Bug#553503: And another one

Christian Balzer chibi at gol.com
Fri Dec 4 04:43:22 UTC 2009 

Hello,

definitely seems to be happening around group_list, that looks rather
messed up down there.

---
batzmaru:~# gdb -c /tmp/exim4.core.1259874378.25229
GNU gdb 6.8-debian
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
(no debugging symbols found)
Core was generated by `/usr/sbin/exim4 -Mc 1NGIsU-0006Yu-NU'.
Program terminated with signal 11, Segmentation fault.
[New process 25229]
#0  0x000000000041e1fa in ?? ()
(gdb) bt full
#0  0x000000000041e1fa in ?? ()
No symbol table info available.
(gdb) symbol-file /usr/lib/debug/usr/sbin/exim4
Reading symbols from /usr/lib/debug/usr/sbin/exim4...done.
(gdb) bt full
#0  exim_setugid (uid=0, gid=103, igflag=0,
    msg=0x49d0b2 <Address 0x49d0b2 out of bounds>) at exim.c:539
        euid = <value optimized out>
        egid = <value optimized out>
#1  0x000000000042213a in main (argc=3, cargv=0x7fffa93b4b08) at exim.c:3200
        arg_receive_timeout = -1
        arg_smtp_receive_timeout = -1
        arg_error_handling = 0
        filter_sfd = <value optimized out>
        filter_ufd = <value optimized out>
        group_count = 1
        i = 0
        list_queue_option = 0
        msg_action = 0
        msg_action_arg = 2
        namelen = <value optimized out>
        queue_only_reason = <value optimized out>
        perl_start_option = 0
        recipients_arg = 3
        sender_address_domain = 0
        test_retry_arg = -1
        test_rewrite_arg = -1
        arg_queue_only = 0
        bi_option = 0
        checking = 0
        count_queue = 0
        expansion_test = 0
        extract_recipients = 0
        forced_delivery = 0
        f_end_dot = 0
        deliver_give_up = 0
        list_queue = 0
        list_options = 0
        local_queue_only = <value optimized out>
        more = <value optimized out>
        one_msg_action = 0
        queue_only_set = 0
        sender_ident_set = 0
        session_local_queue_only = <value optimized out>
        unprivileged = 0
        removed_privilege = <value optimized out>
        usage_wanted = <value optimized out>
        verify_address_mode = 0
        verify_as_sender = 0
        version_printed = 0
        alias_arg = (uschar *) 0x0
        called_as = (uschar *) 0x4be89f <Address 0x4be89f out of bounds>
        start_queue_run_id = (uschar *) 0x0
        stop_queue_run_id = (uschar *) 0x0
        expansion_test_message = (uschar *) 0x0
        ftest_domain = (uschar *) 0x0
        ftest_localpart = (uschar *) 0x0
        ftest_prefix = (uschar *) 0x0
        ftest_suffix = (uschar *) 0x0
        real_sender_address = <value optimized out>
        originator_home = <value optimized out>
        reset_point = <value optimized out>
        pw = (struct passwd *) 0x6d15a0
        statbuf = {st_dev = 13, st_ino = 574, st_nlink = 1, st_mode = 8630,
  st_uid = 0, st_gid = 0, pad0 = 0, st_rdev = 259, st_size = 0,
  st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1259088058,
    tv_nsec = 506449560}, st_mtim = {tv_sec = 1259088058,
    tv_nsec = 506449560}, st_ctim = {tv_sec = 1259088058,
    tv_nsec = 634448800}, __unused = {0, 0, 0}}
        passed_qr_pid = 0
        passed_qr_pipe = -1
        group_list = {103, 0 <repeats 62757 times>, 2847059989, 32767, 0, 0,
  2849139040, 32767, 2771834999, 32767, 2847034884, 32767,
  0 <repeats 16 times>, 1, 0 <repeats 33 times>, 2847059989, 32767, 0, 0,
  2849139040, 32767, 2773942719, 32767, 2847034884, 32767,
  0 <repeats 16 times>, 1, 0 <repeats 41 times>, 2847059989, 32767, 0, 0,
  2849139040, 32767, 2776079430, 32767, 2847034884, 32767,
  0 <repeats 16 times>, 1, 0 <repeats 41 times>, 2847059989, 32767, 0, 0,
  2849139040, 32767, 2778334571, 32767, 2847034884, 32767,
  0 <repeats 16 times>, 1, 0 <repeats 29 times>, 2839234176, 32767,
  2839234288, 32767, 40, 0, 2773935248, 32767, 0, 0, 2848057752, 32767,
  2847054253, 32767, 0, 0, 2847034884, 32767, 0, 0, 2847056758, 32767,
  2839234176, 32767, 2847054192, 32767, 2839234239, 32767, 2839234224, 32767,
  2839234216, 32767, 2849217336, 32767, 1, 0, 0, 0, 0, 0, 2771834999, 32767,
  2380267520, 4294922870, 40, 0, 2773935248, 32767, 0, 0, 2848057752, 32767,
  1077936128, 4294922870, 1186332672, 4294923109, 0, 0, 0, 0, 2839234176,
  32767, 2839234288, 32767, 0...}
        rsopts = Cannot access memory at address 0x49e740
---

Regards,

Christian
-- 
Christian Balzer        Network/Systems Engineer                
chibi at gol.com   	Global OnLine Japan/Fusion Communications
http://www.gol.com/

More information about the Pkg-exim4-maintainers mailing list