The Samba-Bugzilla – Attachment 17443 Details for
Bug 15128
possible use after free of connection_struct when iterating smbd_server_connection->connections
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
full valgrind trace (that I got with difficulty)
smbd.valgrind (text/plain), 72.65 KB, created by
Noel Power
on 2022-07-24 14:02:17 UTC
(
hide
)
Description:
full valgrind trace (that I got with difficulty)
Filename:
MIME Type:
Creator:
Noel Power
Created:
2022-07-24 14:02:17 UTC
Size:
72.65 KB
patch
obsolete
>==10102== Memcheck, a memory error detector >==10102== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. >==10102== Using Valgrind-3.16.1 and LibVEX; rerun with -h for copyright info >==10102== Command: /root/suse-sle15-sp3/bin/samba-bgqd --ready-signal-fd=50 --parent-watch-fd=15 --debuglevel=0 -F >==10102== Parent PID: 10082 >==10102== >==10102== Warning: invalid file descriptor 1036 in syscall close() >==10102== Warning: invalid file descriptor 1037 in syscall close() >==10102== Warning: invalid file descriptor 1038 in syscall close() >==10102== Warning: invalid file descriptor 1039 in syscall close() >==10102== Use --log-fd=<number> to select an alternative log fd. >==10102== Warning: invalid file descriptor 1040 in syscall close() >==10102== Warning: invalid file descriptor 1041 in syscall close() >==10102== Warning: invalid file descriptor 1042 in syscall close() >==10111== >==10111== HEAP SUMMARY: >==10111== in use at exit: 249,762 bytes in 3,467 blocks >==10111== total heap usage: 4,312 allocs, 845 frees, 397,423 bytes allocated >==10111== >==10111== LEAK SUMMARY: >==10111== definitely lost: 103 bytes in 3 blocks >==10111== indirectly lost: 0 bytes in 0 blocks >==10111== possibly lost: 78,960 bytes in 196 blocks >==10111== still reachable: 170,699 bytes in 3,268 blocks >==10111== suppressed: 0 bytes in 0 blocks >==10111== Rerun with --leak-check=full to see details of leaked memory >==10111== >==10111== For lists of detected and suppressed errors, rerun with: -s >==10111== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) >==15077== Warning: invalid file descriptor -1 in syscall close() >==15077== >==15077== HEAP SUMMARY: >==15077== in use at exit: 263,803 bytes in 3,528 blocks >==15077== total heap usage: 4,626 allocs, 1,098 frees, 479,686 bytes allocated >==15077== >==15077== LEAK SUMMARY: >==15077== definitely lost: 103 bytes in 3 blocks >==15077== indirectly lost: 0 bytes in 0 blocks >==15077== possibly lost: 85,902 bytes in 236 blocks >==15077== still reachable: 177,798 bytes in 3,289 blocks >==15077== suppressed: 0 bytes in 0 blocks >==15077== Rerun with --leak-check=full to see details of leaked memory >==15077== >==15077== For lists of detected and suppressed errors, rerun with: -s >==15077== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) > contexts (suppressed: 0 from 0) >==10381== >==10381== HEAP SUMMARY: >==10381== in use at exit: 172,583 bytes in 748 blocks >==10381== total heap usage: 18,289 allocs, 17,541 frees, 3,496,054 bytes allocated >==10381== >==10381== LEAK SUMMARY: >==10381== definitely lost: 34 bytes in 1 blocks >==10381== indirectly lost: 0 bytes in 0 blocks >==10381== possibly lost: 133,573 bytes in 480 blocks >==10381== still reachable: 38,976 bytes in 267 blocks >==10381== suppressed: 0 bytes in 0 blocks >==10381== Rerun with --leak-check=full to see details of leaked memory >==10381== >==10381== For lists of detected and suppressed errors, rerun with: -s >==10381== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) >==10379== >==10379== HEAP SUMMARY: >==10379== in use at exit: 172,583 bytes in 748 blocks >==10379== total heap usage: 18,285 allocs, 17,537 frees, 3,495,686 bytes allocated >==10379== >==10379== LEAK SUMMARY: >==10379== definitely lost: 34 bytes in 1 blocks >==10379== indirectly lost: 0 bytes in 0 blocks >==10379== possibly lost: 133,573 bytes in 480 blocks >==10379== still reachable: 38,976 bytes in 267 blocks >==10379== suppressed: 0 bytes in 0 blocks >==10379== Rerun with --leak-check=full to see details of leaked memory >==10379== >==10379== For lists of detected and suppressed errors, rerun with: -s >==10379== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) >==10380== >==10380== HEAP SUMMARY: >==10380== in use at exit: 172,582 bytes in 748 blocks >==10380== total heap usage: 18,287 allocs, 17,539 frees, 3,495,920 bytes allocated >==10380== >==10380== LEAK SUMMARY: >==10380== definitely lost: 34 bytes in 1 blocks >==10380== indirectly lost: 0 bytes in 0 blocks >==10380== possibly lost: 133,572 bytes in 480 blocks >==10380== still reachable: 38,976 bytes in 267 blocks >==10380== suppressed: 0 bytes in 0 blocks >==10380== Rerun with --leak-check=full to see details of leaked memory >==10380== >==10380== For lists of detected and suppressed errors, rerun with: -s >==10380== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) >==10378== >==10378== HEAP SUMMARY: >==10378== in use at exit: 172,595 bytes in 748 blocks >==10378== total heap usage: 18,284 allocs, 17,536 frees, 3,495,558 bytes allocated >==10378== >==10378== LEAK SUMMARY: >==10378== definitely lost: 34 bytes in 1 blocks >==10378== indirectly lost: 0 bytes in 0 blocks >==10378== possibly lost: 133,573 bytes in 480 blocks >==10378== still reachable: 38,988 bytes in 267 blocks >==10378== suppressed: 0 bytes in 0 blocks >==10378== Rerun with --leak-check=full to see details of leaked memory >==10378== >==10378== For lists of detected and suppressed errors, rerun with: -s >==10378== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0) >==10337== Invalid read of size 8 >==10337== at 0x51319F7: conn_lastused_update (conn_idle.c:38) >==10337== by 0x5131A6E: conn_idle_all (conn_idle.c:54) >==10337== by 0x51D685E: deadtime_fn (process.c:2926) >==10337== by 0x69C5D39: smbd_idle_event_handler (util_event.c:45) >==10337== by 0x6355AB0: tevent_common_invoke_timer_handler (tevent_timed.c:376) >==10337== by 0x6355CCF: tevent_common_loop_timer_delay (tevent_timed.c:453) >==10337== by 0x63577A8: epoll_event_loop (tevent_epoll.c:667) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c658 is 232 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid read of size 8 >==10337== at 0x5131A02: conn_lastused_update (conn_idle.c:38) >==10337== by 0x5131A6E: conn_idle_all (conn_idle.c:54) >==10337== by 0x51D685E: deadtime_fn (process.c:2926) >==10337== by 0x69C5D39: smbd_idle_event_handler (util_event.c:45) >==10337== by 0x6355AB0: tevent_common_invoke_timer_handler (tevent_timed.c:376) >==10337== by 0x6355CCF: tevent_common_loop_timer_delay (tevent_timed.c:453) >==10337== by 0x63577A8: epoll_event_loop (tevent_epoll.c:667) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c660 is 240 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid write of size 8 >==10337== at 0x5131A16: conn_lastused_update (conn_idle.c:39) >==10337== by 0x5131A6E: conn_idle_all (conn_idle.c:54) >==10337== by 0x51D685E: deadtime_fn (process.c:2926) >==10337== by 0x69C5D39: smbd_idle_event_handler (util_event.c:45) >==10337== by 0x6355AB0: tevent_common_invoke_timer_handler (tevent_timed.c:376) >==10337== by 0x6355CCF: tevent_common_loop_timer_delay (tevent_timed.c:453) >==10337== by 0x63577A8: epoll_event_loop (tevent_epoll.c:667) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c658 is 232 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid write of size 8 >==10337== at 0x5131A25: conn_lastused_update (conn_idle.c:40) >==10337== by 