from /usr/lib/debug/lib/ld-2.7.so...done.
done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/local/lib/dovecot/imap/lib10_quota_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib10_quota_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib11_trash_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib11_trash_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib20_fts_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib20_fts_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib20_mail_log_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib20_mail_log_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so
Reading symbols from /usr/lib/gconv/ISO8859-1.so...Reading symbols from /usr/lib/debug/usr/lib/gconv/ISO8859-1.so...done.
done.
Loaded symbols for /usr/lib/gconv/ISO8859-1.so
Core was generated by `/usr/local/libexec/dovecot/imap'.
Program terminated with signal 11, Segmentation fault.
[New process 11830]
#0  array_idx_modifiable_i (array=0x87e34b4, idx=0) at array.c:11
11		if (pos >= array->buffer->used) {
#0  array_idx_modifiable_i (array=0x87e34b4, idx=0) at array.c:11
	pos = 0
#1  0x080c4c28 in mail_index_sync_ext_reset (ctx=0xbfe14740, u=0xbfe146b0)
    at mail-index-sync-ext.c:518
	map = (struct mail_index_map *) 0x87e3428
	ext_hdr = <value optimized out>
	ext = <value optimized out>
#2  0x080b6a69 in mail_index_sync_record (ctx=0xbfe14740, hdr=0x87e2f70, 
    data=0x87e3a60) at mail-index-sync-update.c:546
	rec = {new_reset_id = 1166087195, preserve_data = 0 '\0', 
  unused_padding = "\000\000"}
	ret = <value optimized out>
#3  0x080b705f in mail_index_sync_map (_map=0x87b30d0, 
    type=MAIL_INDEX_SYNC_HANDLER_HEAD, force=true)
    at mail-index-sync-update.c:828
	_data_stack_cur_id = 5
	map = <value optimized out>
	index = (struct mail_index *) 0x87b3098
	view = (struct mail_index_view *) 0x87e2e50
	sync_map_ctx = {view = 0x87e2e50, cur_ext_map_idx = 0, 
  ext_intro_seq = 4, ext_intro_offset = 29272, ext_intro_end_offset = 29300, 
  expunge_handlers = {arr = {buffer = 0x0, element_size = 0}, v = 0x0, 
    v_modifiable = 0x0}, extra_contexts = {arr = {buffer = 0x0, 
      element_size = 0}, v = 0x0, v_modifiable = 0x0}, 
  unknown_extensions = 0x87e2fd0, type = MAIL_INDEX_SYNC_HANDLER_HEAD, 
  sync_handlers_initialized = 0, expunge_handlers_set = 0, 
  expunge_handlers_used = 0, cur_ext_ignore = 1, internal_update = 0, 
  errors = 1}
	thdr = (const struct mail_transaction_header *) 0x87e2f70
	tdata = (const void *) 0x87e3a60
	prev_seq = 4
	start_offset = <value optimized out>
	prev_offset = 29300
	ret = 1
	had_dirty = false
	reset = false
	__PRETTY_FUNCTION__ = "mail_index_sync_map"
#4  0x080b078f in mail_index_map (index=0x87b3098, 
    type=MAIL_INDEX_SYNC_HANDLER_HEAD) at mail-index-map.c:953
	ret = <value optimized out>
	__PRETTY_FUNCTION__ = "mail_index_map"
#5  0x080ad1d3 in mail_index_try_open (index=0x87b3098) at mail-index.c:290
	ret = 0
	__PRETTY_FUNCTION__ = "mail_index_try_open"
#6  0x080ad52f in mail_index_open (index=0x87b3098, flags=49, 
    lock_method=FILE_LOCK_METHOD_FCNTL) at mail-index.c:354
	ret = <value optimized out>
	__PRETTY_FUNCTION__ = "mail_index_open"
#7  0x080a14dc in index_storage_mailbox_open (ibox=0x87c6248)
    at index-storage.c:383
	storage = (struct mail_storage *) 0x87aacc0
	index_flags = 49
	ret = <value optimized out>
	__PRETTY_FUNCTION__ = "index_storage_mailbox_open"
#8  0x08070bbb in maildir_open (storage=0x87aacc0, name=0x87af6ee "Drafts", 
    flags=0) at maildir-storage.c:448
	mbox = (struct maildir_mailbox *) 0x87c6248
	index = <value optimized out>
	path = 0x879f120 "/home/n/i/nivanov/Maildir/.Drafts"
	st = {st_dev = 13257686650873676099, __pad1 = 65024, __st_ino = 0, 
  st_mode = 0, st_nlink = 6076788, st_uid = 16832, st_gid = 2, 
  st_rdev = 429496771878, __pad2 = 0, st_size = 0, st_blksize = 12288, 
  st_blocks = 17592186044416, st_atim = {tv_sec = 24, tv_nsec = 0}, st_mtim = {
    tv_sec = 1219648514, tv_nsec = 0}, st_ctim = {tv_sec = 1219648514, 
    tv_nsec = 0}, st_ino = 1220756980}
	pool = <value optimized out>
#9  0x08070d24 in maildir_mailbox_open (_storage=0x87aacc0, 
    name=0x87af6ee "Drafts", input=0x0, flags=0) at maildir-storage.c:512
	path = 0x879f0d0 "/home/n/i/nivanov/Maildir/.Drafts"
	st = {st_dev = 4294967296, __pad1 = 31232, __st_ino = 3219212984, 
  st_mode = 135152563, st_nlink = 142300336, st_uid = 3086801588, 
  st_gid = 3086808264, st_rdev = 13257686356386956228, __pad2 = 25160, 
  st_size = 284128058446176, st_blksize = 2, st_blocks = -5188549690060539440, 
  st_atim = {tv_sec = 0, tv_nsec = 142257428}, st_mtim = {tv_sec = 0, 
    tv_nsec = -1075754280}, st_ctim = {tv_sec = 135086614, 
    tv_nsec = 142257536}, st_ino = 17179869184}
	ret = <value optimized out>
#10 0xb7e7b1ca in mail_log_mailbox_open (storage=0x87aacc0, 
    name=0x87af6ee "Drafts", input=0x0, flags=0) at mail-log-plugin.c:450
	box = (struct mailbox *) 0xbfe14b18
#11 0xb7e8c67a in quota_mailbox_open (storage=0x87aacc0, 
    name=0x87af6ee "Drafts", input=0x0, flags=0) at quota-storage.c:366
	box = (struct mailbox *) 0x0
#12 0x080a5599 in mailbox_open (storage=0x87aacc0, name=0x87af6ee "Drafts", 
    input=0x0, flags=0) at mail-storage.c:459
	_data_stack_cur_id = 4
	box = <value optimized out>
#13 0x08060d4c in cmd_select_full (cmd=0x87ab5f0, readonly=false)
    at cmd-select.c:32
	client = (struct client *) 0x87ab3a8
	storage = (struct mail_storage *) 0x87aacc0
	box = (struct mailbox *) 0x0
	status = {messages = 3219213272, recent = 6, unseen = 0, 
  uidvalidity = 8054608, uidnext = 0, first_unseen_seq = 142253680, 
  keywords = 0x14}
	mailbox = 0x87af6ee "Drafts"
#14 0x08060f39 in cmd_select (cmd=0x87ab5f0) at cmd-select.c:88
No locals.
#15 0x080627dc in client_command_input (cmd=0x87ab5f0) at client.c:580
	client = (struct client *) 0x87ab3a8
	command = <value optimized out>
	__PRETTY_FUNCTION__ = "client_command_input"
#16 0x0806286f in client_command_input (cmd=0x87ab5f0) at client.c:629
	client = (struct client *) 0x87ab3a8
	command = (struct command *) 0x0
	__PRETTY_FUNCTION__ = "client_command_input"
#17 0x08062e6d in client_handle_input (client=<value optimized out>)
    at client.c:670
	_data_stack_cur_id = 3
	ret = <value optimized out>
	remove_io = <value optimized out>
	handled_commands = false
#18 0x0806337e in client_input (client=0x87ab3a8) at client.c:725
	cmd = <value optimized out>
	output = (struct ostream *) 0x87ab52c
	bytes = <value optimized out>
	__PRETTY_FUNCTION__ = "client_input"
#19 0x080dde90 in io_loop_handler_run (ioloop=0x87a79b0) at ioloop-epoll.c:203
	ctx = (struct ioloop_handler_context *) 0x87a7aa8
	event = (const struct epoll_event *) 0x87a7ae8
	list = (struct io_list *) 0x87a85c0
	io = (struct io_file *) 0x87ab588
	tv = {tv_sec = 1799, tv_usec = 999646}
	t_id = 2
	msecs = <value optimized out>
	ret = 1
	i = 0
	j = 0
	call = <value optimized out>
#20 0x080dd300 in io_loop_run (ioloop=0x87a79b0) at ioloop.c:320
No locals.
#21 0x0806b4ea in main (argc=) at main.c:293
No locals.

AND:

GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
Reading symbols from /lib/i686/cmov/libdl.so.2...Reading symbols from /usr/lib/debug/lib/i686/cmov/libdl-2.7.so...done.
done.
Loaded symbols for /lib/i686/cmov/libdl.so.2
Reading symbols from /lib/i686/cmov/libc.so.6...Reading symbols from /usr/lib/debug/lib/i686/cmov/libc-2.7.so...done.
done.
