[Pkg-samba-maint] DO NOT REPLY [Bug 6651] smbd SIGSEGV when breaking oplocks

samba-bugs at samba.org samba-bugs at samba.org
Thu Sep 3 15:02:00 UTC 2009 

https://bugzilla.samba.org/show_bug.cgi?id=6651





------- Comment #29 from jra at samba.org  2009-09-03 10:01 CST -------
Here are the commit comments for the (final?) two parts of the patch:

    Another part of the fix for bug 6651 - smbd SIGSEGV when breaking oplocks.
    SA_INFO_QUEUE_COUNT *MUST* be a power of 2, in order for the ring buffer
    wrap to work correctly at the 32 bit boundary. Thanks to Petr
    Vandrovec <petr at vandrovec.name> for this.

    Hopefully last part of the fix for bug 6651 - smbd SIGSEGV when breaking
oplocks.
    This one is subtle. There is a race condition where a signal can be
    queued for oplock break, and then the file can be closed by the client
    before the signal can be processed. Currently if this occurs we panic
    (we can't match an incoming signal fd with a fsp pointer). Simply log
    the error (at debug level 10 right now, might be too much) and then
    return without processing the break request. It looks like there is
    another race condition with this fix, but here's why it won't happen.
    If the signal was pending (caused by a kernel oplock break from a
    local file open), and the client closed the file and then re-opened
    another file which happened to use the same file descriptor as the
    file just closed, then theoretically the oplock break requests could
    be processed on the wrong fd. Here's why this should be very rare..
    Processing a pending signal always take precedence over an incoming
    network request, so as long as the client close request is non-chained
    then the break signal should always be harmlessly processed *before*
    the open can be called. If the open is chained onto the close, and
    the fd on the new open is the same as the old closed fd, then it's
    possible this race will occur. However, all that will happen is that
    we'll lose the oplock on this file. A shame, but not a fatal event.

I'll port these to 3.4.1 once I've finished my commitments at the conf. Please
review in the meantime. Thanks !

Jeremy.


-- 
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.

More information about the Pkg-samba-maint mailing list