Hi, while I have been debugging some kevent() related problems I have stumbled upon this in imap process:
(gdb) bt #0 0x00000000 in ?? () #1 0x0808befd in notify_callback (context=0x80fa040) at index-mailbox-check.c:65 #2 0x080c1ede in event_callback (context=0x80f3160) at ioloop-notify-kqueue.c:46 #3 0x080c2aff in io_loop_handler_run (ioloop=0x80ed200) at ioloop-kqueue.c:184 #4 0x080c1c02 in io_loop_run (ioloop=0x80ed200) at ioloop.c:235 #5 0x080649ab in main (argc=1, argv=0xbfbfea58, envp=0xbfbfea60) at main.c:238 (gdb) frame 1 #1 0x0808befd in notify_callback (context=0x80fa040) at index-mailbox-check.c:65 65 ibox->notify_callback(&ibox->box, ibox->notify_context); (gdb) l 60 ibox->notify_last_check = ioloop_time; 61 if ((unsigned int)(ioloop_time - ibox->notify_last_sent) >= 62 ibox->min_notify_interval) { 63 ibox->notify_last_sent = ioloop_time; 64 ibox->notify_pending = FALSE; 65 ibox->notify_callback(&ibox->box, ibox->notify_context); 66 } else { 67 ibox->notify_pending = TRUE; 68 } 69 } (gdb) inspect ibox $10 = (struct index_mailbox *) 0x80fa040 (gdb) inspect *ibox $11 = {box = {name = 0x80fa160 "INBOX", storage = 0x80eba40, v = { is_readonly = 0x808e4b8 <index_storage_is_readonly>, allow_new_keywords = 0x808e4e8 <index_storage_allow_new_keywords>, close = 0x8066e38 <maildir_storage_close>, get_status = 0x808d974 <index_storage_get_status>, sync_init = 0x8069148 <maildir_storage_sync_init>, sync_next = 0x808eb74 <index_mailbox_sync_next>, sync_deinit = 0x808ed3c <index_mailbox_sync_deinit>, notify_changes = 0x8066e88 <maildir_notify_changes>, transaction_begin = 0x80692d8 <maildir_transaction_begin>, transaction_commit = 0x8069310 <maildir_transaction_commit>, transaction_rollback = 0x80693ec <maildir_transaction_rollback>, keywords_create = 0x808e634 <index_keywords_create>, keywords_free = 0x808e658 <index_keywords_free>, get_uids = 0x8087fc0 <index_storage_get_uids>, mail_alloc = 0x8089a6c <index_mail_alloc>, header_lookup_init = 0x808bae8 <index_header_lookup_init>, header_lookup_deinit = 0x808bd48 <index_header_lookup_deinit>, search_get_sorting = 0x808d524 <index_storage_search_get_sorting>, search_init = 0x808d538 <index_storage_search_init>, search_deinit = 0x808d604 <index_storage_search_deinit>, search_next = 0x808d7dc <index_storage_search_next>, save_init = 0x806e04c <maildir_save_init>, save_continue = 0x806e370 <maildir_save_continue>, save_finish = 0x806e40c <maildir_save_finish>, save_cancel = 0x806e6a4 <maildir_save_cancel>, copy = 0x806ba0c <maildir_copy>, is_inconsistent = 0x808e518 <index_storage_is_inconsistent>}, pool = 0x80fa010, module_contexts = {buffer = 0x80fa168, element_size = 4}}, storage = 0x80eba40, index = 0x80f4400, view = 0x80f4a00, cache = 0x80f4600, mail_vfuncs = 0x80ded60, is_recent = 0x8066054 <maildir_is_recent>, md5hdr_ext_idx = 2, notify_to = 0x0, notify_files = 0x0, notify_ios = 0x0, notify_last_check = 1137544337, !!!!!!!! notify_last_sent = 1137544337, min_notify_interval = 0, notify_callback = 0, !!!!!!!! notify_context = 0x0, next_lock_notify = 1137544335, last_notify_type = MAILBOX_LOCK_NOTIFY_NONE, commit_log_file_seq = 0, commit_log_file_offset = 0, keyword_names = 0x80f446c, cache_fields = 0x80f4900, recent_flags = 0x80e13a0, recent_flags_start_seq = 130, recent_flags_count = 1, synced_recent_count = 1, sync_last_check = 1137544332, readonly = 0, keep_recent = 0, recent_flags_synced = 1, sent_diskspace_warning = 0, sent_readonly_flags_warning = 0, notify_pending = 0, mail_read_mmaped = 0}
The notify_callback field is NULL and the process SIGSEGVs. I know very little about IMAP protocol and I think this could be just a case of bad handling of invalid input. The IMAP session I had follows:
[...] a1 OK Logged in. a2 SELECT INBOX
- FLAGS (\Answered \Flagged \Deleted \Seen \Draft NonJunk)
- OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft NonJunk \*)] Flags permitted.
- 131 EXISTS
- 1 RECENT
- OK [UNSEEN 99] First unseen.
- OK [UIDVALIDITY 1137196697] UIDs valid
- OK [UIDNEXT 134] Predicted next UID a2 OK [READ-WRITE] Select completed. a3 IDLE
- idling
- 132 EXISTS
- 2 RECENT a4 DONE a3 BAD Expected DONE.
Vaclav Haisman