From: samba@nisx.de To: Andrew Bartlett Cc: samba@lists.samba.org Subject: Re: [Samba] [samba4] crash of winbind after "ls -l /usr/local/samba/var/locks/sysvol" Date: Sat, 27 Apr 2013 14:50:13 +0200 (27/04/13 22:50:13) Hi, no problem but max --num-callers is 50. root@leela:~# valgrind --num-callers=64 samba -i -M single valgrind: Bad option: --num-callers=64 valgrind: '--num-callers' argument must be between 1 and 50 So this came when I execute ' getent group': root@leela:~# valgrind --num-callers=50 /opt/samba/sbin/samba -i -M single > out 2>&1 root@leela:~# cat out ==1970== Memcheck, a memory error detector ==1970== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==1970== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==1970== Command: /opt/samba/sbin/samba -i -M single ==1970== samba version 4.0.5 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 samba: using 'single' process model /opt/samba/sbin/smbd: sh: Zeile 0: test: Zu viele Argumente. /opt/samba/sbin/smbd: sh: Zeile 0: test: Zu viele Argumente. ==1970== Invalid read of size 4 ==1970== at 0x198B294C: cmd_setgrent_recv_group_list (wb_cmd_setgrent.c:143) ==1970== by 0xB8002CC: composite_done (composite.c:143) ==1970== by 0x19AEE2C6: continue_groups_enumerated (libnet_group.c:682) ==1970== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==1970== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==1970== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==1970== by 0xE3D0F25: dcerpc_samr_EnumDomainGroups_r_done (ndr_samr_c.c:2462) ==1970== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==1970== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==1970== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==1970== by 0x897E0F0: dcerpc_binding_handle_call_done (binding_handle.c:492) ==1970== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==1970== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==1970== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==1970== by 0x897D5D8: dcerpc_binding_handle_raw_call_done (binding_handle.c:163) ==1970== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==1970== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==1970== by 0x6592A22: tevent_req_trigger (tevent_req.c:166) ==1970== by 0x6591E37: tevent_common_loop_immediate (tevent_immediate.c:135) ==1970== by 0x6599A55: epoll_event_loop_once (tevent_epoll.c:912) ==1970== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==1970== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==1970== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==1970== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==1970== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==1970== by 0x40B590: binary_smbd_main (server.c:486) ==1970== by 0x40B5D6: main (server.c:497) ==1970== Address 0x2715de24 is 100 bytes inside a block of size 120 free'd ==1970== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==1970== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==1970== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==1970== by 0x198B28C0: cmd_setgrent_recv_group_list (wb_cmd_setgrent.c:133) ==1970== by 0xB8002CC: composite_done (composite.c:143) ==1970== by 0x19AEE2C6: continue_groups_enumerated (libnet_group.c:682) ==1970== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==1970== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==1970== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==1970== by 0xE3D0F25: dcerpc_samr_EnumDomainGroups_r_done (ndr_samr_c.c:2462) ==1970== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==1970== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==1970== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==1970== by 0x897E0F0: dcerpc_binding_handle_call_done (binding_handle.c:492) ==1970== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==1970== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==1970== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==1970== by 0x897D5D8: dcerpc_binding_handle_raw_call_done (binding_handle.c:163) ==1970== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==1970== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==1970== by 0x6592A22: tevent_req_trigger (tevent_req.c:166) ==1970== by 0x6591E37: tevent_common_loop_immediate (tevent_immediate.c:135) ==1970== by 0x6599A55: epoll_event_loop_once (tevent_epoll.c:912) ==1970== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==1970== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==1970== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==1970== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==1970== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==1970== by 0x40B590: binary_smbd_main (server.c:486) ==1970== by 0x40B5D6: main (server.c:497) ==1970== ==1970== ==1970== HEAP SUMMARY: ==1970== in use at exit: 7,731,815 bytes in 68,293 blocks ==1970== total heap usage: 4,137,801 allocs, 4,069,508 frees, 587,838,662 bytes allocated ==1970== ==1970== LEAK SUMMARY: ==1970== definitely lost: 0 bytes in 0 blocks ==1970== indirectly lost: 0 bytes in 0 blocks ==1970== possibly lost: 126,722 bytes in 1,160 blocks ==1970== still reachable: 7,605,093 bytes in 67,133 blocks ==1970== suppressed: 0 bytes in 0 blocks ==1970== Rerun with --leak-check=full to see details of leaked memory ==1970== ==1970== For counts of detected and suppressed errors, rerun with: -v ==1970== ERROR SUMMARY: 7 errors from 1 contexts (suppressed: 2 from 2) And this on ' ll /opt/samba/var/locks/sysvol/': root@leela:~# valgrind --num-callers=50 /opt/samba/sbin/samba -i -M single > out 2>&1 root@leela:~# cat out ==2165== Memcheck, a memory error detector ==2165== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==2165== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==2165== Command: /opt/samba/sbin/samba -i -M single ==2165== samba version 4.0.5 started. Copyright Andrew Tridgell and the Samba Team 1992-2012 samba: using 'single' process model /opt/samba/sbin/smbd: sh: Zeile 0: test: Zu viele Argumente. /opt/samba/sbin/smbd: sh: Zeile 0: test: Zu viele Argumente. ==2165== Invalid read of size 8 ==2165== at 0xA20F1A0: krb5_cc_store_cred (cache.c:684) ==2165== by 0xA22487A: krb5_get_credentials_with_flags (get_cred.c:1207) ==2165== by 0xA2248C5: krb5_get_credentials (get_cred.c:1220) ==2165== by 0x956E1B7: gsskrb5_get_creds (init_sec_context.c:246) ==2165== by 0x956E73D: init_auth (init_sec_context.c:455) ==2165== by 0x956F52F: _gsskrb5_init_sec_context (init_sec_context.c:942) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x2572eb50 is 0 bytes inside a block of size 24 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA20F182: krb5_cc_close (cache.c:666) ==2165== by 0x957E52E: _gsskrb5_release_cred (release_cred.c:65) ==2165== by 0x9586895: gss_release_cred (gss_release_cred.c:65) ==2165== by 0x5492B63: free_gssapi_creds (credentials_krb5.c:443) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== ==2165== Invalid read of size 8 ==2165== at 0xA236D90: mcc_store_cred (mcache.c:239) ==2165== by 0xA20F1BB: krb5_cc_store_cred (cache.c:684) ==2165== by 0xA22487A: krb5_get_credentials_with_flags (get_cred.c:1207) ==2165== by 0xA2248C5: krb5_get_credentials (get_cred.c:1220) ==2165== by 0x956E1B7: gsskrb5_get_creds (init_sec_context.c:246) ==2165== by 0x956E73D: init_auth (init_sec_context.c:455) ==2165== by 0x956F52F: _gsskrb5_init_sec_context (init_sec_context.c:942) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x2572eb60 is 16 bytes inside a block of size 24 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA20F182: krb5_cc_close (cache.c:666) ==2165== by 0x957E52E: _gsskrb5_release_cred (release_cred.c:65) ==2165== by 0x9586895: gss_release_cred (gss_release_cred.c:65) ==2165== by 0x5492B63: free_gssapi_creds (credentials_krb5.c:443) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== ==2165== Invalid read of size 4 ==2165== at 0xA236D9C: mcc_store_cred (mcache.c:243) ==2165== by 0xA20F1BB: krb5_cc_store_cred (cache.c:684) ==2165== by 0xA22487A: krb5_get_credentials_with_flags (get_cred.c:1207) ==2165== by 0xA2248C5: krb5_get_credentials (get_cred.c:1220) ==2165== by 0x956E1B7: gsskrb5_get_creds (init_sec_context.c:246) ==2165== by 0x956E73D: init_auth (init_sec_context.c:455) ==2165== by 0x956F52F: _gsskrb5_init_sec_context (init_sec_context.c:942) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x1155902c is 12 bytes inside a block of size 56 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA21DF11: krb5_data_free (data.c:66) ==2165== by 0xA236C3C: mcc_close (mcache.c:189) ==2165== by 0xA20F173: krb5_cc_close (cache.c:665) ==2165== by 0xA20F143: krb5_cc_destroy (cache.c:647) ==2165== by 0x5491FA6: free_mccache (credentials_krb5.c:127) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== ==2165== Invalid