Bug#626418: All cyrus-imapd tools crash on exit
petr at vmware.com
Wed May 11 19:39:09 UTC 2011
I've upgraded yesterday from imapd 2.3 to 2.4, and since then all my
logs are full of SIGSEGVs from cyrus, and even simple tools like
cvt_cyrusdb crash left & right.
Initially I've suspected that problem is that libsasl2 is linked against
libdb4.8 while imapd against libdb5.1, causing confusion in closing
database, but that's not root cause.
Root cause is
patch adds calls to dbenv->get_home & dbenv->remove *AFTER* call to
dbenv->close. So we have nice use-after-free, which reliably crashes
with my glibc, because contents of dbenv is set to 0xDBDBDBDB on
dbenv->close, and so dbenv->get_home jumps to 0xDBDBDBDBDBDBDBDBDBDB
And even if it would not kill process, dbenv->remove documentation says
that you cannot use dbenv handle which was already used to open
something to call remove: you must create new fresh dbenv handle, and
use that one to call dbenv->remove.
Please revert 101-berkeley-db patch, or rework it to not crash... For
now I've removed it from my local systems, and crashes are gone, and I
can read my emails again.
More information about the Pkg-Cyrus-imapd-Debian-devel