[SCM] Samba Shared Repository - branch master updated

Thu Apr 23 21:54:03 UTC 2020

The branch, master has been updated
       via  4524daafb89 lib: Fix a valgrind error
      from  205acab5803 smbd: remove initial stat() EACCES handling from unix_convert()

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 4524daafb89878c37b2e08bd75b8af12128067ac
Author: Volker Lendecke <vl at samba.org>
Date:   Tue Apr 7 13:46:32 2020 +0200

    lib: Fix a valgrind error
    
    I just came across this failure with a new test:
    
    ==16654== Invalid read of size 4
    ==16654==    at 0x4950947: tevent_req_is_in_progress (tevent_req.c:270)
    ==16654==    by 0x5AEEE8F: writev_trigger (async_sock.c:375)
    ==16654==    by 0x494F9E7: tevent_queue_immediate_trigger (tevent_queue.c:149)
    ==16654==    by 0x494F53C: tevent_common_invoke_immediate_handler (tevent_immediate.c:166)
    ==16654==    by 0x494F642: tevent_common_loop_immediate (tevent_immediate.c:203)
    ==16654==    by 0x4959E5E: epoll_event_loop_once (tevent_epoll.c:918)
    ==16654==    by 0x495665A: std_event_loop_once (tevent_standard.c:110)
    ==16654==    by 0x494DFCE: _tevent_loop_once (tevent.c:772)
    ==16654==    by 0x4950A6A: tevent_req_poll (tevent_req.c:300)
    ==16654==    by 0x4D166C9: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
    ==16654==    by 0x18C98B: run_readdir_timestamp (test_readdir_timestamp.c:489)
    ==16654==    by 0x161BC5: run_test (torture.c:14896)
    ==16654==    by 0x162726: main (torture.c:15136)
    ==16654==  Address 0x91bb878 is 216 bytes inside a block of size 853 free'd
    ==16654==    at 0x48369AB: free (vg_replace_malloc.c:530)
    ==16654==    by 0x49B405E: _tc_free_internal (talloc.c:1221)
    ==16654==    by 0x49B4116: _talloc_free_internal (talloc.c:1247)
    ==16654==    by 0x49B547C: _talloc_free (talloc.c:1789)
    ==16654==    by 0x50ECE3B: smb2cli_req_writev_done (smbXcli_base.c:3468)
    ==16654==    by 0x4950648: _tevent_req_notify_callback (tevent_req.c:141)
    ==16654==    by 0x49507A9: tevent_req_finish (tevent_req.c:193)
    ==16654==    by 0x49507D6: _tevent_req_done (tevent_req.c:199)
    ==16654==    by 0x5AEEE28: writev_do (async_sock.c:363)
    ==16654==    by 0x5AEEE83: writev_trigger (async_sock.c:374)
    ==16654==    by 0x494F9E7: tevent_queue_immediate_trigger (tevent_queue.c:149)
    ==16654==    by 0x494F53C: tevent_common_invoke_immediate_handler (tevent_immediate.c:166)
    ==16654==    by 0x494F642: tevent_common_loop_immediate (tevent_immediate.c:203)
    ==16654==    by 0x4959E5E: epoll_event_loop_once (tevent_epoll.c:918)
    ==16654==    by 0x495665A: std_event_loop_once (tevent_standard.c:110)
    ==16654==    by 0x494DFCE: _tevent_loop_once (tevent.c:772)
    ==16654==    by 0x4950A6A: tevent_req_poll (tevent_req.c:300)
    ==16654==    by 0x4D166C9: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
    ==16654==    by 0x18C98B: run_readdir_timestamp (test_readdir_timestamp.c:489)
    ==16654==    by 0x161BC5: run_test (torture.c:14896)
    ==16654==    by 0x162726: main (torture.c:15136)
    ==16654==  Block was alloc'd at
    ==16654==    at 0x483577F: malloc (vg_replace_malloc.c:299)
    ==16654==    by 0x49B300F: __talloc_with_prefix (talloc.c:782)
    ==16654==    by 0x49B31E6: _talloc_pool (talloc.c:837)
    ==16654==    by 0x49B3394: _talloc_pooled_object (talloc.c:905)
    ==16654==    by 0x49501A6: _tevent_req_create (tevent_req.c:79)
    ==16654==    by 0x5AEE956: writev_send (async_sock.c:266)
    ==16654==    by 0x50ECBCA: smb2cli_req_compound_submit (smbXcli_base.c:3396)
    ==16654==    by 0x50ECD49: smb2cli_req_send (smbXcli_base.c:3447)
    ==16654==    by 0x50FE34F: smb2cli_create_send (smb2cli_create.c:153)
    ==16654==    by 0x490325E: cli_smb2_create_fnum_send (cli_smb2_fnum.c:273)
    ==16654==    by 0x48D0146: cli_ntcreate_send (clifile.c:2504)
    ==16654==    by 0x18B737: create_ts_send (test_readdir_timestamp.c:59)
    ==16654==    by 0x18BF77: create_ts_files_send (test_readdir_timestamp.c:253)
    ==16654==    by 0x18C35C: create_files_send (test_readdir_timestamp.c:336)
    ==16654==    by 0x18C953: run_readdir_timestamp (test_readdir_timestamp.c:482)
    ==16654==    by 0x161BC5: run_test (torture.c:14896)
    ==16654==    by 0x162726: main (torture.c:15136)
    
    Signed-off-by: Volker Lendecke <vl at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Thu Apr 23 21:53:38 UTC 2020 on sn-devel-184

-----------------------------------------------------------------------

Summary of changes:
 lib/async_req/async_sock.c | 9 +++++++++
 1 file changed, 9 insertions(+)


Changeset truncated at 500 lines:

diff --git a/lib/async_req/async_sock.c b/lib/async_req/async_sock.c
index 8f04a7bcbae..85ec148191e 100644
--- a/lib/async_req/async_sock.c
+++ b/lib/async_req/async_sock.c
@@ -291,6 +291,15 @@ struct tevent_req *writev_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
 		return req;
 	}
 
+	/*
+	 * writev_trigger tries a nonblocking write. If that succeeds,
+	 * we can't directly notify the callback to call
+	 * writev_recv. The callback would TALLOC_FREE(req) after
+	 * calling writev_recv even before writev_trigger can inspect
+	 * it for success.
+	 */
+	tevent_req_defer_callback(req, ev);
+
 	state->queue_entry = tevent_queue_add_optimize_empty(
 		queue, ev, req, writev_trigger, NULL);
 	if (tevent_req_nomem(state->queue_entry, req)) {


-- 
Samba Shared Repository