0x5131A6E: conn_idle_all (conn_idle.c:54) >==10337== by 0x51D685E: deadtime_fn (process.c:2926) >==10337== by 0x69C5D39: smbd_idle_event_handler (util_event.c:45) >==10337== by 0x6355AB0: tevent_common_invoke_timer_handler (tevent_timed.c:376) >==10337== by 0x6355CCF: tevent_common_loop_timer_delay (tevent_timed.c:453) >==10337== by 0x63577A8: epoll_event_loop (tevent_epoll.c:667) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c660 is 240 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid read of size 8 >==10337== at 0x5131A30: conn_lastused_update (conn_idle.c:36) >==10337== by 0x5131A6E: conn_idle_all (conn_idle.c:54) >==10337== by 0x51D685E: deadtime_fn (process.c:2926) >==10337== by 0x69C5D39: smbd_idle_event_handler (util_event.c:45) >==10337== by 0x6355AB0: tevent_common_invoke_timer_handler (tevent_timed.c:376) >==10337== by 0x6355CCF: tevent_common_loop_timer_delay (tevent_timed.c:453) >==10337== by 0x63577A8: epoll_event_loop (tevent_epoll.c:667) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c5d0 is 96 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid write of size 8 >==10337== at 0x5247E10: conn_free (conn.c:231) >==10337== by 0x51DE5CD: close_cnum (service.c:1168) >==10337== by 0x522AD49: smbXsrv_tcon_disconnect (smbXsrv_tcon.c:923) >==10337== by 0x5202EA5: smbd_smb2_tdis_wait_done (smb2_tcon.c:665) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x634E4DE: tevent_queue_wait_trigger (tevent_queue.c:355) >==10337== by 0x634DF0F: tevent_queue_immediate_trigger (tevent_queue.c:149) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c5d8 is 104 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid read of size 8 >==10337== at 0x5247AA6: conn_clear_vuid_caches (conn.c:177) >==10337== by 0x5131195: invalidate_vuid (password.c:50) >==10337== by 0x52276CA: smbXsrv_session_logoff (smbXsrv_session.c:1830) >==10337== by 0x520147E: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1353) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c650 is 224 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid read of size 8 >==10337== at 0x52479D6: conn_clear_vuid_cache (conn.c:133) >==10337== by 0x5247AD4: conn_clear_vuid_caches (conn.c:180) >==10337== by 0x5131195: invalidate_vuid (password.c:50) >==10337== by 0x52276CA: smbXsrv_session_logoff (smbXsrv_session.c:1830) >==10337== by 0x520147E: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1353) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c608 is 152 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid read of size 8 >==10337== at 0x52479FC: conn_clear_vuid_cache (conn.c:135) >==10337== by 0x5247AD4: conn_clear_vuid_caches (conn.c:180) >==10337== by 0x5131195: invalidate_vuid (password.c:50) >==10337== by 0x52276CA: smbXsrv_session_logoff (smbXsrv_session.c:1830) >==10337== by 0x520147E: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1353) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa410e0 is 112 bytes inside a block of size 872 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x52474DE: conn_new (conn.c:76) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== Invalid read of size 8 >==10337== at 0x5247AD9: conn_clear_vuid_caches (conn.c:176) >==10337== by 0x5131195: invalidate_vuid (password.c:50) >==10337== by 0x52276CA: smbXsrv_session_logoff (smbXsrv_session.c:1830) >==10337== by 0x520147E: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1353) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== Address 0x1aa3c5d0 is 96 bytes inside a block of size 328 free'd >==10337== at 0x4C3451B: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFFF51: _tc_free_internal (talloc.c:1222) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5D00E93: _tc_free_children_internal (talloc.c:1669) >==10337== by 0x5CFFE34: _tc_free_internal (talloc.c:1184) >==10337== by 0x5CFFFF5: _talloc_free_internal (talloc.c:1248) >==10337== by 0x5D012BD: _talloc_free (talloc.c:1792) >==10337== by 0x51FA5E3: smbd_smb2_flush_send_queue (smb2_server.c:4815) >==10337== by 0x51F7626: smbd_smb2_request_reply (smb2_server.c:3828) >==10337== by 0x51F7E61: smbd_smb2_request_done_ex (smb2_server.c:3982) >==10337== by 0x52011F9: smbd_smb2_request_logoff_done (smb2_sesssetup.c:1281) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634ECB8: _tevent_req_done (tevent_req.c:199) >==10337== by 0x52014DB: smbd_smb2_logoff_shutdown_done (smb2_sesssetup.c:1364) >==10337== by 0x634EB2A: _tevent_req_notify_callback (tevent_req.c:141) >==10337== by 0x634EC8B: tevent_req_finish (tevent_req.c:193) >==10337== by 0x634EDB8: tevent_req_trigger (tevent_req.c:250) >==10337== by 0x634D9D7: tevent_common_invoke_immediate_handler (tevent_immediate.c:190) >==10337== by 0x634DB26: tevent_common_loop_immediate (tevent_immediate.c:236) >==10337== by 0x6357F88: epoll_event_loop_once (tevent_epoll.c:918) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== Block was alloc'd at >==10337== at 0x4C332EF: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) >==10337== by 0x5CFF309: __talloc_with_prefix (talloc.c:783) >==10337== by 0x5CFF4A3: __talloc (talloc.c:825) >==10337== by 0x5CFF83C: _talloc_named_const (talloc.c:982) >==10337== by 0x5D0231D: _talloc_zero (talloc.c:2421) >==10337== by 0x5247312: conn_new (conn.c:64) >==10337== by 0x51DD8ED: make_connection_smb2 (service.c:965) >==10337== by 0x520237D: smbd_smb2_tree_connect (smb2_tcon.c:344) >==10337== by 0x52027B5: smbd_smb2_tree_connect_send (smb2_tcon.c:451) >==10337== by 0x52017B6: smbd_smb2_request_process_tcon (smb2_tcon.c:104) >==10337== by 0x51F4DE5: smbd_smb2_request_dispatch (smb2_server.c:3421) >==10337== by 0x51FB027: smbd_smb2_io_handler (smb2_server.c:5049) >==10337== by 0x51FB130: smbd_smb2_connection_handler (smb2_server.c:5087) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x51DABD4: smbd_process (process.c:4248) >==10337== by 0x116288: smbd_accept_connection (server.c:1022) >==10337== by 0x634D0F6: tevent_common_invoke_fd_handler (tevent_fd.c:142) >==10337== by 0x63579DB: epoll_event_loop (tevent_epoll.c:736) >==10337== by 0x6358022: epoll_event_loop_once (tevent_epoll.c:937) >==10337== by 0x63549BB: std_event_loop_once (tevent_standard.c:110) >==10337== by 0x634BFC7: _tevent_loop_once (tevent.c:790) >==10337== by 0x634C2E2: tevent_common_loop_wait (tevent.c:913) >==10337== by 0x6354A5D: std_event_loop_wait (tevent_standard.c:141) >==10337== by 0x634C385: _tevent_loop_wait (tevent.c:932) >==10337== by 0x116F10: smbd_parent_loop (server.c:1366) >==10337== by 0x1191E3: main (server.c:2186) >==10337== >==10337== >==10337== HEAP SUMMARY: >==10337== in use at exit: 181,588 bytes in 854 blocks >==10337== total heap usage: 44,072 allocs, 43,218 frees, 9,343,712 bytes allocated >==10337== >==10337== LEAK SUMMARY: >==10337== definitely lost: 1,234 bytes in 7 blocks >==10337== indirectly lost: 4,452 bytes in 66 blocks >==10337== possibly lost: 135,030 bytes in 493 blocks >==10337== still reachable: 40,872 bytes in 288 blocks >==10337== suppressed: 0 bytes in 0 blocks >==10337== Rerun with --leak-check=full to see details of leaked memory >==10337== >==10337== For lists of detected and suppressed errors, rerun with: -s >==10337== ERROR SUMMARY: 84 errors from 10 contexts (suppressed: 0 from 0)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=17443">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 15128
:
17440
|
17441
|
17442
|
17443
|
17444
|
17457
|
17458
|
17459
|
17478
|
17479
|
17481
|
17482
|
17483