13309 – Fix winbind child process exit bug

Bug 13309 - Fix winbind child process exit bug

Summary: Fix winbind child process exit bug

Status:	ASSIGNED

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	Winbind (show other bugs)
Version:	4.8.0rc2
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Andreas Schneider
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-02-27 15:49 UTC by Andreas Schneider
Modified:	2020-08-18 05:27 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Schneider 2018-02-27 15:49:10 UTC

Fix a bug when a child dies when a request is pending in the child. If the     signal handler fires before epoll finds out the other end of the parent-child     socket is closed, we close the socket on our side without taking care of the     pending request. This causes two problems: First, that one pending request     never is replied to properly, and secondly, we might end up with EPOLL_DEL on a     wrong file descriptor. This causes all sorts of trouble if we hit an active     one.
    
The fix for this problem is not to close the socket in winbind_child_died().    This however stops an idle child that dies hard from being properly cleaned up.     The fix for that is to add the child->monitor_fde that is set pending only when     no child request is active. This way we can remove the close(sock) in the     signal handler.

Comment 1 Amit Kumar 2019-01-04 08:51:19 UTC

epoll is monitoring descriptors and associated events 
Signal recieved and signal handler fires(which signal SIGCHLD?) and closes 1 end of named pipe/fifo (may be read or write)
And we close other end.

Can we reproduce this issue, how?

struct winbindd_child {
	..
	int monitor_fde;
};
if (no_child_active)
	monitor_fde=-1;	//pending