read of size 8 ==2165== at 0xA20F2C6: krb5_cc_get_principal (cache.c:748) ==2165== by 0x956E3FA: do_delegation (init_sec_context.c:328) ==2165== by 0x956EA54: init_auth_restart (init_sec_context.c:571) ==2165== by 0x956F588: _gsskrb5_init_sec_context (init_sec_context.c:959) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x2572eb50 is 0 bytes inside a block of size 24 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA20F182: krb5_cc_close (cache.c:666) ==2165== by 0x957E52E: _gsskrb5_release_cred (release_cred.c:65) ==2165== by 0x9586895: gss_release_cred (gss_release_cred.c:65) ==2165== by 0x5492B63: free_gssapi_creds (credentials_krb5.c:443) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== ==2165== Invalid read of size 8 ==2165== at 0xA236F18: mcc_get_principal (mcache.c:270) ==2165== by 0xA20F2E1: krb5_cc_get_principal (cache.c:748) ==2165== by 0x956E3FA: do_delegation (init_sec_context.c:328) ==2165== by 0x956EA54: init_auth_restart (init_sec_context.c:571) ==2165== by 0x956F588: _gsskrb5_init_sec_context (init_sec_context.c:959) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x2572eb60 is 16 bytes inside a block of size 24 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA20F182: krb5_cc_close (cache.c:666) ==2165== by 0x957E52E: _gsskrb5_release_cred (release_cred.c:65) ==2165== by 0x9586895: gss_release_cred (gss_release_cred.c:65) ==2165== by 0x5492B63: free_gssapi_creds (credentials_krb5.c:443) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== ==2165== Invalid read of size 4 ==2165== at 0xA236F24: mcc_get_principal (mcache.c:272) ==2165== by 0xA20F2E1: krb5_cc_get_principal (cache.c:748) ==2165== by 0x956E3FA: do_delegation (init_sec_context.c:328) ==2165== by 0x956EA54: init_auth_restart (init_sec_context.c:571) ==2165== by 0x956F588: _gsskrb5_init_sec_context (init_sec_context.c:959) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x1155902c is 12 bytes inside a block of size 56 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA21DF11: krb5_data_free (data.c:66) ==2165== by 0xA236C3C: mcc_close (mcache.c:189) ==2165== by 0xA20F173: krb5_cc_close (cache.c:665) ==2165== by 0xA20F143: krb5_cc_destroy (cache.c:647) ==2165== by 0x5491FA6: free_mccache (credentials_krb5.c:127) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== ==2165== Invalid read of size 4 ==2165== at 0x956EB26: init_auth_restart (init_sec_context.c:606) ==2165== by 0x956F588: _gsskrb5_init_sec_context (init_sec_context.c:959) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x255d1718 is 8 bytes inside a block of size 64 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x957E5FA: _gsskrb5_release_cred (release_cred.c:73) ==2165== by 0x9586895: gss_release_cred (gss_release_cred.c:65) ==2165== by 0x5492B63: free_gssapi_creds (credentials_krb5.c:443) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== ==2165== Invalid write of size 4 ==2165== at 0x956EB59: init_auth_restart (init_sec_context.c:613) ==2165== by 0x956F588: _gsskrb5_init_sec_context (init_sec_context.c:959) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x114d63ac is 108 bytes inside a block of size 224 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== ==2165== Invalid read of size 8 ==2165== at 0xA20F2C6: krb5_cc_get_principal (cache.c:748) ==2165== by 0xA20FE05: build_conf_principals (cache.c:1226) ==2165== by 0xA21011A: krb5_cc_get_config (cache.c:1347) ==2165== by 0x956EC06: init_auth_restart (init_sec_context.c:628) ==2165== by 0x956F588: _gsskrb5_init_sec_context (init_sec_context.c:959) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x2572eb50 is 0 bytes inside a block of size 24 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA20F182: krb5_cc_close (cache.c:666) ==2165== by 0x957E52E: _gsskrb5_release_cred (release_cred.c:65) ==2165== by 0x9586895: gss_release_cred (gss_release_cred.c:65) ==2165== by 0x5492B63: free_gssapi_creds (credentials_krb5.c:443) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== ==2165== Invalid read of size 8 ==2165== at 0xA236F18: mcc_get_principal (mcache.c:270) ==2165== by 0xA20F2E1: krb5_cc_get_principal (cache.c:748) ==2165== by 0xA20FE05: build_conf_principals (cache.c:1226) ==2165== by 0xA21011A: krb5_cc_get_config (cache.c:1347) ==2165== by 0x956EC06: init_auth_restart (init_sec_context.c:628) ==2165== by 0x956F588: _gsskrb5_init_sec_context (init_sec_context.c:959) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x2572eb60 is 16 bytes inside a block of size 24 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA20F182: krb5_cc_close (cache.c:666) ==2165== by 0x957E52E: _gsskrb5_release_cred (release_cred.c:65) ==2165== by 0x9586895: gss_release_cred (gss_release_cred.c:65) ==2165== by 0x5492B63: free_gssapi_creds (credentials_krb5.c:443) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== ==2165== Invalid read of size 4 ==2165== at 0xA236F24: mcc_get_principal (mcache.c:272) ==2165== by 0xA20F2E1: krb5_cc_get_principal (cache.c:748) ==2165== by 0xA20FE05: build_conf_principals (cache.c:1226) ==2165== by 0xA21011A: krb5_cc_get_config (cache.c:1347) ==2165== by 0x956EC06: init_auth_restart (init_sec_context.c:628) ==2165== by 0x956F588: _gsskrb5_init_sec_context (init_sec_context.c:959) ==2165== by 0x9587E86: gss_init_sec_context (gss_init_sec_context.c:187) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x1155902c is 12 bytes inside a block of size 56 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0xA21DF11: krb5_data_free (data.c:66) ==2165== by 0xA236C3C: mcc_close (mcache.c:189) ==2165== by 0xA20F173: krb5_cc_close (cache.c:665) ==2165== by 0xA20F143: krb5_cc_destroy (cache.c:647) ==2165== by 0x5491FA6: free_mccache (credentials_krb5.c:127) ==2165== by 0x67A0BA8: _talloc_free_internal (talloc.c:831) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== ==2165== Invalid write of size 8 ==2165== at 0x9587EE7: gss_init_sec_context (gss_init_sec_context.c:208) ==2165== by 0x613BB29: gensec_gssapi_update (gensec_gssapi.c:464) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x114d6390 is 80 bytes inside a block of size 224 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== ==2165== Invalid write of size 8 ==2165== at 0x613BB3E: gensec_gssapi_update (gensec_gssapi.c:478) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x114d63c8 is 136 bytes inside a block of size 224 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== ==2165== Invalid read of size 4 ==2165== at 0x613BC67: gensec_gssapi_update (gensec_gssapi.c:516) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x114d6408 is 200 bytes inside a block of size 224 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== ==2165== Invalid write of size 4 ==2165== at 0x613BC71: gensec_gssapi_update (gensec_gssapi.c:516) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x114d6408 is 200 bytes inside a block of size 224 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== ==2165== Invalid read of size 4 ==2165== at 0x67A0033: talloc_chunk_from_ptr (talloc.c:349) ==2165== by 0x67A0368: __talloc (talloc.c:556) ==2165== by 0x67A074A: _talloc_named_const (talloc.c:676) ==2165== by 0x67A2F14: _talloc_memdup (talloc.c:1910) ==2165== by 0x635FED0: data_blob_talloc_named (data_blob.c:52) ==2165== by 0x613BF81: gensec_gssapi_update (gensec_gssapi.c:550) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x25f07950 is 64 bytes inside a block of size 184 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== ==2165== Invalid read of size 4 ==2165== at 0x67A004D: talloc_chunk_from_ptr (talloc.c:355) ==2165== by 0x67A0368: __talloc (talloc.c:556) ==2165== by 0x67A074A: _talloc_named_const (talloc.c:676) ==2165== by 0x67A2F14: _talloc_memdup (talloc.c:1910) ==2165== by 0x635FED0: data_blob_talloc_named (data_blob.c:52) ==2165== by 0x613BF81: gensec_gssapi_update (gensec_gssapi.c:550) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x25f07950 is 64 bytes inside a block of size 184 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== ==2165== Invalid read of size 8 ==2165== at 0x67A005B: talloc_chunk_from_ptr (talloc.c:356) ==2165== by 0x67A0368: __talloc (talloc.c:556) ==2165== by 0x67A074A: _talloc_named_const (talloc.c:676) ==2165== by 0x67A2F14: _talloc_memdup (talloc.c:1910) ==2165== by 0x635FED0: data_blob_talloc_named (data_blob.c:52) ==2165== by 0x613BF81: gensec_gssapi_update (gensec_gssapi.c:550) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x6132E90: gensec_spnego_create_negTokenInit (spnego.c:644) ==2165== by 0x6133891: gensec_spnego_update (spnego.c:842) ==2165== by 0x6134DB1: gensec_spnego_update_wrapper (spnego.c:1311) ==2165== by 0x61354B5: gensec_update (gensec.c:220) ==2165== by 0x76F715E: dcerpc_bind_auth_send (dcerpc_auth.c:372) ==2165== by 0x76F9AF5: dcerpc_pipe_auth_send (dcerpc_util.c:621) ==2165== by 0x770022E: dcerpc_secondary_auth_connection_bind (dcerpc_secondary.c:299) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FFF87: continue_pipe_open (dcerpc_secondary.c:191) ==2165== by 0x76FFE10: continue_open_smb (dcerpc_secondary.c:140) ==2165== by 0xB8002CC: composite_done (composite.c:143) ==2165== by 0x76FB3E0: pipe_open_recv (dcerpc_smb.c:571) ==2165== by 0xD079F6E: smbcli_request_done (clitransport.c:449) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0xD2BDCAA: smb1cli_conn_dispatch_incoming (smbXcli_base.c:2021) ==2165== by 0xD2BC774: smbXcli_conn_received (smbXcli_base.c:1581) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0C60: read_smb_done (read_smb.c:98) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x659292B: _tevent_req_done (tevent_req.c:116) ==2165== by 0x103A0651: read_packet_handler (async_sock.c:639) ==2165== by 0x65994F1: epoll_event_loop (tevent_epoll.c:736) ==2165== by 0x6599B05: epoll_event_loop_once (tevent_epoll.c:931) ==2165== by 0x659688A: std_event_loop_once (tevent_standard.c:112) ==2165== by 0x6590F4E: _tevent_loop_once (tevent.c:530) ==2165== by 0x65911AE: tevent_common_loop_wait (tevent.c:634) ==2165== by 0x659692C: std_event_loop_wait (tevent_standard.c:138) ==2165== by 0x6591279: _tevent_loop_wait (tevent.c:653) ==2165== by 0x40B590: binary_smbd_main (server.c:486) ==2165== by 0x40B5D6: main (server.c:497) ==2165== Address 0x25f07940 is 48 bytes inside a block of size 184 free'd ==2165== at 0x4C2A82E: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==2165== by 0x67A0E9A: _talloc_free_internal (talloc.c:878) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1BFF: _talloc_free_children_internal (talloc.c:1256) ==2165== by 0x67A0D4B: _talloc_free_internal (talloc.c:851) ==2165== by 0x67A1FF8: _talloc_free (talloc.c:1371) ==2165== by 0x5D21E58: stream_terminate_connection (service_stream.c:82) ==2165== by 0x1989FD31: wbsrv_terminate_connection (wb_server.c:34) ==2165== by 0x1989FE46: wbsrv_call_loop (wb_server.c:66) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB1ECEDC: _tevent_req_nterror (tevent_ntstatus.c:46) ==2165== by 0x5D2391F: tstream_read_pdu_blob_done (tstream.c:110) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB806512: tstream_readv_done (tsocket.c:598) ==2165== by 0x65928D2: _tevent_req_notify_callback (tevent_req.c:101) ==2165== by 0x6592904: tevent_req_finish (tevent_req.c:110) ==2165== by 0x6592970: _tevent_req_error (tevent_req.c:128) ==2165== by 0xB80A704: tstream_bsd_readv_handler (tsocket_bsd.c:1749) ==2165== by 0xB809F8D: tstream_bsd_fde_handler (tsocket_bsd.c:1513) ==2165== talloc: access after free error - first free may be at ../source4/smbd/service_stream.c:82 Bad talloc magic value - access after free smb_panic(): calling panic action [/usr/bin/screen -d -m /etc/nolteinfosysteme/tsamba4restart.cron] smb_panic(): action returned status 0 PANIC: Bad talloc magic value - access after free ==2165== ==2165== HEAP SUMMARY: ==2165== in use at exit: 4,753,311 bytes in 40,174 blocks ==2165== total heap usage: 808,049 allocs, 767,875 frees, 129,676,034 bytes allocated ==2165== ==2165== LEAK SUMMARY: ==2165== definitely lost: 76 bytes in 2 blocks ==2165== indirectly lost: 2,222 bytes in 42 blocks ==2165== possibly lost: 135,341 bytes in 1,214 blocks ==2165== still reachable: 4,615,672 bytes in 38,916 blocks ==2165== suppressed: 0 bytes in 0 blocks ==2165== Rerun with --leak-check=full to see details of leaked memory ==2165== ==2165== For counts of detected and suppressed errors, rerun with: -v ==2165== ERROR SUMMARY: 18 errors from 18 contexts (suppressed: 2 from 2) Mit freundlichen Grüßen Thomas Nolte -- Nolte Infosysteme, Im Sikfeld 8, 38304 Wolfenbuettel Tel 05331-946210, Fax 05331-946211, Handy 0170-5508198 Computer, Netzwerk, Kommunikation www.nisx.de -----Ursprüngliche Nachricht----- Von: Andrew Bartlett [mailto:abartlet@samba.org] Gesendet: Freitag, 26. April 2013 23:59 An: Thomas Nolte Cc: samba@lists.samba.org Betreff: Re: AW: [Samba] [samba4] crash of winbind after "ls -l /usr/local/samba/var/locks/sysvol" On Fri, 2013-04-26 at 19:47 +0200, samba@nisx.de wrote: > Hi, > > same problem here: We need to know where that free is coming from, can you add --num-callers=64? eg valgrind --num-callers=64 samba -i -M single > out 2>&1 [...] -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba