valgrind errors in smbd/master

Jeremy Allison jra at samba.org
Thu Sep 27 20:48:52 UTC 2018 

On Thu, Sep 27, 2018 at 01:31:22PM -0700, Jeremy Allison via samba-technical wrote:
> On Thu, Sep 27, 2018 at 01:13:29PM -0700, Ralph Böhme via samba-technical wrote:
> > On Thu, Sep 27, 2018 at 12:21:41PM -0700, Jeremy Allison wrote:
> > > Hi all,
> > > 
> > > Can you take a look at:
> > > 
> > > https://bugzilla.samba.org/show_bug.cgi?id=13633
> > > 
> > > I was trying to track down some valgrind errors in
> > > my SMB2 POSIX extensions branch, and discovered I
> > > get the same errors in pristine master (no SMB2
> > > POSIX changes).
> > > 
> > > I'll also take a look, but the problems on session
> > > shutdown / server termination have been a perennial
> > > pain here :-(.
> > 
> > looking...
> 
> Yeah I'm making some progress here.
> 
> Calling close_cnum() is leaving a fsp entry
> on the conn->sconn->files linked list whose
> parent is the 'conn' being deleted.
> 
> close_cnum() should have removed it.

More data:

close_file(NULL, fsp, SHUTDOWN_CLOSE);

isn't removing fsp from the conn->sconn->files linked list..
-------------- next part --------------
diff --git a/source3/smbd/files.c b/source3/smbd/files.c
index 397baea84cb..782dbe26c79 100644
--- a/source3/smbd/files.c
+++ b/source3/smbd/files.c
@@ -153,6 +153,13 @@ void file_close_conn(connection_struct *conn)
 
 	for (fsp=conn->sconn->files; fsp; fsp=next) {
 		next = fsp->next;
+		// JRATEST
+		if (talloc_parent(fsp) == conn) {
+			if (fsp->conn != conn) {
+				smb_panic("wrong parent!");
+			}
+		}
+		// JRATEST
 		if (fsp->conn != conn) {
 			continue;
 		}
@@ -163,6 +170,16 @@ void file_close_conn(connection_struct *conn)
 			fsp->op->global->durable = false;
 		}
 		close_file(NULL, fsp, SHUTDOWN_CLOSE);
+		// JRATEST
+		{
+			files_struct *tf;
+			for (tf=conn->sconn->files; tf; tf=tf->next) {
+				if (tf == fsp) {
+					smb_panic("failed to remove!");
+				}
+			}
+		}
+		// JRATEST
 	}
 }
 
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 2e4a1136254..7ae1eb0d1e3 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -1116,6 +1116,17 @@ void close_cnum(connection_struct *conn, uint64_t vuid)
 
 	file_close_conn(conn);
 
+	// JRATEST
+	{
+		files_struct *fsp;
+		for (fsp=conn->sconn->files; fsp; fsp=fsp->next) {
+			if (talloc_parent(fsp) == conn) {
+				smb_panic("should be gone");
+			}
+		}
+	}
+	// JRATEST
+
 	if (!IS_IPC(conn)) {
 		dptr_closecnum(conn);
 	}

More information about the samba-technical mailing list