Created attachment 18303 [details] Contains packet traces & a synthetic client to repro the issue Scenario: 1) Client sends open1 with OpLock lease & requests for Durable Handle 2) Open1 Succeeds & Durable Handle is granted 3) Client sends another open2 for same file with OpLock lease & requests for Durable Handle 4) Open2 Succeeds & Durable Handle is granted **** Disconnect***** 5) Client Reconnects to DH granted to open1 6) Succeeds 7) Client Reconnects to DH granted to open2 8) Fails with FILE_NOT_FOUND I debugged it briefly & saw that when Disconnect happens, the open2 is freed from smbXsrv_open_global. And then when request #7 lands on samba server, we don't find the open handle & fail the request. Tried the same scenario against a windows server & it works fine (Traces attached). P.S: The packets attached is just a representation of the bug using a synthetic client. I'm hitting this bug while using a Microsoft tool to dump the data after 10+ hours over a slow network (GBs of traces, so cant attach that here & attaching only the relevant packets to repro the issue)
This is a known (since a few weeks) deficiency in Samba's DH code that was built on the assumption that the spec would mandata to only ever allow one DH per file. This is apparently wrong. Carefully crafted fixes plus tests are highly welcome!
*** Bug 15526 has been marked as a duplicate of this bug. ***
This bug was referenced in samba master: e65e1326a0214a7dfff75ea1e528e82c8fc64517 9b2417c2f04857709c25e3665cd783a68edf0cf2 1cc1586d84a65046ab7804f17297c6964bb76c23 8884d617310b47375e38c0386433c5e183703454 0893ae88180137d44f17196234f657d362543ff5 77c7741f39a0a9789bede7c4722bd3f35d4af3fd 9e98cd5c7a180521026b0d73a330bdaf2c8af73a 2869bd1a507e7376f0bb0ec68ed4e045b043cfdb b1e5f5d8d2852b66ca4c858d14d367ffe228a88d dd5b9e08c7a98c54b62d3b097c75faa09cd17da7
This bug was referenced in samba v4-20-test: e14520172bdb4544137c8d6186767590d4a3e88f 989d0c486e38b225d4b34aa3472d4b3fd80e4899 6ea02f3765930bd793396d57af3ce9504c280774 ad0fb085464d0932944d23330df90d04a964f330 041f15c8a8e75de293beceffacba93feca1e51f8 02a4ccfb32e829f8ba70eecf4da786e4aa5e9acf 11903eb47623e67e5552e329564ee20df6f4863c 22682be22bd8b793e6635ff1d3ab77d7e4da1827 1e9bd54ef066325002587faa01ca3c13795929bc 24e89430b170e8239e9ef50c4e7b729cec12f3d7
This bug was referenced in samba v4-21-test: 706b26c88b516fe397358305169f980841bf26f1 7d158ba707f56c159676ab0ba92189ae15fff3cc 1d97e7cc2cf5308a1bd4d2b114ee45a7f8fc4645 ceb5bbc7e306727b3c7d1214b7548614f5dd7444 97542f40947b8815851a2cdb82aee73bb521cfef 710dc5dca507114e0c55c377cd5f5653007bc104 da144e3cf5c627f5da72adb8234bb28caef95ecf fb406446b9574198cfa90e69981829fe550814cf bd13b39b6de06e20808425a31a1aace9871c776c 84c6a02adc4e0ee39cd8b02a953592f1a30f3630
This bug was referenced in samba v4-21-stable (Release samba-4.21.1): 706b26c88b516fe397358305169f980841bf26f1 7d158ba707f56c159676ab0ba92189ae15fff3cc 1d97e7cc2cf5308a1bd4d2b114ee45a7f8fc4645 ceb5bbc7e306727b3c7d1214b7548614f5dd7444 97542f40947b8815851a2cdb82aee73bb521cfef 710dc5dca507114e0c55c377cd5f5653007bc104 da144e3cf5c627f5da72adb8234bb28caef95ecf fb406446b9574198cfa90e69981829fe550814cf bd13b39b6de06e20808425a31a1aace9871c776c 84c6a02adc4e0ee39cd8b02a953592f1a30f3630
Closed with the patches from https://bugzilla.samba.org/show_bug.cgi?id=15649
This bug was referenced in samba v4-20-stable (Release samba-4.20.6): e14520172bdb4544137c8d6186767590d4a3e88f 989d0c486e38b225d4b34aa3472d4b3fd80e4899 6ea02f3765930bd793396d57af3ce9504c280774 ad0fb085464d0932944d23330df90d04a964f330 041f15c8a8e75de293beceffacba93feca1e51f8 02a4ccfb32e829f8ba70eecf4da786e4aa5e9acf 11903eb47623e67e5552e329564ee20df6f4863c 22682be22bd8b793e6635ff1d3ab77d7e4da1827 1e9bd54ef066325002587faa01ca3c13795929bc 24e89430b170e8239e9ef50c4e7b729cec12f3d7