#3410: Mutt crashes when two instances open the same mailbox
--------------------+-------------------------------------------------------
Reporter: vext01 | Owner: me
Type: defect | Status: assigned
Priority: major | Milestone:
Component: mutt | Version:
Keywords: |
--------------------+-------------------------------------------------------
Comment(by vext01):
OK, so I went and found myself a Linux box and ran it on mutt HEAD. I used
the free filling option to fill freed memory with 0xdf, so as to emulate
OpenBSD malloc.conf. Sure enough it crashed.
Valgrind reports an alarming number of bad memory accesses, including many
use after frees (if i read the output correctly); such as:
==6567== Invalid read of size 4
==6567== at 0x8068C6F: mutt_index_menu (curs_main.c:480)
==6567== by 0x808C138: main (main.c:1019)
==6567== Address 0x43be270 is 72 bytes inside a block of size 116 free'd
==6567== at 0x4024B3A: free (vg_replace_malloc.c:366)
==6567== by 0x80CE072: safe_free (lib.c:198)
==6567== by 0x80FE4F8: imap_keepalive (util.c:766)
==6567== by 0x8089095: km_dokey (keymap.c:407)
==6567== by 0x806925F: mutt_index_menu (curs_main.c:603)
==6567== by 0x808C138: main (main.c:1019)
Attached is a gzipped log.
--
Ticket URL: <http://dev.mutt.org/trac/ticket/3410#comment:19>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
