Bug 13170 - Crash in pthreadpool thread after failure from pthread_create
Summary: Crash in pthreadpool thread after failure from pthread_create
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: 4.6.8
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-11-28 21:17 UTC by Christof Schmitt
Modified: 2017-12-14 11:16 UTC (History)
2 users (show)

See Also:

Attachments
Patches for 4.7 (13.58 KB, patch)
2017-12-08 16:28 UTC, Christof Schmitt 		vl: review+
Details
Patches for 4.6 (5.60 KB, patch)
2017-12-08 16:28 UTC, Christof Schmitt 		vl: review+
Details
Additional fix for cmocka test (4.7. only) (1.45 KB, patch)
2017-12-13 08:58 UTC, Karolin Seeger 		vl: review+
Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christof Schmitt 2017-11-28 21:17:53 UTC 
pthreadpool_add_job first adds the job to its internal array.
If for some reason a following call fails(e.g. pthread_create),
the caller will free the data structure while it is still referenced
in the pthreadpool array and a workerthread can access the freed
memory.

Patch to follow.
Comment 1 Christof Schmitt 2017-12-08 16:28:23 UTC 
Created attachment 13852 [details]
Patches for 4.7
Comment 2 Christof Schmitt 2017-12-08 16:28:50 UTC 
Created attachment 13853 [details]
Patches for 4.6
Comment 3 Karolin Seeger 2017-12-13 08:58:26 UTC 
Created attachment 13855 [details]
Additional fix for cmocka test (4.7. only)
Comment 4 Karolin Seeger 2017-12-13 09:03:05 UTC 
Pushed patches + additional patch to autobuild-v4-7-test and patches to  autobuild-v4-6-test.
Comment 5 Karolin Seeger 2017-12-14 11:16:18 UTC 
Pushed to both branches.
Closing out bug report.

Thanks!