[Mutt] #3407: Gmail + IMAP crashes mutt regularly with recent snapshot
#3407: Gmail + IMAP crashes mutt regularly with recent snapshot
--------------------+-------------------------------------------------------
Reporter: vext01 | Owner: mutt-dev
Type: defect | Status: new
Priority: major | Milestone:
Component: mutt | Version:
Keywords: |
--------------------+-------------------------------------------------------
Hi,
For too long now I have been using mutt and seeing it crash on my gmail
account. So last week I fetched a snapshot and built wit hdebug symbols to
see if the bug still exists and to get a backtrace if it does.
I reproduced the bug within a few hours. All I need to do is login and do
nothing for a while.
Here is the backtrace (I can't see any sensitive information, passwords
etc here, but let me know if you do):
#0 0x037da635 in write () from /usr/lib/libc.so.53.1
No symbol table info available.
#1 0x05902016 in sock_write (b=0x7fb7fec0, in=0x82553000 "\025\003\001",
inl=23) at /usr/src/lib/libssl/src/crypto/bio/bss_sock.c:158
ret = 2142764736
#2 0x059664d5 in BIO_write (b=0x7fb7fec0, in=0x82553000, inl=23)
at /usr/src/lib/libssl/src/crypto/bio/bio_lib.c:247
i = 32
cb = (long int (*)(BIO *, int, const char *, int, long int,
long int)) 0
#3 0x0e9a10ea in ssl3_write_pending (s=0x8a87d800, type=32,
buf=0x20 <Address 0x20 out of bounds>, len=2)
at /usr/src/lib/libssl/src/ssl/s3_pkt.c:741
i = -2078685184
#4 0x0e9a0f41 in do_ssl3_write (s=0x8a87d800, type=21, buf=0x8419c99c
"\001",
len=2, create_empty_fragment=0) at
/usr/src/lib/libssl/src/ssl/s3_pkt.c:714
p = (unsigned char *) 0x82553005
"bÃÂÂ#ÃÂÂnQÃÂÂ@ÃÂÂÃÂÂÃÂÂÃÂÂ\237ÃÂÂ\006EÃÂÂ
plen = (unsigned char *) 0x82553003 ""
i = 32
mac_size = 16
clear = -2108346363
prefix_len = 0
wr = (SSL3_RECORD *) 0x8419c924
wb = (SSL3_BUFFER *) 0x8419c8f0
#5 0x0e9a1cb2 in ssl3_dispatch_alert (s=0x8a87d800)
at /usr/src/lib/libssl/src/ssl/s3_pkt.c:1299
i = -1970808832
cb = (void (*)(const SSL *, int,
int)) 0x237ad67c <_CurrentNumericLocale+4264>
#6 0x0e9a1c46 in ssl3_send_alert (s=0x8a87d800, level=1, desc=0)
at /usr/src/lib/libssl/src/ssl/s3_pkt.c:1288
No locals.
#7 0x0e998269 in ssl3_shutdown (s=0x8a87d800)
at /usr/src/lib/libssl/src/ssl/s3_lib.c:2474
No locals.
#8 0x0e9999b6 in SSL_shutdown (s=0x8a87d800)
at /usr/src/lib/libssl/src/ssl/ssl_lib.c:949
No locals.
#9 0x1c072da9 in ssl_socket_close (conn=0x83e43000) at mutt_ssl.c:369
data = (sslsockdata *) 0x7c35ef90
#10 0x1c071ac5 in mutt_socket_close (conn=0x83e43000) at mutt_socket.c:81
rc = 32
#11 0x1c071c8c in mutt_socket_readchar (conn=0x83e43000,
c=0x20 <Address 0x20 out of bounds>) at mutt_socket.c:186
No locals.
