Author: jra Date: 2005-06-10 19:39:46 +0000 (Fri, 10 Jun 2005) New Revision: 7471
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=7471 Log: Fix bug found by Marc Kaplan - amazing how similar InBuffer looks to OutBuffer when you're typing it wrong :-). Tidy up some InBuf/OutBuf usage. We're valgrind clean in Marc's test case now. Jeremy. Modified: trunk/source/smbd/aio.c trunk/source/smbd/oplock.c trunk/source/smbd/process.c Changeset: Modified: trunk/source/smbd/aio.c =================================================================== --- trunk/source/smbd/aio.c 2005-06-10 18:34:36 UTC (rev 7470) +++ trunk/source/smbd/aio.c 2005-06-10 19:39:46 UTC (rev 7471) @@ -116,7 +116,9 @@ static void delete_aio_ex(struct aio_extra *aio_ex) { DLIST_REMOVE(aio_list_head, aio_ex); - SAFE_FREE(aio_ex->inbuf); + /* Safe to do as we've removed ourselves from the in use list first. */ + free_InBuffer(aio_ex->inbuf); + SAFE_FREE(aio_ex->outbuf); SAFE_FREE(aio_ex); } @@ -524,6 +526,22 @@ } } } + +/**************************************************************************** + Check if a buffer was stolen for aio use. +*****************************************************************************/ + +BOOL aio_inbuffer_in_use(char *inbuf) +{ + struct aio_extra *aio_ex; + + for( aio_ex = aio_list_head; aio_ex; aio_ex = aio_ex->next) { + if (aio_ex->inbuf == inbuf) { + return True; + } + } + return False; +} #else BOOL aio_finished(void) { @@ -561,4 +579,9 @@ void cancel_aio_by_fsp(files_struct *fsp) { } + +BOOL aio_inbuffer_in_use(char *ptr) +{ + return False; +} #endif Modified: trunk/source/smbd/oplock.c =================================================================== --- trunk/source/smbd/oplock.c 2005-06-10 18:34:36 UTC (rev 7470) +++ trunk/source/smbd/oplock.c 2005-06-10 19:39:46 UTC (rev 7471) @@ -751,7 +751,7 @@ if((outbuf = NewOutBuffer(&saved_outbuf))==NULL) { DEBUG(0,("oplock_break: malloc fail for output buffer.\n")); set_InBuffer(saved_inbuf); - SAFE_FREE(inbuf); + free_InBuffer(inbuf); return False; } @@ -911,11 +911,11 @@ /* Restore the global In/Out buffers. */ set_InBuffer(saved_inbuf); - set_InBuffer(saved_outbuf); + set_OutBuffer(saved_outbuf); /* Free the buffers we've been using to recurse. */ - SAFE_FREE(inbuf); - SAFE_FREE(outbuf); + free_InBuffer(inbuf); + free_OutBuffer(outbuf); /* We need this in case a readraw crossed on the wire. */ if(global_oplock_break) Modified: trunk/source/smbd/process.c =================================================================== --- trunk/source/smbd/process.c 2005-06-10 18:34:36 UTC (rev 7470) +++ trunk/source/smbd/process.c 2005-06-10 19:39:46 UTC (rev 7471) @@ -1516,9 +1516,31 @@ void set_OutBuffer(char *new_outbuf) { - InBuffer = new_outbuf; + OutBuffer = new_outbuf; } +/**************************************************************************** + Free an InBuffer. Checks if not in use by aio system. + Must have been allocated by NewInBuffer. +****************************************************************************/ + +void free_InBuffer(char *inbuf) +{ + if (!aio_inbuffer_in_use(inbuf)) { + SAFE_FREE(inbuf); + } +} + +/**************************************************************************** + Free an OutBuffer. No outbuffers currently stolen by aio system. + Must have been allocated by NewInBuffer. +****************************************************************************/ + +void free_OutBuffer(char *outbuf) +{ + SAFE_FREE(outbuf); +} + const int total_buffer_size = (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN); /**************************************************************************** @@ -1536,7 +1558,7 @@ } InBuffer = new_inbuf; #if defined(DEVELOPER) - clobber_region(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, new_inbuf, total_buffer_size); + clobber_region(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, InBuffer, total_buffer_size); #endif return InBuffer; } @@ -1569,10 +1591,10 @@ { time_t last_timeout_processing_time = time(NULL); unsigned int num_smbs = 0; - char *inbuf = NewInBuffer(NULL); - char *outbuf = NewOutBuffer(NULL); - if ((inbuf == NULL) || (outbuf == NULL)) + /* Allocate the primary Inbut/Output buffers. */ + + if ((NewInBuffer(NULL) == NULL) || (NewOutBuffer(NULL) == NULL)) return; max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
