Mailing List Archive

On Thu, Oct 19, 2023 at 11:18?AM Julian Waters via Exim-users <
exim-users@lists.exim.org> wrote:

> Hi
>
> Need help. Since upgrading to Debian Bookworm i haven’t been able to get
> my server to receive or send mail.
>
> After reconfiguring from scratch a few times narrowed it down to this
> error in the exim4 mainlog:
>
> 2023-10-19 19:45:43 SIGSEGV (fault address: 0x4)
> 2023-10-19 19:45:43 SEGV_MAPERR
> 2023-10-19 19:45:43 SIGSEGV (null pointer indirection)
> 2023-10-19 19:45:43 SIGSEGV (1302999 handling incoming connection from
> [xx.xx.xx.xx]
> )
>
> The access control is via mysql (MariaDB) if that helps. I’ve been using
> exim4 and courier for years but not had to mess with much. Any help deeply
> appreciated, thanks.


exim -bV ?



--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(?)_/¯ :-)
[How to ask smart questions:
http://www.catb.org/~esr/faqs/smart-questions.html]

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 19/10/2023 07:53, Julian Waters via Exim-users wrote:
> Since upgrading to Debian Bookworm

That doesn't actually tell us what version of Exim. "exim -bV" will.
Have you raised a Debian bug?

> After reconfiguring from scratch a few times narrowed it down to this error in the exim4 mainlog:

> 2023-10-19 19:45:43 SIGSEGV (fault address: 0x4)
> 2023-10-19 19:45:43 SEGV_MAPERR
> 2023-10-19 19:45:43 SIGSEGV (null pointer indirection)
> 2023-10-19 19:45:43 SIGSEGV (1302999 handling incoming connection from [xx.xx.xx.xx]

Not much to go on there apart from "it crashed". What was it doing
at the time? Anything logged immediately before? If not, if you place
a custom log line in the connect ACL, does it shoe up consistently
before crashes?

Can you run with debug?
Can you get a coredump (note: Exim is usually run suid)?

--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Thanks for the replies. I don’t fully understand everything you asked but as much as i’ve been able to figure out is pasted below. Also the config incase there’s an obvious issue there.
I haven’t raised a debian bug, I’m assuming it’s just my incompetence.

Any assistance deeply appreciated.


Version:
Exim version 4.96 #2 built 29-Sep-2023 20:38:02

Permissions:
-rwsr-xr-x 1 root root 1575384 Sep 30 09:38 exim4


Configuration file:
#####################################

primary_hostname = controlroom.co

# ports
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465

#MySQL
VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}'
RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay' AND domain = '${quote_mysql:$domain}'
ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'

MAIN_LOCAL_DOMAINS = @ : controlroom.co : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
MAIN_RELAY_TO_DOMAINS = ${lookup mysql{RELAY_DOMAINS}}
MAIN_RELAY_NETS = localhost : @ : 192.168.0.0/24
MAIN_TRUSTED_USERS = www-data : vexim : root

VEXIM_LOCALPART_SUFFIX = +*

VEXIM_SPAM_REPORT_HEADER_NAME = X-Spam-Status

hide mysql_servers = localhost::(/var/run/mysqld/mysqld.sock)/vexim/vexim/#######

# users
exim_user = Debian-exim
exim_group = Debian-exim
never_users = root

# TLS
MAIN_TLS_ENABLE = 1
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *
REQUIRE_PROTOCOL = smtps
MAIN_TLS_CERTIFICATE = /etc/letsencrypt/live/controlroom.co/fullchain.pem
MAIN_TLS_PRIVATEKEY = /etc/letsencrypt/live/controlroom.co/privkey.pem
auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}}

tls_dhparam = none

#####################################



$ openssl s_client -connect localhost:587 -servername controlroom.co -starttls smtp
CONNECTED(00000003)
809BCD053E7F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:../ssl/record/rec_layer_s3.c:303:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 230 bytes and written 353 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---




$ swaks -a -tls -p 587 -q AUTH -s controlroom.co -au julian@communico.nz
Password: #########
=== Trying controlroom.co:587...
=== Connected to controlroom.co.
<- 220 controlroom.co ESMTP Exim 4.96 Fri, 27 Oct 2023 11:00:24 +1300
-> EHLO ip-172-31-27-131.ap-southeast-2.compute.internal
<- 250-controlroom.co Hello controlroom.co [52.65.43.74]
<- 250-SIZE 52428800
<- 250-8BITMIME
<- 250-PIPELINING
<- 250-PIPECONNECT
<- 250-CHUNKING
<- 250-STARTTLS
<- 250-PRDR
<- 250 HELP
-> STARTTLS
*** Remote host closed connection unexpectedly.



$ sudo tail -f /var/log/mail.log

2023-10-27T12:59:18.381777+13:00 ip-172-31-27-131 imapd-ssl: Connection, ip=[::ffff:121.99.134.237], port=[53803]
2023-10-27T12:59:18.438273+13:00 ip-172-31-27-131 imapd-ssl: LOGIN, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53803], protocol=IMAP
2023-10-27T12:59:18.495509+13:00 ip-172-31-27-131 imapd-ssl: LOGOUT, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53803], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1




$ sudo tail -f /var/log/exim4/mainlog

2023-10-27 12:55:32 SIGSEGV (fault address: 0x4)
2023-10-27 12:55:32 SEGV_MAPERR
2023-10-27 12:55:32 SIGSEGV (null pointer indirection)
2023-10-27 12:55:32 SIGSEGV (1400295 handling incoming connection from (smtpclient.apple) [121.99.134.237]
)
2023-10-27 12:55:32 SMTP syntax error in "\026\003\001?\251\001??\245\003\003e:\374t+\035\007" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\223l\334D\227\275\2412\315\303\251*?h\257\257\327c\346>w\247e\264??,?\377\300,\300+\300$\300#\300" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\300 \300\b\3000\300/\300(\300'\300\024\300\023\300\022?\235?\234?=?<?5?/?" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\001??P???\023?\021??\016controlroom.co?" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP call from [121.99.134.237] dropped: too many syntax or protocol errors (last command was "\001??P???\023?\021??\016controlroom.co?", NULL)



$ sudo tail -f /var/log/syslog

2023-10-27T13:01:28.132700+13:00 ip-172-31-27-131 imapd-ssl: Connection, ip=[::ffff:121.99.134.237], port=[53825]
2023-10-27T13:01:28.133760+13:00 ip-172-31-27-131 systemd[1]: Started systemd-coredump@896-1400340-0.service - Process Core Dump (PID 1400340/UID 0).
2023-10-27T13:01:28.184822+13:00 ip-172-31-27-131 imapd-ssl: LOGIN, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53825], protocol=IMAP
2023-10-27T13:01:28.245152+13:00 ip-172-31-27-131 imapd-ssl: ip=[::ffff:121.99.134.237], Unexpected SSL connection shutdown.
2023-10-27T13:01:28.245752+13:00 ip-172-31-27-131 imapd-ssl: LOGOUT, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53825], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1
2023-10-27T13:01:28.433487+13:00 ip-172-31-27-131 systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped core.#012#012Stack trace of thread 1400339:#012#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)#012#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)#012#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)#012#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)#012#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)#012#5 0x000056095cf88280 n/a (exim4 + 0xc1280)#012#6 0x000056095cf74622 n/a (exim4 + 0xad622)#012#7 0x000056095cf06eef n/a (exim4 + 0x3feef)#012#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)#012#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)#012#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)#012ELF object binary architecture: AMD x86-64
2023-10-27T13:01:28.438380+13:00 ip-172-31-27-131 systemd[1]: systemd-coredump@896-1400340-0.service: Deactivated successfully.


systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped core.#012#012Stack trace of thread 1400339:#012#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)#012#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)#012#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)#012#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)#012#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)#012#5 0x000056095cf88280 n/a (exim4 + 0xc1280)#012#6 0x000056095cf74622 n/a (exim4 + 0xad622)#012#7 0x000056095cf06eef n/a (exim4 + 0x3feef)#012#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)#012#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)#012#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)#012ELF object binary architecture: AMD x86-64
2023-10-27T13:01:28.438380+13:00 ip-172-31-27-131 systemd[1]: systemd-coredump@896-1400340-0.service: Deactivated successfully.




