>> 6 imap 0x0000000105867333 >> imap_refresh_proctitle + 218 -> >> 7 imap 0x00000001058666ce cmd_sync_continue >> + 199 -> > > But how does this happen? Did it optimize away some functions
Yeah optimized out tail-calls, e.g. client_destroy -> imap_refresh_proctitle and client_command_free -> imap_refresh_proctitle. I have been digging deeper and found that sometimes imap_clients->command_queue->name points to garbage, so imap_refresh_proctitle is appending 500MB strings of garbage. Combined with a little command pipelining this leads to 4+GB data stack pools. I'll resume digging tomorrow. Let me know if you need any info; I can reproduce this in seconds. > have you added more imap_refresh_proctitle() calls? Nope.
