<<< Date Index >>>     <<< Thread Index >>>

Re: [Mutt] #3410: Mutt crashes when two instances open the same mailbox



#3410: Mutt crashes when two instances open the same mailbox
--------------------+-------------------------------------------------------
 Reporter:  vext01  |       Owner:  me      
     Type:  defect  |      Status:  assigned
 Priority:  major   |   Milestone:          
Component:  mutt    |     Version:          
 Keywords:          |  
--------------------+-------------------------------------------------------

Comment(by vext01):

 OK, so I went and found myself a Linux box and ran it on mutt HEAD. I used
 the free filling option to fill freed memory with 0xdf, so as to emulate
 OpenBSD malloc.conf. Sure enough it crashed.

 Valgrind reports an alarming number of bad memory accesses, including many
 use after frees (if i read the output correctly); such as:

 ==6567== Invalid read of size 4
 ==6567==    at 0x8068C6F: mutt_index_menu (curs_main.c:480)
 ==6567==    by 0x808C138: main (main.c:1019)
 ==6567==  Address 0x43be270 is 72 bytes inside a block of size 116 free'd
 ==6567==    at 0x4024B3A: free (vg_replace_malloc.c:366)
 ==6567==    by 0x80CE072: safe_free (lib.c:198)
 ==6567==    by 0x80FE4F8: imap_keepalive (util.c:766)
 ==6567==    by 0x8089095: km_dokey (keymap.c:407)
 ==6567==    by 0x806925F: mutt_index_menu (curs_main.c:603)
 ==6567==    by 0x808C138: main (main.c:1019)

 Attached is a gzipped log.

-- 
Ticket URL: <http://dev.mutt.org/trac/ticket/3410#comment:19>
Mutt <http://www.mutt.org/>
The Mutt mail user agent