Bug 10500 - Samba smbd process shutdown failure and high CPU usage
Summary: Samba smbd process shutdown failure and high CPU usage
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: 4.1.5
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-17 14:39 UTC by John Janosik
Modified: 2023-01-10 16:24 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Janosik 2014-03-17 14:39:06 UTC 
After a client closes its connection to the server the smbd process loops forever using CPU in the tevent_loop_once  code.  Tested with Samba 4.1.5 on AIX 7.1 TL2 in a CTDB 2.5.2 cluster.

Example stack of an smbd process in this state:

gettimeofday(??, ??) at 0xd0223d00
GetTimeOfDay(tval = 0x2ff20d80), line 54 in "time.c"
timeval_current(), line 542 in "time.c"
smbXsrv_session_close_loop(subreq = 0x2000cde8), line 243 in "smbXsrv_session.c"
_tevent_req_notify_callback(req = 0x2000cde8, location = "../source3/lib/msg_channel.c:234"), line 101 in "tevent_req.c"
tevent_req_finish(req = 0x2000cde8, state = TEVENT_REQ_USER_ERROR, location = "../source3/lib/msg_channel.c:234"), line 110 in "tevent_req.c"
tevent_req_trigger(ev = 0x2000b2f8, im = 0x200c1528, private_data = 0x2000cde8), line 166 in "tevent_req.c"
tevent_common_loop_immediate(ev = 0x2000b2f8), line 135 in "tevent_immediate.c"
run_events_poll(ev = 0x2000b2f8, pollrtn = 0, pfds = (nil), num_pfds = 0), line 192 in "events.c"
s3_event_loop_once(ev = 0x2000b2f8, location = "../source3/smbd/process.c:3626"), line 303 in "events.c"
_tevent_loop_once(ev = 0x2000b2f8, location = "../source3/smbd/process.c:3626"), line 530 in "tevent.c"
smbd_process(ev_ctx = 0x2000b2f8, msg_ctx = 0x2000b378, sock_fd = 40, interactive = @0x00000000), line 3626 in "process.c"
unnamed block in smbd_accept_connection(ev = 0x2000b2f8, fde = 0x200c1598, flags = 1, private_data = 0x200c1548), line 621 in "server.c"
smbd_accept_connection(ev = 0x2000b2f8, fde = 0x200c1598, flags = 1, private_data = 0x200c1548), line 621 in "server.c"
unnamed block in run_events_poll(ev = 0x2000b2f8, pollrtn = 1, pfds = 0x200148a8, num_pfds = 7), line 257 in "events.c"
run_events_poll(ev = 0x2000b2f8, pollrtn = 1, pfds = 0x200148a8, num_pfds = 7), line 257 in "events.c"
s3_event_loop_once(ev = 0x2000b2f8, location = "../source3/smbd/server.c:943"), line 326 in "events.c"
_tevent_loop_once(ev = 0x2000b2f8, location = "../source3/smbd/server.c:943"), line 530 in "tevent.c"
unnamed block in smbd_parent_loop(ev_ctx = 0x2000b2f8, parent = 0x2000e6e8), line 943 in "server.c"
smbd_parent_loop(ev_ctx = 0x2000b2f8, parent = 0x2000e6e8), line 943 in "server.c"

I can attach a debugger to an smbd process in this state on a system with smbd build with debug symbols and step through the code.  The tevent_loop_once code called in source3/smbd/process.c:smbd_process always hits the case in source3/lib/events.c:run_events_poll that there is an immediate event to process.  I'm not sure how to look at the tevent context in the debugger to determine why the smbd is continually processesing an event.
Comment 1 Björn Jacke 2023-01-10 16:24:12 UTC 
I don't think that this is still an issue, is it?