$ sudo journalctl -e

Oct 27 13:07:28 ip-172-31-27-131 systemd[1]: Started systemd-coredump@897-1400386-0.service - Process Core Dump (PID 1400386/UID 0).
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: Connection, ip=[::ffff:121.99.134.237], port=[53917]
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: LOGIN, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53917], protocol=IMAP
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: LOGOUT, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53917], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1
Oct 27 13:07:28 ip-172-31-27-131 systemd-coredump[1400387]: [????] Process 1400385 (exim4) of user 113 dumped core.

Stack trace of thread 1400385:
#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)
#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)
#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)
#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)
#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)
#5 0x000056095cf88280 n/a (exim4 + 0xc1280)
#6 0x000056095cf74622 n/a (exim4 + 0xad622)
#7 0x000056095cf06eef n/a (exim4 + 0x3feef)
#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)
#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)
#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)
#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)
ELF object binary architecture: AMD x86-64
Oct 27 13:07:28 ip-172-31-27-131 systemd[1]: systemd-coredump@897-1400386-0.service: Deactivated successfully.
Oct 27 13:07:31 ip-172-31-27-131 sudo[1400397]: admin : TTY=pts/0 ; PWD=/var/log ; USER=root ; COMMAND=/usr/bin/journalctl -e
Oct 27 13:07:31 ip-172-31-27-131 sudo[1400397]: pam_unix(sudo:session): session opened for user root(uid=0) by admin(uid=1000)

Thank in advance, Julian

> On 19/10/2023, at 9:41?PM, Jeremy Harris via Exim-users <exim-users@lists.exim.org> wrote:
>
> On 19/10/2023 07:53, Julian Waters via Exim-users wrote:
>> Since upgrading to Debian Bookworm
>
> That doesn't actually tell us what version of Exim. "exim -bV" will.
> Have you raised a Debian bug?
>
>> After reconfiguring from scratch a few times narrowed it down to this error in the exim4 mainlog:
>
>> 2023-10-19 19:45:43 SIGSEGV (fault address: 0x4)
>> 2023-10-19 19:45:43 SEGV_MAPERR
>> 2023-10-19 19:45:43 SIGSEGV (null pointer indirection)
>> 2023-10-19 19:45:43 SIGSEGV (1302999 handling incoming connection from [xx.xx.xx.xx]
>
> Not much to go on there apart from "it crashed". What was it doing
> at the time? Anything logged immediately before? If not, if you place
> a custom log line in the connect ACL, does it shoe up consistently
> before crashes?
>
> Can you run with debug?
> Can you get a coredump (note: Exim is usually run suid)?
>
> --
> Cheers,
> Jeremy
>
>
> --
> ## subscription configuration (requires account):
> ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ## exim-users-unsubscribe@lists.exim.org
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Thanks for the replies. I don’t fully understand everything you asked but as much as i’ve been able to figure out is pasted below. Also the config incase there’s an obvious issue there.
I haven’t raised a debian bug, I’m assuming it’s just my incompetence.

Any assistance deeply appreciated.


Version:
Exim version 4.96 #2 built 29-Sep-2023 20:38:02

Permissions:
-rwsr-xr-x 1 root root 1575384 Sep 30 09:38 exim4


Configuration file:
#####################################

primary_hostname = controlroom.co

# ports
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465

#MySQL
VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}'
RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay' AND domain = '${quote_mysql:$domain}'
ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'

MAIN_LOCAL_DOMAINS = @ : controlroom.co : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
MAIN_RELAY_TO_DOMAINS = ${lookup mysql{RELAY_DOMAINS}}
MAIN_RELAY_NETS = localhost : @ : 192.168.0.0/24
MAIN_TRUSTED_USERS = www-data : vexim : root

VEXIM_LOCALPART_SUFFIX = +*

VEXIM_SPAM_REPORT_HEADER_NAME = X-Spam-Status

hide mysql_servers = localhost::(/var/run/mysqld/mysqld.sock)/vexim/vexim/#######

# users
exim_user = Debian-exim
exim_group = Debian-exim
never_users = root

# TLS
MAIN_TLS_ENABLE = 1
REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *
REQUIRE_PROTOCOL = smtps
MAIN_TLS_CERTIFICATE = /etc/letsencrypt/live/controlroom.co/fullchain.pem
MAIN_TLS_PRIVATEKEY = /etc/letsencrypt/live/controlroom.co/privkey.pem
auth_advertise_hosts = ${if eq {$tls_cipher}{}{}{*}}

tls_dhparam = none

#####################################



$ openssl s_client -connect localhost:587 -servername controlroom.co -starttls smtp
CONNECTED(00000003)
809BCD053E7F0000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:../ssl/record/rec_layer_s3.c:303:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 230 bytes and written 353 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---




