<<< Date Index >>>     <<< Thread Index >>>

mutt/2184: SEGV in mutt_match_rx_list()



>Number:         2184
>Notify-List:    
>Category:       mutt
>Synopsis:       SEGV in mutt_match_rx_list()
>Confidential:   no
>Severity:       normal
>Priority:       medium
>Responsible:    mutt-dev
>State:          open
>Keywords:       
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Feb 13 16:59:21 +0100 2006
>Originator:     Christoph Ludwig
>Release:        1.5.11 (CVS from 2006-02-04)
>Organization:
>Environment:
cludwig@castellio:~> uname -a
Linux castellio 2.6.13-15.8-default #1 Tue Feb 7 11:07:24 UTC 2006 i686 i686 
i386 GNU/Linux

cludwig@castellio:~> mutt -v
Mutt 1.5.11 (2005-09-15)
Copyright (C) 1996-2006 Michael R. Elkins and others.
Mutt comes with ABSOLUTELY NO WARRANTY; for details type `mutt -vv'.
Mutt is free software, and you are welcome to redistribute it
under certain conditions; type `mutt -vv' for details.

System: Linux 2.6.13-15.8-default (i686) [using ncurses 5.4] [using libidn 
0.5.9 (compiled with 0.5.9)]
Einstellungen bei der Compilierung:
-DOMAIN
+DEBUG
-HOMESPOOL  -USE_SETGID  +USE_DOTLOCK  -DL_STANDALONE
+USE_FCNTL  -USE_FLOCK   -USE_INODESORT
+USE_POP  +USE_IMAP  -USE_GSS  +USE_SSL  -USE_GNUTLS  -USE_SASL  
+HAVE_GETADDRINFO
+HAVE_REGCOMP  -USE_GNU_REGEX
+HAVE_COLOR  +HAVE_START_COLOR  +HAVE_TYPEAHEAD  +HAVE_BKGDSET
+HAVE_CURS_SET  +HAVE_META  +HAVE_RESIZETERM
+CRYPT_BACKEND_CLASSIC_PGP  +CRYPT_BACKEND_CLASSIC_SMIME  +CRYPT_BACKEND_GPGME
-BUFFY_SIZE -EXACT_ADDRESS  -SUN_ATTACHMENT
+ENABLE_NLS  -LOCALES_HACK  +HAVE_WC_FUNCS  +HAVE_LANGINFO_CODESET  
+HAVE_LANGINFO_YESEXPR
+HAVE_ICONV  -ICONV_NONTRANS  +HAVE_LIBIDN  +HAVE_GETSID  +USE_HCACHE
ISPELL="/usr/bin/ispell"
SENDMAIL="/usr/sbin/sendmail"
MAILPATH="/var/mail"
PKGDATADIR="/home/cludwig/usr//share/mutt"
SYSCONFDIR="/home/cludwig/usr//etc"
EXECSHELL="/bin/sh"
-MIXMASTER
To contact the developers, please mail to <mutt-dev@xxxxxxxx>.
To report a bug, please visit http://bugs.mutt.org/.

1.5.6.nr.threadcomplete
patch-1.5.6-ow.smime-encrypt-self.2
>Description:
Since I rebuilt mutt from a recent CVS checkout, I observe sporadic crashes. 
Today I managed to create a core:

<gdb output>
Core was generated by `mutt'.
Program terminated with signal 11, Segmentation fault.

warning: current_sos: Can't read pathname for load map: Eingabe-/Ausgabefehler

Reading symbols from /usr/lib/libncursesw.so.5...done.
Loaded symbols for /usr/lib/libncursesw.so.5
Reading symbols from /usr/lib/libssl.so.0.9.7...done.
Loaded symbols for /usr/lib/libssl.so.0.9.7
Reading symbols from /usr/lib/libcrypto.so.0.9.7...done.
Loaded symbols for /usr/lib/libcrypto.so.0.9.7
Reading symbols from /usr/lib/libidn.so.11...done.
Loaded symbols for /usr/lib/libidn.so.11
Reading symbols from /usr/lib/tls/libdb-4.3.so...done.
Loaded symbols for /usr/lib/tls/libdb-4.3.so
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/tls/libpthread.so.0...done.
Loaded symbols for /lib/tls/libpthread.so.0
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /usr/lib/gconv/ISO8859-1.so...done.
Loaded symbols for /usr/lib/gconv/ISO8859-1.so
#0  0x4035ffcb in re_search_internal () from /lib/tls/libc.so.6
(gdb) bt
#0  0x4035ffcb in re_search_internal () from /lib/tls/libc.so.6
#1  0x403613e9 in regexec@@GLIBC_2.3.4 () from /lib/tls/libc.so.6
#2  0x080aa9b8 in mutt_match_rx_list (s=0x8670108 "TEXTGRID-INTERN@xxxxxxxxx", 
l=0x403d8ff4) at muttlib.c:1577
#3  0x08074734 in mutt_is_mail_list (addr=0x8671320) at hdrline.c:38
#4  0x0808e91f in mutt_is_list_cc (alladdr=0, a1=0x8671320, a2=0x0) at 
pattern.c:1004
#5  0x0809c026 in mutt_set_followup_to (e=0x8670490) at send.c:853
#6  0x080a0ea1 in mutt_prepare_envelope (env=0x8670490, final=1) at 
sendlib.c:2100
#7  0x0809c7b9 in ci_send_message (flags=<value optimized out>, msg=0x843c860, 
tempfile=0x0, ctx=0x8414ed0, cur=0x0)
    at send.c:1598
#8  0x080623bb in mutt_index_menu () at curs_main.c:1964
#9  0x0807a583 in main (argc=1, argv=0xbfb0d444) at main.c:960
(gdb) up 2
#2  0x080aa9b8 in mutt_match_rx_list (s=0x8670108 "TEXTGRID-INTERN@xxxxxxxxx", 
l=0x403d8ff4) at muttlib.c:1577
1577        if (regexec (l->rx->rx, s, (size_t) 0, (regmatch_t *) 0, (int) 0) 
== 0)
(gdb) print *l->rx
Cannot access memory at address 0x11ad3c
(gdb) print *l
$1 = {
  rx = 0x11ad3c,
  next = 0x40030d18
}
</gdb output>

FWIW, the segfault occured when I called send-message for a mailing list 
posting.
>How-To-Repeat:
Unfortunately, I don't know yet how to reproduce the crash.
>Fix:
Unknown
>Add-To-Audit-Trail:

>Unformatted: