The branch, master has been updated via 386f15c... s3:smbd: make sure we always have a valid talloc stackframe via d23581b... talloc_stack: reset stackframe pointers to NULL via 10ed809... talloc_stack: make sure we never let talloc_tos() return ts->talloc_stack[-1] from 1eb0fbe... s4-smbtorture: cleanup data after enumdata{ex} consistency test.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 386f15c62bb4d3517de719c750252e06cf3b1fb1 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Mar 15 14:42:17 2010 +0100 s3:smbd: make sure we always have a valid talloc stackframe metze commit d23581b4d7a4936002c1d2d748836aead9215120 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Mar 15 14:39:11 2010 +0100 talloc_stack: reset stackframe pointers to NULL This makes it easier to debug the code in future. metze commit 10ed809a1a31be50ce09142eb99b3a243ae8b940 Author: Stefan Metzmacher <me...@samba.org> Date: Mon Mar 15 14:32:52 2010 +0100 talloc_stack: make sure we never let talloc_tos() return ts->talloc_stack[-1] In smbd there's a small gab between TALLOC_FREE(frame); before be call smbd_parent_loop() where we don't have a valid talloc stackframe. smbd_parent_loop() calls talloc_stackframe() only within the while(1) loop. As DEBUG(2,("waiting for connections")) uses talloc_tos() to construct the time header for the debug message we crash on some systems. metze ----------------------------------------------------------------------- Summary of changes: lib/util/talloc_stack.c | 4 +++- source3/smbd/server.c | 3 +++ 2 files changed, 6 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/lib/util/talloc_stack.c b/lib/util/talloc_stack.c index 596efbf..f34d495 100644 --- a/lib/util/talloc_stack.c +++ b/lib/util/talloc_stack.c @@ -103,8 +103,10 @@ static int talloc_pop(TALLOC_CTX *frame) break; } talloc_free(ts->talloc_stack[i]); + ts->talloc_stack[i] = NULL; } + ts->talloc_stack[i] = NULL; ts->talloc_stacksize = i; return 0; } @@ -181,7 +183,7 @@ TALLOC_CTX *talloc_tos(void) struct talloc_stackframe *ts = (struct talloc_stackframe *)SMB_THREAD_GET_TLS(global_ts); - if (ts == NULL) { + if (ts == NULL || ts->talloc_stacksize == 0) { talloc_stackframe(); ts = (struct talloc_stackframe *)SMB_THREAD_GET_TLS(global_ts); DEBUG(0, ("no talloc stackframe around, leaking memory\n")); diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 5347bb9..d3fc499 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -1338,9 +1338,12 @@ extern void build_options(bool screen); exit_server("open_sockets_smbd() failed"); TALLOC_FREE(frame); + /* make sure we always have a valid stackframe */ + frame = talloc_stackframe(); smbd_parent_loop(parent); exit_server_cleanly(NULL); + TALLOC_FREE(frame); return(0); } -- Samba Shared Repository