>Number: 2713 >Notify-List: >Category: mutt >Synopsis: memory allocation bug >Confidential: no >Severity: normal >Priority: medium >Responsible: mutt-dev >State: open >Keywords: >Class: sw-bug >Submitter-Id: net >Arrival-Date: Sat Jan 27 04:27:55 +0100 2007 >Originator: Vincent Lefevre >Release: 1.5.13 (2007-01-26) >Organization: >Environment: System: Darwin 8.8.0 (Power Macintosh) [using ncurses 5.5] [using libiconv 1.11] [using libidn 0.6.3 (compiled with 0.6.3)] Compile options: -DOMAIN +DEBUG -HOMESPOOL -USE_SETGID -USE_DOTLOCK -DL_STANDALONE +USE_FCNTL -USE_FLOCK -USE_INODESORT +USE_POP +USE_IMAP -USE_GSS +USE_SSL_OPENSSL -USE_SSL_GNUTLS -USE_SASL +HAVE_GETADDRINFO -HAVE_REGCOMP +USE_GNU_REGEX +HAVE_COLOR +HAVE_START_COLOR +HAVE_TYPEAHEAD +HAVE_BKGDSET +HAVE_CURS_SET +HAVE_META +HAVE_RESIZETERM +CRYPT_BACKEND_CLASSIC_PGP +CRYPT_BACKEND_CLASSIC_SMIME -CRYPT_BACKEND_GPGME +BUFFY_SIZE -EXACT_ADDRESS -SUN_ATTACHMENT +ENABLE_NLS -LOCALES_HACK +HAVE_WC_FUNCS +HAVE_LANGINFO_CODESET +HAVE_LANGINFO_YESEXPR +HAVE_ICONV -ICONV_NONTRANS +HAVE_LIBIDN +HAVE_GETSID -USE_HCACHE ISPELL="/opt/local/bin/ispell" SENDMAIL="/usr/sbin/sendmail" MAILPATH="/Users/vinc17/Mail" PKGDATADIR="/Users/vinc17/share/mutt" SYSCONFDIR="/Users/vinc17/etc" EXECSHELL="/bin/sh" -MIXMASTER >Description: Will malloc checking, Mutt aborts on my mail archives. More precisely, in gdb:
set env MallocLogFile /tmp/malloc.log set env MallocGuardEdges 1 set env MallocPreScribble 1 set env MallocScribble 1 set env MallocCheckHeapStart 1060820 set env MallocCheckHeapEach 1 set env MallocCheckHeapAbort 1 set env MallocBadFreeAbort 1 run -F /dev/null -f ~/Mail/oldarc Then I get: Reading /Users/vinc17/Mail/oldarc... 20370 Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_PROTECTION_FAILURE at address: 0x00000000 0x900029c8 in strlen () (gdb) bt #0 0x900029c8 in strlen () #1 0x90130748 in _simple_vdprintf () #2 0x9012bc44 in malloc_printf () #3 0x90116bcc in szone_check () #4 0x90002c1c in malloc () #5 0x0006b538 in safe_malloc (siz=1) at lib.c:149 #6 0x0006b744 in safe_strdup (s=0x995f4 "plain") at lib.c:220 #7 0x0004c154 in mutt_read_rfc822_header (f=0xa000db34, hdr=0x15dc280, user_hdrs=0, weed=0) at parse.c:1319 #8 0x0003d9b4 in maildir_parse_message (magic=4, fname=0xbfffd218 "/Users/vinc17/Mail/oldarc/cur/1076519289.5337_386.ay:2,S", is_old=1, _h=0x15dc280) at mh.c:603 #9 0x0003ddf0 in maildir_delayed_parsing (ctx=0x11062e0, md=0x0, progress=0xbfffd38c) at mh.c:990 #10 0x0004022c in mh_read_dir (ctx=0x11062e0, subdir=0xa1a70 "cur") at mh.c:1047 #11 0x000402a0 in maildir_read_dir (ctx=0x11062e0) at mh.c:1059 #12 0x000411cc in mx_open_mailbox (path=0xb0cb4 "", flags=0, pctx=0x20) at mx.c:691 #13 0x00037730 in main (argc=5, argv=0xbfffe104) at main.c:960 /tmp/malloc.log contains: [...] mutt(28682) malloc: MallocCheckHeap: PASSED check at 1060835th operation mutt(28682) malloc: MallocCheckHeap: PASSED check at 1060836th operation mutt(28682) malloc: *** invariant broken for 0x1861400 (2 free in a row) mutt(28682) malloc: *** small region 2 incorrect szo Then I don't know how to debug this. The bug is always reproducible, but on a smaller mailbox containing hundreds of messages around the one that appears in the backtrace, it no longer occurs. >How-To-Repeat: >Fix: Unknown >Add-To-Audit-Trail: >Unformatted:
