[exim] Re: SEGV_MAPERR

[Julian Waters via Exim-users]

Thanks for the replies. I don’t fully understand everything you asked but as 
much as i’ve been able to figure out is pasted below. Also the config incase 
there’s an obvious issue there. 
I haven’t raised a debian bug, I’m assuming it’s just my incompetence. 

Any assistance deeply appreciated. 


Version:
Exim version 4.96 #2 built 29-Sep-2023 20:38:02

Permissions:
-rwsr-xr-x 1 root root    1575384 Sep 30 09:38 exim4


Configuration file:
#####################################

primary_hostname = controlroom.co

# ports
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465

#MySQL
VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND 
enabled = '1' AND domain = '${quote_mysql:$domain}'
RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay'  AND 
domain = '${quote_mysql:$domain}'
ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = 
'${quote_mysql:$domain}'

MAIN_LOCAL_DOMAINS = @ : controlroom.co : ${lookup mysql{VIRTUAL_DOMAINS}} : 
${lookup mysql{ALIAS_DOMAINS}}
MAIN_RELAY_TO_DOMAINS = ${lookup mysql{RELAY_DOMAINS}}
MAIN_RELAY_NETS = localhost : @ : 192.168.0.0/24
MAIN_TRUSTED_USERS = www-data : vexim : root

VEXIM_LOCALPART_SUFFIX = +*

VEXIM_SPAM_REPORT_HEADER_NAME = X-Spam-Status

hide mysql_servers = 
localhost::(/var/run/mysqld/mysqld.sock)/vexim/vexim/#######

# users
exim_user = Debian-exim
exim_group = Debian-exim
never_users = root

# TLS
MAIN_TLS_ENABLE = 1
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *
REQUIRE_PROTOCOL = smtps
MAIN_TLS_CERTIFICATE = /etc/letsencrypt/live/controlroom.co/fullchain.pem
MAIN_TLS_PRIVATEKEY = /etc/letsencrypt/live/controlroom.co/privkey.pem
auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}}

tls_dhparam = none

#####################################



$ openssl s_client -connect localhost:587 -servername controlroom.co -starttls 
smtp
CONNECTED(00000003)
809BCD053E7F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while 
reading:../ssl/record/rec_layer_s3.c:303:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 230 bytes and written 353 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---




$ swaks -a -tls -p 587 -q AUTH -s controlroom.co -au jul...@communico.nz
Password: #########
=== Trying controlroom.co:587...
=== Connected to controlroom.co.
<-  220 controlroom.co ESMTP Exim 4.96 Fri, 27 Oct 2023 11:00:24 +1300
-> EHLO ip-172-31-27-131.ap-southeast-2.compute.internal
<-  250-controlroom.co Hello controlroom.co [52.65.43.74]
<-  250-SIZE 52428800
<-  250-8BITMIME
<-  250-PIPELINING
<-  250-PIPECONNECT
<-  250-CHUNKING
<-  250-STARTTLS
<-  250-PRDR
<-  250 HELP
-> STARTTLS
*** Remote host closed connection unexpectedly.



$ sudo tail -f /var/log/mail.log

2023-10-27T12:59:18.381777+13:00 ip-172-31-27-131 imapd-ssl: Connection, 
ip=[::ffff:121.99.134.237], port=[53803]
2023-10-27T12:59:18.438273+13:00 ip-172-31-27-131 imapd-ssl: LOGIN, 
user=jul...@communico.nz, ip=[::ffff:121.99.134.237], port=[53803], 
protocol=IMAP
2023-10-27T12:59:18.495509+13:00 ip-172-31-27-131 imapd-ssl: LOGOUT, 
user=jul...@communico.nz, ip=[::ffff:121.99.134.237], port=[53803], headers=0, 
body=0, rcvd=36, sent=277, time=0, starttls=1




