[Dovecot] v2.2 getting NULL pointer reference with shared namespace in mailbox_tree?
Walter Steiner
ws+dovecot at iai.uni-bonn.de
Fri Mar 22 16:35:10 EET 2013
I stumbled over another segmentation fault:
# /m/sw/dc/a/libexec/dovecot/imap -u cyrtest1
Debug: Loading modules from directory: /m/sw/dc/2.2-20130322/lib/dovecot
Debug: Module loaded: /m/sw/dc/2.2-20130322/lib/dovecot/lib15_notify_plugin.so
Debug: Module loaded: /m/sw/dc/2.2-20130322/lib/dovecot/lib20_mail_log_plugin.so
Debug: auth input: cyrtest1 at iai.uni-bonn.de uid=13004 gid=13004 home=/m/d/user/cyrtest1
Debug: changed username to cyrtest1 at iai.uni-bonn.de
Debug: Effective uid=13004, gid=13004, home=/m/d/user/cyrtest1
Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=sdbox:/m/d/imap/mbox/m/cyrtest1
Debug: fs: root=/m/d/imap/mbox/m/cyrtest1, index=, indexpvt=, control=, inbox=, alt=
Debug: Namespace user: type=shared, prefix=user/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=yes location=sdbox:/m/d/imap/mbox/m/%n
Debug: shared: root=/var/run/dovecot/, index=, indexpvt=, control=, inbox=, alt=
* PREAUTH [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE] Logged in as cyrtest1 at iai.uni-bonn.de
. namespace
* NAMESPACE (("" "/")) (("user/" "/")) NIL
. OK Namespace completed.
. lsub "" *
Segmentation fault (core dumped)
I'm not familiar with gdb / debugging. gdb bt full is following but I'm
afraid line numbers are not yet correct, are they?
Compiler is gcc 4.5.2
output of make command while building dovecot does not show "-O"...
(also tried "-O0" before ... as mentioned on some web pages)
file src/lib-storage/mailbox-tree.c
function mailbox_tree_traverse()
line number 103:
for (name = path;; path++) {
if (*path != tree->separator && *path != '\0')
^^^^^^^^^^^^^^^ and tree is 0x0
#0 0xffff80ffb73d91cb in mailbox_tree_traverse (tree=0x0, path=0x472830 "user", create=false, created_r=0xffff80ffbffff187) at mailbox-tree.c:41
41 i_assert(mailbox_node_size >= sizeof(struct mailbox_node));
(gdb) bt full
#0 0xffff80ffb73d91cb in mailbox_tree_traverse (tree=0x0, path=0x472830 "user", create=false, created_r=0xffff80ffbffff187) at mailbox-tree.c:41
node = (struct mailbox_node **) 0x10
parent = (struct mailbox_node *) 0x0
name = 0x472830 "user"
str = (string_t *) 0x44d658
#1 0xffff80ffb73d9417 in mailbox_tree_lookup (tree=0x0, path=0x472830 "user") at mailbox-tree.c:41
_data_stack_cur_id = 5
node = (struct mailbox_node *) 0x0
created = false
#2 0xffff80ffb73f01c6 in mailbox_list_set_subscription_flags (list=0x46c4d0, vname=0x472830 "user", flags=0x4725e8) at mailbox-list-subscriptions.c:47
node = (struct mailbox_node *) 0xffff80ffbf760030
#3 0xffff80ffb73eb4bc in mailbox_list_ns_prefix_return (ctx=0x472540, ns=0x46c400, has_children=false) at mailbox-list-iter.c:98
subs_ns = (struct mail_namespace *) 0x46c400
box = (struct mailbox *) 0xffff80ffb73ecae8
existence = 4294934783
ret = 0
__FUNCTION__ = "mailbox_list_ns_prefix_return"
#4 0xffff80ffb73eb9d8 in mailbox_list_ns_iter_try_next (_ctx=0x472540, info_r=0xffff80ffbffff2c8) at mailbox-list-iter.c:98
ctx = (struct ns_list_iterate_context *) 0x472540
