Hi Ken,
I ran it against 500k messages on the Enron corpus ... and of course
YOU have the one email that breaks it. Sigh.
:-) Here's the first complaint.
$ uip/scan -version
scan -- nmh-1.7+dev 1.7-branchpoint-490-g42db3a2c built 2018-02-10 17:21:09
+0000 on orac
$ valgrind uip/scan prev cur
==12501== Invalid write of size 1
==12501== at 0x116DA6: m_getfld (m_getfld.c:711)
711 *cp++ = c;
==12501== by 0x10DCED: scan (scansbr.c:181)
181 bufsz = rlwidth, state = m_getfld (&gstate, name, tmpbuf,
&bufsz, inb)) {
==12501== by 0x10D542: main (scan.c:282)
==12501== Address 0x54c84b0 is 0 bytes inside a block of size 8,192
free'd
==12501== at 0x4C2E10B: free (vg_replace_malloc.c:530)
==12501== by 0x113008: fmt_scan (fmt_scan.c:1158)
1158 free (comp->c_text);
==12501== by 0x10DAD2: scan (scansbr.c:338)
338 fmt_scan (fmt, *scanl, slwidth, dat, NULL);
==12501== by 0x10D542: main (scan.c:282)
==12501== Block was alloc'd at
==12501== at 0x4C2CEDF: malloc (vg_replace_malloc.c:299)
==12501== by 0x11ABC7: mh_xmalloc (utils.c:47)
==12501== by 0x10E00B: scan (scansbr.c:143)
143 *nxtbuf++ = mh_xmalloc(rlwidth);
==12501== by 0x10D542: main (scan.c:282)
==12501==
Without valgrind, the command appears to function just fine.
valgrind doesn't find fault with this one.
$ /bin/scan -version
scan -- nmh-1.7+dev 1.7-branchpoint-443-g47b86722 built 2017-11-26 18:38:47
+0000 on orac
To get the abort, I ditch valgrind and get a backtrace from gdb.
#0 0x00007ffff7829860 in raise () from /usr/lib/libc.so.6
#1 0x00007ffff782aec9 in abort () from /usr/lib/libc.so.6
#2 0x00007ffff786c437 in __libc_message () from /usr/lib/libc.so.6
#3 0x00007ffff787278b in malloc_printerr () from /usr/lib/libc.so.6
#4 0x00007ffff78744f0 in _int_free () from /usr/lib/libc.so.6
#5 0x000055555555ef4a in fmt_scan (format=<optimized out>,
scanlp=<optimized out>, width=114,
dat=dat@entry=0x55555557b810 <dat>, callbacks=callbacks@entry=0x0) at
sbr/fmt_scan.c:1134
#6 0x0000555555559ad3 in scan (inb=<optimized out>, innum=5785, outnum=0,
nfs=<optimized out>,
width=<optimized out>, curflg=<optimized out>, unseen=0,
folder=0x5555555a5a00 "inbox", size=0, noisy=1,
scanl=0x7fffffffbdb8) at uip/scansbr.c:338
#7 0x0000555555559543 in main (argc=<optimized out>, argv=<optimized out>)
at uip/scan.c:282
I suspect it's all related and the `free (comp->c_text)' above is key.
--
Cheers, Ralph.
https://plus.google.com/+RalphCorderoy
--
Nmh-workers
https://lists.nongnu.org/mailman/listinfo/nmh-workers