[Pkg-mutt-maintainers] Bug#836339: Bug#836339: mutt: segfaults shortly after tls_socket_read error on imaps

Stefanos Boglou vfxcode at gmail.com
Tue Dec 13 12:23:48 UTC 2016


I think I am affected by the same bug (not sure tho).

Every time I suspend my laptop and resume on a different internet
connection mutt crashes. Its easily reproducible (at least on my end)
I used gdb to get a backtrace. -d 2 does not seem to do anything?

Attached are both a backtrace and a full backtrace

Starting program: /usr/bin/mutt -d 2
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

Program received signal SIGPIPE, Broken pipe.
0x00007ffff5a1aa97 in __libc_sendmsg (fd=4, msg=msg at entry=0x7fffffffc710,
flags=flags at entry=0)
    at ../sysdeps/unix/sysv/linux/sendmsg.c:28
28    ../sysdeps/unix/sysv/linux/sendmsg.c: No such file or directory.
Already logging to gdb.txt
.
===== Backtrace =====
#0  0x00007ffff5a1aa97 in __libc_sendmsg (fd=4, msg=msg at entry=0x7fffffffc710,
flags=flags at entry=0)
    at ../sysdeps/unix/sysv/linux/sendmsg.c:28
#1  0x00007ffff6d1265c in _system_writev (flags=0, iovec_cnt=<optimized
out>, iovec=<optimized out>,
    ptr=<optimized out>) at system/sockets.c:103
#2  system_writev (ptr=<optimized out>, iovec=<optimized out>,
iovec_cnt=<optimized out>) at system/sockets.c:120
#3  0x00007ffff6cf29e4 in _gnutls_writev (total=31, giovec_cnt=1,
giovec=0x7fffffffc780, session=0x5555559dd600)
    at buffers.c:499
#4  _gnutls_io_write_flush (session=session at entry=0x5555559dd600) at
buffers.c:698
#5  0x00007ffff6cf2dcc in _gnutls_io_write_buffered
(session=session at entry=0x5555559dd600,
bufel=<optimized out>,
    mflag=mflag at entry=1) at buffers.c:654
#6  0x00007ffff6ced059 in _gnutls_send_tlen_int
(session=session at entry=0x5555559dd600,
type=type at entry=GNUTLS_ALERT,
    htype=htype at entry=4294967295, epoch_rel=epoch_rel at entry=70001,
_data=_data at entry=0x7fffffffca50,
    data_size=data_size at entry=2, min_pad=0, mflags=1) at record.c:539
#7  0x00007ffff6d113a8 in _gnutls_send_int (mflags=1, data_size=2,
_data=0x7fffffffca50, epoch_rel=70001,
    htype=4294967295, type=GNUTLS_ALERT, session=0x5555559dd600) at
./record.h:43
#8  gnutls_alert_send (session=session at entry=0x5555559dd600,
level=level at entry=GNUTLS_AL_WARNING,
    desc=desc at entry=GNUTLS_A_CLOSE_NOTIFY) at alert.c:165
#9  0x00007ffff6ceef7c in gnutls_bye (session=0x5555559dd600,
how=how at entry=GNUTLS_SHUT_WR)
at record.c:297
#10 0x000055555561c812 in tls_socket_close (conn=0x5555559cea30) at
../../mutt_ssl_gnutls.c:497
#11 0x000055555561ef4b in mutt_sasl_conn_close (conn=0x5555559cea30) at
../../mutt_sasl.c:502
#12 0x000055555561bba9 in mutt_socket_close (conn=conn at entry=0x5555559cea30)
at ../../mutt_socket.c:81
#13 0x000055555561bf65 in mutt_socket_readchar (conn=conn at entry=0x5555559cea30,
c=c at entry=0x7fffffffcb27 "")
    at ../../mutt_socket.c:186
#14 0x000055555561bfdc in mutt_socket_readln_d (buf=0x555555e3d9b0 "a1067
OK NOOP completed.", buflen=512,
    conn=0x5555559cea30, dbg=dbg at entry=2) at ../../mutt_socket.c:202
#15 0x00005555556247d9 in imap_cmd_step (idata=idata at entry=0x5555559cf010)
at ../../../imap/command.c:114
#16 0x0000555555625f98 in imap_cmd_idle (idata=idata at entry=0x5555559cf010)
at ../../../imap/command.c:320
#17 0x000055555562845c in imap_check_mailbox (ctx=ctx at entry=0x555555997210,
    index_hint=index_hint at entry=0x7fffffffcc64, force=force at entry=0) at
../../../imap/imap.c:1432
#18 0x0000555555628bfe in imap_check_mailbox_reopen (ctx=0x555555997210,
index_hint=0x7fffffffcc64)
    at ../../../imap/imap.c:1478
#19 0x0000555555588abe in mutt_index_menu () at ../../curs_main.c:893
#20 0x000055555556ccb0 in main (argc=1, argv=<optimized out>) at
../../main.c:883

