talloc_abort in notmuch_thread_get_tags () when db has been modified
David Bremner
david at tethera.net
Mon Jan 18 04:25:00 PST 2016
Gaute Hope <eg at gaute.vetsj.com> writes:
> Hi,
>
> a user of astroid [0] ran into a issue [1] (full trace at issue) where
> reading a long query causes a talloc_abort in notmuch_thread_get_tags
> (). 'notmuch new' is running at the same time, and most likely a thread
> in the query has been modified since the query was done. Note that a
> notmuch_thread_get_authors () call returns NULL without causing a full
> crash. The code causing the crash is:
>
> ```
> for (tags = notmuch_thread_get_tags (nm_thread);
> notmuch_tags_valid (tags);
> notmuch_tags_move_to_next (tags))
> {
> tag = notmuch_tags_get (tags); // tag belongs to tags
> }
>
> // or db.cc:508 in astroid/src.
> ```
>
The most likely cause of such a crash looks to me like nm_thread is NULL
or corrupted when passed in to get_tags. It's used without checking as a
talloc context, and that call to talloc never returns.
More information about the notmuch
mailing list