[exim] 4.95-RC0 - SIGSEGV (maybe attempt to write to immutab…

Inizio della pagina
Delete this message
Reply to this message
Autore: Matthew Frost
Data:  
To: exim-users
Nuovi argomenti: Re: [exim] 4.95-RC0 - SIGSEGV (maybe attempt to write to immutable memory) & other oddities
Oggetto: [exim] 4.95-RC0 - SIGSEGV (maybe attempt to write to immutable memory) & other oddities
Hello, odd (perhaps) one coming up…

I'm still diagnosing what might be wrong here, but I wanted to bring
it to your attention as it's stopped me testing the RC0 (and is hard
to debug because it takes hours/days to appear).

Jailed FreeBSD 12.1-RELEASE-p1 - I have no control over the host, just
the jail. (IPv4 & IPv6).

Swapping 4.94.2 for 4.95-RC0 seems fine, but after a number of hours
in paniclog:

"SIGSEGV (maybe attempt to write to immutable memory)"

Brief parts of a debug run at the point of it happening:

4192 end of ACL "acl_check_connection": ACCEPT
4192 host in pipelining_connect_advertise_hosts? yes (matched "*")
4192 LOG: MAIN PANIC
4192 SIGSEGV (maybe attempt to write to immutable memory)
96610 child 4192 ended: status=0xb
96610 signal exit, signal 11
96610 4 SMTP accept processes now running

2912 end of ACL "acl_check_connection": ACCEPT
2912 host in pipelining_connect_advertise_hosts? yes (matched "*")
2912 SMTP>> 220 hub-cloud.mail.frost.net ESMTP Exim 4.95-RC0 Thu, 22 Jul 2021 06:50:31 +0100
96610 child 2912 ended: status=0xa
96610 signal exit, signal 10
96610 2 SMTP accept processes now running

2021-07-22 06:50:30 SMTP connection from [185.82.79.5] I=[178.250.76.2]:25 (TCP/IP connection count = 3)
2021-07-22 06:50:35 SIGSEGV (maybe attempt to write to immutable memory)

Also other odd failures seems like connections hanging for 5 minutes:

2021-07-22 07:26:16 SMTP connection from [66.220.155.139] I=[178.250.76.2]:25 (TCP/IP connection count = 5)
2021-07-22 07:31:16 SMTP connection from 66-220-155-139.mail-mail.facebook.com [66.220.155.139] I=[178.250.76.2]:25 lost D=4m59s

"SMTP connection lost after final dot":

2021-07-22 05:24:04 SMTP connection from [66.231.95.42] I=[178.250.76.2]:25 (TCP/IP connection count = 1)
2021-07-22 05:29:06 1m6QFh-000L6m-UJ SMTP connection lost after final dot H=mta.news.marksandspencer.com [66.231.95.42] I=[178.250.76.2]:25 P=esmtps

I also saw (the first time this happened) hundreds of:

"50 accept() failures: No such file or directory"

in the paniclog. (When I was killing off RC0 to swap back to 4.94.2).

Has happened with both OpenSSL 1.1.1d-freebsd and OpenSSL 1.1.1k from
FreeBSD ports - I felt it might be TLS related - or malicious, but you
can see above "trustworthy" mailers are encoutering issues.

Another host (not jailed this time) FreeBSD 12.2-RELEASE-p7 where the
jail sends mail started to fail after about 2 days:

2021-07-19 10:11:32 SMTP connection from malodar.frost.net [2a02:1658:1::113:1] I=[2a02:8010:64d4::148]:25 lost D=2m39s
2021-07-19 10:11:32 SMTP connection from malodar.frost.net [2a02:1658:1::113:1] I=[2a02:8010:64d4::148]:25 lost D=43s
2021-07-19 10:11:32 SMTP connection from malodar.frost.net [2a02:1658:1::113:1] I=[2a02:8010:64d4::148]:25 lost D=3m15s
2021-07-19 10:11:32 SMTP connection from malodar.frost.net [2a02:1658:1::113:1] I=[2a02:8010:64d4::148]:25 lost D=34s

(but I didn't see SEGV etc).

Exim on the jail:

Exim version 4.95-RC0 uid=0 gid=0 pid=96610 D=f7715cfd
Support for: crypteq IPv6 use_setclassresources PAM TCPwrappers OpenSSL TLS_resume Content_Scanning DANE DKIM DNSSEC Event OCSP PIPE_CONNECT PRDR Experimental_Queue_Ramp SPF SRS TCP_Fast_Open Experimental_ARC
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch dbm dbmjz dbmnz dnsdb dsearch
Authenticators: cyrus_sasl plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir autoreply pipe smtp
Malware: f-protd f-prot6d drweb aveserver fsecure kavdaemon sophie clamd mksd avast sock cmdline
Configure owner: 0:0
Size of off_t: 8
Compiler: CLang [8.0.1 (tags/RELEASE_801/final 366581)]
Probably Berkeley DB version 1.8x (native mode)
Library version: OpenSSL: Compile: OpenSSL 1.1.1d  10 Sep 2019
                          Runtime: OpenSSL 1.1.1k  25 Mar 2021
                                 : built on: Sat Jul 17 12:20:27 2021 UTC
Library version: spf2: Compile: 1.2.10
                       Runtime: 1.2.10
Library version: Cyrus SASL: Compile: 2.1.27
                             Runtime: 2.1.27 [Cyrus SASL]
Library version: PCRE: Compile: 8.44
                       Runtime: 8.44 2020-02-12


Rolling back to 4.94.2 and everthing that was failing comes flooding
in fine.

Open to suggestions on how to meaningfully work out what's going on
(my gut says something TLS related, but I could be totally wrong - I
can see FreeBSD mentioned doing a cursory diff of the sources and
mention in the ChangeLog).

Matthew.