$ sudo tail -f /var/log/exim4/mainlog

2023-10-27 12:55:32 SIGSEGV (fault address: 0x4)
2023-10-27 12:55:32 SEGV_MAPERR
2023-10-27 12:55:32 SIGSEGV (null pointer indirection)
2023-10-27 12:55:32 SIGSEGV (1400295 handling incoming connection from 
(smtpclient.apple) [121.99.134.237]
)
2023-10-27 12:55:32 SMTP syntax error in 
"\026\003\001?\251\001??\245\003\003e:\374t+\035\007" H=[121.99.134.237] NUL 
character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in 
"\223l\334D\227\275\2412\315\303\251*?h\257\257\327c\346>w\247e\264??,?\377\300,\300+\300$\300#\300"
 H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\300  
\300\b\3000\300/\300(\300'\300\024\300\023\300\022?\235?\234?=?<?5?/?" 
H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in 
"\001??P???\023?\021??\016controlroom.co?" H=[121.99.134.237] NUL character(s) 
present (shown as '?')
2023-10-27 12:55:32 SMTP call from [121.99.134.237] dropped: too many syntax or 
protocol errors (last command was "\001??P???\023?\021??\016controlroom.co?", 
NULL)



$ sudo tail -f /var/log/syslog

2023-10-27T13:01:28.132700+13:00 ip-172-31-27-131 imapd-ssl: Connection, 
ip=[::ffff:121.99.134.237], port=[53825]
2023-10-27T13:01:28.133760+13:00 ip-172-31-27-131 systemd[1]: Started 
systemd-coredump@896-1400340-0.service - Process Core Dump (PID 1400340/UID 0).
2023-10-27T13:01:28.184822+13:00 ip-172-31-27-131 imapd-ssl: LOGIN, 
user=jul...@communico.nz, ip=[::ffff:121.99.134.237], port=[53825], 
protocol=IMAP
2023-10-27T13:01:28.245152+13:00 ip-172-31-27-131 imapd-ssl: 
ip=[::ffff:121.99.134.237], Unexpected SSL connection shutdown.
2023-10-27T13:01:28.245752+13:00 ip-172-31-27-131 imapd-ssl: LOGOUT, 
user=jul...@communico.nz, ip=[::ffff:121.99.134.237], port=[53825], headers=0, 
body=0, rcvd=36, sent=277, time=0, starttls=1
2023-10-27T13:01:28.433487+13:00 ip-172-31-27-131 systemd-coredump[1400341]: 
Process 1400339 (exim4) of user 113 dumped core.#012#012Stack trace of thread 
1400339:#012#0  0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 
0x251d0)#012#1  0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)#012#2  
0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 
0x6b354)#012#3  0x000056095cf86da5 n/a (exim4 + 0xbfda5)#012#4  
0x000056095cf871c6 n/a (exim4 + 0xc01c6)#012#5  0x000056095cf88280 n/a (exim4 + 
0xc1280)#012#6  0x000056095cf74622 n/a (exim4 + 0xad622)#012#7  
0x000056095cf06eef n/a (exim4 + 0x3feef)#012#8  0x000056095cef89d8 n/a (exim4 + 
0x319d8)#012#9  0x00007f45154461ca __libc_start_call_main (libc.so.6 + 
0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 
0x27285)#012#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)#012ELF object 
binary architecture: AMD x86-64
2023-10-27T13:01:28.438380+13:00 ip-172-31-27-131 systemd[1]: 
systemd-coredump@896-1400340-0.service: Deactivated successfully.


systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped 
core.#012#012Stack trace of thread 1400339:#012#0  0x00007f45147421d0 
__gmpz_sizeinbase (libgmp.so.10 + 0x251d0)#012#1  0x00007f451535e06e n/a 
(libgnutls.so.30 + 0x15e06e)#012#2  0x00007f451526b354 
gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)#012#3  
0x000056095cf86da5 n/a (exim4 + 0xbfda5)#012#4  0x000056095cf871c6 n/a (exim4 + 
0xc01c6)#012#5  0x000056095cf88280 n/a (exim4 + 0xc1280)#012#6  
0x000056095cf74622 n/a (exim4 + 0xad622)#012#7  0x000056095cf06eef n/a (exim4 + 
0x3feef)#012#8  0x000056095cef89d8 n/a (exim4 + 0x319d8)#012#9  
0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)#012#10 
0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)#012#11 
0x000056095cefbcb1 _start (exim4 + 0x34cb1)#012ELF object binary architecture: 
AMD x86-64
2023-10-27T13:01:28.438380+13:00 ip-172-31-27-131 systemd[1]: 
systemd-coredump@896-1400340-0.service: Deactivated successfully.




