<!doctype html>
<html>
<head>
<meta charset="UTF-8">
</head>
<body>
<div>
Can you provide steps on how to reproduce this? Tracked as DOP-899
</div>
<blockquote type="cite">
<div>
On 03 February 2019 at 16:50 Aki Tuomi <
<a href="mailto:aki.tuomi@open-xchange.com">aki.tuomi@open-xchange.com</a>> wrote:
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
Right it was already in 2.3.4. Looking more closely this looks like use after free. We'll look into this.
</div>
<div>
<br>
</div>
<div>
Aki
</div>
<div>
<br>
</div>
<blockquote type="cite">
<div>
On 03 February 2019 at 16:44 Marcel Menzel <
<a href="mailto:mail@mcl.gg">mail@mcl.gg</a>> wrote:
</div>
<div>
<br>
</div>
<div>
<br>
</div>
<div>
Hello Aki,
</div>
<div>
<br>
</div>
<div>
unfortunately, this patch is already in my source files, as patch
</div>
<div>
refuses to apply it:
</div>
<div>
<br>
</div>
<div>
-> Applying patch fix-sqlite.patch
</div>
<div>
patching file src/lib-sql/driver-sqlite.c
</div>
<div>
Reversed (or previously applied) patch detected! Skipping patch.
</div>
<div>
2 out of 2 hunks ignored -- saving rejects to file
</div>
<div>
src/lib-sql/driver-sqlite.c.rej
</div>
<div>
<br>
</div>
<div>
I verified it by looking in the source code and indeed, this patch is
</div>
<div>
already applied.
</div>
<div>
<br>
</div>
<div>
- Marcel
</div>
<div>
<br>
</div>
<div>
Am 03.02.2019 um 15:25 schrieb Aki Tuomi:
</div>
<div>
<br>
</div>
<div>
> > Can you try if applying
</div>
<blockquote type="cite">
<div>
>
</div>
</blockquote>
<div>
> >
<a href="https://github.com/dovecot/core/commit/b291ff1fd61b47639a2db99bd858c9511945f4ab.patch" rel="noopener" target="_blank">https://github.com/dovecot/core/commit/b291ff1fd61b47639a2db99bd858c9511945f4ab.patch</a>
</div>
<blockquote type="cite">
<div>
> >
</div>
</blockquote>
<div>
> > helps?
</div>
<blockquote type="cite">
<div>
>
</div>
</blockquote>
<div>
> > Aki
</div>
<blockquote type="cite">
<div>
> > > On 03 February 2019 at 16:20 Marcel Menzel <
<a href="mailto:mail@mcl.gg">mail@mcl.gg</a>
</div>
<blockquote type="cite">
<div>
<mailto:
<a href="mailto:mail@mcl.gg">mail@mcl.gg</a>>> wrote:
</div>
<div>
<br>
</div>
<div>
> >
</div>
</blockquote>
<div>
> >>
</div>
</blockquote>
<div>
>> Hello Aki,
</div>
<div>
>>
</div>
<div>
>> Arch Linux doesn't have install-able debug symbols for Dovecot. That's
</div>
<div>
>> why I just compiled the package for myself with enabled debug symbols
</div>
<div>
>> (by editing the makepkg.conf).
</div>
<div>
>>
</div>
<div>
>> I've attached the output from gdb's bt full.
</div>
<div>
>>
</div>
<div>
>> - Marcel
</div>
<div>
>>
</div>
<div>
>> Am 03.02.2019 um 14:45 schrieb Aki Tuomi:
</div>
<div>
>>> You need to install debug symbols. Not sure how this is done in arch
</div>
<div>
>>> linux though.
</div>
<div>
>>> Aki
</div>
<div>
>>>> On 03 February 2019 at 15:02 Marcel Menzel <
<a href="mailto:mail@mcl.gg">mail@mcl.gg</a>
</div>
<div>
>>>> <mailto:
<a href="mailto:mail@mcl.gg">mail@mcl.gg</a>>
</div>
<div>
>>>> <mailto:
<a href="mailto:mail@mcl.gg">mail@mcl.gg</a> <mailto:
<a href="mailto:mail@mcl.gg">mail@mcl.gg</a>>>> wrote:
</div>
<div>
>> >>
</div>
<div>
>> >> Hello John,
</div>
<div>
>> >>
</div>
<div>
>> >> I tried (until now) to get a valuable backtrace, but it seems that
</div>
<div>
>> GDB
</div>
<div>
>> >> can't resolve all symbols.
