dovecot-2.22.33.2, segfault on empty emails
Marcin Mirosław
marcin at mejor.pl
Wed Feb 7 15:58:25 EET 2018
Hello!
I'm using maildir format with zlib_save=bz2. Here is the way how I generate empty mails and this leads to segfault:
create empty message:
# echo -n "" | /usr/libexec/dovecot/dovecot-lda -d marcin at mejor.pl
this creates empy email in maildir (size 14B):
# ls -l 1518011524.M96165P15900.jowisz\,S\=0\,W\=0\:2\,
-rwxrw----+ 1 mail mail 14 Feb 7 14:52 '1518011524.M96165P15900.jowisz,S=0,W=0:2,'
# file 1518011524.M96165P15900.jowisz\,S\=0\,W\=0\:2\,
1518011524.M96165P15900.jowisz,S=0,W=0:2,: bzip2 compressed data, block size = 200k
next I'm accesing to Inbox, deleting mail using Thunderbird. Since message is moved to Trash I'm getting segfaults,
backtrace:
Reading symbols from /usr/libexec/dovecot/imap...Reading symbols from /usr/lib64/debug//usr/libexec/dovecot/imap.debug...done.
done.
[New LWP 16520]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `dovecot/imap'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51 }
(gdb) #0 __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007f744769e12a in __GI_abort () at abort.c:89
#2 0x00007f7447adab79 in default_fatal_finish (type=LOG_TYPE_PANIC, status=status at entry=0) at failures.c:201
#3 0x00007f7447adacd3 in i_internal_fatal_handler (ctx=0x7ffc16d911e0, format=<optimized out>, args=<optimized out>) at failures.c:670
#4 0x00007f7447a5108c in i_panic (format=format at entry=0x7f7447e9ed40 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:275
#5 0x00007f7447e85108 in mail_index_transaction_get_uid (t=t at entry=0x55a2a17c3c30, seq=<optimized out>) at mail-index-transaction-finish.c:185
#6 0x00007f7447e8517a in mail_index_convert_to_uids (t=t at entry=0x55a2a17c3c30, array=array at entry=0x55a2a17e2c90) at mail-index-transaction-finish.c:205
#7 0x00007f7447e858df in mail_index_transaction_convert_to_uids (t=0x55a2a17c3c30) at mail-index-transaction-finish.c:313
#8 mail_index_transaction_finish (t=t at entry=0x55a2a17c3c30) at mail-index-transaction-finish.c:345
#9 0x00007f7447e8b783 in mail_index_transaction_commit_real (commit_size_r=0x7ffc16d91490, t=0x55a2a17c3c30) at mail-index-transaction.c:197
#10 mail_index_transaction_commit_v (t=<optimized out>, result_r=0x7ffc16d91480) at mail-index-transaction.c:239
#11 0x00007f7447e8be4e in mail_index_transaction_commit_full (_t=_t at entry=0x7ffc16d914d0, result_r=result_r at entry=0x7ffc16d91480) at mail-index-transaction.c:298
#12 0x00007f7447e8bf0b in mail_index_transaction_commit (t=t at entry=0x7ffc16d914d0) at mail-index-transaction.c:272
#13 0x00007f7447e71bef in mail_cache_set_seq_corrupted_reason (cache_view=cache_view at entry=0x55a2a17cf140, seq=362, reason=<optimized out>) at mail-cache.c:71
#14 0x00007f7447dd0d34 in mail_set_mail_cache_corrupted (mail=0x55a2a17d7118, fmt=0x7f7447eb1bab "Broken %s in mailbox %s: %s") at mail-storage.c:2828
#15 0x00007f7447dfb88a in maildir_mail_set_cache_corrupted_reason (_mail=0x55a2a17d7118, field=MAIL_FETCH_PHYSICAL_SIZE,
reason=0x55a2a1706678 "read(/dane/domeny/mejor.pl/mail/marcin/.maildir/.Trash/tmp/1518011650.M572516P16520.jowisz) failed: Cached message size smaller than expected (0 < 14, box=Trash, UID=0)") at maildir-mail.c:770
#16 0x00007f7447e6ac52 in i_stream_mail_set_size_corrupted (mstream=mstream at entry=0x55a2a18014f0, size=size at entry=14) at istream-mail.c:95
#17 0x00007f7447e6ae5b in i_stream_mail_read (stream=0x55a2a18014f0) at istream-mail.c:121
#18 0x00007f7447ae9c84 in i_stream_read (stream=stream at entry=0x55a2a1801560) at istream.c:174
#19 0x00007f7447aeaa3d in i_stream_read_data (stream=0x55a2a1801560, data_r=data_r at entry=0x7ffc16d917a8, size_r=size_r at entry=0x7ffc16d917b0, threshold=threshold at entry=1) at istream.c:569
