[QUICK] talloc bugs

[tridge at samba.org]

Hi Rusty,

 > I'd like to see a simple example of where talloc_reference is required, so we 
 > can get less abstract in this discussion.

yep, I've found the abstractness of the discussion unhelpful. 

Here are two fairly simple examples:

 1) in source3/lib/util_tdb.c we have tdb_wrap_open() which is used to
 allow us to share a common underlying tdb context between two users,
 allowing for the illusion of being able to open a tdb more than once
 in the same process. This is a classic case of reference counting.

 2) in several places in Samba4 we use talloc_reference() to allow for
 authentication and other shared state structures to be shared between
 connections where it is appropriate for the protocol. Either
 connection can be torn down first, and we want the shared state to
 live until the last connection that is using it is torn down.

In both these cases the actual free of the memory is done via a
parent, not directly on the pointer. In both cases the free can happen
either on the "reference" parent or the "true" parent, and the desired
semantics is very clear - the caller wants its reference to the memory
to go away, and the remaning references to the object to remain. 

I can't immediately think of a case in Samba where direct
talloc_free() of a referenced object is needed. All the cases I can
think of are indirect, which is why I think that the whole question of
the ambiguity of direct talloc_free() calls to objects with more than
one parent is a bit of a storm in a teacup. If someone can point me at
a place in our code where this ambiguity actually arises outside of
the talloc test suite then I think we'll have a much better basis for
discussion.

Cheers, Tridge