Re: [Mutt] #3288: seg fault in mx_update_context

To: prlw1@xxxxxxxxx, brendan@xxxxxxxxxx, pdmef@xxxxxxx
Subject: Re: [Mutt] #3288: seg fault in mx_update_context
From: Mutt <fleas@xxxxxxxx>
Date: Thu, 02 Jul 2009 10:14:46 -0000
Auto-submitted: auto-generated
Cc: mutt-dev@xxxxxxxx
In-reply-to: <037.e163234469c234d51c59f82907b61b8f@xxxxxxxx>
List-post: <mailto:mutt-dev@mutt.org>
List-unsubscribe: send mail to majordomo@mutt.org, body only "unsubscribe mutt-dev"
Mail-followup-to: fleas@xxxxxxxx
References: <037.e163234469c234d51c59f82907b61b8f@xxxxxxxx>
Reply-to: fleas@xxxxxxxx
Sender: owner-mutt-dev@xxxxxxxx

#3288: seg fault in mx_update_context
---------------------+------------------------------------------------------
  Reporter:  prlw1   |       Owner:  brendan
      Type:  defect  |      Status:  new    
  Priority:  major   |   Milestone:         
 Component:  IMAP    |     Version:  1.5.20 
Resolution:          |    Keywords:         
---------------------+------------------------------------------------------
Changes (by pdmef):

  * owner:  mutt-dev => brendan
  * component:  mutt => IMAP


Old description:

> {{{
> #0  0x08081c1f in mx_update_context (ctx=0xbb719680, new_messages=2)
>     at mx.c:1550
> 1550          h->virtual = ctx->vcount++;
> (gdb) bt
> #0  0x08081c1f in mx_update_context (ctx=0xbb719680, new_messages=2)
>     at mx.c:1550
> #1  0x080bc636 in imap_read_headers (idata=0xbb7790c0, msgbegin=223296,
>     msgend=223298) at message.c:379
> #2  0x080b503d in imap_cmd_finish (idata=0xbb7790c0) at command.c:291
> #3  0x080b55a7 in imap_cmd_step (idata=0xbb7790c0) at command.c:180
> #4  0x080b6629 in imap_exec (idata=0xbb7790c0, cmdstr=0x80d0e44 "NOOP",
>     flags=0) at command.c:245
> #5  0x080b7100 in imap_check_mailbox (ctx=0xbb719680,
> index_hint=0xbfbfd8cc,
>     force=0) at imap.c:1419
> #6  0x0805f556 in mutt_index_menu () at curs_main.c:482
> #7  0x08078d76 in main (argc=Cannot access memory at address 0x36841
> ) at main.c:1020
> (gdb) print *h
> Cannot access memory at address 0x0
> (gdb) print *ctx
> $1 = {path = 0xbb7a8a80 "imap://localhost/INBOX", fp = 0x0, mtime = 0,
>   size = 2639737827, vsize = 2751036268, pattern = 0x0, limit_pattern =
> 0x0,
>   hdrs = 0xbb501000, last_tag = 0x0, tree = 0xae5e2580, id_hash = 0x0,
>   subj_hash = 0xadd83670, thread_hash = 0xaeab91b0, v2r = 0xbb401000,
>   hdrmax = 223346, msgcount = 223298, vcount = 223297, tagged = 0, new =
> 1,
>   unread = 1106, deleted = 0, flagged = 0, msgnotreadyet = -1, magic = 5,
>   rights = "�\a", locked = 0, changed = 0, readonly = 0, dontwrite = 0,
>   append = 0, quiet = 0, collapsed = 0, closing = 0, data = 0xbb7790c0,
>   mx_close = 0x80b7280 <imap_close_mailbox>}
> (gdb) print msgno
> $2 = 223297
> (gdb) print  ctx->hdrs[223297]
> $3 = (HEADER *) 0x0
> (gdb) print  ctx->hdrs[223296]
> $4 = (HEADER *) 0xad60e280
> (gdb)
> }}}
>
> when running this morning's mercurial head. So the question is
>

> {{{
> 2647:   for (msgno = ctx->msgcount - new_messages; msgno < ctx->msgcount;
> msgno++)
> 2647:   {
> 2647:     h = ctx->hdrs[msgno];
>
> }}}
>
> are the limits right? (msgcount=223298, new_messages=2, msgno=223297)

New description:

 {{{
 #0  0x08081c1f in mx_update_context (ctx=0xbb719680, new_messages=2)
     at mx.c:1550
 1550          h->virtual = ctx->vcount++;
 (gdb) bt
 #0  0x08081c1f in mx_update_context (ctx=0xbb719680, new_messages=2)
     at mx.c:1550
 #1  0x080bc636 in imap_read_headers (idata=0xbb7790c0, msgbegin=223296,
     msgend=223298) at message.c:379
 #2  0x080b503d in imap_cmd_finish (idata=0xbb7790c0) at command.c:291
 #3  0x080b55a7 in imap_cmd_step (idata=0xbb7790c0) at command.c:180
 #4  0x080b6629 in imap_exec (idata=0xbb7790c0, cmdstr=0x80d0e44 "NOOP",
     flags=0) at command.c:245
 #5  0x080b7100 in imap_check_mailbox (ctx=0xbb719680,
 index_hint=0xbfbfd8cc,
     force=0) at imap.c:1419
 #6  0x0805f556 in mutt_index_menu () at curs_main.c:482
 #7  0x08078d76 in main (argc=Cannot access memory at address 0x36841
 ) at main.c:1020
 (gdb) print *h
 Cannot access memory at address 0x0
 (gdb) print *ctx
 $1 = {path = 0xbb7a8a80 "imap://localhost/INBOX", fp = 0x0, mtime = 0,
   size = 2639737827, vsize = 2751036268, pattern = 0x0, limit_pattern =
 0x0,
   hdrs = 0xbb501000, last_tag = 0x0, tree = 0xae5e2580, id_hash = 0x0,
   subj_hash = 0xadd83670, thread_hash = 0xaeab91b0, v2r = 0xbb401000,
   hdrmax = 223346, msgcount = 223298, vcount = 223297, tagged = 0, new =
 1,
   unread = 1106, deleted = 0, flagged = 0, msgnotreadyet = -1, magic = 5,
   rights = "�\a", locked = 0, changed = 0, readonly = 0, dontwrite = 0,
   append = 0, quiet = 0, collapsed = 0, closing = 0, data = 0xbb7790c0,
   mx_close = 0x80b7280 <imap_close_mailbox>}
 (gdb) print msgno
 $2 = 223297
 (gdb) print  ctx->hdrs[223297]
 $3 = (HEADER *) 0x0
 (gdb) print  ctx->hdrs[223296]
 $4 = (HEADER *) 0xad60e280
 (gdb)
 }}}

 when running this morning's mercurial head. So the question is


 {{{
 2647:   for (msgno = ctx->msgcount - new_messages; msgno < ctx->msgcount;
 msgno++)
 2647:   {
 2647:     h = ctx->hdrs[msgno];

 }}}

 are the limits right? (msgcount=223298, new_messages=2, msgno=223297)

--

-- 
Ticket URL: <http://dev.mutt.org/trac/ticket/3288#comment:2>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

References:
- [Mutt] #3288: seg fault in mx_update_context
  - From: Mutt

Prev by Date: Re: atime/mtime
Next by Date: Re: fcc and walking around mailboxes
Previous by thread: Re: [Mutt] #3288: seg fault in mx_update_context
Next by thread: Re: [Mutt] #3288: seg fault in mx_update_context
Index(es):
- Date
- Thread