#20 0x00007f7447abc27f in message_parse_header_next (ctx=0x55a2a17c04c0, hdr_r=hdr_r at entry=0x7ffc16d91810) at message-header-parser.c:84
#21 0x00007f7447abcc9f in message_parse_header (input=<optimized out>, hdr_size=hdr_size at entry=0x55a2a17d7398,
flags=flags at entry=(MESSAGE_HEADER_PARSER_FLAG_SKIP_INITIAL_LWSP | MESSAGE_HEADER_PARSER_FLAG_DROP_CR), callback=callback at entry=0x7f7447e50210 <index_mail_parse_header_cb>,
context=context at entry=0x55a2a17d7118) at message-header-parser.c:391
#22 0x00007f7447e504f4 in index_mail_parse_headers (mail=mail at entry=0x55a2a17d7118, headers=0x55a2a1800f08,
reason=reason at entry=0x55a2a1706618 "header Message-ID (Mail not cached, highest cached seq=361 uid=289064: reset_id=1312894688)") at index-mail-headers.c:460
#23 0x00007f7447e50b10 in index_mail_get_raw_headers (mail=mail at entry=0x55a2a17d7118, field=field at entry=0x7f744476ba33 "Message-ID", value_r=value_r at entry=0x7ffc16d91960)
at index-mail-headers.c:659
#25 0x00007f7447dbc1ac in mail_get_first_header (mail=mail at entry=0x55a2a17d7118, field=field at entry=0x7f744476ba33 "Message-ID", value_r=value_r at entry=0x7ffc16d919e0) at mail.c:191
#26 0x00007f744476aaf9 in mail_log_append_mail_header (str=str at entry=0x55a2a17064f8, mail=mail at entry=0x55a2a17d7118, name=name at entry=0x7f744476ba5c "msgid",
header=header at entry=0x7f744476ba33 "Message-ID") at mail-log-plugin.c:189
#27 0x00007f744476b501 in mail_log_append_mail_message_real (desc=0x55a2a17064d0 "copy from INBOX", event=MAIL_LOG_EVENT_COPY, mail=0x55a2a17d7118, ctx=0x55a2a17cf6e8)
at mail-log-plugin.c:275
#28 mail_log_append_mail_message (ctx=0x55a2a17cf6e8, mail=0x55a2a17d7118, event=MAIL_LOG_EVENT_COPY, desc=0x55a2a17064d0 "copy from INBOX") at mail-log-plugin.c:344
#29 0x00007f7446e414db in notify_contexts_mail_copy (src=src at entry=0x55a2a17d18e8, dst=0x55a2a17d7118) at notify-plugin.c:75
#30 0x00007f7446e42cb5 in notify_copy (ctx=0x55a2a17d6108, mail=0x55a2a17d18e8) at notify-storage.c:106
#31 0x00007f7447259794 in quota_copy (ctx=0x55a2a17d6108, mail=0x55a2a17d18e8) at quota-storage.c:283
#32 0x00007f7447dceb40 in mailbox_copy_int (_ctx=<optimized out>, mail=mail at entry=0x55a2a17d18e8) at mail-storage.c:2477
#33 0x00007f7447dcedac in mailbox_move (_ctx=<optimized out>, mail=0x55a2a17d18e8) at mail-storage.c:2515
#34 0x000055a2a002668d in fetch_and_copy (copy_count_r=<synthetic pointer>, src_uidset_r=<synthetic pointer>, search_args=<optimized out>, src_trans_r=0x7ffc16d91c48, t=0x55a2a17ce880,
move=true, cmd=0x55a2a17488c8) at cmd-copy.c:69
#35 cmd_copy_full (cmd=0x55a2a17488c8, move=true) at cmd-copy.c:139
#36 0x000055a2a003569c in command_exec (cmd=cmd at entry=0x55a2a17488c8) at imap-commands.c:200
#37 0x000055a2a0033751 in client_command_input (cmd=<optimized out>, cmd at entry=0x55a2a17488c8) at imap-client.c:1088
#38 0x000055a2a003388f in client_command_input (cmd=<optimized out>) at imap-client.c:1148
#39 0x000055a2a0033c85 in client_handle_next_command (remove_io_r=<synthetic pointer>, client=0x55a2a1746908) at imap-client.c:1190
#40 client_handle_input (client=0x55a2a1746908) at imap-client.c:1202
#41 0x000055a2a0034245 in client_input (client=0x55a2a1746908) at imap-client.c:1249
#42 0x00007f7447af74e9 in io_loop_call_io (io=0x55a2a17487c0) at ioloop.c:600
#43 0x00007f7447af9297 in io_loop_handler_run_internal (ioloop=ioloop at entry=0x55a2a170e990) at ioloop-epoll.c:223
#44 0x00007f7447af75e3 in io_loop_handler_run (ioloop=ioloop at entry=0x55a2a170e990) at ioloop.c:649
#45 0x00007f7447af77e0 in io_loop_run (ioloop=0x55a2a170e990) at ioloop.c:624
#46 0x00007f7447a5e426 in master_service_run (service=0x55a2a170e830, callback=<optimized out>) at master-service.c:719
#47 0x00005
Marcin
More information about the dovecot
mailing list