ns = (struct mail_namespace *) 0x3
info = (const struct mailbox_info *) 0x0
error = MAIL_ERROR_NONE
errstr = 0x472540 "(&G"
has_children = false
__FUNCTION__ = "mailbox_list_ns_iter_try_next"
#5 0xffff80ffb73ebb8d in mailbox_list_ns_iter_next (_ctx=0x472540) at mailbox-list-iter.c:98
info = (const struct mailbox_info *) 0x0
#6 0xffff80ffb73ec7f7 in mailbox_list_iter_next_call (ctx=0x472540) at mailbox-list-iter.c:98
info = (const struct mailbox_info *) 0x63207361206e6920
set = (const struct mailbox_settings *) 0x646567676f4c205d
#7 0xffff80ffb73ecad8 in mailbox_list_iter_next (ctx=0x472540) at mailbox-list-iter.c:98
_data_stack_cur_id = 4
info = (const struct mailbox_info *) 0xffff80ffbf770030
#8 0x000000000041ac70 in cmd_list_continue (cmd=0x46d900) at ../../src/lib/array.h:197
ctx = (struct cmd_list_context *) 0x46d9f8
info = (const struct mailbox_info *) 0x41ae1a
flags = 0
str = (string_t *) 0x44d410
mutf7_name = (string_t *) 0x44d560
name = 0xffff80ffbffff3a0 "0ôÿ¿ÿ\200ÿÿ!µA"
ret = 0
#9 0x000000000041b521 in cmd_list_full (cmd=0x46d900, lsub=true) at ../../src/lib/array.h:197
client = (struct client *) 0x46d0f0
args = (const struct imap_arg *) 0x4721c8
list_args = (const struct imap_arg *) 0xffff80ffbc1f8e79
arg_count = 4294934783
ctx = (struct cmd_list_context *) 0x46d9f8
patterns = {arr = {buffer = 0x46da38, element_size = 8}, v = 0x46da38, v_modifiable = 0x46da38}
ref = 0x46da28 ""
pattern = 0x46da30 "*"
patterns_strarr = (const char * const *) 0x46da70
str = (string_t *) 0x44d2b8
#10 0x000000000041b61d in cmd_lsub (cmd=0x46d900) at cmd-lsub.c:8
No locals.
#11 0x0000000000424697 in command_exec (cmd=0x46d900) at imap-commands.c:99
hook = (const struct command_hook *) 0x457ec0
ret = false
#12 0x00000000004235fb in client_command_input (cmd=0x46d900) at imap-client.c:119
client = (struct client *) 0x46d0f0
command = (struct command *) 0xffff80ffbffff4d0
__FUNCTION__ = "client_command_input"
#13 0x00000000004238fb in client_command_input (cmd=0x46d900) at imap-client.c:119
client = (struct client *) 0x46d0f0
command = (struct command *) 0x45ce58
__FUNCTION__ = "client_command_input"
#14 0x0000000000423a1b in client_handle_next_command (client=0x46d0f0, remove_io_r=0xffff80ffbffff55d) at imap-client.c:119
No locals.
#15 0x0000000000423a9b in client_handle_input (client=0x46d0f0) at imap-client.c:119
_data_stack_cur_id = 3
ret = false
remove_io = false
handled_commands = false
__FUNCTION__ = "client_handle_input"
#16 0x0000000000423c2e in client_input (client=0x46d0f0) at imap-client.c:119
cmd = (struct client_command_context *) 0x4663e8
output = (struct ostream *) 0x467968
bytes = 12
__FUNCTION__ = "client_input"
#17 0xffff80ffb753c1de in io_loop_call_io (io=0x458690) at ioloop.c:26
ioloop = (struct ioloop *) 0x457d00
t_id = 2
#18 0xffff80ffb753d851 in io_loop_handler_run (ioloop=0x457d00) at ioloop-poll.c:96
ctx = (struct ioloop_handler_context *) 0x455420
pollfd = (struct pollfd *) 0x45c6a8
tv = {tv_sec = 57, tv_usec = 597544}
io = (struct io_file *) 0x458690
msecs = 57598
ret = 0
call = true
#19 0xffff80ffb753c281 in io_loop_run (ioloop=0x457d00) at ioloop.c:26
No locals.
#20 0xffff80ffb74d40c2 in master_service_run (service=0x457bd0, callback=0x430806 <client_connected>) at master-service.c:75
No locals.
#21 0x0000000000430b1f in main (argc=3, argv=0xffff80ffbffff718) at main.c:70
set_roots = {0x439ce0, 0x0}
login_set = {auth_socket_path = 0x0, postlogin_socket_path = 0x0, postlogin_timeout_secs = 60, callback = 0, failure_callback = 0,
request_auth_token = 1}
service_flags = 3
storage_service_flags = MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP
username = 0xffff80ffbffff9cb "cyrtest1"
c = -1
And without the shared namespace "user" no such crash!
# 20130322: /m/sw/dc/2.2-20130322/etc/dovecot/dovecot.conf
# OS: SunOS 5.11 i86pc zfs
auth_debug = yes
auth_debug_passwords = yes
auth_default_realm = iai.uni-bonn.de
auth_master_user_separator = *
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = sha1
base_dir = /var/run/dovecot/
debug_log_path = /tmp/dcd
imapc_features = rfc822.size
imapc_host = mailbox.iai.uni-bonn.de
imapc_list_prefix = INBOX
imapc_master_user = ...
imapc_password = ...
imapc_port = 993
imapc_ssl = imaps
imapc_ssl_verify = no
imapc_user = %n
log_path = /tmp/dce
mail_debug = yes
mail_gid = dovemail
mail_location = sdbox:/m/d/imap/mbox/m/%n
mail_plugins = notify mail_log
mail_uid = dovemail
namespace inbox {
hidden = no
inbox = yes
list = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
subscriptions = yes
type = private
}
namespace user {
hidden = no
list = children
location = sdbox:/m/d/imap/mbox/m/%%n
prefix = user/%%u/
separator = /
type = shared
}
passdb {
args = scheme=CRYPT username_format=%u /m/d/etc/user/pw
driver = passwd-file
}
passdb {
args = username_format=%n /m/d/etc/user/global/pw-master-giat
driver = passwd-file
master = yes
pass = yes
}
passdb {
args = username_format=%n /m/d/etc/user/global/pw-master-top
driver = passwd-file
master = yes
pass = yes
}
passdb {
args = username_format=%n /m/d/etc/user/global/pw-master-top
driver = passwd-file
}
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename flag_change append mailbox_create save flag_change
mail_log_fields = uid box msgid size
}
protocols = imap pop3
service auth-worker {
user = doveauth
}
service auth {
user = doveauth
}
service imap-login {
process_min_avail = 4
service_count = 1
}
service imap {
executable = imap
process_limit = 1024
}
service pop3 {
executable = pop3
process_limit = 64
}
ssl_cert = </m/sw/dc/a/etc/dovecot/ssl/certs/dovecotCert.pem
ssl_key = </m/sw/dc/a/etc/dovecot/ssl/keys/dovecotKey.pem
syslog_facility = local6
userdb {
args = username_format=%u /m/d/etc/user/db
driver = passwd-file
override_fields = uid=dovemail gid=dovemail home=/m/d/user/%n
}
userdb {
args = username_format=%n /m/d/etc/user/global/db-master
default_fields = quota_rule=*:storage=512M
driver = passwd-file
override_fields = uid=dovemail gid=dovemail home=/m/d/user/global/%n
}
More information about the dovecot
mailing list