#3971: mutt intermittently segfaults in macOS 10.12.6 during IMAP message deletion ---------------------+---------------------- Reporter: chdiza | Owner: mutt-dev Type: defect | Status: closed Priority: major | Milestone: Component: mutt | Version: 1.9.0 Resolution: fixed | Keywords: ---------------------+---------------------- Changes (by Kevin McCarthy <kevin@…>):
* status: new => closed * resolution: => fixed Comment: In [changeset:"7155392ed28b7c88f3398e57058434da2484ed6b" 7159:7155392ed28b]: {{{ #!CommitTicketReference repository="" revision="7155392ed28b7c88f3398e57058434da2484ed6b" Fix imap sync segfault due to inactive headers during an expunge. (closes #3971) Mutt has several places where it turns off h->active as a hack. For example to avoid FLAG updates, or to exclude from imap_exec_msgset. Unfortunately, when a reopen is allowed and the IMAP_EXPUNGE_PENDING flag becomes set (e.g. a flag update to a modified header), imap_expunge_mailbox() will be called by imap_cmd_finish(). The mx_update_tables() would free and remove these "inactive" headers, despite that an EXPUNGE was not received for them. This would result in memory leaks and segfaults due to dangling pointers in the msn_index and uid_hash. There should probably be a more elegant solution, removing the initial hacks. However, this is causing a segfault, and the best solution right now is to turn active back on for non-expunged messages in imap_expunge_mailbox(). Extra thanks to chdiza, who bravely runs tip and found this issue quickly. }}} -- Ticket URL: <https://dev.mutt.org/trac/ticket/3971#comment:14> Mutt <http://www.mutt.org/> The Mutt mail user agent