Re: mutt_free_header -> free -> mutt_sort_headers -> segfault

To: mutt-dev@xxxxxxxx
Subject: Re: mutt_free_header -> free -> mutt_sort_headers -> segfault
From: q4xk3j002@xxxxxxxxxxxxxx
Date: 5 Nov 2003 20:09:18 -0000
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?body=unsubscribe>
Sender: owner-mutt-dev@xxxxxxxx
>So optimization is definitely having an 
>effect here that it shouldn't have. 

but mutt crashes with every gcc it can be compiled with.
so I still believe this is mutt bug.

what next?

-rwxrwx---    1 safari   safari    2496550 2003-11-05 21:22:33.000000000 +0200
mutt-2.7.2.3
-rwxrwx---    1 safari   safari    4582929 2003-11-05 21:27:44.000000000 +0200
mutt-2.95.3
-rwxrwx---    1 safari   safari    4339309 2003-11-05 21:32:18.000000000 +0200
mutt-3.0.4
-rwxrwx---    1 safari   safari    9318946 2003-11-05 21:37:45.000000000 +0200
mutt-3.1.1
-rwxrwx---    1 safari   safari    9969225 2003-11-05 21:43:09.000000000 +0200
mutt-3.2.3
-rwxrwx---    1 safari   safari   10023377 2003-11-05 21:48:56.000000000 +0200
mutt-3.2.3-fomit-frame-pointer
-rwxrwx---    1 safari   safari   10059174 2003-11-05 21:56:21.000000000 +0200
mutt-3.3.2


gcc-2.7.2.3: CRASH

Sorting mailbox...                                                              
               
Program received signal SIGSEGV, Segmentation fault.
0x4027c5da in strcmp () from /lib/libc.so.6
(gdb) bt
#0  0x4027c5da in strcmp () from /lib/libc.so.6
#1  0x080b488e in mutt_strcmp (a=0x41437ff0 "<002@invalid>", 
    b=0x4128cff0 <Address 0x4128cff0 out of bounds>) at lib.c:574
#2  0x08077787 in hash_find_hash (table=0x412a1ff8, hash=1, key=0x41437ff0 
"<002@invalid>")
    at hash.c:104
#3  0x080b1b08 in mutt_sort_threads (ctx=0x41200f9c, init=0) at thread.c:778
#4  0x080af11a in mutt_sort_headers (ctx=0x41200f9c, init=0) at sort.c:234
#5  0x08062192 in update_index (menu=0x4124efa8, ctx=0x41200f9c, check=1, 
oldcount=0, 
    index_hint=0) at curs_main.c:313
#6  0x080627a7 in mutt_index_menu () at curs_main.c:488
#7  0x0807eb05 in main (argc=5, argv=0xbfffea54) at main.c:907
#8  0x40217907 in __libc_start_main () from /lib/libc.so.6
(gdb) 


gcc-2.95.3: CRASH

Sorting mailbox...                                                              
               
Program received signal SIGSEGV, Segmentation fault.
0x4027c5da in strcmp () from /lib/libc.so.6
(gdb) bt
#0  0x4027c5da in strcmp () from /lib/libc.so.6
#1  0x080b9394 in mutt_strcmp (a=0x412a1ff8 "\002", b=0x1 <Address 0x1 out of 
bounds>)
    at lib.c:574
#2  0x08079eda in hash_find_hash (table=0x412a1ff8, hash=1, key=0x41437ff0 
"<002@invalid>")
    at hash.c:104
#3  0x080b6256 in mutt_sort_threads (ctx=0x41200f9c, init=0) at thread.c:778
#4  0x080b379f in mutt_sort_headers (ctx=0x41200f9c, init=0) at sort.c:234
#5  0x080635cb in update_index (menu=0x4124efa8, ctx=0x41200f9c, check=1, 
oldcount=0, 
    index_hint=0) at curs_main.c:313
#6  0x08063c20 in mutt_index_menu () at curs_main.c:488
#7  0x08081a7a in main (argc=5, argv=0xbfffea44) at main.c:907
#8  0x40217907 in __libc_start_main () from /lib/libc.so.6
(gdb) 


gcc-3.0.4: CRASH

Sorting mailbox...                                                              
               
Program received signal SIGSEGV, Segmentation fault.
0x4027c5da in strcmp () from /lib/libc.so.6
(gdb) bt
#0  0x4027c5da in strcmp () from /lib/libc.so.6
#1  0x080b7fda in mutt_strcmp (a=0x412a1ff8 "\002", b=0x1 <Address 0x1 out of 
bounds>)
    at lib.c:574
#2  0x080791c8 in hash_find_hash (table=0x412a1ff8, hash=1, key=0x41437ff0 
"<002@invalid>")
    at hash.c:104
#3  0x080b4ea5 in mutt_sort_threads (ctx=0x41200f9c, init=0) at thread.c:778
#4  0x080b222d in mutt_sort_headers (ctx=0x41200f9c, init=0) at sort.c:234
#5  0x0806323b in update_index (menu=0x4124efa8, ctx=0x41200f9c, check=1, 
oldcount=0, 
    index_hint=0) at curs_main.c:313
#6  0x080638cd in mutt_index_menu () at curs_main.c:488
#7  0x08080b7d in main (argc=5, argv=0xbfffea44) at main.c:907
#8  0x40217907 in __libc_start_main () from /lib/libc.so.6
(gdb) 


gcc-3.1.1: CRASH

Sorting mailbox...                                                              
               
