Crash on Fedora 31 with "official" package from flatcap and last build

Fedora 31

git rev-parse --short HEAD
6a0e1814a

stephane@xps ~/s/g/n/neomutt> gdb ./neomutt
(gdb) run
Starting program: /home/stephane/src/github.com/neomutt/neomutt/neomutt 
Missing separate debuginfos, use: dnf debuginfo-install glibc-2.30-5.fc31.x86_64
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
warning: the debug information found in "/usr/lib/debug//usr/lib64/gconv/ISO8859-1.so.debug" does not match "/usr/lib64/gconv/ISO8859-1.so" (CRC mismatch).

[Detaching after fork from child process 258082]

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7ad2111 in __memset_avx2_erms () from /lib64/libc.so.6
(gdb) l
409      * @retval 0 Success
410      * @retval 1 Error
411      */
412     int main(int argc, char *argv[], char *envp[])
413     {
414       char *subject = NULL;
415       char *include_file = NULL;
416       char *draft_file = NULL;
417       char *new_magic = NULL;
418       char *dlevel = NULL;
(gdb) bt
#0  0x00007ffff7ad2111 in __memset_avx2_erms () from /lib64/libc.so.6
#1  0x00000000004bc557 in mutt_buffer_reset (buf=buf@entry=0x61afb0) at mutt/buffer.c:83
#2  0x00000000004bca42 in mutt_buffer_strcpy (buf=0x61afb0, s=0x61a950 "/home/stephane/mail/python-new@wirtel.be/Drafts") at mutt/buffer.c:314
#3  0x00000000004394d6 in parse_mailboxes (buf=0x7fffffffa3f0, s=0x7fffffffa350, data=<optimized out>, err=<optimized out>) at init.c:1351
#4  0x000000000043a618 in mutt_parse_rc_line (line=<optimized out>, token=token@entry=0x7fffffffa3f0, err=err@entry=0x7fffffffd5a0) at init.c:3251
#5  0x000000000043a905 in mutt_parse_rc_line (err=0x7fffffffd5a0, token=0x7fffffffa3f0, line=<optimized out>) at init.c:3224
#6  source_rc (rcfile_path=rcfile_path@entry=0x7fffffffb450 "/home/stephane/.mutt/profiles/python@wirtel.be/muttrc", err=err@entry=0x7fffffffd5a0) at init.c:828
#7  0x000000000043ac95 in parse_source (buf=0x7fffffffc520, s=0x7fffffffc480, data=<optimized out>, err=0x7fffffffd5a0) at init.c:1930
#8  0x000000000043a618 in mutt_parse_rc_line (line=<optimized out>, token=token@entry=0x7fffffffc520, err=err@entry=0x7fffffffd5a0) at init.c:3251
#9  0x000000000043a905 in mutt_parse_rc_line (err=0x7fffffffd5a0, token=0x7fffffffc520, line=<optimized out>) at init.c:3224
#10 source_rc (rcfile_path=<optimized out>, err=err@entry=0x7fffffffd5a0) at init.c:828
#11 0x000000000043b532 in mutt_init (skip_sys_rc=<optimized out>, commands=commands@entry=0x7fffffffe040) at init.c:3156
#12 0x00000000004084d6 in main (argc=1, argv=0x7fffffffe738, envp=<optimized out>) at main.c:704
(gdb) where
#0  0x00007ffff7ad2111 in __memset_avx2_erms () from /lib64/libc.so.6
#1  0x00000000004bc557 in mutt_buffer_reset (buf=buf@entry=0x61afb0) at mutt/buffer.c:83
#2  0x00000000004bca42 in mutt_buffer_strcpy (buf=0x61afb0, s=0x61a950 "/home/stephane/mail/python-new@wirtel.be/Drafts") at mutt/buffer.c:314
#3  0x00000000004394d6 in parse_mailboxes (buf=0x7fffffffa3f0, s=0x7fffffffa350, data=<optimized out>, err=<optimized out>) at init.c:1351
#4  0x000000000043a618 in mutt_parse_rc_line (line=<optimized out>, token=token@entry=0x7fffffffa3f0, err=err@entry=0x7fffffffd5a0) at init.c:3251
#5  0x000000000043a905 in mutt_parse_rc_line (err=0x7fffffffd5a0, token=0x7fffffffa3f0, line=<optimized out>) at init.c:3224
#6  source_rc (rcfile_path=rcfile_path@entry=0x7fffffffb450 "/home/stephane/.mutt/profiles/python@wirtel.be/muttrc", err=err@entry=0x7fffffffd5a0) at init.c:828
#7  0x000000000043ac95 in parse_source (buf=0x7fffffffc520, s=0x7fffffffc480, data=<optimized out>, err=0x7fffffffd5a0) at init.c:1930
#8  0x000000000043a618 in mutt_parse_rc_line (line=<optimized out>, token=token@entry=0x7fffffffc520, err=err@entry=0x7fffffffd5a0) at init.c:3251
#9  0x000000000043a905 in mutt_parse_rc_line (err=0x7fffffffd5a0, token=0x7fffffffc520, line=<optimized out>) at init.c:3224
#10 source_rc (rcfile_path=<optimized out>, err=err@entry=0x7fffffffd5a0) at init.c:828
#11 0x000000000043b532 in mutt_init (skip_sys_rc=<optimized out>, commands=commands@entry=0x7fffffffe040) at init.c:3156
#12 0x00000000004084d6 in main (argc=1, argv=0x7fffffffe738, envp=<optimized out>) at main.c:704
(gdb) up
#1  0x00000000004bc557 in mutt_buffer_reset (buf=buf@entry=0x61afb0) at mutt/buffer.c:83
83        memset(buf->data, 0, buf->dsize);
(gdb) l
78       */
79      void mutt_buffer_reset(struct Buffer *buf)
80      {
81        if (!buf || !buf->data || (buf->dsize == 0))
82          return;
83        memset(buf->data, 0, buf->dsize);
84        buf->dptr = buf->data;
85      }
86
87      /**
(gdb) p buf
$1 = (struct Buffer *) 0x61afb0
(gdb) p buf-
Display all 200 possibilities? (y or n)
(gdb) p buf->d
data   dptr   dsize  
(gdb) p buf->data 
$2 = 0x2f73657669686372 <error: Cannot access memory at address 0x2f73657669686372>
(gdb) u
curses_segv_handler (sig=11) at mutt_signal.c:101
101       mutt_curses_set_cursor(MUTT_CURSOR_VISIBLE);
(gdb) l
96       * curses_segv_handler - Catch a segfault and print a backtrace
97       * @param sig Signal number, e.g. SIGSEGV
98       */
99      static void curses_segv_handler(int sig)
100     {
101       mutt_curses_set_cursor(MUTT_CURSOR_VISIBLE);
102       endwin(); /* just to be safe */
103     #ifdef HAVE_LIBUNWIND
104       show_backtrace();
105     #endif
(gdb)