$ swaks -a -tls -p 587 -q AUTH -s controlroom.co -au julian@communico.nz
Password: #########
=== Trying controlroom.co:587...
=== Connected to controlroom.co.
<- 220 controlroom.co ESMTP Exim 4.96 Fri, 27 Oct 2023 11:00:24 +1300
-> EHLO ip-172-31-27-131.ap-southeast-2.compute.internal
<- 250-controlroom.co Hello controlroom.co [52.65.43.74]
<- 250-SIZE 52428800
<- 250-8BITMIME
<- 250-PIPELINING
<- 250-PIPECONNECT
<- 250-CHUNKING
<- 250-STARTTLS
<- 250-PRDR
<- 250 HELP
-> STARTTLS
*** Remote host closed connection unexpectedly.



$ sudo tail -f /var/log/mail.log

2023-10-27T12:59:18.381777+13:00 ip-172-31-27-131 imapd-ssl: Connection, ip=[::ffff:121.99.134.237], port=[53803]
2023-10-27T12:59:18.438273+13:00 ip-172-31-27-131 imapd-ssl: LOGIN, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53803], protocol=IMAP
2023-10-27T12:59:18.495509+13:00 ip-172-31-27-131 imapd-ssl: LOGOUT, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53803], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1




$ sudo tail -f /var/log/exim4/mainlog

2023-10-27 12:55:32 SIGSEGV (fault address: 0x4)
2023-10-27 12:55:32 SEGV_MAPERR
2023-10-27 12:55:32 SIGSEGV (null pointer indirection)
2023-10-27 12:55:32 SIGSEGV (1400295 handling incoming connection from (smtpclient.apple) [121.99.134.237]
)
2023-10-27 12:55:32 SMTP syntax error in "\026\003\001?\251\001??\245\003\003e:\374t+\035\007" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\223l\334D\227\275\2412\315\303\251*?h\257\257\327c\346>w\247e\264??,?\377\300,\300+\300$\300#\300" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\300 \300\b\3000\300/\300(\300'\300\024\300\023\300\022?\235?\234?=?<?5?/?" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP syntax error in "\001??P???\023?\021??\016controlroom.co?" H=[121.99.134.237] NUL character(s) present (shown as '?')
2023-10-27 12:55:32 SMTP call from [121.99.134.237] dropped: too many syntax or protocol errors (last command was "\001??P???\023?\021??\016controlroom.co?", NULL)



$ sudo tail -f /var/log/syslog

2023-10-27T13:01:28.132700+13:00 ip-172-31-27-131 imapd-ssl: Connection, ip=[::ffff:121.99.134.237], port=[53825]
2023-10-27T13:01:28.133760+13:00 ip-172-31-27-131 systemd[1]: Started systemd-coredump@896-1400340-0.service - Process Core Dump (PID 1400340/UID 0).
2023-10-27T13:01:28.184822+13:00 ip-172-31-27-131 imapd-ssl: LOGIN, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53825], protocol=IMAP
2023-10-27T13:01:28.245152+13:00 ip-172-31-27-131 imapd-ssl: ip=[::ffff:121.99.134.237], Unexpected SSL connection shutdown.
2023-10-27T13:01:28.245752+13:00 ip-172-31-27-131 imapd-ssl: LOGOUT, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53825], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1
2023-10-27T13:01:28.433487+13:00 ip-172-31-27-131 systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped core.#012#012Stack trace of thread 1400339:#012#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)#012#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)#012#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)#012#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)#012#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)#012#5 0x000056095cf88280 n/a (exim4 + 0xc1280)#012#6 0x000056095cf74622 n/a (exim4 + 0xad622)#012#7 0x000056095cf06eef n/a (exim4 + 0x3feef)#012#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)#012#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)#012#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)#012ELF object binary architecture: AMD x86-64
2023-10-27T13:01:28.438380+13:00 ip-172-31-27-131 systemd[1]: systemd-coredump@896-1400340-0.service: Deactivated successfully.


systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped core.#012#012Stack trace of thread 1400339:#012#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)#012#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)#012#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)#012#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)#012#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)#012#5 0x000056095cf88280 n/a (exim4 + 0xc1280)#012#6 0x000056095cf74622 n/a (exim4 + 0xad622)#012#7 0x000056095cf06eef n/a (exim4 + 0x3feef)#012#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)#012#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)#012#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)#012ELF object binary architecture: AMD x86-64
2023-10-27T13:01:28.438380+13:00 ip-172-31-27-131 systemd[1]: systemd-coredump@896-1400340-0.service: Deactivated successfully.




$ sudo journalctl -e

Oct 27 13:07:28 ip-172-31-27-131 systemd[1]: Started systemd-coredump@897-1400386-0.service - Process Core Dump (PID 1400386/UID 0).
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: Connection, ip=[::ffff:121.99.134.237], port=[53917]
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: LOGIN, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53917], protocol=IMAP
Oct 27 13:07:28 ip-172-31-27-131 imapd-ssl[1380239]: LOGOUT, user=julian@communico.nz, ip=[::ffff:121.99.134.237], port=[53917], headers=0, body=0, rcvd=36, sent=277, time=0, starttls=1
Oct 27 13:07:28 ip-172-31-27-131 systemd-coredump[1400387]: [????] Process 1400385 (exim4) of user 113 dumped core.

Stack trace of thread 1400385:
#0 0x00007f45147421d0 __gmpz_sizeinbase (libgmp.so.10 + 0x251d0)
#1 0x00007f451535e06e n/a (libgnutls.so.30 + 0x15e06e)
#2 0x00007f451526b354 gnutls_certificate_set_dh_params (libgnutls.so.30 + 0x6b354)
#3 0x000056095cf86da5 n/a (exim4 + 0xbfda5)
#4 0x000056095cf871c6 n/a (exim4 + 0xc01c6)
#5 0x000056095cf88280 n/a (exim4 + 0xc1280)
#6 0x000056095cf74622 n/a (exim4 + 0xad622)
#7 0x000056095cf06eef n/a (exim4 + 0x3feef)
#8 0x000056095cef89d8 n/a (exim4 + 0x319d8)
#9 0x00007f45154461ca __libc_start_call_main (libc.so.6 + 0x271ca)
#10 0x00007f4515446285 __libc_start_main_impl (libc.so.6 + 0x27285)
#11 0x000056095cefbcb1 _start (exim4 + 0x34cb1)
ELF object binary architecture: AMD x86-64
Oct 27 13:07:28 ip-172-31-27-131 systemd[1]: systemd-coredump@897-1400386-0.service: Deactivated successfully.
Oct 27 13:07:31 ip-172-31-27-131 sudo[1400397]: admin : TTY=pts/0 ; PWD=/var/log ; USER=root ; COMMAND=/usr/bin/journalctl -e
Oct 27 13:07:31 ip-172-31-27-131 sudo[1400397]: pam_unix(sudo:session): session opened for user root(uid=0) by admin(uid=1000)

Thank in advance, Julian

> On 19/10/2023, at 9:41?PM, Jeremy Harris via Exim-users <exim-users@lists.exim.org> wrote:
>
> On 19/10/2023 07:53, Julian Waters via Exim-users wrote:
>> Since upgrading to Debian Bookworm
>
> That doesn't actually tell us what version of Exim. "exim -bV" will.
> Have you raised a Debian bug?
>
>> After reconfiguring from scratch a few times narrowed it down to this error in the exim4 mainlog:
>
>> 2023-10-19 19:45:43 SIGSEGV (fault address: 0x4)
>> 2023-10-19 19:45:43 SEGV_MAPERR
>> 2023-10-19 19:45:43 SIGSEGV (null pointer indirection)
>> 2023-10-19 19:45:43 SIGSEGV (1302999 handling incoming connection from [xx.xx.xx.xx]
>
> Not much to go on there apart from "it crashed". What was it doing
> at the time? Anything logged immediately before? If not, if you place
> a custom log line in the connect ACL, does it shoe up consistently
> before crashes?
>
> Can you run with debug?
> Can you get a coredump (note: Exim is usually run suid)?
>
> --
> Cheers,
> Jeremy
>
>
> --
> ## subscription configuration (requires account):
> ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ## exim-users-unsubscribe@lists.exim.org
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 27/10/2023 04:12, Julian Waters via Exim-users wrote:
> I haven’t raised a debian bug, I’m assuming it’s just my incompetence.