Loaded symbols for /lib/i686/cmov/libc.so.6
Reading symbols from /lib/ld-linux.so.2...Reading symbols from /usr/lib/debug/lib/ld-2.7.so...done.
done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/local/lib/dovecot/imap/lib10_quota_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib10_quota_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib11_imap_quota_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib11_trash_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib11_trash_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib20_fts_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib20_fts_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib20_mail_log_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib20_mail_log_plugin.so
Reading symbols from /usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so...done.
Loaded symbols for /usr/local/lib/dovecot/imap/lib21_fts_squat_plugin.so
Reading symbols from /usr/lib/gconv/ISO8859-1.so...Reading symbols from /usr/lib/debug/usr/lib/gconv/ISO8859-1.so...done.
done.
Loaded symbols for /usr/lib/gconv/ISO8859-1.so
Core was generated by `/usr/local/libexec/dovecot/imap'.
Program terminated with signal 11, Segmentation fault.
[New process 12786]
#0  array_idx_modifiable_i (array=0x8bb61b4, idx=0) at array.c:11
11		if (pos >= array->buffer->used) {
#0  array_idx_modifiable_i (array=0x8bb61b4, idx=0) at array.c:11
	pos = 0
#1  0x080c4c28 in mail_index_sync_ext_reset (ctx=0xbfcbcdf0, u=0xbfcbcd60)
    at mail-index-sync-ext.c:518
	map = (struct mail_index_map *) 0x8bb6128
	ext_hdr = <value optimized out>
	ext = <value optimized out>
#2  0x080b6a69 in mail_index_sync_record (ctx=0xbfcbcdf0, hdr=0x8bb5b28, 
    data=0x8bb6780) at mail-index-sync-update.c:546
	rec = {new_reset_id = 1166087195, preserve_data = 0 '\0', 
  unused_padding = "\000\000"}
	ret = <value optimized out>
#3  0x080b705f in mail_index_sync_map (_map=0x8b8b6c8, 
    type=MAIL_INDEX_SYNC_HANDLER_HEAD, force=true)
    at mail-index-sync-update.c:828
	_data_stack_cur_id = 5
	map = <value optimized out>
	index = (struct mail_index *) 0x8b8b690
	view = (struct mail_index_view *) 0x8bb6058
	sync_map_ctx = {view = 0x8bb6058, cur_ext_map_idx = 0, 
  ext_intro_seq = 4, ext_intro_offset = 29272, ext_intro_end_offset = 29300, 
  expunge_handlers = {arr = {buffer = 0x0, element_size = 0}, v = 0x0, 
    v_modifiable = 0x0}, extra_contexts = {arr = {buffer = 0x0, 
      element_size = 0}, v = 0x0, v_modifiable = 0x0}, 
  unknown_extensions = 0x8bb60d8, type = MAIL_INDEX_SYNC_HANDLER_HEAD, 
  sync_handlers_initialized = 0, expunge_handlers_set = 0, 
  expunge_handlers_used = 0, cur_ext_ignore = 1, internal_update = 0, 
  errors = 1}
	thdr = (const struct mail_transaction_header *) 0x8bb5b28
	tdata = (const void *) 0x8bb6780
	prev_seq = 4
	start_offset = <value optimized out>
	prev_offset = 29300
	ret = 1
	had_dirty = false
	reset = false
	__PRETTY_FUNCTION__ = "mail_index_sync_map"
#4  0x080b078f in mail_index_map (index=0x8b8b690, 
    type=MAIL_INDEX_SYNC_HANDLER_HEAD) at mail-index-map.c:953
	ret = <value optimized out>
	__PRETTY_FUNCTION__ = "mail_index_map"
#5  0x080ad1d3 in mail_index_try_open (index=0x8b8b690) at mail-index.c:290
	ret = 0
	__PRETTY_FUNCTION__ = "mail_index_try_open"
#6  0x080ad52f in mail_index_open (index=0x8b8b690, flags=49, 
    lock_method=FILE_LOCK_METHOD_FCNTL) at mail-index.c:354
	ret = <value optimized out>
	__PRETTY_FUNCTION__ = "mail_index_open"
#7  0x080a14dc in index_storage_mailbox_open (ibox=0x8b87e50)
    at index-storage.c:383
	storage = (struct mail_storage *) 0x8b80cc0
	index_flags = 49
	ret = <value optimized out>
	__PRETTY_FUNCTION__ = "index_storage_mailbox_open"
#8  0x08070bbb in maildir_open (storage=0x8b80cc0, name=0x8b856ee "Drafts", 
    flags=0) at maildir-storage.c:448
	mbox = (struct maildir_mailbox *) 0x8b87e50
