smbd calls gencache_stabilize() from exit_server_common() upon process shutdown. But the signal handlers for SIGTERM, SIGHUP have been unregistered by TALLOC_FREE(global_smbXsrv_client) already then. So, gencache_stabilize() can be interrupted and killed at any time if smbd receives signals. This leads to a silent gencache_notrans.tdb and gencache.tdb corruption. Proposed Fixes: 1 Move gencache_stabilize() before TALLOC_FREEs. 2 Let gencache_stabilize() block signals. 3 Do we really need gencache_stabilize() on smbd? Smbd does not seem to use gencache so often. Logs: # /usr/local/samba/sbin/smbd --version Version 4.9.0pre1-GIT-2610a3f # cat /proc/10442/status Name: smbd SigBlk: 0000000000001880 SigIgn: 0000000000000000 SigCgt: 0000000180014461 Let smbd exit. (gdb) bt #0 0x00007f4c75d9fab9 in gencache_stabilize () from /usr/local/samba/lib/libsmbconf.so.0 #1 0x00007f4c780472ad in exit_server_common () from /usr/local/samba/lib/private/libsmbd-base-samba4.so #2 0x00007f4c780472f1 in smbd_exit_server_cleanly () from /usr/local/samba/lib/private/libsmbd-base-samba4.so #3 0x00007f4c749acc17 in exit_server_cleanly () from /usr/local/samba/lib/private/libsmbd-shim-samba4.so #4 0x00007f4c7800d4cd in smbd_server_connection_terminate_ex () from /usr/local/samba/lib/private/libsmbd-base-samba4.so #5 0x00007f4c7801e4d4 in smbd_smb2_request_create_done () from /usr/local/samba/lib/private/libsmbd-base-samba4.so SigBlk: 0000000000001880 SigIgn: 0000000000000000 SigCgt: 0000000180010460 XXX SIGTERM mask 0x4000 is gone. # kill -TERM 10442 (gdb) c Continuing. Program received signal SIGTERM, Terminated. 0x00007f4c75d9fab9 in gencache_stabilize () from /usr/local/samba/lib/libsmbconf.so.0 (gdb) c Continuing. Program terminated with signal SIGTERM, Terminated. The program no longer exists. (gdb)
With https://gitlab.com/samba-team/samba/-/commit/1386200be5c583c680c3894a11688a0e0a3d2285 samba 4.10 has removed the transaction-based gencache and replaced it with just a volatile database that will be wiped whenever we detect corruption.