#12 0x1c071ceb in mutt_socket_readln_d (buf=0x7e1f0600 "a0954 OK Success",
buflen=512, conn=0x83e43000, dbg=2) at mutt_socket.c:202
ch = 0 '\0'
i = 0
#13 0x1c077eb2 in imap_cmd_step (idata=0x8042d100) at command.c:113
len = 0
c = -2143104768
rc = -1
stillrunning = 0
cmd = (IMAP_COMMAND *) 0x0
#14 0x1c078111 in imap_exec (idata=0x8042d100, cmdstr=0x0, flags=1)
at command.c:245
rc = 32
#15 0x1c0782ee in cmd_queue (idata=0x8042d100,
cmdstr=0xcfbd8150 "STATUS \"Drafts\" (UIDNEXT UIDVALIDITY UNSEEN
RECENT)")
at command.c:378
cmd = (IMAP_COMMAND *) 0x8419c800
rc = 32
#16 0x1c078352 in cmd_start (idata=0x8042d100,
cmdstr=0x20 <Address 0x20 out of bounds>, flags=4) at command.c:403
rc = 595252860
#17 0x1c0780ee in imap_exec (idata=0x8042d100,
cmdstr=0xcfbd8150 "STATUS \"Drafts\" (UIDNEXT UIDVALIDITY UNSEEN
RECENT)",
flags=4) at command.c:235
rc = 32
#18 0x1c07b6a0 in imap_buffy_check (force=0) at imap.c:1526
idata = (IMAP_DATA *) 0x8042d100
lastdata = (IMAP_DATA *) 0x8042d100
mailbox = (BUFFY *) 0x7e405a00
name = "Drafts\000\000\000
focus\000\000anges\000ÃÂÂ210\205ÃÂÂÃÂÂa\000\000\000\000\000\000\000ÃÂÂ|\212@\000\204\200|ÃÂÂ#\000ÃÂÂ~\001\000\000\000ÃÂÂ\205ÃÂÂÃÂÂÃÂÂ177\003@\000\204\200ÃÂÂ|\212\000ÃÂÂ~\000ÃÂÂ~ÃÂÂ\206ÃÂÂÃÂÂ\205ÃÂÂÃÂÂ000ÃÂÂ~|ÃÂÂ#ÃÂÂ\001<\000ÃÂÂ~ÃÂÂ205ÃÂÂÃÂÂÃÂÂ177\003\000ÃÂÂ~(ÃÂÂ|\003ÃÂÂ205ÃÂÂÃÂÂÃÂÂ177\003%ÃÂÂ~\005@\037~\000\000\000\000pÃÂÂ213%\000ÃÂÂ~ÃÂÂ\206ÃÂÂÃÂÂb\206ÃÂÂÃÂÂ\226\226\005\000ÃÂÂ~\017\216M\022ÃÂÂo\037\207ÃÂÂ\226\226\005pÃÂÂ213%ÃÂÂ\206ÃÂÂÃÂÂ\206ÃÂÂÃÂÂÃÂÂ224\005\000ÃÂÂ~`\000\000\000"...
command = "STATUS \"Drafts\" (UIDNEXT UIDVALIDITY UNSEEN
RECENT)\000\000\000ECENT)\000\000CENT)\000T)\000ÃÂÂ002\000\000\000|ÃÂÂ#@\000\000\000\202ÃÂÂ8\212x\203ÃÂÂÃÂÂÃÂÂ201\003ÃÂÂ201ÃÂÂÃÂÂ200ÃÂÂ~\214\203ÃÂÂÃÂÂ036\000\000\000@\203ÃÂÂÃÂÂÃÂÂÃÂÂÃÂÂ\220ÃÂÂ001<\230ÃÂÂ201\003\204ÃÂÂ8\212@\203ÃÂÂÃÂÂ\000\000\000\b\002ÃÂÂÃÂÂ\202ÃÂÂ8\212?\000\000\000x\204ÃÂÂÃÂÃÂÂ\201\003\234\202ÃÂÂÃÂÂ202ÃÂÂ~\001\000\000\000ÃÂÂ203ÃÂÂÃÂÂ\202ÃÂÂÃÂÂ\203ÃÂÂÃÂÂ\000\000\000\000\203ÃÂÂÃÂÂ234\202ÃÂÂÃÂÂ\000\000\000"...
munged = "\"Drafts\"\000\000\000focus\"\000\000nges\"\000m\"",
'\0'
<repeats 277 times>,
"ÃÂÂÃÂÂÃÂÂÃÂÂÃÂÂ\201ÃÂÂÃÂ~ÃÂÂÃÂÂÃÂÂ\005\034#A5\031\200\000\000\000\0349\001<;ÃÂÂ\000<\237c\000<-a\000<\000\000\000\000\000\000\000\000\200\177ÃÂÂÃÂÂ002\000\000\0008\200ÃÂÂÃÂt\202\003\202ÃÂÂ8\212ÃÂÂ200ÃÂÂÃÂÂ002\000\000\000\b\002ÃÂÂÃÂÂ200\177ÃÂÂÃÂÂ200\000\000\000\024\000\000<ÃÂÂ\205ÃÂÂÃÂÂ000\000\000\000ÃÂÂ200ÃÂÂÃÂÂ000\000\000\000|ÃÂÂ#p\200ÃÂÂÃÂÂÃÂÂÃÂÂÃÂÂ\030\177ÃÂÂÃÂÂ230ÃÂÂ201\003ÃÂÂ201ÃÂÂÃÂÂ\200ÃÂÂÃÂÂa\000\000\000pÃÂÂ201\003|ÃÂÂ#\002\000\000\000ÃÂÂ\2
---Type
<return> to 01ÃÂÂÃÂÃÂÂ\201\003ÃÂÂ177ÃÂÂ"...
buffies = 0
#19 0x1c00bb3f in mutt_buffy_check (force=0) at buffy.c:380
tmp = (BUFFY *) 0x0
sb = {st_dev = 0, st_ino = 741500136, st_mode = 1271597635,
st_nlink = 2212769792, st_uid = 2151862528, st_gid = 0, st_rdev = 0,
st_lspare0 = 58757814, st_atim = {tv_sec = -809661896, tv_nsec = 0},
st_mtim = {tv_sec = 1, tv_nsec = 100}, st_ctim = {tv_sec = -2, tv_nsec =
0},
st_size = 0, st_blocks = 2151862528, st_blksize = 3485305464,
st_flags = 470266782, st_gen = 2151862528, st_lspare1 = 0, __st_birthtim
= {
tv_sec = -809661848, tv_nsec = 204651666}, st_qspare = {0,
259796147008}}
contex_sb = {st_dev = 0, st_ino = 0, st_mode = 3485305336,
st_nlink = 58884739, st_uid = 0, st_gid = 3485305264, st_rdev =
-809662008,
st_lspare0 = 204653691, st_atim = {tv_sec = 10754, tv_nsec = 1}, st_mtim
= {
tv_sec = 18944, tv_nsec = 1223}, st_ctim = {tv_sec = 2130771716,
tv_nsec = -15592169}, st_size = 1087077324213066755,
st_blocks = 164931039068161, st_blksize = 38400, st_flags = 0,
st_gen = 422920483, st_lspare1 = 0, __st_birthtim = {tv_sec = 2,
tv_nsec = 0}, st_qspare = {-4294967297, 2018006463573494328}}
t = 595252860
#20 0x1c01dfca in mutt_index_menu () at curs_main.c:522
check = 0
buf = "---Mutt: =INBOX [Msgs:60 Post:52 Inc:16
856K]---(threads/last-date-received)-(end)---\000\000\000
\001\000\000`\217ÃÂÂÃÂÂ000\000\000\000\001\000\000\000x\223ÃÂÂÃÂÂl\001\034\000ÃÂÂ8\212@ÃÂÂ001<ÃÂÂÃÂÂÃÂÂÃÂÂ`\217ÃÂÂÃÂÂorting
mailbox...\000\000\200ÃÂÂ8\212ÃÂÂ\223ÃÂÂÃÂÂl\001\034\000ÃÂÂ8\212@ÃÂÂ001<ÃÂÂÃÂÂÃÂÂÃÂÂ\220\217ÃÂÂÃÂÂeading
imaps://\"INBOX\"\000"...
helpstr = "q:Quit d:Del u:Undel s:Save m:Mail r:Reply
g:Group
?:Help", '\0' <repeats 272 times>,
"ÃÂÂÃÂÂÃÂÂÃÂÂ`\232\016}X\214ÃÂÂÃÂÂ\215ÃÂÂÃÂÂA5\031a\232\016}", '\0'
<repeats 12
times>,
"`\232\016}\000\000\000\001$x2,\000e2,`\232\016}H\215ÃÂÂÃÂÂ24\f\203ÃÂÂ8\212?\000\000\000`\232\016}\a\000\000\000m\000\000\000$x2,ÃÂÂ214ÃÂÂÃÂÂÃÂÂ\fm\000\000\000\000e2,ÃÂÂ214ÃÂÂÃÂÂ211ÃÂÂ\f\000ÃÂÂ\200ÃÂÂÃÂÂ\000\000ÃÂÂ214ÃÂÂÃÂÂ
4\f"...
op = -1
done = 0
i = 0
j = 0
tag = 0
newcount = 16
oldcount = 16
rc = 32
menu = (MUTTMENU *) 0x82561f80
cp = 0x10 <Address 0x10 out of bounds>
index_hint = 59
do_buffy_notify = 1
close = 0
attach_msg = 0
do_buffy_notify = 1
close = 0
attach_msg = 0
#21 0x1c03147a in main (argc=3, argv=0xcfbd9c68) at main.c:1020
folder = "imaps://imap.gmail.com:993/INBOX", '\0' <repeats 223
times>
subject = 0x0
includeFile = 0x0
draftFile = 0x0
newMagic = 0x0
msg = (HEADER *) 0x0
attach = (LIST *) 0x0
commands = (LIST *) 0x0
queries = (LIST *) 0x0
alias_queries = (LIST *) 0x0
sendflags = 0
flags = 0
version = 0
i = 1006757064
explicit_folder = 0
dump_variables = 0
double_dash = 3
nargc = 1
I am using a snapshot from april the 19th on OpenBSD-4.7-current. The
build was configure with hcache, ssl, sasl, imap and smtp. This bug has
always existed in the OpenBSD packages as far as I remember.
Any more info needed, mail me.
Thanks!
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3407>
Mutt <http://www.mutt.org/>
The Mutt mail user agent