on FreeBSD 5.4-R, samba 3.0.21a segfaults while deleting file if it (samba) had to create new directory inside of .recycle directory. And it does not delete the file. log.isc-sql: [2006/01/13 20:22:47, 3] smbd/sec_ctx.c:pop_sec_ctx(386) pop_sec_ctx (1003, 1003) - sec_ctx_stack_ndx = 0 [2006/01/13 20:22:47, 5] smbd/close.c:close_normal_file(233) close_file: file askopd/TABLES.KIEV/NK10307.453. Delete on close was set - deleting file . [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_repository(74) recycle: repository = .recycle [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_maxsize(162) recycle: maxsize = 2097152 [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_unlink(435) recycle: fname = askopd/TABLES.KIEV/NK10307.453 [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_unlink(436) recycle: fpath = askopd/TABLES.KIEV [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_unlink(437) recycle: base = NK10307.453 [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_exclude(129) recycle: exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.lst|*.log ... [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_exclude_dir(140) recycle: exclude_dir = /tmp|/temp|/cache ... [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_keep_dir_tree(85) recycle_bin: keeptree = True [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_unlink(466) recycle: Creating directory .recycle/askopd/TABLES.KIEV [2006/01/13 20:22:47, 10] modules/vfs_recycle.c:recycle_directory_mode(180) recycle: directory_mode = 777 [2006/01/13 20:22:47, 0] lib/fault.c:fault_report(36) =============================================================== [2006/01/13 20:22:47, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 11 in pid 87479 (3.0.21a) Please read the Trouble-Shooting section of the Samba3-HOWTO [2006/01/13 20:22:47, 0] lib/fault.c:fault_report(39) From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf [2006/01/13 20:22:47, 0] lib/fault.c:fault_report(40) =============================================================== [2006/01/13 20:22:47, 0] lib/util.c:smb_panic2(1544) smb_panic(): calling panic action [/bin/sleep 90000] gdb: Attaching to program: /usr/ports/net/samba3/work/samba-3.0.21a/source/bin/smbd, process 87479 (gdb) where #0 0x284a467b in wait4 () from /lib/libc.so.5 #1 0x28476c38 in system () from /lib/libc.so.5 #2 0x081ecd81 in smb_panic2 (why=0x82bb6ef "internal error", decrement_pid_count=1) at lib/util.c:1545 #3 0x081ecce9 in smb_panic (why=0x82bb6ef "internal error") at lib/util.c:1506 #4 0x081d8aff in fault_report (sig=11) at lib/fault.c:42 #5 0x081d8b5a in sig_fault (sig=11) at lib/fault.c:65 #6 0xbfbfff94 in ?? () #7 0x0000000b in ?? () #8 0x0000000c in ?? () #9 0xbfbfdd70 in ?? () #10 0x42424242 in ?? () #11 0x081d8b4c in fault_report () at lib/fault.c:57 #12 0x286d635e in recycle_unlink () from /usr/local/lib/samba/vfs/recycle.so #13 0x080c693b in close_normal_file (fsp=0x832c500, normal_close=1) at smbd/close.c:234 #14 0x080c6e1a in close_file (fsp=0x7, normal_close=0) at smbd/close.c:387 #15 0x080a9045 in reply_close (conn=0x8331030, inbuf=0x8336000 "", outbuf=0x8357000 "", size=45, dum_buffsize=131072) at smbd/reply.c:3286 #16 0x080d7eee in switch_message (type=4, inbuf=0x8336000 "", outbuf=0x8357000 "", size=45, bufsize=131072) at smbd/process.c:1071 #17 0x080d7f8d in construct_reply (inbuf=0x8336000 "", outbuf=0x8357000 "", size=45, bufsize=131072) at smbd/process.c:1101 #18 0x080d831f in process_smb (inbuf=0x8336000 "", outbuf=0x8357000 "") at smbd/process.c:1201 #19 0x080d91ae in smbd_process () at smbd/process.c:1753 #20 0x08267a7a in main (argc=4, argv=0xbfbfe828) at smbd/server.c:974 Permitions on recycle folder seems to be correct: # ls -la .recycle/ drwxr-xr-x 2 quoted quoted 512 Jan 13 19:06 . on FreeBSD 6.0-R it deleted file, but it did not move file to .recycle folder in log: [2006/01/13 19:53:50, 1] smbd/service.c:make_connection_snum(666) isc-sql (10.6.105.39) connect to service incoming initially as user PRIDN\o.palij (uid=0 , gid=10000) (pid 17769) smbd in free(): error: junk pointer, too high to make sense smbd in malloc(): error: recursive call Both systems works fine without recycle:directory_mode in config. Here is a config: [works_lasts] comment = Operative work path = /usr/works_lasts force user = quoted force group = quoted valid users = @iscvoper write list = @iscvoper force create mode = 0777 force directory mode = 0777 public = yes vfs object = vscan-clamav recycle recycle:noversions = *.doc|*.xls|*.ppt recycle:exclude_dir = /tmp|/temp|/cache recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.lst|*.log recycle:maxsize = 2097152 recycle:directory_mode = 777 recycle:touch = yes recycle:versions = yes recycle:keeptree = yes vfs options : config-file = /usr/local/etc/samba-vscan/vscan-clamav.conf I do not know if it is important, but on Debian Sarge (2.4.31) and smbd Version 3.0.20a, it works OK with recycle:directory_mode. What additional information can I provide? Thanks!
