On a low-usage instance we have started getting a few SEGV logged each day. There is no obvious user impact. The stack trace is always the same, as given below. There were no problems under FC38, and the SEGV started immediately following upgrade to FC39. Now running cyrus-imapd-3.8.1-4.fc39. In all of the cases I have just looked at the client was an IOS device. I don't know whether that is always the case. Reproducible: Sometimes Steps to Reproduce: 1. Seems to happen when a client connects to check for new mail. 2. 3. Actual Results: Module libnss_systemd.so.2 from rpm systemd-254.7-1.fc39.x86_64 Module libnss_sss.so.2 from rpm sssd-2.9.3-1.fc39.x86_64 Module libnss_resolve.so.2 from rpm systemd-254.7-1.fc39.x86_64 Module libcap.so.2 from rpm libcap-2.48-9.fc39.x86_64 Module libnss_myhostname.so.2 from rpm systemd-254.7-1.fc39.x86_64 Module libplain.so from rpm cyrus-sasl-2.1.28-11.fc39.x86_64 Module liblogin.so from rpm cyrus-sasl-2.1.28-11.fc39.x86_64 Module libgssapiv2.so from rpm cyrus-sasl-2.1.28-11.fc39.x86_64 Module libsasldb.so from rpm cyrus-sasl-2.1.28-11.fc39.x86_64 Module libanonymous.so from rpm cyrus-sasl-2.1.28-11.fc39.x86_64 Module libevent-2.1.so.7 from rpm libevent-2.1.12-9.fc39.x86_64 Module liblzma.so.5 from rpm xz-5.4.4-1.fc39.x86_64 Module libselinux.so.1 from rpm libselinux-3.5-5.fc39.x86_64 Module libkeyutils.so.1 from rpm keyutils-1.6.1-7.fc39.x86_64 Module libcrypt.so.2 from rpm libxcrypt-4.4.36-2.fc39.x86_64 Module libicalvcal.so.3 from rpm libical-3.0.17-1.fc39.x86_64 Module libicalss.so.3 from rpm libical-3.0.17-1.fc39.x86_64 Module libical.so.3 from rpm libical-3.0.17-1.fc39.x86_64 Module libxml2.so.2 from rpm libxml2-2.10.4-3.fc39.x86_64 Module libpcre2-posix.so.3 from rpm pcre2-10.42-1.fc39.2.x86_64 Module libpcre2-8.so.0 from rpm pcre2-10.42-1.fc39.2.x86_64 Module libpq.so.5 from rpm libpq-15.3-1.fc39.x86_64 Module libmariadb.so.3 from rpm mariadb-connector-c-3.3.5-2.fc39.x86_64 Module libkrb5support.so.0 from rpm krb5-1.21.2-2.fc39.x86_64 Module libk5crypto.so.3 from rpm krb5-1.21.2-2.fc39.x86_64 Module libkrb5.so.3 from rpm krb5-1.21.2-2.fc39.x86_64 Module libgssapi_krb5.so.2 from rpm krb5-1.21.2-2.fc39.x86_64 Module libjansson.so.4 from rpm jansson-2.13.1-7.fc39.x86_64 Module libshp.so.2 from rpm shapelib-1.5.0-16.fc39.x86_64 Module libzstd.so.1 from rpm zstd-1.5.5-4.fc39.x86_64 Module libnghttp2.so.14 from rpm nghttp2-1.55.1-4.fc39.x86_64 Module libicudata.so.73 from rpm icu-73.2-2.fc39.x86_64 Module libicuuc.so.73 from rpm icu-73.2-2.fc39.x86_64 Module libicui18n.so.73 from rpm icu-73.2-2.fc39.x86_64 Module libuuid.so.1 from rpm util-linux-2.39.2-1.fc39.x86_64 Module libz.so.1 from rpm zlib-1.2.13-4.fc39.x86_64 Module libcom_err.so.2 from rpm e2fsprogs-1.47.0-2.fc39.x86_64 Module libcrypto.so.3 from rpm openssl-3.1.1-4.fc39.x86_64 Module libssl.so.3 from rpm openssl-3.1.1-4.fc39.x86_64 Module libsasl2.so.3 from rpm cyrus-sasl-2.1.28-11.fc39.x86_64 Module libcyrus.so.0 from rpm cyrus-imapd-3.8.1-4.fc39.x86_64 Module libcyrus_min.so.0 from rpm cyrus-imapd-3.8.1-4.fc39.x86_64 Module libcyrus_sieve.so.0 from rpm cyrus-imapd-3.8.1-4.fc39.x86_64 Module libcyrus_imap.so.0 from rpm cyrus-imapd-3.8.1-4.fc39.x86_64 Module imapd from rpm cyrus-imapd-3.8.1-4.fc39.x86_64 Stack trace of thread 3580: #0 0x00007f02670b9127 unlink_chunk.isra.0 (libc.so.6 + 0x9b127) #1 0x00007f02670bc0ad _int_malloc (libc.so.6 + 0x9e0ad) #2 0x00007f02670bce22 __libc_malloc (libc.so.6 + 0x9ee22) #3 0x00007f0267457936 sha384_dupctx.lto_priv.0 (libcrypto.so.3 + 0x2579> #4 0x00007f026737cfab EVP_MD_CTX_copy_ex (libcrypto.so.3 + 0x17cfab) #5 0x00007f02673b0e78 HMAC_CTX_copy (libcrypto.so.3 + 0x1b0e78) #6 0x00007f026748104e hmac_dup.lto_priv.0 (libcrypto.so.3 + 0x28104e) #7 0x00007f026739e9a2 EVP_MAC_CTX_dup (libcrypto.so.3 + 0x19e9a2) #8 0x00007f0267472068 tls1_prf_P_hash (libcrypto.so.3 + 0x272068) #9 0x00007f0267472326 kdf_tls1_prf_derive.lto_priv.0 (libcrypto.so.3 + > #10 0x00007f0267867038 tls1_PRF.constprop.0 (libssl.so.3 + 0x72038) #11 0x00007f0267831173 tls1_setup_key_block (libssl.so.3 + 0x3c173) #12 0x00007f0267868c23 tls_process_change_cipher_spec.isra.0 (libssl.so.> #13 0x00007f026785737f state_machine (libssl.so.3 + 0x6237f) #14 0x00007f0267b6a80e tls_start_servertls (libcyrus_imap.so.0 + 0xcb80e) #15 0x000056446fd9b730 cmd_starttls.lto_priv.0 (imapd + 0x34730) #16 0x000056446fdb48bc service_main.isra.0 (imapd + 0x4d8bc) #17 0x000056446fd795ee main (imapd + 0x125ee) #18 0x00007f026704614a __libc_start_call_main (libc.so.6 + 0x2814a) #19 0x00007f026704620b __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x2820> #20 0x000056446fd79ac5 _start (imapd + 0x12ac5) ELF object binary architecture: AMD x86-64 Expected Results: No error
And very occasionally there is a General Protection Fault in a slightly different place in the same libc unlink_chunk_isra method, with a different stacktrace: Stack trace of thread 39075: #0 0x00007f6e32ab912d unlink_chunk.isra.0 (libc.so.6 + 0x9b12d) #1 0x00007f6e32abc0ad _int_malloc (libc.so.6 + 0x9e0ad) #2 0x00007f6e32abc755 _int_realloc (libc.so.6 + 0x9e755) #3 0x00007f6e32abd815 realloc (libc.so.6 + 0x9f815) #4 0x00007f6e333dbbb2 xrealloc (libcyrus_min.so.0 + 0x14bb2) #5 0x00007f6e3332ae41 seqset_add (libcyrus.so.0 + 0x9ae41) #6 0x00007f6e3353b32f search_folder_get_seqset (libcyrus_imap.so.0 + 0xc332f) #7 0x00007f6e334e5bb6 index_search (libcyrus_imap.so.0 + 0x6dbb6) #8 0x000055914ac5f462 cmd_search.lto_priv.0 (imapd + 0x25462) #9 0x000055914ac5843d cmdloop.lto_priv.0 (imapd + 0x1e43d) #10 0x000055914ac87455 service_main.isra.0 (imapd + 0x4d455) #11 0x000055914ac4c5ee main (imapd + 0x125ee) #12 0x00007f6e32a4614a __libc_start_call_main (libc.so.6 + 0x2814a) #13 0x00007f6e32a4620b __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x2820b)
Thank you for reporting this issue. This looks very similar to this TLS upstream issue: https://github.com/cyrusimap/cyrus-imapd/issues/4785 The second backtrace in comment 1 looks like a different issue though.
I can see the upstream has merged the fix for these TLS shutdown crashes, I will be backporting this commit soon: https://github.com/cyrusimap/cyrus-imapd/commit/30eec6e793d8dd85e3ef8cb744ccfdfe2ba90513
FEDORA-2024-db42e37012 (cyrus-imapd-3.8.1-11.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2024-db42e37012
FEDORA-2024-3f18b03659 (cyrus-imapd-3.8.1-11.fc40) has been submitted as an update to Fedora 40. https://bodhi.fedoraproject.org/updates/FEDORA-2024-3f18b03659
FEDORA-2024-7a959bc16d (cyrus-imapd-3.8.1-11.fc39) has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2024-7a959bc16d
FEDORA-2024-db42e37012 (cyrus-imapd-3.8.1-11.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-7a959bc16d has been pushed to the Fedora 39 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-7a959bc16d` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-7a959bc16d See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2024-3f18b03659 has been pushed to the Fedora 40 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2024-3f18b03659` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2024-3f18b03659 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2024-7a959bc16d (cyrus-imapd-3.8.1-11.fc39) has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2024-3f18b03659 (cyrus-imapd-3.8.1-11.fc40) has been pushed to the Fedora 40 stable repository. If problem still persists, please make note of it in this bug report.