The Samba-Bugzilla – Attachment 13288 Details for
Bug 12836
Misused talloc context can cause a user to crash their smbd by chaining SMB1 commands.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
valgrind trace
look1 (text/plain), 42.65 KB, created by
Jeremy Allison
on 2017-06-16 22:02:35 UTC
(
hide
)
Description:
valgrind trace
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2017-06-16 22:02:35 UTC
Size:
42.65 KB
patch
obsolete
>==30331== Memcheck, a memory error detector >==30331== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. >==30331== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info >==30331== Command: /usr/local/samba/sbin/smbd -i >==30331== >smbd version 4.7.0pre1-GIT-270e127a3ea started. >Copyright Andrew Tridgell and the Samba Team 1992-2017 >==30335== >==30335== HEAP SUMMARY: >==30335== in use at exit: 136,416 bytes in 516 blocks >==30335== total heap usage: 1,228 allocs, 712 frees, 17,023,753 bytes allocated >==30335== >==30335== LEAK SUMMARY: >==30335== definitely lost: 0 bytes in 0 blocks >==30335== indirectly lost: 0 bytes in 0 blocks >==30335== possibly lost: 125,745 bytes in 448 blocks >==30335== still reachable: 10,671 bytes in 68 blocks >==30335== suppressed: 0 bytes in 0 blocks >==30335== Rerun with --leak-check=full to see details of leaked memory >==30335== >==30335== For counts of detected and suppressed errors, rerun with: -v >==30335== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) >Test dummy executed! >reply_trans: invalid trans parameters >==30331== Invalid read of size 1 >==30331== at 0x56DC283: construct_reply_common (process.c:2062) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf7e is 238 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC291: construct_reply_common (process.c:2062) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf7f is 239 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC34C: construct_reply_common (process.c:2073) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf7d is 237 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x4C2F759: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x56DC3B0: construct_reply_common (process.c:2076) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== Address 0x1a88bf82 is 242 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 2 >==30331== at 0x4C2F7E0: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x56DC3B0: construct_reply_common (process.c:2076) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== Address 0x1a88bf88 is 248 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC3C1: construct_reply_common (process.c:2078) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf8c is 252 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC3D6: construct_reply_common (process.c:2078) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf8c is 252 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC3E4: construct_reply_common (process.c:2078) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf8d is 253 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC405: construct_reply_common (process.c:2079) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf8e is 254 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC41A: construct_reply_common (process.c:2079) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf8e is 254 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC428: construct_reply_common (process.c:2079) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf8f is 255 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC449: construct_reply_common (process.c:2080) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf80 is 240 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC45E: construct_reply_common (process.c:2080) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf80 is 240 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC46C: construct_reply_common (process.c:2080) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf81 is 241 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC48D: construct_reply_common (process.c:2081) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf90 is 256 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC4A2: construct_reply_common (process.c:2081) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf90 is 256 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC4B0: construct_reply_common (process.c:2081) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf91 is 257 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC4D1: construct_reply_common (process.c:2082) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf92 is 258 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC4E6: construct_reply_common (process.c:2082) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf92 is 258 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 1 >==30331== at 0x56DC4F4: construct_reply_common (process.c:2082) >==30331== by 0x56D9F11: create_outbuf (process.c:1372) >==30331== by 0x56D9F9A: reply_outbuf (process.c:1388) >==30331== by 0x566270B: pipe_write_andx_done (pipes.c:359) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88bf93 is 259 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 4 >==30331== at 0x5EFA994: talloc_chunk_from_ptr (talloc.c:452) >==30331== by 0x5EFF541: talloc_get_size (talloc.c:2742) >==30331== by 0x56DB288: smb_request_done (process.c:1834) >==30331== by 0x56627EF: pipe_write_andx_done (pipes.c:374) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88c1d0 is 832 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 4 >==30331== at 0x5EFA9B2: talloc_chunk_from_ptr (talloc.c:453) >==30331== by 0x5EFF541: talloc_get_size (talloc.c:2742) >==30331== by 0x56DB288: smb_request_done (process.c:1834) >==30331== by 0x56627EF: pipe_write_andx_done (pipes.c:374) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88c1d0 is 832 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >==30331== Invalid read of size 4 >==30331== at 0x5EFA9C7: talloc_chunk_from_ptr (talloc.c:454) >==30331== by 0x5EFF541: talloc_get_size (talloc.c:2742) >==30331== by 0x56DB288: smb_request_done (process.c:1834) >==30331== by 0x56627EF: pipe_write_andx_done (pipes.c:374) >==30331== by 0x630C27C: _tevent_req_notify_callback (tevent_req.c:120) >==30331== by 0x630C34F: tevent_req_finish (tevent_req.c:157) >==30331== by 0x630C474: tevent_req_trigger (tevent_req.c:214) >==30331== by 0x630B691: tevent_common_loop_immediate (tevent_immediate.c:135) >==30331== by 0x6314978: epoll_event_loop_once (tevent_epoll.c:911) >==30331== by 0x6311719: std_event_loop_once (tevent_standard.c:114) >==30331== by 0x630A52F: _tevent_loop_once (tevent.c:735) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== Address 0x1a88c1d0 is 832 bytes inside a block of size 8,320 alloc'd >==30331== at 0x4C2AB80: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) >==30331== by 0x5EFAEF6: __talloc_with_prefix (talloc.c:698) >==30331== by 0x5EFB0B6: _talloc_pool (talloc.c:752) >==30331== by 0x5EFB153: talloc_pool (talloc.c:774) >==30331== by 0x527F072: talloc_stackframe_internal (talloc_stack.c:151) >==30331== by 0x527F186: _talloc_stackframe_pool (talloc_stack.c:184) >==30331== by 0x56E00A0: smbd_tevent_trace_callback (process.c:3648) >==30331== by 0x630AD0D: tevent_trace_point_callback (tevent_debug.c:117) >==30331== by 0x630A514: _tevent_loop_once (tevent.c:734) >==30331== by 0x630A83F: tevent_common_loop_wait (tevent.c:858) >==30331== by 0x63117BB: std_event_loop_wait (tevent_standard.c:145) >==30331== by 0x630A8E2: _tevent_loop_wait (tevent.c:877) >==30331== >Bad talloc magic value - wrong talloc version used/mixed >PANIC (pid 30331): Bad talloc magic value - wrong talloc version used/mixed >BACKTRACE: 32 stack frames: > #0 /usr/local/samba/lib/libsmbconf.so.0(log_stack_trace+0x1f) [0x7760b6f] > #1 /usr/local/samba/lib/libsmbconf.so.0(smb_panic_s3+0x6f) [0x77609ba] > #2 /usr/local/samba/lib/libsamba-util.so.0(smb_panic+0x28) [0x527cc2c] > #3 /usr/local/samba/lib/private/libtalloc.so.2(+0x2931) [0x5efa931] > #4 /usr/local/samba/lib/private/libtalloc.so.2(+0x294a) [0x5efa94a] > #5 /usr/local/samba/lib/private/libtalloc.so.2(+0x29d3) [0x5efa9d3] > #6 /usr/local/samba/lib/private/libtalloc.so.2(talloc_get_size+0x26) [0x5eff542] > #7 /usr/local/samba/lib/private/libsmbd-base-samba4.so(smb_request_done+0x6d) [0x56db289] > #8 /usr/local/samba/lib/private/libsmbd-base-samba4.so(+0x1897f0) [0x56627f0] > #9 /usr/local/samba/lib/private/libtevent.so.0(_tevent_req_notify_callback+0x6a) [0x630c27d] > #10 /usr/local/samba/lib/private/libtevent.so.0(+0x7350) [0x630c350] > #11 /usr/local/samba/lib/private/libtevent.so.0(+0x7475) [0x630c475] > #12 /usr/local/samba/lib/private/libtevent.so.0(tevent_common_loop_immediate+0x1f5) [0x630b692] > #13 /usr/local/samba/lib/private/libtevent.so.0(+0xf979) [0x6314979] > #14 /usr/local/samba/lib/private/libtevent.so.0(+0xc71a) [0x631171a] > #15 /usr/local/samba/lib/private/libtevent.so.0(_tevent_loop_once+0x10f) [0x630a530] > #16 /usr/local/samba/lib/private/libtevent.so.0(tevent_common_loop_wait+0x25) [0x630a840] > #17 /usr/local/samba/lib/private/libtevent.so.0(+0xc7bc) [0x63117bc] > #18 /usr/local/samba/lib/private/libtevent.so.0(_tevent_loop_wait+0x2b) [0x630a8e3] > #19 /usr/local/samba/lib/private/libsmbd-base-samba4.so(smbd_process+0xbf6) [0x56e1cf4] > #20 /usr/local/samba/sbin/smbd(+0xd37c) [0x11537c] > #21 /usr/local/samba/lib/private/libtevent.so.0(+0xf3dc) [0x63143dc] > #22 /usr/local/samba/lib/private/libtevent.so.0(+0xfa13) [0x6314a13] > #23 /usr/local/samba/lib/private/libtevent.so.0(+0xc71a) [0x631171a] > #24 /usr/local/samba/lib/private/libtevent.so.0(_tevent_loop_once+0x10f) [0x630a530] > #25 /usr/local/samba/lib/private/libtevent.so.0(tevent_common_loop_wait+0x25) [0x630a840] > #26 /usr/local/samba/lib/private/libtevent.so.0(+0xc7bc) [0x63117bc] > #27 /usr/local/samba/lib/private/libtevent.so.0(_tevent_loop_wait+0x2b) [0x630a8e3] > #28 /usr/local/samba/sbin/smbd(+0xe368) [0x116368] > #29 /usr/local/samba/sbin/smbd(main+0x18ee) [0x118554] > #30 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x8f62f45] > #31 /usr/local/samba/sbin/smbd(+0x6989) [0x10e989] >smb_panic(): calling panic action [/bin/sleep 999999999]
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 12836
:
13278
|
13279
| 13288 |
13375
|
13386
|
13397