Hello Dominik Röttsches,
the missing debug symbols for libmariadbclient.so.18
might hide in libmariadb3-dbgsym.
You may also want to install these packages too:
dovecot-core-dbgsym dovecot-mysql-dbgsym
They should be available in a different debug symbol
repository described in [1].
I had a look at the stack without debug information and
added the line information where I would expect them.
Kind regards,
Bernhard
[1] https://wiki.debian.org/HowToGetABacktrace#Installing_the_debugging_symbols
#4 0x00007f59d8d6791d in _int_free (av=0x7f59d8ea1c40 <main_arena>,
p=0x564222bd44e0, have_lock=<optimized out>) at malloc.c:4193
#5 0x00007f59d8c1ea8e in mysql_close (): libmariadbclient.so.18: : file
./libmariadb/libmariadb/mariadb_lib.c, line 1921.
#6 0x00007f59d91801fe in ?? (): libdriver_mysql.so: driver_mysql_deinit_v:
file driver-mysql.c, line 314.
#7 0x0000564220be2a14 in ?? (): sql_deinit: file sql-api.c, line 122.
#8 0x0000564220bd88f1 in db_sql_unref (): file db-sql.c, line 134.
#9 0x0000564220bcd92e in passdb_deinit (): file passdb.c, line 266.
#10 0x0000564220bb7099 in auths_deinit (): file auth.c, line 333.
#11 0x0000564220bb5e0c in main (): file main.c, line 271.
(gdb) list ./libmariadb/libmariadb/mariadb_lib.c:1911,1935
1911 void STDCALL
1912 mysql_close(MYSQL *mysql)
1913 {
1914 if (mysql) /* Some simple
safety */
1915 {
1916 if (mysql->extension && mysql->extension->conn_hdlr)
1917 {
1918 MA_CONNECTION_HANDLER *p= mysql->extension->conn_hdlr;
1919 if (p->plugin->close)
1920 p->plugin->close(mysql);
1921 free(p);
1922 /* Fix for CONC-294: Since we already called plugin->close
function
1923 we need to prevent that mysql_close_slow_part (which sends
COM_QUIT
1924 to the server) will be handled by plugin again. */
1925 mysql->extension->conn_hdlr= NULL;
1926 }
1927
# Unstable amd64 qemu VM
apt update
apt dist-upgrade
reboot
apt install systemd-coredump psmisc mc gdb dovecot-mysql dovecot-core-dbgsym
dovecot-mysql-dbgsym libmariadb3-dbgsym
apt install dpkg-dev devscripts
mkdir source/dovecot/orig -p
cd source/dovecot/orig
apt source dovecot
cd
mkdir source/libmariadb3/orig -p
cd source/libmariadb3/orig
apt source libmariadb3
cd
cp ./conf.d/auth-sql.conf.ext ./conf.d/auth-sql.conf -a
LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libmariadbclient.so.18:/usr/lib/dovecot/libdovecot-sql.so:/usr/lib/dovecot/modules/auth/libdriver_mysql.so
\
gdb -q \
-ex 'set pagination off' \
-ex 'set width 0' \
-ex 'directory
/home/benutzer/source/dovecot/orig/dovecot-2.3.4/src/auth' \
-ex 'directory
/home/benutzer/source/libmariadb3/orig/mariadb-10.3-10.3.11' \
-ex 'directory
/home/benutzer/source/dovecot/orig/dovecot-2.3.4/src/lib-sql' \
-ex 'b main' \
-ex 'run' \
--args /usr/lib/dovecot/auth
disassemble db_sql_unref
disassemble db_sql_unref,db_sql_unref+92
disassemble /m db_sql_unref,db_sql_unref+92
list db_sql_unref
b *0x000055555558a8f1
#1 0x00007f59d8d08535 in __GI_abort () at abort.c:79
#2 0x00007f59d8d5f718 in __libc_message (action=action@entry=do_abort,