 ./neomutt -v
NeoMutt 20191102-2-6a0e18
Copyright (C) 1996-2016 Michael R. Elkins and others.
NeoMutt comes with ABSOLUTELY NO WARRANTY; for details type 'neomutt -vv'.
NeoMutt is free software, and you are welcome to redistribute it
under certain conditions; type 'neomutt -vv' for details.

System: Linux 5.3.7-301.fc31.x86_64 (x86_64)
ncurses: ncurses 6.1.20190803 (compiled with 6.1.20190803)
libidn: 1.35 (compiled with 1.35)

Compiler:
Using built-in specs.
COLLECT_GCC=cc
COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-redhat-linux/9/lto-wrapper
OFFLOAD_TARGET_NAMES=nvptx-none
OFFLOAD_TARGET_DEFAULT=1
Target: x86_64-redhat-linux
Configured with: ../configure --enable-bootstrap --enable-languages=c,c++,fortran,objc,obj-c++,ada,go,d,lto --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared --enable-threads=posix --enable-checking=release --enable-multilib --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-gcc-major-version-only --with-linker-hash-style=gnu --enable-plugin --enable-initfini-array --with-isl --enable-offload-targets=nvptx-none --without-cuda-driver --enable-gnu-indirect-function --enable-cet --with-tune=generic --with-arch_32=i686 --build=x86_64-redhat-linux
Thread model: posix
gcc version 9.2.1 20190827 (Red Hat 9.2.1-1) (GCC) 

Configure options: --sasl --ssl

Compilation CFLAGS: -g -O2 -std=c99 -fno-delete-null-pointer-checks -D_ALL_SOURCE=1 -D_GNU_SOURCE=1 -D__EXTENSIONS__ -I/usr/include -DNCURSES_WIDECHAR

Default options:
  +attach_headers_color +compose_to_sender +compress +cond_date +debug 
  +encrypt_to_self +forgotten_attachments +forwref +ifdef +imap +index_color 
  +initials +limit_current_thread +multiple_fcc +nested_if +new_mail +nntp +pop 
  +progress +quasi_delete +regcomp +reply_with_xorig +sensible_browser +sidebar 
  +skip_quoted +smtp +status_color +timeout +tls_sni +trash 

Compile options:
  -autocrypt +bkgdset +color +curs_set +fcntl -flock -fmemopen +futimens 
  +getaddrinfo -gnutls -gpgme -gss -hcache -homespool +idn +inotify 
  -locales_hack -lua +meta -mixmaster +nls -notmuch +openssl +pgp +sasl +smime 
  -sqlite +start_color +sun_attachment +typeahead 
MAILPATH="/var/mail"
PKGDATADIR="/usr/share/neomutt"
SENDMAIL="/usr/sbin/sendmail"
SYSCONFDIR="/etc"

Any idea?

Sorry, I don't have time for a full debugging session but I think there is a problem with buf->data.

neomutt / neomutt

Crash on Fedora 31 with "official" package from flatcap and last build #1928