[PATCH] Version 2: Patchset for bug #10344 - SessionLogoff on a signed connection with an outstanding notify request crashes smbd.
Jeremy Allison
jra at samba.org
Tue Mar 11 15:34:42 MDT 2014
On Tue, Mar 11, 2014 at 01:59:08PM -0700, Jeremy Allison wrote:
>
> Sorry - this is a really long reply. But it covers
> a lot of ground (and I think I've found a bug in
> metze.diff also - more on that below).
>
> Metze if you want to jump to the bug in the logic
> in your patch just search for :
>
> ******METZE***BUG***ALERT***********
>
> below :-).
OK, I'm wrong. Sorry. I went through
lib/tevent/tevent_queue.c again really
carefully (yet again... :-) and I had
missed the case that when struct tevent_queue_entry *e
is removed in the tevent_queue_entry_destructor() the
trigger called is that of the
new head of the list, q->list,
*not* the next pointer of the
deleted event e->next.
So it *IS* going to wait for all of
them to be done without an implicit
ordering.
Sorry for the noise :-). Does
make my point about how opaque
the internals of lib/tevent/tevent_queue.c
are though !
Cheers,
Jeremy.
More information about the samba-technical
mailing list