Andrew Findlay wrote:
On Fri, May 26, 2006 at 12:11:05PM -0400, Ken Murchison wrote:
Cyrus IMAP v2.3.3 (with sasl v2.1.21) ran fine. Any ideas?
Can you get a backtrace from a core dump?
I have a similar problem using 2.3.6 murder on CentOS 4.3 (very like
RHEL 4) on 32-bit x86.
In my case it is the front-end imap proxyd that crashes and the
signal is 11 (SIGSEGV) but the case seems very similar: it happens
when deleting messages and the traceback shows prot_printf() as the
active function.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208183104 (LWP 22222)]
0x0809462c in prot_printf (s=0x8312250, fmt=0x80aa579 " %s ") at prot.c:960
960 prot.c: No such file or directory.
in prot.c
(gdb) where
#0 0x0809462c in prot_printf (s=0x8312250, fmt=0x80aa579 " %s ") at prot.c:960
#1 0x0805124b in cmd_store (tag=0x83126a8 "a0008", sequence=0x8312788 "8", usinguid=1)
at imapd.c:4169
#2 0x0805f53b in cmdloop () at imapd.c:1640
#3 0x08060687 in service_main (argc=1, argv=0x8308008, envp=0xbff0b8ac) at imapd.c:789
#4 0x0804c545 in main (argc=1, argv=0xbff0b8a4, envp=0xbff0b8ac) at service.c:532
(gdb) up
#1 0x0805124b in cmd_store (tag=0x83126a8 "a0008", sequence=0x8312788 "8", usinguid=1)
at imapd.c:4169
4169 imapd.c: No such file or directory.
in imapd.c
(gdb) print tag
$1 = 0x83126a8 "a0008"
(gdb) print operation
$2 = {s = 0x0, len = 0, alloc = 0}
(gdb) print &operation
$3 = (struct buf *) 0x8135d20
(gdb) print tag
$4 = 0x83126a8 "a0008"
(gdb) print cmd
$5 = 0x80aa558 "UID Store"
(gdb) print sequence
$6 = 0x8312788 "8"
(gdb) print operation
$7 = {s = 0x0, len = 0, alloc = 0}
I think the problem is the last parameter to the prot_printf call:
in cmd_store() the call looks like this:
if (backend_current) {
/* remote mailbox */
prot_printf(backend_current->out, "%s %s %s %s ",
tag, cmd, sequence, operation);
pipe_command(backend_current, 65536);
return;
}
'operation' is declared as:
static struct buf operation, flagname;
but it is not assigned a value before prot_printf() is called so
when prot_printf() tries to do strlen() it gets SEGV.
OK. I see the problem, I just need to come up with a fix.
I am not sure what is intended here, nor am I sure why we are doing
a STORE operation in the first place!
Remember that IMAP uses a DELETE+EXPUNGE model. So, first the message
is marked as deleted (by STOREing the \Deleted flag), and then
eventually \Deleted messages are EXPUNGEd.
--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