===== Full Backtrace =====
#0  0x00007ffff5a1aa97 in __libc_sendmsg (fd=4, msg=msg at entry=0x7fffffffc710,
flags=flags at entry=0)
    at ../sysdeps/unix/sysv/linux/sendmsg.c:28
        resultvar = 18446744073709551584
        sc_ret = <optimized out>
#1  0x00007ffff6d1265c in _system_writev (flags=0, iovec_cnt=<optimized
out>, iovec=<optimized out>,
    ptr=<optimized out>) at system/sockets.c:103
        hdr = {msg_name = 0x0, msg_namelen = 0, msg_iov = 0x7fffffffc780,
msg_iovlen = 1, msg_control = 0x0,
          msg_controllen = 0, msg_flags = 0}
#2  system_writev (ptr=<optimized out>, iovec=<optimized out>,
iovec_cnt=<optimized out>) at system/sockets.c:120
No locals.
#3  0x00007ffff6cf29e4 in _gnutls_writev (total=31, giovec_cnt=1,
giovec=0x7fffffffc780, session=0x5555559dd600)
    at buffers.c:499
        i = <optimized out>
        no_writev = 0
        fd = 0x4
        is_dtls = false
#4  _gnutls_io_write_flush (session=session at entry=0x5555559dd600) at
buffers.c:698
        msg = {data = 0x0, size = 0}
        send_buffer = 0x5555559de300
        ret = <optimized out>
        sent = 0
        tosend = 31
        iovec = {{iov_base = 0x555555e3fcf3, iov_len = 31}, {iov_base =
0x0, iov_len = 140737488341248}, {
            iov_base = 0x555555997180, iov_len = 140737313642640},
{iov_base = 0x7fffffffc8e0,
            iov_len = 140737317219192}, {iov_base = 0x0, iov_len =
140737334859080}, {iov_base = 0x555555e26ac0,
            iov_len = 0}, {iov_base = 0x2, iov_len = 2}, {iov_base =
0x555555e3fd00, iov_len = 140737334859441}, {
            iov_base = 0x7fffffffc8e0, iov_len = 140737488341248},
{iov_base = 0x555555890001,
            iov_len = 18446744073709551480}, {iov_base =
0x44df484031e52c9c, iov_len = 140737334858746}, {
            iov_base = 0x6800000000000000, iov_len = 1152921504606846976},
{iov_base = 0x555555e5dbc0,
            iov_len = 10763240103497843200}, {iov_base = 0x555555e26ac0,
iov_len = 0}, {iov_base = 0x555555e26ac0,
            iov_len = 16}, {iov_base = 0xd, iov_len = 140737334860021},
{iov_base = 0x5, iov_len = 140737488341328}, {
            iov_base = 0x0, iov_len = 93825001585824}, {iov_base = 0x1a,
iov_len = 93825001471616}, {iov_base = 0x2,
            iov_len = 140737334152632}, {iov_base = 0x7fffffffca50, iov_len
= 2}, {iov_base = 0x555555e3fd00,
            iov_len = 16714}, {iov_base = 0x7ffff5cc9b00 <main_arena>,
iov_len = 140737337505472}, {
            iov_base = 0x7fff00000002, iov_len = 16}, {iov_base =
0x555555e3fd00, iov_len = 140737488341344}, {
            iov_base = 0x555555e3fcf8, iov_len = 90194313216}, {iov_base =
0x4, iov_len = 140737488341584}, {
            iov_base = 0x100007200000010, iov_len = 0}, {iov_base = 0x414a,
iov_len = 140737337505472}, {
            iov_base = 0xa000000000000000, iov_len = 139646566859541},
{iov_base = 0xfaec3872, iov_len = 2684354560},
          {iov_base = 0x7fffffffca50, iov_len = 10763240103497843200}}
        i = 1
        cur = <optimized out>
        __func__ = "_gnutls_io_write_flush"
#5  0x00007ffff6cf2dcc in _gnutls_io_write_buffered
(session=session at entry=0x5555559dd600,
bufel=<optimized out>,
    mflag=mflag at entry=1) at buffers.c:654
        send_buffer = 0x5555559de300
#6  0x00007ffff6ced059 in _gnutls_send_tlen_int
(session=session at entry=0x5555559dd600,
type=type at entry=GNUTLS_ALERT,
    htype=htype at entry=4294967295, epoch_rel=epoch_rel at entry=70001,
_data=_data at entry=0x7fffffffca50,
    data_size=data_size at entry=2, min_pad=0, mflags=1) at record.c:539
        bufel = <optimized out>
        cipher_size = <optimized out>
        retval = 2
        ret = <optimized out>
        send_data_size = 2
        data = 0x7fffffffca50 "\001"
        record_params = 0x555555e23e80
        record_state = 0x555555e23fa0
        __func__ = "_gnutls_send_tlen_int"
#7  0x00007ffff6d113a8 in _gnutls_send_int (mflags=1, data_size=2,
_data=0x7fffffffca50, epoch_rel=70001,
