Reported on the mailing list here: https://lists.samba.org/archive/samba/2021-November/238134.html coredump here: https://gist.github.com/SenH/2a611b30b8ed9ef7c234b7d14d75d074 Nov 01 20:53:36 router smbd[456352]: [2021/11/01 20:53:36.166458, 0] ../../source3/smbd/fd_handle.c:92(fsp_get_io_fd) Nov 01 20:53:36 router smbd[456352]: fsp_get_io_fd: fsp [complete/test.docx] is a path referencing fsp Nov 01 20:53:36 router smbd[456352]: [2021/11/01 20:53:36.166667, 0] ../../lib/util/fault.c:172(smb_panic_log) Nov 01 20:53:36 router smbd[456352]: =============================================================== Nov 01 20:53:36 router smbd[456352]: [2021/11/01 20:53:36.166745, 0] ../../lib/util/fault.c:173(smb_panic_log) Nov 01 20:53:36 router smbd[456352]: INTERNAL ERROR: bad fsp in pid 456352 (4.15.1) Nov 01 20:53:36 router smbd[456352]: [2021/11/01 20:53:36.166819, 0] ../../lib/util/fault.c:177(smb_panic_log) Nov 01 20:53:36 router smbd[456352]: If you are running a recent Samba version, and if you think this problem is not yet fixed in the latest versions, please consider reporting this bug, see https://wiki.samba.org/index.php/Bug_Reporting Nov 01 20:53:36 router smbd[456352]: [2021/11/01 20:53:36.166897, 0] ../../lib/util/fault.c:182(smb_panic_log) Nov 01 20:53:36 router smbd[456352]: =============================================================== Nov 01 20:53:36 router smbd[456352]: [2021/11/01 20:53:36.166970, 0] ../../lib/util/fault.c:183(smb_panic_log) Nov 01 20:53:36 router smbd[456352]: PANIC (pid 456352): bad fsp in 4.15.1 Nov 01 20:53:36 router smbd[456352]: [2021/11/01 20:53:36.168868, 0] ../../lib/util/fault.c:287(log_stack_trace) Nov 01 20:53:36 router smbd[456352]: BACKTRACE: 29 stack frames: Nov 01 20:53:36 router smbd[456352]: #0 /usr/lib/libsamba-util.so.0(log_stack_trace+0x31) [0x7efdc6c5c8c1] Nov 01 20:53:36 router smbd[456352]: #1 /usr/lib/libsamba-util.so.0(smb_panic+0xa) [0x7efdc6c5cb2a] Nov 01 20:53:36 router smbd[456352]: #2 /usr/lib/samba/vfs/fruit.so(ad_fset+0xcd5) [0x7efdc1828f55] Nov 01 20:53:36 router smbd[456352]: #3 /usr/lib/samba/vfs/fruit.so(+0xafd5) [0x7efdc182cfd5] Nov 01 20:53:36 router smbd[456352]: #4 /usr/lib/samba/vfs/catia.so(+0x603b) [0x7efdc181a03b] Nov 01 20:53:36 router smbd[456352]: #5 /usr/lib/samba/libsmbd-base-samba4.so(file_ntimes+0x94) [0x7efdc6dd1b94] Nov 01 20:53:36 router smbd[456352]: #6 /usr/lib/samba/libsmbd-base-samba4.so(+0xf6ab5) [0x7efdc6db9ab5] Nov 01 20:53:36 router smbd[456352]: #7 /usr/lib/samba/libsmbd-base-samba4.so(smbd_do_setfilepathinfo+0x530) [0x7efdc6dc7940] Nov 01 20:53:36 router smbd[456352]: #8 /usr/lib/samba/libsmbd-base-samba4.so(smbd_smb2_request_process_setinfo+0x689) [0x7efdc6e2b729] Nov 01 20:53:36 router smbd[456352]: #9 /usr/lib/samba/libsmbd-base-samba4.so(smbd_smb2_request_dispatch+0x12bb) [0x7efdc6e120fb] Nov 01 20:53:36 router smbd[456352]: #10 /usr/lib/samba/libsmbd-base-samba4.so(smbd_smb2_request_dispatch_immediate+0x51) [0x7efdc6e137f1]
Ralph, making sure you know about this one.
Created attachment 16905 [details] raw patch for master / 4.15.next Ralph, I think this is the fix (raw untested patch). We're always calling fsp_get_io_fd() in a call path where we're calling SMB_VFS_NEXT_FSETXATTR() so only need a pathref fsp. The only question is, how to reproduce this for the test ?
Comment on attachment 16905 [details] raw patch for master / 4.15.next I think we can safely remove the whole paranioa check.
This bug was referenced in samba master: 3cb9f8f5ff29c14e117b57896c4540cc66510a1a
Created attachment 16942 [details] git-am fix for 4.15.next. Cherry-picked from master.
Reassigning to Jule for inclusion in 4.15.
Pushed to autobuild-v4-15-test.
This bug was referenced in samba v4-15-test: f926586544e8c92b58ccba133992f75f8c33c5a1
Closing out bug report. Thanks!
This bug was referenced in samba v4-15-stable (Release samba-4.15.3): f926586544e8c92b58ccba133992f75f8c33c5a1