Program received signal SIGSEGV, Segmentation fault.
0x4027c5da in strcmp () from /lib/libc.so.6
(gdb) bt
#0  0x4027c5da in strcmp () from /lib/libc.so.6
#1  0x080b6e4c in mutt_strcmp (a=0x412a1ff8 "\002", b=0x1 <Address 0x1 out of 
bounds>)
    at lib.c:574
#2  0x080787c6 in hash_find_hash (table=0x412a1ff8, hash=1, key=0x41437ff0 
"<002@invalid>")
    at hash.c:104
#3  0x080b3f72 in mutt_sort_threads (ctx=0x41200f9c, init=0) at thread.c:778
#4  0x080b13aa in mutt_sort_headers (ctx=0x41200f9c, init=0) at sort.c:234
#5  0x080631d9 in update_index (menu=0x4124efa8, ctx=0x41200f9c, check=1, 
oldcount=0, 
    index_hint=0) at curs_main.c:313
#6  0x08063838 in mutt_index_menu () at curs_main.c:488
#7  0x08080328 in main (argc=5, argv=0xbfffea44) at main.c:907
#8  0x40217907 in __libc_start_main () from /lib/libc.so.6
(gdb) 


gcc-3.2.3 -fno-omit-frame-pointer: CRASH

Sorting mailbox...                                                              
               
Program received signal SIGSEGV, Segmentation fault.
0x4027c5da in strcmp () from /lib/libc.so.6
(gdb) bt
#0  0x4027c5da in strcmp () from /lib/libc.so.6
#1  0x080b6c1e in mutt_strcmp (a=0x412a1ff8 "\002", b=0x1 <Address 0x1 out of 
bounds>)
    at lib.c:574
#2  0x08078689 in hash_find_hash (table=0x412a1ff8, hash=1, key=0x41437ff0 
"<002@invalid>")
    at hash.c:104
#3  0x080b3d53 in mutt_sort_threads (ctx=0x41200f9c, init=0) at thread.c:778
#4  0x080b119b in mutt_sort_headers (ctx=0x41200f9c, init=0) at sort.c:234
#5  0x080630a5 in update_index (menu=0x4124efa8, ctx=0x41200f9c, check=1, 
oldcount=0, 
    index_hint=0) at curs_main.c:313
#6  0x08063703 in mutt_index_menu () at curs_main.c:488
#7  0x080801a2 in main (argc=5, argv=0xbfffea44) at main.c:907
#8  0x40217907 in __libc_start_main () from /lib/libc.so.6


gcc-3.2.3 -fomit-frame-pointer: CRASH (only with efence)

Sorting mailbox...                                                              
               
Program received signal SIGSEGV, Segmentation fault.
0x4027c5da in strcmp () from /lib/libc.so.6
(gdb) bt
#0  0x4027c5da in strcmp () from /lib/libc.so.6
#1  0x080c141e in mutt_strcmp (
    a=0x807c71f
"\205ï¿?u\r\213D$\030\213@\004\211D$\024ï¿?\025\213D$\030\213@\b\211D$\030ï¿?ï¿?ï¿?D$\024",
b=0x41437ff0 "<004@invalid>") at lib.c:574
#2  0x40217907 in __libc_start_main () from /lib/libc.so.6
(gdb) 


gcc-3.3.2: CRASH

Sorting mailbox...                                                              
               
Program received signal SIGSEGV, Segmentation fault.
0x4027c5da in strcmp () from /lib/libc.so.6
(gdb) bt
#0  0x4027c5da in strcmp () from /lib/libc.so.6
#1  0x080b6d6a in mutt_strcmp (a=0x412a1ff8 "\002", b=0x1 <Address 0x1 out of 
bounds>)
    at lib.c:574
#2  0x08078795 in hash_find_hash (table=0x412a1ff8, hash=1, key=0x41437ff0 
"<002@invalid>")
    at hash.c:104
#3  0x080b3eab in mutt_sort_threads (ctx=0x41200f9c, init=0) at thread.c:778
#4  0x080b12e2 in mutt_sort_headers (ctx=0x41200f9c, init=0) at sort.c:234
#5  0x0806319c in update_index (menu=0x4124efa8, ctx=0x41200f9c, check=1, 
oldcount=0, 
    index_hint=0) at curs_main.c:313
#6  0x080637f7 in mutt_index_menu () at curs_main.c:488
#7  0x080802c1 in main (argc=5, argv=0xbfffea44) at main.c:907
#8  0x40217907 in __libc_start_main () from /lib/libc.so.6
(gdb)
Follow-Ups:
- Re: mutt_free_header -> free -> mutt_sort_headers -> segfault
  - From: Thomas Roessler
Prev by Date: Re: [Announce] 1.5.5 is out.
Next by Date: mutt-1.5.5.1
Previous by thread: Re: mutt_free_header -> free -> mutt_sort_headers -> segfault
Next by thread: Re: mutt_free_header -> free -> mutt_sort_headers -> segfault
Index(es):
- Date
- Thread