$ sudo journalctl -e

Oct 27 13:07:28 ip-172-31-27-131 systemd[1]: Started 
systemd-coredump@897-1400386-0.service - Process Core Dump (PID 1400386/UID 0).
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: Connection, 
ip=[::ffff:121.99.134.237], port=[53917]
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: LOGIN, 
user=jul...@communico.nz, ip=[::ffff:121.99.134.237], port=[53917], 
protocol=IMAP
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: LOGOUT, 
user=jul...@communico.nz, ip=[::ffff:121.99.134.237], port=[53917], headers=0, 
body=0, rcvd=36, sent=277, time=0, starttls=1
Oct 27 13:07:28 ip-172-31-27-131 systemd-coredump[1400387]: [🡕] Process 1400385 
(exim4) of user 113 dumped core.

                                                           Stack trace of 
thread 1400385:
                                                           #0  
0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)
                                                           #1  
0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)
                                                           #2  
0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)
                                                           #3  
0x000056095cf86da5 n/a (exim4 + 0xbfda5)
                                                           #4  
0x000056095cf871c6 n/a (exim4 + 0xc01c6)
                                                           #5  
0x000056095cf88280 n/a (exim4 + 0xc1280)
                                                           #6  
0x000056095cf74622 n/a (exim4 + 0xad622)
                                                           #7  
0x000056095cf06eef n/a (exim4 + 0x3feef)
                                                           #8  
0x000056095cef89d8 n/a (exim4 + 0x319d8)
                                                           #9  
0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)
                                                           #10 
0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)
                                                           #11 
0x000056095cefbcb1 _start (exim4 + 0x34cb1)
                                                           ELF object binary 
architecture: AMD x86-64
Oct 27 13:07:28 ip-172-31-27-131 systemd[1]: 
systemd-coredump@897-1400386-0.service: Deactivated successfully.
Oct 27 13:07:31 ip-172-31-27-131 sudo[1400397]:    admin : TTY=pts/0 ; 
PWD=/var/log ; USER=root ; COMMAND=/usr/bin/journalctl -e
Oct 27 13:07:31 ip-172-31-27-131 sudo[1400397]: pam_unix(sudo:session): session 
opened for user root(uid=0) by admin(uid=1000)

Thank in advance, Julian

> On 19/10/2023, at 9:41 PM, Jeremy Harris via Exim-users 
> <exim-users@lists.exim.org> wrote:
> 
> On 19/10/2023 07:53, Julian Waters via Exim-users wrote:
>> Since upgrading to Debian Bookworm
> 
> That doesn't actually tell us what version of Exim.  "exim -bV" will.
> Have you raised a Debian bug?
> 
>> After reconfiguring from scratch a few times narrowed it down to this error 
>> in the exim4 mainlog:
> 
>> 2023-10-19 19:45:43 SIGSEGV (fault address: 0x4)
>> 2023-10-19 19:45:43 SEGV_MAPERR
>> 2023-10-19 19:45:43 SIGSEGV (null pointer indirection)
>> 2023-10-19 19:45:43 SIGSEGV (1302999 handling incoming connection from 
>> [xx.xx.xx.xx]
> 
> Not much to go on there apart from "it crashed".  What was it doing
> at the time?  Anything logged immediately before?  If not, if you place
> a custom log line in the connect ACL, does it shoe up consistently
> before crashes?
> 
> Can you run with debug?
> Can you get a coredump (note: Exim is usually run suid)?
> 
> -- 
> Cheers,
> Jeremy
> 
> 
> -- 
> ## subscription configuration (requires account):
> ##   
> https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ##   exim-users-unsubscr...@lists.exim.org
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/


-- 
## subscription configuration (requires account):
##   https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
##   exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/