    htype=4294967295, type=GNUTLS_ALERT, session=0x5555559dd600) at
./record.h:43
No locals.
#8  gnutls_alert_send (session=session at entry=0x5555559dd600,
level=level at entry=GNUTLS_AL_WARNING,
    desc=desc at entry=GNUTLS_A_CLOSE_NOTIFY) at alert.c:165
        data = "\001"
        ret = <optimized out>
        name = <optimized out>
#9  0x00007ffff6ceef7c in gnutls_bye (session=0x5555559dd600,
how=how at entry=GNUTLS_SHUT_WR)
at record.c:297
        ret = <optimized out>
        __func__ = "gnutls_bye"
#10 0x000055555561c812 in tls_socket_close (conn=0x5555559cea30) at
../../mutt_ssl_gnutls.c:497
        data = 0x5555559d3a90
#11 0x000055555561ef4b in mutt_sasl_conn_close (conn=0x5555559cea30) at
../../mutt_sasl.c:502
        sasldata = 0x0
        rc = <optimized out>
#12 0x000055555561bba9 in mutt_socket_close (conn=conn at entry=0x5555559cea30)
at ../../mutt_socket.c:81
        rc = -1
#13 0x000055555561bf65 in mutt_socket_readchar (conn=conn at entry=0x5555559cea30,
c=c at entry=0x7fffffffcb27 "")
    at ../../mutt_socket.c:186
No locals.
#14 0x000055555561bfdc in mutt_socket_readln_d (buf=0x555555e3d9b0 "a1067
OK NOOP completed.", buflen=512,
    conn=0x5555559cea30, dbg=dbg at entry=2) at ../../mutt_socket.c:202
        ch = 0 '\000'
        i = 0
#15 0x00005555556247d9 in imap_cmd_step (idata=idata at entry=0x5555559cf010)
at ../../../imap/command.c:114
        len = 0
        c = <optimized out>
        rc = <optimized out>
        stillrunning = 0
        cmd = <optimized out>
#16 0x0000555555625f98 in imap_cmd_idle (idata=idata at entry=0x5555559cf010)
at ../../../imap/command.c:320
        rc = <optimized out>
#17 0x000055555562845c in imap_check_mailbox (ctx=ctx at entry=0x555555997210,
    index_hint=index_hint at entry=0x7fffffffcc64, force=force at entry=0) at
../../../imap/imap.c:1432
        idata = 0x5555559cf010
        result = 0
#18 0x0000555555628bfe in imap_check_mailbox_reopen (ctx=0x555555997210,
index_hint=0x7fffffffcc64)
    at ../../../imap/imap.c:1478
        rc = <optimized out>
#19 0x0000555555588abe in mutt_index_menu () at ../../curs_main.c:893
        check = <optimized out>
        buf = "---NeoMutt: =INBOX [Msgs:20 New:4 Inc:6
183K]---(reverse-threads/date)", '-' <repeats 41 times>, "(all)---", '\000'
<repeats 904 times>
        helpstr = "q:Quit  d:Del  u:Undel  s:Save  m:Mail  r:Reply
g:Group
?:Help\000\231\272\367\377\177\000\000\300^\231\367\377\177\000\000\377\001\377\001\a\000\377\377",
'\000' <repeats 16 times>, "\250\227\272\367\377\177\000\000
\220\272\367\377\177\000\000\001", '\000' <repeats 15 times>,
"^6\274\367\377\177\000\000\000\000\000\000\000\000\000\000\205'\273\367\377\177\000\000\000\037\000\000\000\000\000\000\300^\231\367\377\177",
'\000' <repeats 19 times>, "\037", '\000' <repeats 22 times>...
        flags = <optimized out>
        op = 210
        done = 0
        i = 17
        j = <optimized out>
        tag = 0
        newcount = 6
        oldcount = 20
        rc = <optimized out>
        menu = 0x555555e5c070
        cp = <optimized out>
        index_hint = 14
        do_buffy_notify = 1
        close = 0
        attach_msg = 0
#20 0x000055555556ccb0 in main (argc=1, argv=<optimized out>) at
../../main.c:883
        folder = "imaps://zemail.domain.whatever/INBOX", '\000' <repeats
222 times>
        subject = 0x0
        includeFile = 0x0
        draftFile = 0x0
        newMagic = 0x0
        msg = 0x0
        attach = 0x0
        commands = 0x0
        queries = 0x0
        alias_queries = 0x0
        sendflags = 0
        flags = 0
        version = 0
        i = <optimized out>
        explicit_folder = 0
        dump_variables = <optimized out>
        edit_infile = 0
        double_dash = <optimized out>
        nargc = <optimized out>

----
Stefanos Boglou
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-mutt-maintainers/attachments/20161213/36ba4fef/attachment-0001.html>


More information about the Pkg-mutt-maintainers mailing list