I cannot reproduce the bug on my test system with the latest SVN code. Are you able to reproduce it? Can you test with latest SVN code and see if it works? Thanks, Simo.
I updated samba on the other server (FreeBSD 5.4-R too) from 2.2.12 to 3.0.21a. As I expect the problem appears. Then I updated (# svn co svn://svnanon.samba.org/samba/trunk samba-trunk) samba on this server to #smbd -V Version 3.1.2pre1-SVN-build-UNKNOWN the problem has gone. So, I certify that the problem present in 3.0.21a (at least on FreeBSD5), and does not present in trunk. Is where any chances that bugfix will be MFC'ed to next SAMBA_3_0_RELEASE?
The release branch is based on SAMBA_3_0, trunk is reserved for advanced development, not yet ready for prime time. I see no difference between the trunk and SAMBA_3_0 vfs_recycle module implementation so I assume it is ok and thus I'm closing the bug. Can you test with the SAMBA_3_0 branch instead of trunk, and reopen the bug if the problem persists with the SAMBA_3_0 branch? Thanks, Simo.
I downgraded samba on 5.4-r server to SAMBA_3_0(svn co svn://svnanon.samba.org/samba/branches/SAMBA_3_0 samba_3_0). # smbd -V Version 3.0.22pre1-SVN-build-UNKNOWN And the problem persists with it. Backtrace seems to be the same. # gdb /usr/ports/net/samba30/work/samba-30/source/bin/smbd GNU gdb 6.1.1 [FreeBSD] (gdb) attach 64980 Attaching to program: /usr/ports/net/samba30/work/samba-30/source/bin/smbd, process 64980 (gdb) where #0 0x284a767b in wait4 () from /lib/libc.so.5 #1 0x28479c38 in system () from /lib/libc.so.5 #2 0x081ef3e9 in smb_panic2 (why=0x82be36b "internal error", decrement_pid_count=1) at lib/util.c:1545 #3 0x081ef351 in smb_panic (why=0x82be36b "internal error") at lib/util.c:1506 #4 0x081db147 in fault_report (sig=11) at lib/fault.c:42 #5 0x081db1a2 in sig_fault (sig=11) at lib/fault.c:65 #6 0xbfbfff94 in ?? () #7 0x0000000b in ?? () #8 0x0000000c in ?? () #9 0xbfbfe0e0 in ?? () #10 0x42424242 in ?? () #11 0x081db194 in fault_report () at lib/fault.c:57 #12 0x286d93ea in recycle_unlink (handle=0x8379430, conn=0x832f030, file_name=0x8332220 "_antivir/avast/R_212.doc") at modules/vfs_recycle.c:467 #13 0x080c7082 in close_normal_file (fsp=0x832a500, normal_close=1) at smbd/close.c:259 #14 0x080c7576 in close_file (fsp=0x7, normal_close=0) at smbd/close.c:414 #15 0x080a9245 in reply_close (conn=0x832f030, inbuf=0x8337000 "", outbuf=0x8358000 "", size=45, dum_buffsize=131072) at smbd/reply.c:3298 #16 0x080d861a in switch_message (type=4, inbuf=0x8337000 "", outbuf=0x8358000 "", size=45, bufsize=131072) at smbd/process.c:1071 #17 0x080d86b9 in construct_reply (inbuf=0x8337000 "", outbuf=0x8358000 "", size=45, bufsize=131072) at smbd/process.c:1101 #18 0x080d8a4b in process_smb (inbuf=0x8337000 "", outbuf=0x8358000 "") at smbd/process.c:1201 #19 0x080d98da in smbd_process () at smbd/process.c:1753 #20 0x0826a012 in main (argc=4, argv=0xbfbfec04) at smbd/server.c:977
Fixed in revision 13222. Many tahnks to Oleg Palij that helped me debugging it.