imaptest can crash if ran without mail session timeout, because LOGOUT timestamp is set to -1 in user_fill_timestamps and not set to anything else later on.
# gdb --args imaptest host=192.168.1.119 pass=supersecret mbox=testmbox no_tracking profile=profile_pop3.conf
GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-119.el7
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/imaptest...Reading symbols from /usr/lib/debug/usr/bin/imaptest.debug...done.
done.
(gdb) r
Starting program: /usr/bin/imaptest host=192.168.1.119 pass=supersecret mbox=testmbox no_tracking profile=profile_pop3.conf
Logi List Stat Sele Fetc Fet2 Stor Dele Expu Appe Logo LMTP
8 0 0 8 0 405 0 0 400 0 0 0 8/ 8 [80%]
Panic: file profile.c: line 462 (user_timestamp_handle): assertion failed: (user->timestamps[ts] > 0)
Error: Raw backtrace: #0 t_askpass[0x7ffff7b10fd0] -> #1 backtrace_append[0x7ffff7b11230] -> #2 backtrace_get[0x7ffff7b11390] -> #3 i_syslog_error_handler[0x7ffff7b1b850] -> #4 default_fatal_handler[0x7ffff7b1b920] -> #5 i_panic[0x7ffff7a725f7] -> #6 _init[0x555555569160] -> #7 io_loop_handle_timeouts[0x7ffff7b33ce0] -> #8 io_loop_handler_run_internal[0x7ffff7b35840] -> #9 io_loop_handler_run[0x7ffff7b340c0] -> #10 io_loop_run[0x7ffff7b34320] -> #11 _init[0x55555555ab00] -> #12 __libc_start_main[0x7ffff6d43460] -> #13 _init[0x55555555b9e7]
Program received signal SIGABRT, Aborted.
0x00007ffff6d57387 in raise () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install glibc-2.17-307.el7.1.x86_64 libgcc-4.8.5-39.el7.x86_64 libunwind-1.2-2.el7.x86_64
(gdb) up
#1 0x00007ffff6d58a78 in abort () from /lib64/libc.so.6
(gdb)
#2 0x00007ffff7b1b8b7 in default_fatal_finish (status=0,
type=<optimized out>) at failures.c:459
459 abort();
(gdb)
#3 fatal_handler_real (ctx=<optimized out>, format=<optimized out>,
args=<optimized out>) at failures.c:471
471 default_fatal_finish(ctx->type, status);
(gdb)
#4 0x00007ffff7b1b941 in default_fatal_handler (ctx=<optimized out>,
format=<optimized out>, args=<optimized out>) at failures.c:479
479 fatal_handler_real(ctx, format, args);
(gdb)
#5 0x00007ffff7a726ba in i_panic (
format=format@entry=0x555555572838 "file %s: line %d (%s): assertion failed: (%s)") at failures.c:523
523 fatal_handler(&ctx, format, args);
(gdb)
#6 0x00005555555697d9 in user_timestamp_handle (user_connected=true,
ts=USER_TIMESTAMP_LOGOUT, user=0x55555578bbf8) at profile.c:462
462 i_assert(user->timestamps[ts] > 0);
(gdb)
#7 user_run_actions (user=0x55555578bbf8) at profile.c:510
510 switch (user_timestamp_handle(user, ts, user_connected)) {
(gdb) p user_connected
$1 = <optimized out>
(gdb) up
#8 users_timeout (context=<optimized out>) at profile.c:554
554 user_run_actions(*userp);
(gdb) down
#7 user_run_actions (user=0x55555578bbf8) at profile.c:510
510 switch (user_timestamp_handle(user, ts, user_connected)) {
(gdb) list 500
495 }
496
497 static void user_run_actions(struct user *user)
498 {
499 enum user_timestamp ts;
500 bool user_connected = user_client_is_connected(user->active_client);
501
502 if (disconnect_clients) {
503 if (user_connected)
504 user_logout(user->active_client);
(gdb) p user_client_is_connected(user->active_client)
No symbol "user_client_is_connected" in current context.
(gdb) p user_client
Display all 19314 possibilities? (y or n)
(gdb) p user->active_client
$2 = (struct user_client *) 0x55555578bd18
(gdb) p *user->active_client
$3 = {user = 0x55555578bbf8, profile = 0x555555786aa8, last_logout = 0,
clients = {arr = {buffer = 0x55555578bd78, element_size = 8},
v = 0x55555578bd78, v_modifiable = 0x55555578bd78}, mailboxes = {arr = {
buffer = 0x55555578bdd8, element_size = 8}, v = 0x55555578bdd8,
v_modifiable = 0x55555578bdd8}, pop3_uidls_pool = 0x0, pop3_uidls = {
arr = {buffer = 0x0, element_size = 0}, v = 0x0, v_modifiable = 0x0},
draft_cmd = 0x0, draft_uid = 0}
(gdb) p *user->active_client->clients
Attempt to take contents of a non-pointer value.
(gdb) p user->active_client->clients
$4 = {arr = {buffer = 0x55555578bd78, element_size = 8}, v = 0x55555578bd78,
v_modifiable = 0x55555578bd78}
(gdb) p user->active_client->clients.arr
$5 = {buffer = 0x55555578bd78, element_size = 8}
(gdb) p user->active_client->clients.arr->buffer->used
$6 = 8
(gdb) p user->active_client->clients.v[0][0]
$7 = (struct client * const) 0x55555588cb20
(gdb) p user->active_client->clients.v[0][0][0]
$8 = {refcount = 1, user = 0x55555578bbf8, user_client = 0x55555578bd18, v = {
input = 0x5555555685e0 <pop3_client_input>,
output = 0x555555567bb0 <pop3_client_output>,
connected = 0x555555567bc0 <pop3_client_connected>,
send_more_commands = 0x555555567df0 <pop3_client_send_more_commands>,
logout = 0x555555567dd0 <pop3_client_logout>,
free = 0x555555567bd0 <pop3_client_free>, disconnected = 0x0},
protocol = CLIENT_PROTOCOL_POP3, port = 110, idx = 0, global_id = 1,
cur = 0, fd = 12, rawlog_fd = -1, input = 0x55555588cc90,
output = 0x55555588ced0, ssl_iostream = 0x0, io = 0x55555578aa20, to = 0x0,
login_state = LSTATE_AUTH, state = STATE_EXPUNGE, last_io = 1599031953,
delayed = false, disconnected = false, logout_sent = false, idling = false}
(gdb) p user->active_client->clients.v[0][0][0].state
$9 = STATE_EXPUNGE
(gdb) p user->ts
There is no member named ts.
(gdb) p user->timestamps
$10 = {-1, 1599034015, -1, -1, -1}
imaptest can crash if ran without mail session timeout, because LOGOUT timestamp is set to -1 in user_fill_timestamps and not set to anything else later on.