In file samba-3.5.16/source3/lib/util_unistr.c unmap_file(valid_table, 0x10000); is called everytime even though mapping for valid table is not done every time. In function void init_valid_table(void) mapping for valid_table is done once and returned thereafter. But in function void gfree_case_tables(void) munmap is called everytime.
Created attachment 8272 [details] TreeView operations of Samba Thirdparty samba is calling mmap three times at first tree view. Ref: panel.txt line 8459, line 8461 and line 8465. All created mmap are cleared by calling munmap for first time. Ref: panel.txt line 8609, line 8612 and line 8615. After that for next tree views, only two mmap are getting called. Ref: panel.txt line 23834 and line 23836. But three mmap are getting cleared by calling munmap. Ref: panel.txt line 23982, line 23985 and line 23988. If third memory location is already assigned to some other process, then samba is unmapping the memory.If process whcih has mapped the memory location access the memory then crash is observed.
Thirdparty samba is calling mmap three times at first tree view. Ref: panel.txt line 8459, line 8461 and line 8465. All created mmap are cleared by calling munmap for first time. Ref: panel.txt line 8609, line 8612 and line 8615. After that for next tree views, only two mmap are getting called. Ref: panel.txt line 23834 and line 23836. But three mmap are getting cleared by calling munmap. Ref: panel.txt line 23982, line 23985 and line 23988. If third memory location is already assigned to some other process, then samba is unmapping the memory.If process whcih has mapped the memory location access the memory then crash is observed.
Created attachment 8306 [details] Patch for 3.5.x Can you test this patch and see if it fixes the issue for you ? This has already been fixed in 3.6.x and above. Jeremy.
(In reply to comment #3) > Created attachment 8306 [details] > Patch for 3.5.x > > Can you test this patch and see if it fixes the issue for you ? > > This has already been fixed in 3.6.x and above. > > Jeremy. This fix is working fine. Thanks for your quick response.
Created attachment 8333 [details] git-am fix for 3.5.x Not sure if we're still doing 3.5.x updates, but just in case we are :-). Jeremy.
Comment on attachment 8333 [details] git-am fix for 3.5.x if ( upcase_table_use_unmap ) { unmap_file(upcase_table, 0x20000); upcase_table = NULL; } else { SAFE_FREE(upcase_table); } would more what I would have done, but this will certainly also fix it.
Samba 3.5.20 will be the last 3.5 bugfix release and is scheduled for Monday. Pushed patch to v3-5-test. Assuming it's 3.5 only.
Yes it is 3.5.x only.