Re: v2.3.6 message delete causes signal 10

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Andrew Findlay wrote:
On Fri, May 26, 2006 at 12:11:05PM -0400, Ken Murchison wrote:

Cyrus IMAP v2.3.3 (with sasl v2.1.21) ran fine.  Any ideas?
Can you get a backtrace from a core dump?

I have a similar problem using 2.3.6 murder on CentOS 4.3 (very like
RHEL 4) on 32-bit x86.

In my case it is the front-end imap proxyd that crashes and the
signal is 11 (SIGSEGV) but the case seems very similar: it happens
when deleting messages and the traceback shows prot_printf() as the
active function.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208183104 (LWP 22222)]
0x0809462c in prot_printf (s=0x8312250, fmt=0x80aa579 " %s ") at prot.c:960
960     prot.c: No such file or directory.
        in prot.c
(gdb) where
#0  0x0809462c in prot_printf (s=0x8312250, fmt=0x80aa579 " %s ") at prot.c:960
#1  0x0805124b in cmd_store (tag=0x83126a8 "a0008", sequence=0x8312788 "8", usinguid=1)
    at imapd.c:4169
#2  0x0805f53b in cmdloop () at imapd.c:1640
#3  0x08060687 in service_main (argc=1, argv=0x8308008, envp=0xbff0b8ac) at imapd.c:789
#4  0x0804c545 in main (argc=1, argv=0xbff0b8a4, envp=0xbff0b8ac) at service.c:532
(gdb) up
#1  0x0805124b in cmd_store (tag=0x83126a8 "a0008", sequence=0x8312788 "8", usinguid=1)
    at imapd.c:4169
4169    imapd.c: No such file or directory.
        in imapd.c
(gdb) print tag
$1 = 0x83126a8 "a0008"
(gdb) print operation
$2 = {s = 0x0, len = 0, alloc = 0}
(gdb) print &operation
$3 = (struct buf *) 0x8135d20
(gdb) print tag
$4 = 0x83126a8 "a0008"
(gdb) print cmd
$5 = 0x80aa558 "UID Store"
(gdb) print sequence
$6 = 0x8312788 "8"
(gdb) print operation
$7 = {s = 0x0, len = 0, alloc = 0}

I think the problem is the last parameter to the prot_printf call:
in cmd_store() the call looks like this:

    if (backend_current) {
        /* remote mailbox */
        prot_printf(backend_current->out, "%s %s %s %s ",
                    tag, cmd, sequence, operation);
        pipe_command(backend_current, 65536);
        return;
    }

'operation' is declared as:

	static struct buf operation, flagname;

but it is not assigned a value before prot_printf() is called so
when prot_printf() tries to do strlen() it gets SEGV.

OK.  I see the problem, I just need to come up with a fix.


I am not sure what is intended here, nor am I sure why we are doing
a STORE operation in the first place!

Remember that IMAP uses a DELETE+EXPUNGE model. So, first the message is marked as deleted (by STOREing the \Deleted flag), and then eventually \Deleted messages are EXPUNGEd.

--
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux