Environment setup: When macOS Finder connect to a samba server with 'spotlight = yes', macOS would issue mdssvc open (mdssvc.opnum == 0) to samba and it goes through api _mdssvc_open(). After applied 578e434a94147dc2d7dbfc006d2ab84807859c1d, (this is reported by jaywei@qnap.com) this line 'talloc_free(path);' is deleted if _mdssvc_open() normal exit, so memory is lazy de-allocate: delayed to smbd_tevent_trace_callback() @ smb2_process.c. [1] Supposed to explicitly free 'path' in _mdssvc_open() @ srv_mdssvc_nt.c[2] just like abnormal exit, do not wait for main loop to free 'path' which is no longer used, this is more consistent while reading source code. patch will follow. ``` [1] gdb tracing 'path' address 0x56204ccc67e0 to know how it is freed. Breakpoint 1, _mdssvc_open (p=0x56204ccd3f30, r=0x56204cc9c740) at ../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:145 145 if (path == NULL) { #0 _mdssvc_open (p=0x56204ccd3f30, r=0x56204cc9c740) at ../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:145 #1 0x00007ff431e3a2ef in mdssvc__op_dispatch_internal (dce_call=0x56204ccd83e0, mem_ctx=0x56204ccd83e0, r=0x56204cc9c740, dispatch=S3COMPAT_RPC_DISPATCH_EXTERNAL) at ./librpc/gen_ndr/ndr_mdssvc_scompat.c:120 #2 0x00007ff431e3a719 in mdssvc__op_dispatch (dce_call=0x56204ccd83e0, mem_ctx=0x56204ccd83e0, r=0x56204cc9c740) at ./librpc/gen_ndr/ndr_mdssvc_scompat.c:237 #3 0x00007ff4308d01cc in dcesrv_request (call=0x56204ccd83e0) at ../../librpc/rpc/dcesrv_core.c:1920 #4 0x00007ff4308d1369 in dcesrv_process_ncacn_packet (dce_conn=0x56204ccacec0, pkt=0x56204cce0250, blob=...) at ../../librpc/rpc/dcesrv_core.c:2344 #5 0x00007ff4308d2b40 in dcesrv_read_fragment_done (subreq=0x0) at ../../librpc/rpc/dcesrv_core.c:2882 #6 0x00007ff4313bf9c7 in _tevent_req_notify_callback (req=0x56204cce0020, location=0x7ff42edfa8b0 "../../librpc/rpc/dcerpc_util.c:628") at ../../lib/tevent/tevent_req.c:141 #7 0x00007ff4313bfb26 in tevent_req_finish (req=0x56204cce0020, state=TEVENT_REQ_DONE, location=0x7ff42edfa8b0 "../../librpc/rpc/dcerpc_util.c:628") at ../../lib/tevent/tevent_req.c:193 #8 0x00007ff4313bfb52 in _tevent_req_done (req=0x56204cce0020, location=0x7ff42edfa8b0 "../../librpc/rpc/dcerpc_util.c:628") at ../../lib/tevent/tevent_req.c:199 #9 0x00007ff42ede5d66 in dcerpc_read_ncacn_packet_done (subreq=0x0) at ../../librpc/rpc/dcerpc_util.c:628 #10 0x00007ff4313bf9c7 in _tevent_req_notify_callback (req=0x56204cce0360, location=0x7ff4306bb6c8 "../../lib/tsocket/tsocket_helpers.c:310") at ../../lib/tevent/tevent_req.c:141 #11 0x00007ff4313bfb26 in tevent_req_finish (req=0x56204cce0360, state=TEVENT_REQ_DONE, location=0x7ff4306bb6c8 "../../lib/tsocket/tsocket_helpers.c:310") at ../../lib/tevent/tevent_req.c:193 #12 0x00007ff4313bfb52 in _tevent_req_done (req=0x56204cce0360, location=0x7ff4306bb6c8 "../../lib/tsocket/tsocket_helpers.c:310") at ../../lib/tevent/tevent_req.c:199 #13 0x00007ff4306ae93e in tstream_readv_pdu_ask_for_next_vector (req=0x56204cce0360) at ../../lib/tsocket/tsocket_helpers.c:310 #14 0x00007ff4306aeb68 in tstream_readv_pdu_readv_done (subreq=0x56204cce0a80) at ../../lib/tsocket/tsocket_helpers.c:384 #15 0x00007ff4313bf9c7 in _tevent_req_notify_callback (req=0x56204cce0a80, location=0x7ff4306bb128 "../../lib/tsocket/tsocket.c:692") at ../../lib/tevent/tevent_req.c:141 #16 0x00007ff4313bfb26 in tevent_req_finish (req=0x56204cce0a80, state=TEVENT_REQ_DONE, location=0x7ff4306bb128 "../../lib/tsocket/tsocket.c:692") at ../../lib/tevent/tevent_req.c:193 #17 0x00007ff4313bfb52 in _tevent_req_done (req=0x56204cce0a80, location=0x7ff4306bb128 "../../lib/tsocket/tsocket.c:692") at ../../lib/tevent/tevent_req.c:199 #18 0x00007ff4306add46 in tstream_readv_done (subreq=0x0) at ../../lib/tsocket/tsocket.c:692 #19 0x00007ff4313bf9c7 in _tevent_req_notify_callback (req=0x56204ccc6440, location=0x7ff42b725358 "../../libcli/named_pipe_auth/npa_tstream.c:522") at ../../lib/tevent/tevent_req.c:141 #20 0x00007ff4313bfb26 in tevent_req_finish (req=0x56204ccc6440, state=TEVENT_REQ_DONE, location=0x7ff42b725358 "../../libcli/named_pipe_auth/npa_tstream.c:522") at ../../lib/tevent/tevent_req.c:193 #21 0x00007ff4313bfc50 in tevent_req_trigger (ev=0x56204cc56ae0, im=0x56204ccc6530, private_data=0x56204ccc6440) at ../../lib/tevent/tevent_req.c:250 #22 0x00007ff4313be909 in tevent_common_invoke_immediate_handler (im=0x56204ccc6530, removed=0x0) at ../../lib/tevent/tevent_immediate.c:166 #23 0x00007ff4313bea0f in tevent_common_loop_immediate (ev=0x56204cc56ae0) at ../../lib/tevent/tevent_immediate.c:203 #24 0x00007ff4313c8d19 in epoll_event_loop_once (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent_epoll.c:918 #25 0x00007ff4313c5731 in std_event_loop_once (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent_standard.c:110 #26 0x00007ff4313bd45a in _tevent_loop_once (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:772 #27 0x00007ff4313bd76a in tevent_common_loop_wait (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:895 #28 0x00007ff4313c57d3 in std_event_loop_wait (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent_standard.c:141 #29 0x00007ff4313bd80d in _tevent_loop_wait (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:914 #30 0x00007ff431d8304e in smbd_process (ev_ctx=0x56204cc56ae0, msg_ctx=0x56204cc49510, dce_ctx=0x56204cc5b520, sock_fd=50, interactive=false) at ../../source3/smbd/process.c:4240 #31 0x000056204ac0fb32 in smbd_accept_connection (ev=0x56204cc56ae0, fde=0x56204cc8d3f0, flags=1, private_data=0x56204cc92000) at ../../source3/smbd/server.c:1242 #32 0x00007ff4313be180 in tevent_common_invoke_fd_handler (fde=0x56204cc8d3f0, flags=1, removed=0x0) at ../../lib/tevent/tevent_fd.c:138 #33 0x00007ff4313c876e in epoll_event_loop (epoll_ev=0x56204cc49350, tvalp=0x7ffe46592140) at ../../lib/tevent/tevent_epoll.c:736 #34 0x00007ff4313c8db3 in epoll_event_loop_once (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_epoll.c:937 #35 0x00007ff4313c5731 in std_event_loop_once (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_standard.c:110 #36 0x00007ff4313bd45a in _tevent_loop_once (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:772 #37 0x00007ff4313bd76a in tevent_common_loop_wait (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:895 #38 0x00007ff4313c57d3 in std_event_loop_wait (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_standard.c:141 #39 0x00007ff4313bd80d in _tevent_loop_wait (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:914 #40 0x000056204ac1072b in smbd_parent_loop (ev_ctx=0x56204cc56ae0, parent=0x56204cc5ae80) at ../../source3/smbd/server.c:1593 #41 0x000056204ac12a0c in main (argc=6, argv=0x7ffe46592758) at ../../source3/smbd/server.c:2478 140 if (!VALID_SNUM(snum)) { 141 return; 142 } 143 144 path = lp_path(talloc_tos(), lp_sub, snum); 145 if (path == NULL) { 146 DBG_ERR("Couldn't create path for %s\n", 147 r->in.share_name); 148 p->fault_state = DCERPC_FAULT_CANT_PERFORM; 149 return; (gdb) p path $1 = 0x56204ccc67e0 "/share/dir" (gdb) b _tc_free_children_internal if (ptr == 0x56204ccc67e0) Breakpoint 2 at 0x7ff430d93af5: file ../../lib/talloc/talloc.c, line 1656. (gdb) c Continuing. Breakpoint 2, _tc_free_children_internal (tc=0x56204ccc6780, ptr=0x56204ccc67e0, location=0x7ff430d96410 "../../lib/talloc/talloc.c:1714") at ../../lib/talloc/talloc.c:1656 1656 while (tc->child) { (gdb) bt #0 _tc_free_children_internal (tc=0x56204ccc6780, ptr=0x56204ccc67e0, location=0x7ff430d96410 "../../lib/talloc/talloc.c:1714") at ../../lib/talloc/talloc.c:1656 #1 0x00007ff430d92b14 in _tc_free_internal (tc=0x56204ccc6780, location=0x7ff430d96410 "../../lib/talloc/talloc.c:1714") at ../../lib/talloc/talloc.c:1183 #2 0x00007ff430d93b71 in _tc_free_children_internal (tc=0x56204ccc6720, ptr=0x56204ccc6780, location=0x7ff430d96410 "../../lib/talloc/talloc.c:1714") at ../../lib/talloc/talloc.c:1668 #3 0x00007ff430d93d66 in talloc_free_children (ptr=0x56204ccc6780) at ../../lib/talloc/talloc.c:1714 #4 0x00007ff432235aca in talloc_pop (frame=0x56204ccc6780) at ../../lib/util/talloc_stack.c:125 #5 0x00007ff430d92959 in _tc_free_internal (tc=0x56204ccc6720, location=0x7ff431f358d0 "../../source3/smbd/process.c:3726") at ../../lib/talloc/talloc.c:1157 #6 0x00007ff430d92cd5 in _talloc_free_internal (ptr=0x56204ccc6780, location=0x7ff431f358d0 "../../source3/smbd/process.c:3726") at ../../lib/talloc/talloc.c:1247 #7 0x00007ff430d93f96 in _talloc_free (ptr=0x56204ccc6780, location=0x7ff431f358d0 "../../source3/smbd/process.c:3726") at ../../lib/talloc/talloc.c:1791 #8 0x00007ff431d81292 in smbd_tevent_trace_callback (point=TEVENT_TRACE_AFTER_LOOP_ONCE, private_data=0x7ffe46591e30) at ../../source3/smbd/process.c:3726 #9 0x00007ff4313bdce6 in tevent_trace_point_callback (ev=0x56204cc56ae0, tp=TEVENT_TRACE_AFTER_LOOP_ONCE) at ../../lib/tevent/tevent_debug.c:133 #10 0x00007ff4313bd46e in _tevent_loop_once (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:773 #11 0x00007ff4313bd76a in tevent_common_loop_wait (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:895 #12 0x00007ff4313c57d3 in std_event_loop_wait (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent_standard.c:141 #13 0x00007ff4313bd80d in _tevent_loop_wait (ev=0x56204cc56ae0, location=0x7ff431f36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:914 #14 0x00007ff431d8304e in smbd_process (ev_ctx=0x56204cc56ae0, msg_ctx=0x56204cc49510, dce_ctx=0x56204cc5b520, sock_fd=50, interactive=false) at ../../source3/smbd/process.c:4240 #15 0x000056204ac0fb32 in smbd_accept_connection (ev=0x56204cc56ae0, fde=0x56204cc8d3f0, flags=1, private_data=0x56204cc92000) at ../../source3/smbd/server.c:1242 #16 0x00007ff4313be180 in tevent_common_invoke_fd_handler (fde=0x56204cc8d3f0, flags=1, removed=0x0) at ../../lib/tevent/tevent_fd.c:138 #17 0x00007ff4313c876e in epoll_event_loop (epoll_ev=0x56204cc49350, tvalp=0x7ffe46592140) at ../../lib/tevent/tevent_epoll.c:736 #18 0x00007ff4313c8db3 in epoll_event_loop_once (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_epoll.c:937 #19 0x00007ff4313c5731 in std_event_loop_once (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_standard.c:110 #20 0x00007ff4313bd45a in _tevent_loop_once (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:772 #21 0x00007ff4313bd76a in tevent_common_loop_wait (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:895 #22 0x00007ff4313c57d3 in std_event_loop_wait (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_standard.c:141 #23 0x00007ff4313bd80d in _tevent_loop_wait (ev=0x56204cc56ae0, location=0x56204ac19be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:914 #24 0x000056204ac1072b in smbd_parent_loop (ev_ctx=0x56204cc56ae0, parent=0x56204cc5ae80) at ../../source3/smbd/server.c:1593 #25 0x000056204ac12a0c in main (argc=6, argv=0x7ffe46592758) at ../../source3/smbd/server.c:2478 (gdb) p *tc $2 = { flags = 79601226, next = 0x0, prev = 0x0, parent = 0x56204ccc6720, child = 0x0, refs = 0x0, destructor = 0x0, name = 0x56204ccc67e0 "/share/dir", size = 11, limit = 0x0, pool = 0x56204ccc6700 } (gdb) ``` [2] gdb tracing 'path' address 0x55a6d66deed0 to know how it is freed. Breakpoint 2, _tc_free_children_internal (tc=0x55a6d66deed0, ptr=0x55a6d66def30, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1656 1656 while (tc->child) { (gdb) bt #0 _tc_free_children_internal (tc=0x55a6d66deed0, ptr=0x55a6d66def30, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1656 #1 0x00007fc4cb892b14 in _tc_free_internal (tc=0x55a6d66deed0, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1183 #2 0x00007fc4cb892cd5 in _talloc_free_internal (ptr=0x55a6d66def30, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1247 #3 0x00007fc4cb893f96 in _talloc_free (ptr=0x55a6d66def30, location=0x7fc4cca84040 "../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189") at ../../lib/talloc/talloc.c:1791 #4 0x00007fc4cc9396e4 in _mdssvc_open (p=0x55a6d66d5600, r=0x55a6d66edc60) at ../../source3/rpc_server/mdssvc/srv_mdssvc_nt.c:189 #5 0x00007fc4cc93a302 in mdssvc__op_dispatch_internal (dce_call=0x55a6d66cf1b0, mem_ctx=0x55a6d66cf1b0, r=0x55a6d66edc60, dispatch=S3COMPAT_RPC_DISPATCH_EXTERNAL) at ./librpc/gen_ndr/ndr_mdssvc_scompat.c:120 #6 0x00007fc4cc93a72c in mdssvc__op_dispatch (dce_call=0x55a6d66cf1b0, mem_ctx=0x55a6d66cf1b0, r=0x55a6d66edc60) at ./librpc/gen_ndr/ndr_mdssvc_scompat.c:237 #7 0x00007fc4cb3d01cc in dcesrv_request (call=0x55a6d66cf1b0) at ../../librpc/rpc/dcesrv_core.c:1920 #8 0x00007fc4cb3d1369 in dcesrv_process_ncacn_packet (dce_conn=0x55a6d66d47c0, pkt=0x55a6d66de3e0, blob=...) at ../../librpc/rpc/dcesrv_core.c:2344 #9 0x00007fc4cb3d2b40 in dcesrv_read_fragment_done (subreq=0x0) at ../../librpc/rpc/dcesrv_core.c:2882 #10 0x00007fc4cbebf9c7 in _tevent_req_notify_callback (req=0x55a6d66de1b0, location=0x7fc4c98fa8b0 "../../librpc/rpc/dcerpc_util.c:628") at ../../lib/tevent/tevent_req.c:141 #11 0x00007fc4cbebfb26 in tevent_req_finish (req=0x55a6d66de1b0, state=TEVENT_REQ_DONE, location=0x7fc4c98fa8b0 "../../librpc/rpc/dcerpc_util.c:628") at ../../lib/tevent/tevent_req.c:193 #12 0x00007fc4cbebfb52 in _tevent_req_done (req=0x55a6d66de1b0, location=0x7fc4c98fa8b0 "../../librpc/rpc/dcerpc_util.c:628") at ../../lib/tevent/tevent_req.c:199 #13 0x00007fc4c98e5d66 in dcerpc_read_ncacn_packet_done (subreq=0x0) at ../../librpc/rpc/dcerpc_util.c:628 #14 0x00007fc4cbebf9c7 in _tevent_req_notify_callback (req=0x55a6d66de4f0, location=0x7fc4cb1bb6c8 "../../lib/tsocket/tsocket_helpers.c:310") at ../../lib/tevent/tevent_req.c:141 #15 0x00007fc4cbebfb26 in tevent_req_finish (req=0x55a6d66de4f0, state=TEVENT_REQ_DONE, location=0x7fc4cb1bb6c8 "../../lib/tsocket/tsocket_helpers.c:310") at ../../lib/tevent/tevent_req.c:193 #16 0x00007fc4cbebfb52 in _tevent_req_done (req=0x55a6d66de4f0, location=0x7fc4cb1bb6c8 "../../lib/tsocket/tsocket_helpers.c:310") at ../../lib/tevent/tevent_req.c:199 #17 0x00007fc4cb1ae93e in tstream_readv_pdu_ask_for_next_vector (req=0x55a6d66de4f0) at ../../lib/tsocket/tsocket_helpers.c:310 #18 0x00007fc4cb1aeb68 in tstream_readv_pdu_readv_done (subreq=0x55a6d66d9ac0) at ../../lib/tsocket/tsocket_helpers.c:384 #19 0x00007fc4cbebf9c7 in _tevent_req_notify_callback (req=0x55a6d66d9ac0, location=0x7fc4cb1bb128 "../../lib/tsocket/tsocket.c:692") at ../../lib/tevent/tevent_req.c:141 #20 0x00007fc4cbebfb26 in tevent_req_finish (req=0x55a6d66d9ac0, state=TEVENT_REQ_DONE, location=0x7fc4cb1bb128 "../../lib/tsocket/tsocket.c:692") at ../../lib/tevent/tevent_req.c:193 #21 0x00007fc4cbebfb52 in _tevent_req_done (req=0x55a6d66d9ac0, location=0x7fc4cb1bb128 "../../lib/tsocket/tsocket.c:692") at ../../lib/tevent/tevent_req.c:199 #22 0x00007fc4cb1add46 in tstream_readv_done (subreq=0x0) at ../../lib/tsocket/tsocket.c:692 #23 0x00007fc4cbebf9c7 in _tevent_req_notify_callback (req=0x55a6d66deb90, location=0x7fc4c6225358 "../../libcli/named_pipe_auth/npa_tstream.c:522") at ../../lib/tevent/tevent_req.c:141 #24 0x00007fc4cbebfb26 in tevent_req_finish (req=0x55a6d66deb90, state=TEVENT_REQ_DONE, location=0x7fc4c6225358 "../../libcli/named_pipe_auth/npa_tstream.c:522") at ../../lib/tevent/tevent_req.c:193 #25 0x00007fc4cbebfc50 in tevent_req_trigger (ev=0x55a6d666fae0, im=0x55a6d66dec80, private_data=0x55a6d66deb90) at ../../lib/tevent/tevent_req.c:250 #26 0x00007fc4cbebe909 in tevent_common_invoke_immediate_handler (im=0x55a6d66dec80, removed=0x0) at ../../lib/tevent/tevent_immediate.c:166 #27 0x00007fc4cbebea0f in tevent_common_loop_immediate (ev=0x55a6d666fae0) at ../../lib/tevent/tevent_immediate.c:203 #28 0x00007fc4cbec8d19 in epoll_event_loop_once (ev=0x55a6d666fae0, location=0x7fc4cca36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent_epoll.c:918 #29 0x00007fc4cbec5731 in std_event_loop_once (ev=0x55a6d666fae0, location=0x7fc4cca36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent_standard.c:110 #30 0x00007fc4cbebd45a in _tevent_loop_once (ev=0x55a6d666fae0, location=0x7fc4cca36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:772 #31 0x00007fc4cbebd76a in tevent_common_loop_wait (ev=0x55a6d666fae0, location=0x7fc4cca36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:895 #32 0x00007fc4cbec57d3 in std_event_loop_wait (ev=0x55a6d666fae0, location=0x7fc4cca36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent_standard.c:141 #33 0x00007fc4cbebd80d in _tevent_loop_wait (ev=0x55a6d666fae0, location=0x7fc4cca36530 "../../source3/smbd/process.c:4240") at ../../lib/tevent/tevent.c:914 #34 0x00007fc4cc88304e in smbd_process (ev_ctx=0x55a6d666fae0, msg_ctx=0x55a6d6662510, dce_ctx=0x55a6d6674520, sock_fd=50, interactive=false) at ../../source3/smbd/process.c:4240 #35 0x000055a6d500fb32 in smbd_accept_connection (ev=0x55a6d666fae0, fde=0x55a6d66a63f0, flags=1, private_data=0x55a6d66ab000) at ../../source3/smbd/server.c:1242 #36 0x00007fc4cbebe180 in tevent_common_invoke_fd_handler (fde=0x55a6d66a63f0, flags=1, removed=0x0) at ../../lib/tevent/tevent_fd.c:138 #37 0x00007fc4cbec876e in epoll_event_loop (epoll_ev=0x55a6d6662350, tvalp=0x7ffc64c690b0) at ../../lib/tevent/tevent_epoll.c:736 #38 0x00007fc4cbec8db3 in epoll_event_loop_once (ev=0x55a6d666fae0, location=0x55a6d5019be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_epoll.c:937 #39 0x00007fc4cbec5731 in std_event_loop_once (ev=0x55a6d666fae0, location=0x55a6d5019be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_standard.c:110 #40 0x00007fc4cbebd45a in _tevent_loop_once (ev=0x55a6d666fae0, location=0x55a6d5019be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:772 #41 0x00007fc4cbebd76a in tevent_common_loop_wait (ev=0x55a6d666fae0, location=0x55a6d5019be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:895 #42 0x00007fc4cbec57d3 in std_event_loop_wait (ev=0x55a6d666fae0, location=0x55a6d5019be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent_standard.c:141 #43 0x00007fc4cbebd80d in _tevent_loop_wait (ev=0x55a6d666fae0, location=0x55a6d5019be8 "../../source3/smbd/server.c:1593") at ../../lib/tevent/tevent.c:914 #44 0x000055a6d501072b in smbd_parent_loop (ev_ctx=0x55a6d666fae0, parent=0x55a6d6673e80) at ../../source3/smbd/server.c:1593 #45 0x000055a6d5012a0c in main (argc=6, argv=0x7ffc64c696c8) at ../../source3/smbd/server.c:2478 (gdb)
patch against master: https://gitlab.com/samba-team/devel/samba/-/commit/2208caa6 ci pipeline is passed: https://gitlab.com/samba-team/devel/samba/-/pipelines/957882412 merge request: https://gitlab.com/samba-team/samba/-/merge_requests/3216
This bug was referenced in samba master: 044cb8f9d558bfcd7658cae0f05ff36330538748
Created attachment 18051 [details] Patch for v4-19-test Patch for v4-19-test cherry-picked from master.
Created attachment 18052 [details] Patch for v4-18-test Patch for v4-18-test cherry-picked from master.
Created attachment 18053 [details] Patch for v4-17-test Patch for v4-17-test cherry-picked from master.
Pushed to autobuild-v4-{19,18,17}-test.
This bug was referenced in samba v4-19-test: 81980676535c0fe4b799cb5492c8c262c853ea33
This bug was referenced in samba v4-17-test: 741cc3484e7b58712b84a1d8675b48ad33f9f409
This bug was referenced in samba v4-18-test: 9e5f1a30a4904d42d838461ff90be1ef917ec696
This bug was referenced in samba v4-18-stable (Release samba-4.18.6): 9e5f1a30a4904d42d838461ff90be1ef917ec696
Closing out bug report. Thanks!
This bug was referenced in samba v4-19-stable (Release samba-4.19.0rc3): 81980676535c0fe4b799cb5492c8c262c853ea33
This bug was referenced in samba v4-17-stable (Release samba-4.17.11): 741cc3484e7b58712b84a1d8675b48ad33f9f409