fmt=fmt@entry=0x7f59d8e6a29a "%s\n") at ../sysdeps/posix/libc_fatal.c:181
#3 0x00007f59d8d65e3a in malloc_printerr (str=str@entry=0x7f59d8e6bf60
"free(): double free detected in tcache 2") at malloc.c:5382
#4 0x00007f59d8d6791d in _int_free (av=0x7f59d8ea1c40 <main_arena>,
p=0x564222bd44e0, have_lock=<optimized out>) at malloc.c:4193
#5 0x00007f59d8c1ea8e in mysql_close () from
target:/usr/lib/x86_64-linux-gnu/libmariadbclient.so.18
#6 0x00007f59d91801fe in ?? () from
target:/usr/lib/dovecot/modules/auth/libdriver_mysql.so
#7 0x0000564220be2a14 in ?? ()
#8 0x0000564220bd88f1 in db_sql_unref ()
#9 0x0000564220bcd92e in passdb_deinit ()
#10 0x0000564220bb7099 in auths_deinit ()
#11 0x0000564220bb5e0c in main ()
#1 0x00007f59d8d08535 in __GI_abort () at abort.c:79
#2 0x00007f59d8d5f718 in __libc_message (action=action@entry=do_abort,
fmt=fmt@entry=0x7f59d8e6a29a "%s\n") at ../sysdeps/posix/libc_fatal.c:181
#3 0x00007f59d8d65e3a in malloc_printerr (str=str@entry=0x7f59d8e6bf60
"free(): double free detected in tcache 2") at malloc.c:5382
#4 0x00007f59d8d6791d in _int_free (av=0x7f59d8ea1c40 <main_arena>,
p=0x564222bd44e0, have_lock=<optimized out>) at malloc.c:4193
#5 0x00007f59d8c1ea8e in mysql_close () from
target:/usr/lib/x86_64-linux-gnu/libmariadbclient.so.18
1921 free(p);
0x00007ffff7f9da86 <mysql_close+54>: mov %r12,%rdi
0x00007ffff7f9da89 <mysql_close+57>: callq 0x7ffff7f91720 <free@plt>
1922 /* Fix for CONC-294: Since we already called plugin->close
function
1923 we need to prevent that mysql_close_slow_part (which sends
COM_QUIT
1924 to the server) will be handled by plugin again. */
1925 mysql->extension->conn_hdlr= NULL;
0x00007ffff7f9da8e <mysql_close+62>: mov 0x4f0(%rbx),%rax
0x7ffff7f9da89: file ./libmariadb/libmariadb/mariadb_lib.c, line 1921.
(gdb) list ./libmariadb/libmariadb/mariadb_lib.c:1911,1935
1911 void STDCALL
1912 mysql_close(MYSQL *mysql)
1913 {
1914 if (mysql) /* Some simple
safety */
1915 {
1916 if (mysql->extension && mysql->extension->conn_hdlr)
1917 {
1918 MA_CONNECTION_HANDLER *p= mysql->extension->conn_hdlr;
1919 if (p->plugin->close)
1920 p->plugin->close(mysql);
1921 free(p);
1922 /* Fix for CONC-294: Since we already called plugin->close
function
1923 we need to prevent that mysql_close_slow_part (which sends
COM_QUIT
1924 to the server) will be handled by plugin again. */
1925 mysql->extension->conn_hdlr= NULL;
1926 }
1927
1928 if (mysql->methods)
1929 mysql->methods->db_close(mysql);
1930
1931 /* reset the connection in all active statements */
1932 ma_invalidate_stmts(mysql, "mysql_close()");
1933
1934 mysql_close_memory(mysql);
1935 mysql_close_options(mysql);
#6 0x00007f59d91801fe in ?? () from
target:/usr/lib/dovecot/modules/auth/libdriver_mysql.so
314 mysql_close(db->mysql);
0x00007ffff7f6a1f2 <driver_mysql_deinit_v+18>: mov
0x1e0(%rbx),%rdi
0x00007ffff7f6a1f9 <driver_mysql_deinit_v+25>: callq
0x7ffff7f69340 <mysql_close@plt>
315
316 sql_connection_log_finished(_db);
0x00007ffff7f6a1fe <driver_mysql_deinit_v+30>: mov %rbx,%rdi
0x7ffff7f6a1f9: file driver-mysql.c, line 314.
#7 0x0000564220be2a14 in ?? ()
122 db->v.deinit(db);
0x0000555555593517 <sql_deinit+23>: mov 0x20(%rbx),%rax
0x000055555559351b <sql_deinit+27>: mov %rbx,%rdi
0x000055555559351e <sql_deinit+30>: pop %rbx
0x000055555559351f <sql_deinit+31>: jmpq 0x5555555684a6
<__x86_indirect_thunk_rax>
0x0000555555593524: data16 nopw %cs:0x0(%rax,%rax,1)
?
0x55555559351f: file sql-api.c, line 122.
#8 0x0000564220bd88f1 in db_sql_unref ()
0x000055555558a8ec <db_sql_unref+60>: callq 0x555555593500
<sql_deinit>
0x000055555558a8f1 <db_sql_unref+65>: mov 0x8(%rbx),%rax
(gdb) list db_sql_unref
122 void db_sql_unref(struct db_sql_connection **_conn)
123 {
124 struct db_sql_connection *conn = *_conn;
125
126 /* abort all pending auth requests before setting conn to
NULL,
127 so that callbacks can still access it */
128 sql_disconnect(conn->db);
129
130 *_conn = NULL;
131 if (--conn->refcount > 0)
132 return;
133
134 sql_deinit(&conn->db);
135 pool_unref(&conn->pool);
136 }
0x55555558a8ec: file db-sql.c, line 134.
#9 0x0000564220bcd92e in passdb_deinit ()
266 passdb->iface.deinit(passdb);
0x000055555557f926 <passdb_deinit+134>: mov %rbx,%rdi
0x000055555557f929 <passdb_deinit+137>: callq 0x5555555684a6
<__x86_indirect_thunk_rax>
267
268 /* make sure passdb isn't accessed again */
269 passdb->iface = passdb_iface_deinit;
0x000055555557f92e <passdb_deinit+142>: pxor %xmm0,%xmm0
0x55555557f929: file passdb.c, line 266.
#10 0x0000564220bb7099 in auths_deinit ()
333 passdb_deinit(passdb->passdb);
0x0000555555569090 <auths_deinit+80>: mov 0x10(%rbx),%rdi
0x0000555555569094 <auths_deinit+84>: callq 0x55555557f8a0
<passdb_deinit>
0x0000555555569099 <auths_deinit+89>: mov (%rbx),%rbx
0x555555569094: file auth.c, line 333.
#11 0x0000564220bb5e0c in main ()
270 /* deinit passdbs and userdbs. it aborts any pending async
requests. */
271 auths_deinit();
0x0000555555567e07 <main+999>: callq 0x555555569040 <auths_deinit>
272 /* flush pending requests */
273 auth_request_handler_deinit();
0x0000555555567e0c <main+1004>: callq 0x555555574e40
<auth_request_handler_deinit>
0x555555567e07: file main.c, line 271.
#4 0x00007f59d8d6791d in _int_free (av=0x7f59d8ea1c40 <main_arena>,
p=0x564222bd44e0, have_lock=<optimized out>) at malloc.c:4193
#5 0x00007f59d8c1ea8e in mysql_close (): libmariadbclient.so.18: : file
./libmariadb/libmariadb/mariadb_lib.c, line 1921.
#6 0x00007f59d91801fe in ?? (): libdriver_mysql.so: driver_mysql_deinit_v:
file driver-mysql.c, line 314.
#7 0x0000564220be2a14 in ?? (): sql_deinit: file sql-api.c, line 122.
#8 0x0000564220bd88f1 in db_sql_unref (): file db-sql.c, line 134.
#9 0x0000564220bcd92e in passdb_deinit (): file passdb.c, line 266.
#10 0x0000564220bb7099 in auths_deinit (): file auth.c, line 333.
#11 0x0000564220bb5e0c in main (): file main.c, line 271.
