On premature end of a smb2 connection, smbd crashes when trying to clean up: #7 0x00007f1a98d8c4ae in get_share_mode_lock (mem_ctx=<value optimized out>, id=..., servicepath=0x0, smb_fname=0x0, old_write_time=0x0) at locking/locking.c:978 #8 0x00007f1a98b381d7 in close_remove_share_mode (req=0x0, fsp=0x7f1a9b44de40, close_type=SHUTDOWN_CLOSE) at smbd/close.c:298 #9 close_normal_file (req=0x0, fsp=0x7f1a9b44de40, close_type=SHUTDOWN_CLOSE) at smbd/close.c:658 #10 0x00007f1a98b390f5 in close_file (req=0x0, fsp=0x7f1a9b44de40, close_type=SHUTDOWN_CLOSE) at smbd/close.c:1105 #11 0x00007f1a98add2fc in file_close_conn (conn=0x7f1a9b46c7d0) at smbd/files.c:156 #12 0x00007f1a98b51e7c in close_cnum (conn=0x7f1a9b46c7d0, vuid=35017) at smbd/service.c:1286 #13 0x00007f1a98b693fa in smbd_smb2_tcon_destructor (tcon=0x7f1a9b4571f0) at smbd/smb2_tcon.c:137 #14 0x00007f1a9678ffe5 in _talloc_free_internal (ptr=0x7f1a9b4571f0, location=0x7f1a9909d809 "smbd/smb2_sesssetup.c:138") at ../lib/talloc/talloc.c:826 #15 0x00007f1a98b66c6c in smbd_smb2_session_destructor (session=0x7f1a9b44bf50) at smbd/smb2_sesssetup.c:138 #16 0x00007f1a9678ffe5 in _talloc_free_internal (ptr=0x7f1a9b44bf50, location=0x7f1a99279f0e "smbd/server_exit.c:163") at ../lib/talloc/talloc.c:826 #17 0x00007f1a9678fd93 in _talloc_free_children_internal (ptr=0x7f1a9b440580, location=0x7f1a99279f0e "smbd/server_exit.c:163") at ../lib/talloc/talloc.c:1268 #18 _talloc_free_internal (ptr=0x7f1a9b440580, location=0x7f1a99279f0e "smbd/server_exit.c:163") at ../lib/talloc/talloc.c:845 #19 0x00007f1a9906d7c7 in exit_server_common (how=SERVER_EXIT_NORMAL, reason=0x7f1a990b5ed0 "NT_STATUS_INVALID_PARAMETER") at smbd/server_exit.c:163 #20 0x00007f1a9906da7e in exit_server_cleanly (explanation=0x7f1a9b47d010 "") at smbd/server_exit.c:205 #21 0x00007f1a98b651db in smbd_server_connection_terminate_ex (sconn=<value optimized out>, reason=0x7f1a990b5ed0 "NT_STATUS_INVALID_PARAMETER", location=0x7f1a9909c821 "smbd/smb2_server.c:2186") at smbd/smb2_server.c:583 #22 0x00007f1a98b5141e in process_smb (sconn=0x7f1a9b440580, inbuf=0x7f1a9b47ce30 "", nread=101, unread_bytes=0, seqnum=<value optimized out>, encrypted=false, deferred_pcd=0x0) at smbd/process.c:1675 lock_db is already null when the destructor tries to clean up the locks Patch coming through autobuild
Created attachment 6665 [details] Patch for 3.6
Comment on attachment 6665 [details] Patch for 3.6 Looks good
Do you have a backtrace of the problem?
(In reply to comment #3) > Do you have a backtrace of the problem? Ups, sorry I just need to read the bug report...
Karolin, please pick this one.
Pushed to v3-6-test. Closing out bug report. Thanks!