Bug 4326 - smbd crashing on FAM connection reset
Summary: smbd crashing on FAM connection reset
Status: RESOLVED FIXED
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.23d
Hardware: Other Linux
: P3 normal
Target Milestone: none
Assignee: James Peach
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-01-08 13:37 UTC by Björn Jacke
Modified: 2007-01-23 08:45 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Björn Jacke 2007-01-08 13:37:15 UTC 
to reproduce it just disable kernel change notifications and use fam support instead. Then let one explorer watch a directory. Then restart the fam server so that samba loses the connections.

[2007/01/08 20:24:17, 0] smbd/notify_fam.c:fam_pump_events(256)
  failed to fetch pending FAM event
  resetting FAM connection
[2007/01/08 20:24:17, 0] smbd/notify_fam.c:fam_pump_events(256)
  failed to fetch pending FAM event
  resetting FAM connection
[2007/01/08 20:24:17, 0] lib/fault.c:fault_report(41)
  ===============================================================
[2007/01/08 20:24:17, 0] lib/fault.c:fault_report(42)
  INTERNAL ERROR: Signal 11 in pid 20296 (3.0.23d-SerNet-SuSE)
  Please read the Trouble-Shooting section of the Samba3-HOWTO
[2007/01/08 20:24:17, 0] lib/fault.c:fault_report(44)

  From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
[2007/01/08 20:24:17, 0] lib/fault.c:fault_report(45)
  ===============================================================
[2007/01/08 20:24:17, 0] lib/util.c:smb_panic(1599)
  PANIC (pid 20296): internal error
[2007/01/08 20:24:17, 0] lib/util.c:log_stack_trace(1706)
  BACKTRACE: 18 stack frames:
   #0 /usr/sbin/smbd(log_stack_trace+0x2d) [0x80200976]
   #1 /usr/sbin/smbd(smb_panic+0x78) [0x80200aa4]
   #2 /usr/sbin/smbd [0x801edb1b]
   #3 [0xb7f8e420]
   #4 /usr/lib/libfam.so.0(FAMClose+0x29) [0xb7bde939]
   #5 /usr/sbin/smbd [0x802372a0]
   #6 /usr/sbin/smbd [0x802375de]
   #7 /usr/sbin/smbd [0x80235f06]
   #8 /usr/sbin/smbd(remove_pending_change_notify_requests_by_fid+0x40) [0x8023634b]
   #9 /usr/sbin/smbd(close_file+0x26a) [0x8009d49d]
   #10 /usr/sbin/smbd(file_close_conn+0x38) [0x8004f7d9]
   #11 /usr/sbin/smbd(close_cnum+0x2e7) [0x800b1887]
   #12 /usr/sbin/smbd(conn_close_all+0x4b) [0x8005a4fd]
   #13 /usr/sbin/smbd [0x8029ff8a]
   #14 /usr/sbin/smbd [0x802a01f4]
   #15 /usr/sbin/smbd(main+0xb5a) [0x802a1da7]
   #16 /lib/libc.so.6(__libc_start_main+0xdc) [0xb7ac0f9c]
   #17 /usr/sbin/smbd [0x800429e1]
[2007/01/08 20:24:18, 0] lib/util.c:smb_panic(1607)
  smb_panic(): calling panic action [/usr/share/samba/panic-action 20296]
...

0xb7b36fee in __waitpid_nocancel () from /lib/libc.so.6
#0  0xb7b36fee in __waitpid_nocancel () from /lib/libc.so.6
#1  0xb7ae0dbb in do_system () from /lib/libc.so.6
#2  0xb7c9cffd in system () from /lib/libpthread.so.0
#3  0x80200b14 in smb_panic () from /usr/sbin/smbd
#4  0x801edb1b in sig_fault () from /usr/sbin/smbd
#5  <signal handler called>
#6  0x00000011 in ?? ()
#7  0xb7bdb067 in Client::~Client () from /usr/lib/libfam.so.0
#8  0xb7bde939 in FAMClose () from /usr/lib/libfam.so.0
#9  0x802372a0 in fam_pump_events () from /usr/sbin/smbd
#10 0x802375de in fam_remove_notify () from /usr/sbin/smbd
#11 0x80235f06 in change_notify_remove () from /usr/sbin/smbd
#12 0x8023634b in remove_pending_change_notify_requests_by_fid ()
   from /usr/sbin/smbd
#13 0x8009d49d in close_file () from /usr/sbin/smbd
#14 0x8004f7d9 in file_close_conn () from /usr/sbin/smbd
#15 0x800b1887 in close_cnum () from /usr/sbin/smbd
#16 0x8005a4fd in conn_close_all () from /usr/sbin/smbd
#17 0x8029ff8a in exit_server_common () from /usr/sbin/smbd
#18 0x802a01f4 in exit_server_cleanly () from /usr/sbin/smbd
#19 0x802a1da7 in main () from /usr/sbin/smbd

This happens no matter if FAM or gamin is used instead.
Comment 1 James Peach 2007-01-08 19:09:46 UTC 
Do you see "resetting FAM connection" in the log? How many times?
Comment 2 Björn Jacke 2007-01-09 03:22:55 UTC 
I see it twice, it's also to see in comment #0 :-)
Comment 3 James Peach 2007-01-09 10:27:43 UTC 
(In reply to comment #2)
> I see it twice, it's also to see in comment #0 :-)

err .. yes, I see :)

So what is happening here is that we call FAMClose twice on the same object. I need to
figure out a way of knowing whether the FAM connection is open before closing it.
Comment 4 Volker Lendecke 2007-01-12 02:50:12 UTC 
Björn, can you try the patch from r20699? For me it fixes the segfault. Please re-open if you still see the crash.

Thanks,

Volker
Comment 5 Björn Jacke 2007-01-12 10:43:20 UTC 
it fixes the crash but after "resetting FAM connection" it should register the file/directory monitors again, shouldn't it? With that patch explorer needs a refresh to tell smbd again that it wants notifications.
Comment 6 Volker Lendecke 2007-01-12 10:59:41 UTC 
Sure, but that's a different bug. Be sure, I'm working on that *RIGHT NOW*. If you feel like it, enter a new bug report with prio "enhancement".

Volker
Comment 7 James Peach 2007-01-12 11:04:09 UTC 
(In reply to comment #4)
> Björn, can you try the patch from r20699? For me it fixes the segfault. Please
> re-open if you still see the crash. 

This patch looks OK to me.
Comment 8 James Peach 2007-01-12 11:06:54 UTC 
(In reply to comment #5)
> it fixes the crash but after "resetting FAM connection" it should register the
> file/directory monitors again, shouldn't it? With that patch explorer needs a
> refresh to tell smbd again that it wants notifications. 

Yes, this would be good, but you can't do it locally, you need support from the
higher notificcation layer. I guess that this is what Volker is referring to.
Comment 9 Volker Lendecke 2007-01-20 11:28:32 UTC 
Björn, under http://people.samba.org/bzr/vl/notify you find a snapshot of my local bzr tree that restores the FAM Monitors in case the famd is restarted.

Feel free to test it :-)

Volker
Comment 10 Karolin Seeger 2007-01-23 08:45:23 UTC 
Test