That a segv can happen at all constitutes a bug,
however it was triggered.

> Can you run with debug?

This would have helped, but

> Can you get a coredump (note: Exim is usually run suid)?

This turns out to be essential, as the segv is hitting in
a library:

(libgnutls.so.30 + 0x15e06e)#012#2 0x00007f451526b354 gnutls_certificate_set_dh_params
(libgnutls.so.30 + 0x6b354)#012#3 0x000056095cf86da5 n/a
(exim4 + 0xbfda5)#012#4 0x000056095cf871c6 n/a
(exim4 + 0xc01c6)#012#5 0x000056095cf88280 n/a
(exim4 + 0xc1280)#012#6 0x000056095cf74622 n/a
(exim4 + 0xad622)#012#7 0x000056095cf06eef n/a
(exim4 + 0x3feef)#012#8 0x000056095cef89d8 n/a
(exim4 + 0x319d8)#012#9 0x00007f45154461ca __libc_start_call_main
(libc.so.6 + 0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl

What we can glean so far is:
- the crash is in the GnuTLS library
- (inference) possibly exim handed it some parameter it can't handle

and, you might actually have a core dump:

systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped core.#012#012S


However, this will probably have been a fully optimised binary for exim, and might
not include debug information. It it doesn't, there might be an adjunct "debuginfo"
package you can install - or it may be that it requires special compilation.
You need to discuss this with Debian-knowledgeable people.

Once debug info is present, the next step is to investigate a coredump using gdb,
and get a stackdump (use the "bt" command) complete with function call arguments.

I still think you should open a Debian bug for this.
--
Cheers,
Jeremy


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

On 2023-10-27, Jeremy Harris via Exim-users <exim-users@lists.exim.org> wrote:
> On 27/10/2023 04:12, Julian Waters via Exim-users wrote:
>> I haven’t raised a debian bug, I’m assuming it’s just my incompetence.
>
> That a segv can happen at all constitutes a bug,
> however it was triggered.
>
>> Can you run with debug?
>
> This would have helped, but
>
>> Can you get a coredump (note: Exim is usually run suid)?
>
> This turns out to be essential, as the segv is hitting in
> a library:
>
> (libgnutls.so.30 + 0x15e06e)#012#2 0x00007f451526b354 gnutls_certificate_set_dh_params
> (libgnutls.so.30 + 0x6b354)#012#3 0x000056095cf86da5 n/a
> (exim4 + 0xbfda5)#012#4 0x000056095cf871c6 n/a
> (exim4 + 0xc01c6)#012#5 0x000056095cf88280 n/a
> (exim4 + 0xc1280)#012#6 0x000056095cf74622 n/a
> (exim4 + 0xad622)#012#7 0x000056095cf06eef n/a
> (exim4 + 0x3feef)#012#8 0x000056095cef89d8 n/a
> (exim4 + 0x319d8)#012#9 0x00007f45154461ca __libc_start_call_main
> (libc.so.6 + 0x271ca)#012#10 0x00007f4515446285 __libc_start_main_impl
>
> What we can glean so far is:
> - the crash is in the GnuTLS library
> - (inference) possibly exim handed it some parameter it can't handle
>
> and, you might actually have a core dump:
>
> systemd-coredump[1400341]: Process 1400339 (exim4) of user 113 dumped core.#012#012S
>
>
> However, this will probably have been a fully optimised binary for exim, and might
> not include debug information. It it doesn't, there might be an adjunct "debuginfo"
> package you can install - or it may be that it requires special compilation.
> You need to discuss this with Debian-knowledgeable people.

The package name is exim4-daemon-light-dbgsym or
exim4-daemon-heavy-dbgsym to match the exim4-daemon-* package installed

> Once debug info is present, the next step is to investigate a coredump using gdb,
> and get a stackdump (use the "bt" command) complete with function call arguments.
>
> I still think you should open a Debian bug for this.

--
Jasen.
???????? ????? ???????

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/