GNOME Bugzilla – Bug 131587
Crash (sigsegv) reading Invalid Header
Last modified: 2004-12-22 21:47:04 UTC
I normally "read" every article by quickly using the "n" (next) command to skip over unwanted articles. (I have a local news server so this is efficient enough). Recently, certain articles are causing a segmentation violation when reading the article (using gmime from the cache). Simply selecting the article from the header pane or "n" to the article will cause the crash. Also happens on 0.13.? and 0.14.2. 100% reproducible on the given articles. Included here are a scripted stack backtrace, the end of a scripted --debug and an example article that causes the crash (taken directly from pan's cache). N.B. I cut most of the base64-encoded data from the cached file (included here) for brevity. The crash happens on both the full article and this abbreviated form. Plus, given the print statement just before the crash, I suspect that pan is not dealing well with an invalid header: conductor.iss.net$ ./pan (Null) - Invalid header: Segmentation fault conductor.iss.net$ Thanks! Randy ------------------------------------------------- conductor.iss.net$ cat pan_backtrace Script started on Thu Jan 15 13:03:05 2004 conductor.iss.net$ uname -a Linux conductor.iss.net 2.4.21 #12 Fri Aug 22 21:02:56 EDT 2003 i686 i686 i386 GNU/Linux conductor.iss.net$ export LD_ASSUME_KERNEL=2.4.1 conductor.iss.net$ gdb pan GNU gdb Red Hat Linux (5.3post-0.20021129.18rh) Copyright 2003 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"... (gdb) handle SIGUSR1 nostop noprint Signal Stop Print Pass to program Description SIGUSR1 No No Yes User defined signal 1 (gdb) handle SIG32 nostop noprint Signal Stop Print Pass to program Description SIG32 No No Yes Real-time event 32 (gdb) run Starting program: /home/randy/computer/pan/pan-0.14.2.90/pan/pan [New Thread 16384 (LWP 29036)] [New Thread 32769 (LWP 29037)] [New Thread 16386 (LWP 29038)] [New Thread 32771 (LWP 29039)] [New Thread 49156 (LWP 29040)] [New Thread 65541 (LWP 29041)] [New Thread 81926 (LWP 29042)] [New Thread 98311 (LWP 29043)] [New Thread 114696 (LWP 29044)] [Thread 114696 (LWP 29044) exited] [New Thread 131081 (LWP 29045)] [Thread 131081 (LWP 29045) exited] (Null) - Invalid header: Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 16384 (LWP 29036)] 0x4063e14c in memcpy () from /lib/libc.so.6 (gdb) thread apply all bt Thread 8 (Thread 98311 (LWP 29043)):
+ Trace 43255
The program is running. Exit anyway? (y or n) y conductor.iss.net$ Script done on Thu Jan 15 13:04:57 2004 conductor.iss.net$ ------------------------------------------------------------- ( queue.c:179: queue_wakeup)(thread 0x818da90)(time 13:07:43)(depth 3) TRACE: + queue_wakeup ( queue.c:186: queue_wakeup)(thread 0x818da90)(time 13:07:43)(depth 2) TRACE: - queue_wakeup ( queue.c:1168: queue_do_todo)(thread 0x818da90)(time 13:07:43)(depth 1) TRACE: - queue_do_todo ( queue.c:1106:queue_run_what_we_can)(thread 0x818da90)(time 13:07:43)(depth 0) TRACE: - queue_run_what_we_can done ( queue.c:1118: queue_do_todo)(thread 0x818da90)(time 13:07:43)(depth 1) TRACE: + queue_do_todo ( queue.c:1168: queue_do_todo)(thread 0x818da90)(time 13:07:43)(depth 0) TRACE: - queue_do_todo ( queue.c:1025:queue_run_what_we_can)(thread 0x818da90)(time 13:07:43)(depth 1) TRACE: + queue_run_what_we_can ( queue.c:1106:queue_run_what_we_can)(thread 0x818da90)(time 13:07:43)(depth 0) TRACE: - queue_run_what_we_can done (status-item-view.c:330:status_item_view_set_item_nolock)(thread 0x815d7f8)(time 13:07:44)(depth 5) TRACE: + status_item_view_set_item_nolock (status-item-view.c:374:status_item_view_set_item_nolock)(thread 0x815d7f8)(time 13:07:44)(depth 4) TRACE: - status_item_view_set_item_nolock (status-item-view.c:330:status_item_view_set_item_nolock)(thread 0x815d7f8)(time 13:07:44)(depth 5) TRACE: + status_item_view_set_item_nolock (status-item-view.c:374:status_item_view_set_item_nolock)(thread 0x815d7f8)(time 13:07:44)(depth 4) TRACE: - status_item_view_set_item_nolock (status-item-view.c:330:status_item_view_set_item_nolock)(thread 0x815d7f8)(time 13:07:44)(depth 5) TRACE: + status_item_view_set_item_nolock (status-item-view.c:374:status_item_view_set_item_nolock)(thread 0x815d7f8)(time 13:07:44)(depth 4) TRACE: - status_item_view_set_item_nolock ( group.c:1164: group_ref_articles)(thread 0x815d7f8)(time 13:07:46)(depth 5) TRACE: + group_ref_articles ( group.c:1181: group_ref_articles)(thread 0x815d7f8)(time 13:07:46)(depth 4) TRACE: - group_ref_articles (articlelist.c:2046:tree_select_row_idle)(thread 0x815d7f8)(time 13:07:46)(depth 5) TRACE: + tree_select_row_idle (articlelist.c:198:_articlelist_get_selected_articles_nolock)(thread 0x815d7f8)(time 13:07:46)(depth 6) TRACE: + articlelist_get_selected_articles_nolock (articlelist.c:210:_articlelist_get_selected_articles_nolock)(thread 0x815d7f8)(time 13:07:46)(depth 5) TRACE: - articlelist_get_selected_articles_nolock ( acache.c:154:acache_message_id_to_basename)(thread 0x815d7f8)(time 13:07:46)(depth 6) TRACE: + acache_message_id_to_basename ( acache.c:181:acache_message_id_to_basename)(thread 0x815d7f8)(time 13:07:46)(depth 5) TRACE: - acache_message_id_to_basename (Null) - Invalid header: Segmentation fault conductor.iss.net$ Script done on Thu Jan 15 13:07:50 2004 conductor.iss.net$ ------------------------------------------------------------ Path: bigbe1!bigfeed.bellsouth.net!news.bellsouth.net!cox.net!news-xfer.cox.net!npeer.de.kpn-eurorings.net!news.tele.dk!news.tele.dk!small.news.tele.dk!newsfeed.multikabel.nl!news-x2.support.nl!post.news-service.com!nf2.news-service.com|not-for-mail Message-ID: <8fdf2$400674cc$421c734e$29328@nf2.news-service.com> From: Lolitka <1074164219400671FB2BB2D@yahoo.com> Newsgroups: alt.binaries.pictures.erotica.fitness.centerfolds,alt.binaries.pictures.erotica.flashers,alt.binaries.pictures.erotica.foot-fetish Subject: I LIKE THIS TEENIE - pp667-05.jpg -[5] Date: Tue, 15 Jan 2004 17:41:09 -0000 Lines: 789 X-Newsreader: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="----------1074164219400671FB2BB2D" X-Complaints-To: abuse@news-service.com Organization: News-Service.com NNTP-Posting-Host: 66.28.115.78.svwh.net X-Trace: 8fdf2400674cce7b9d6eb29328 Xref: news.hendry.org alt.binaries.pictures.erotica.fitness.centerfolds:787 This is a multi-part message in MIME format. ------------1074164219400671FB2BB2D Content-Type:text/plain; Content-Transfer-Encoding: 7bit ------------1074164219400671FB2BB2D Content-Type: image/jpeg; name="pp667-05.jpg" Content-Transfer-Encoding:base64 Content-Disposition:attachment; filename="pp667-05.jpg" /9j/4AAQSkZJRgABAQAAAQABAAD//gA+Q1JFQVRPUjogZ2QtanBlZyB2MS4wICh1c2luZyBJSkcg SlBFRyB2NjIpLCBkZWZhdWx0IHF1YWxpdHkK/9sAQwAIBgYHBgUIBwcHCQkICgwUDQwLCwwZEhMP FB0aHx4dGhwcICQuJyAiLCMcHCg3KSwwMTQ0NB8nOT04MjwuMzQy/9sAQwEJCQkMCwwYDQ0YMiEc 3ia7iIe5gu/LEEi23DCIxhwrBR8vmZw3WvNU1TUI57qdL65Wa7V0uZBMwaZXOWDnOWBPUHrVr/hJ /EH2D7B/bmp/Y/K8n7P9rk8vy8Y2bc4244x0xXGsqnBNQkrtWT2tdJN2Wj2V01rZXZXtLmVRRRXu GQUUUUAFFFFABRRRQAUUUUAFFFFABRRRQAUUUUAFFFFABRRRQB//2Q== ------------1074164219400671FB2BB2D
*** This bug has been marked as a duplicate of 125051 ***