[QUICK] talloc bugs

simo idra at samba.org
Wed Jul 1 11:58:32 GMT 2009 

On Wed, 2009-07-01 at 21:20 +0930, Rusty Russell wrote:
> On Mon, 29 Jun 2009 09:19:20 pm tridge at samba.org wrote:
> > Hi Rusty,
> >
> >  > I'd like to see a simple example of where talloc_reference is required,
> >  > so we can get less abstract in this discussion.
> >
> > yep, I've found the abstractness of the discussion unhelpful.
> >
> > Here are two fairly simple examples:
> >
> >  1) in source3/lib/util_tdb.c we have tdb_wrap_open() which is used to
> >  allow us to share a common underlying tdb context between two users,
> >  allowing for the illusion of being able to open a tdb more than once
> >  in the same process. This is a classic case of reference counting.
> 
> This is a classic case of problematic references, too.  Ignoring the fact that 
> TDB should handle multiple opens, there's nothing obviously wrong with:
> 
> 	tdb = tdb_wrap_open(...);
> 	talloc_free(tdb);
> 
> Nor:
> 	tdb = tdb_wrap_open(...);
> 	talloc_steal(newctx, tdb);
> 
> Yet both are buggy, because the reference is *exposed*.  The right answer is 
> to hide it:
> 
> util_tdb.h:
> struct tdb_wrap {
> 	struct tdb_context *tdb;
> 	struct tdb_wrap_info *wi;
> };
> 
> util_tdb.c:
> struct tdb_wrap_info {
> 	struct tdb_wrap_info *next, *prev;
> 	const char *name; /* Redundant, use tdb_name */
> 	struct tdb_context *tdb;
> };
> 
> Once this is done, it's a short hop to open-coding the reference count anyway 
> rather than using talloc_reference.
> 
> I don't think references are a fundamental part of talloc: they are useful, 
> and I think helpers to allow them could be great, but I'd rather see some 
> explicit demarcation of what is reference counted.  See followup code.

Another way could be to attach some code like we do with
talloc_destructor(), with the ability to tell the calling talloc code to
reparent instead of free.

But KISS in this case is probably the better approach and simply
deprecating talloc_reference() and using explicit references as above
may just suffice.

In any case I'd like to stress we need to maintain ABI compatibility, so
whatever the decision I think we need still quite some work on what was
currently committed (possibly with a revert first).

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>

More information about the samba-technical mailing list