tevent_abort_nesting crash in idmap_ad
slow at samba.org
Fri Jun 24 15:56:00 UTC 2016
On Fri, Jun 24, 2016 at 05:48:24PM +0200, Volker Lendecke wrote:
> On Fri, Jun 24, 2016 at 05:41:41PM +0200, Ralph Boehme wrote:
> > On Fri, Jun 24, 2016 at 05:15:45PM +0200, Volker Lendecke wrote:
> > > On Fri, Jun 24, 2016 at 04:33:12PM +0200, Ralph Boehme wrote:
> > > > Just came across the following while running selftests that involve
> > > > idmap_ad on a member server testenv:
> > > >
> > > > idmap_ad calls into tldap which calls into gensec where it runs a
> > > > nested tevent loop, SBT attached.
> > > >
> > > > For now I added a hack to allow nested tevent loops to
> > > > tldap_gensec_bind(), this fixes the issue.
> > >
> > > Please find a better patch attached. It's a pity, but it's inevitable.
> > >
> > > Review&Push appreciated!
> > I was able to briefly talk to metze and he suggested we wait til
> > Monday to evaluate our options.
> There are no options. gensec has had nested eventloops forever, and
> it will take many months of metze's full time work to fix this. We
> can't wait for that, this will never happen. I have tried to convince
> the gensec masters for years that this is required, but we just have to
> accept the fact that gensec requires nested event loops by its very core
> design, and I am not willing to accept nested event loops in code that
> I feel responsible for. There was one person in the world who was able
> to debug nested event loop code, and this was Tridge. Tridge left Samba,
> so we have nobody anymore to debug that code when bad things happen.
> Sorry for causing this trouble, I am very disappointed with myself that I
> let myself be caught in the trap to believe that gensec might be usable.
> It is not.
> Please remove this again. NOW.
your code, you insist, so be it. Pushed to autobuild.
A pitty, it's really really nice code!
More information about the samba-technical