</div>
<div>
>> >> This is what systemd-coredump is giving me:
</div>
<div>
>> >>
</div>
<div>
>> >> Stack trace of thread 22359:
</div>
<div>
>> >> #0 0x0000638167eaf062 event_unref (libdovecot.so.0)
</div>
<div>
>> >> #1 0x000004a58a212151 n/a (dict)
</div>
<div>
>> >> #2 0x000004a58a211333 n/a (dict)
</div>
<div>
>> >> #3 0x000004a58a20514d n/a (dict)
</div>
<div>
>> >> #4 0x0000638167e556f2 dict_transaction_begin (libdovecot.so.0)
</div>
<div>
>> >> #5 0x000004a58a203b06 n/a (dict)
</div>
<div>
>> >> #6 0x000004a58a2045ff dict_command_input (dict)
</div>
<div>
>> >> #7 0x000004a58a202a31 n/a (dict)
</div>
<div>
>> >> #8 0x000004a58a202b35 n/a (dict)
</div>
<div>
>> >> #9 0x0000638167eaacfd io_loop_call_io (libdovecot.so.0)
</div>
<div>
>> >> #10 0x0000638167eac635 io_loop_handler_run_internal (libdovecot.so.0)
</div>
<div>
>> >> #11 0x0000638167eaadc7 io_loop_handler_run (libdovecot.so.0)
</div>
<div>
>> >> #12 0x0000638167eaaf68 io_loop_run (libdovecot.so.0)
</div>
<div>
>> >> #13 0x0000638167e1b36a master_service_run (libdovecot.so.0)
</div>
<div>
>> >> #14 0x000004a58a202300 main (dict)
</div>
<div>
>> >> #15 0x0000638167a17223 __libc_start_main (libc.so.6)
</div>
<div>
>> >> #16 0x000004a58a2023fe _start (dict)
</div>
<div>
>> >>
</div>
<div>
>> >> GDB's "bt full" won't give anything more here, I might compile
</div>
<div>
>> Dovecot
</div>
<div>
>> >> with debug symbols enabled as soon as I have a little more time:
</div>
<div>
>> >>
</div>
<div>
>> >> (gdb) bt full
</div>
<div>
>> >> #0 0x0000638167eaf062 in event_unref () from
</div>
<div>
>> >> /usr/lib/dovecot/libdovecot.so.0
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #1 0x000004a58a212151 in ?? ()
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #2 0x000004a58a211333 in ?? ()
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #3 0x000004a58a20514d in ?? ()
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #4 0x0000638167e556f2 in dict_transaction_begin () from
</div>
<div>
>> >> /usr/lib/dovecot/libdovecot.so.0
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #5 0x000004a58a203b06 in ?? ()
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #6 0x000004a58a2045ff in dict_command_input ()
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #7 0x000004a58a202a31 in ?? ()
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #8 0x000004a58a202b35 in ?? ()
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #9 0x0000638167eaacfd in io_loop_call_io () from
</div>
<div>
>> >> /usr/lib/dovecot/libdovecot.so.0
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #10 0x0000638167eac635 in io_loop_handler_run_internal () from
</div>
<div>
>> >> /usr/lib/dovecot/libdovecot.so.0
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #11 0x0000638167eaadc7 in io_loop_handler_run () from
</div>
<div>
>> >> /usr/lib/dovecot/libdovecot.so.0
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #12 0x0000638167eaaf68 in io_loop_run () from
</div>
<div>
>> >> /usr/lib/dovecot/libdovecot.so.0
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #13 0x0000638167e1b36a in master_service_run () from
</div>
<div>
>> >> /usr/lib/dovecot/libdovecot.so.0
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >> #14 0x000004a58a202300 in main ()
</div>
<div>
>> >> No symbol table info available.
</div>
<div>
>> >>
</div>
<div>
>> >> - Marcel
</div>
<div>
>> >>
</div>
<div>
>> >> Am 03.02.2019 um 09:08 schrieb John Fawcett:
</div>
<div>
>> >>> On 01/02/2019 20:40, Marcel Menzel wrote:
</div>
<div>
>> >>>> Hello,
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> After I configured a SQLite backed dict quota backend, the dict
</div>
<div>
>> >> process
</div>
<div>
>> >> >> crashes every time a quota operation is happening.
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> SQLite: 3.26.0
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> Dovecot: 2.3.4 (0ecbaf23d)
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> Linux: 4.20.4.a-1-hardened #1 SMP PREEMPT Fri Jan 25 01:24:51 CET
</div>
<div>
>> >> 2019
</div>
<div>
>> >> >> x86_64 GNU/Linux (Arch Linux)
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> Filesystem: BTRFS
</div>
<div>
>> >> >>
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> I can't get any debug output from Dovecot, even after setting
</div>
<div>
>> >> log_debug
</div>
<div>
>> >> >> = cat:* event:* source:* field:*=*
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> dovecot[6457]: dict(6687): Debug: sqlite: Finished query 'BEGIN
</div>
<div>
>> >> >> TRANSACTION' in 0 msecs
</div>
<div>
>> >> >> dovecot[6457]: dict(6687): Fatal: master: service(dict): child
</div>
<div>
>> 6687
</div>
<div>
>> >> >> killed with signal 11 (core dumped)
</div>
<div>
>> >> >>
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> I've attached the output of dovecot -n and the coredump file from
</div>
<div>
>> >> >> systemd-coredump.
</div>
<div>
>> >> >>
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> Kind regards,
</div>
<div>
>> >> >>
</div>
<div>
>> >> >> Marcel Menzel
</div>
<div>
>> >> >>
</div>
<div>
>> >>> Any chance of posting a backtrace?
</div>
<div>
>> >>> John
</div>
<div>
>> >
</div>
<div>
>>> ---
</div>
<div>
>>> Aki Tuomi
</div>
<div>
>
</div>
<div>
<br>
</div>
<div>
> > ---
</div>
<blockquote type="cite">
<div>
Aki Tuomi
</div>
<div>
<br>
</div>
<div>
>
</div>
</blockquote>
</blockquote>
<div>
---
</div>
<div>
Aki Tuomi
</div>
</blockquote>
<div>
<br>
</div>
<div class="io-ox-signature">
---
<br>Aki Tuomi
</div>
</body>
</html>