	index = <value optimized out>
	path = 0x8b75120 "/home/n/i/nivanov/Maildir/.Drafts"
	st = {st_dev = 7512772768, __pad1 = 65024, __st_ino = 0, st_mode = 0, 
  st_nlink = 6076788, st_uid = 16832, st_gid = 2, st_rdev = 429496771878, 
  __pad2 = 0, st_size = 0, st_blksize = 12288, st_blocks = 17592186044416, 
  st_atim = {tv_sec = 24, tv_nsec = 0}, st_mtim = {tv_sec = 1220901763, 
    tv_nsec = 0}, st_ctim = {tv_sec = 1220901763, tv_nsec = 0}, 
  st_ino = 1220901763}
	pool = <value optimized out>
#9  0x08070d24 in maildir_mailbox_open (_storage=0x8b80cc0, 
    name=0x8b856ee "Drafts", input=0x0, flags=0) at maildir-storage.c:512
	path = 0x8b750d0 "/home/n/i/nivanov/Maildir/.Drafts"
	st = {st_dev = 4294967296, __pad1 = 55808, __st_ino = 3217805672, 
  st_mode = 135152563, st_nlink = 146323360, st_uid = 146281896, 
  st_gid = 3217805716, st_rdev = 628210232224025924, __pad2 = 55340, 
  st_size = 580206198801443584, st_blksize = -1, 
  st_blocks = 577828187078914036, st_atim = {tv_sec = 0, tv_nsec = 146279700}, 
  st_mtim = {tv_sec = 0, tv_nsec = -1077161592}, st_ctim = {
    tv_sec = 135086614, tv_nsec = 146279808}, st_ino = 17179869184}
	ret = <value optimized out>
#10 0xb7f231ca in mail_log_mailbox_open (storage=0x8b80cc0, 
    name=0x8b856ee "Drafts", input=0x0, flags=0) at mail-log-plugin.c:450
	box = (struct mailbox *) 0xbfcbd1c8
#11 0xb7f3467a in quota_mailbox_open (storage=0x8b80cc0, 
    name=0x8b856ee "Drafts", input=0x0, flags=0) at quota-storage.c:366
	box = (struct mailbox *) 0x0
#12 0x080a5599 in mailbox_open (storage=0x8b80cc0, name=0x8b856ee "Drafts", 
    input=0x0, flags=0) at mail-storage.c:459
	_data_stack_cur_id = 4
	box = <value optimized out>
#13 0x08060d4c in cmd_select_full (cmd=0x8b815f0, readonly=false)
    at cmd-select.c:32
	client = (struct client *) 0x8b813a8
	storage = (struct mail_storage *) 0x8b80cc0
	box = (struct mailbox *) 0x0
	status = {messages = 3217805960, recent = 6, unseen = 0, 
  uidvalidity = 12076592, uidnext = 0, first_unseen_seq = 146275952, 
  keywords = 0x14}
	mailbox = 0x8b856ee "Drafts"
#14 0x08060f39 in cmd_select (cmd=0x8b815f0) at cmd-select.c:88
No locals.
#15 0x080627dc in client_command_input (cmd=0x8b815f0) at client.c:580
	client = (struct client *) 0x8b813a8
	command = <value optimized out>
	__PRETTY_FUNCTION__ = "client_command_input"
#16 0x0806286f in client_command_input (cmd=0x8b815f0) at client.c:629
	client = (struct client *) 0x8b813a8
	command = (struct command *) 0x0
	__PRETTY_FUNCTION__ = "client_command_input"
#17 0x08062e6d in client_handle_input (client=<value optimized out>)
    at client.c:670
	_data_stack_cur_id = 3
	ret = <value optimized out>
	remove_io = <value optimized out>
	handled_commands = false
#18 0x0806337e in client_input (client=0x8b813a8) at client.c:725
	cmd = <value optimized out>
	output = (struct ostream *) 0x8b8152c
	bytes = <value optimized out>
	__PRETTY_FUNCTION__ = "client_input"
#19 0x080dde90 in io_loop_handler_run (ioloop=0x8b7d9b0) at ioloop-epoll.c:203
	ctx = (struct ioloop_handler_context *) 0x8b7daa8
	event = (const struct epoll_event *) 0x8b7dae8
	list = (struct io_list *) 0x8b7e5c0
	io = (struct io_file *) 0x8b81588
	tv = {tv_sec = 1799, tv_usec = 999578}
	t_id = 2
	msecs = <value optimized out>
	ret = 1
	i = 0
	j = 0
	call = <value optimized out>
#20 0x080dd300 in io_loop_run (ioloop=0x8b7d9b0) at ioloop.c:320
No locals.
#21 0x0806b4ea in main (argc=) at main.c:293
No locals.

-- 
Ralf Hildebrandt (Ralf.Hildebrandt at charite.de)          snickebo at charite.de
Postfix - Einrichtung, Betrieb und Wartung       Tel. +49 (0)30-450 570-155
http://www.arschkrebs.de                              I'm looking for a job
Of course I could put all this into Postfix 1.1 and call the result
Postfix 1.1.14, but that would be cheating.               -- Wietse


More information about the dovecot mailing list