Samba 2.0.2 (and 2.0.0) truncates/fills with NULL bytes copied files on Solaris Sparc

Nicolas Pioch pioch at netscape.com
Sun Feb 7 17:15:05 GMT 1999 

> Date: Thu, 4 Feb 1999 09:45:12 +0100
> From: McNally Dermot-R3564C <r3564c at europe.mot.com>
> Subject: File Corruption (null chars)
>
> I saw this topic come up a few times in the archives, but saw no solutions (none, at
> least, applicable to my situation).
>
> Samba 2.0.0 running on FreeBSD 2.2.8 STABLE. Saw problem from two NT 4 Workstation
> machines with Service pack 4, did _not_ see problem from another identically
> configured machine. The test case is as follows:
>
> A particular file (size 1300 bytes) is stored on a remote drive (to the test
> workstation) which belongs to a real NT 4 Server (either SP3 or SP4). Copying the
> file straight to a Samba share results in a file of the correct size, but filled with
> NULLs. Copying the file to the desktop of the workstation (on local NTFS partition)
> and from there to the samba drive leads to the same corruption (although the file was
> intact while on the desktop). Copying the intact file onto a floppy disk on the local
> system, then dragging it from floppy to Samba leads to an intact file.
> ...
> As a followup to my own post, the following information is also relevant - On
> performing a copy that results in a file full of NULLs, the NT system records the
> following in its event log:
> A write-behind operation has failed to the remote server %2.  The data contains the
> amount requested to write and the amount actually written.

I experience the exact same problems since I've upgraded to samba 2.0.
Most of my files now get corrupted, filled with NULL bytes, as you described.
I've been using samba 1.x for ~2 years and this never happened before.

Symptoms are very similar to what you describe, except that I'm experiencing them on
Solaris Sparc 2.5.1 and 2.6 (Ultra 1 or 150 machines), copying files from any size (1
KB, 200 KB, more...)

Here's my setup:

[A] --------WAN-------- [B] ---LAN--- [C]

The samba server (version 2.0.0 or 2.0.2 have the same problem) is running on Machine
C, running Solaris 2.6.
I've reproduced the problem on another machine running Solaris 2.5.1 to ensure this
wasn't due to 64bit "large file support".

I've tried downloading the samba 1.9x source code to downgrade and try to reproduce the
problem but I can't locate it anywhere on the official distribution servers. However, I
still have an Irix SGI running samba 1.9.15p8 on the LAN which doesn't reproduce the
problem.

I'm using machine B (WinNT 4, Service Pack 4) to copy a file across the WAN, from
machine A (remote WinNT 4) to machine C (Samba 2.0.x).

Machine A is accessed across the WAN, 9000 km away.
I've reproduced it from different machines "A", with either compressed NTFS drives or
uncompressed.
I've also reproduced the problem with different machines "B" running WinNT do perform
the copy.

In each case, machine B logs something weird in the Event Log: Either an invalid SMB
response received from C, or:

     Source: Rdr
     Type: Warning
     EventID: 3025

     A write-behind operation has failed to the remote server %2.  The data
     contains the amount requested to write and the amount actually written.

     0000: 00 00 00 00 01 00 54 00   ......T.
     0008: 00 00 00 00 d1 0b 00 80   ....Ñ..?
     0010: 00 00 00 00 00 00 00 00   ........
     0018: 00 00 00 00 00 00 00 00   ........
     0020: 00 00 00 00 00 00 00 00   ........

To provide a test case, I've simplified as much as I could the scenario, and I can now
reproduce the problem with a 1231 bytes text file, "i.txt".

I've ran smbd with debug level 10 (-d 10), and I have a 178 KB log file, in case
anybody's interested.
There aren't many errors recorded in it ... I could only spot the following instances:

     During SMBD's startup:

     [1999/02/07 18:17:27, 8] smbd/trans2.c:get_lanman2_dir_entry(359)
       get_lanman2_dir_entry:readdir on dirptr 0xfa638 now at offset 2
     [1999/02/07 18:17:27, 4] smbd/dir.c:dptr_close_internal(227)
       closing dptr key 256
     [1999/02/07 18:17:27, 3] smbd/error.c:error_packet(138)
       error packet at line 801 cmd=50 (SMBtrans2) eclass=1 ecode=2
     ...
     [1999/02/07 18:17:32, 4] smbd/dir.c:dptr_close_internal(227)
       closing dptr key 256
     [1999/02/07 18:17:32, 3] smbd/error.c:error_packet(138)
       error packet at line 801 cmd=50 (SMBtrans2) eclass=1 ecode=2
     ...
     [1999/02/07 18:17:34, 10] smbd/nttrans.c:map_create_disposition(353)
       map_create_disposition: Mapped create_disposition 5 to 12
     [1999/02/07 18:17:34, 3] smbd/error.c:error_packet(138)
       error packet at line 592 cmd=162 (SMBntcreateX) eclass=1 ecode=6

     20 seconds later, trying to make a copy of "i.txt" on the Samba server:

     [1999/02/07 18:18:01, 3] smbd/process.c:switch_message(402)
       switch message SMBntcancel (pid 21128)
     [1999/02/07 18:18:01, 3] lib/doscalls.c:dos_ChDir(327)
       dos_ChDir to /var/adm/samba
     [1999/02/07 18:18:01, 5] smbd/uid.c:unbecome_user(295)
       unbecome_user now uid=(0,0) gid=(0,0)
     [1999/02/07 18:18:01, 3] smbd/error.c:error_packet(127)
       32 bit error packet at line 1250 cmd=160 (SMBnttrans) eclass=00000120
     [Error:
     Unknown error (32,0)]
     [1999/02/07 18:18:01, 6] lib/util_sock.c:write_socket(185)
       write_socket(7,75)
     [1999/02/07 18:18:01, 6] lib/util_sock.c:write_socket(188)
       write_socket(7,75) wrote 75
     [1999/02/07 18:18:01, 3] smbd/nttrans.c:reply_ntcancel(1144)
       reply_ntcancel: cancel called on mid = 256.
     [1999/02/07 18:18:01, 10]
     lib/util_sock.c:read_smb_length_return_keepalive(449)
       got smb length of 35
     ...
     [1999/02/07 18:18:01, 3] smbd/process.c:switch_message(402)
       switch message SMBntcancel (pid 21128)
     [1999/02/07 18:18:01, 3] smbd/error.c:error_packet(127)
       32 bit error packet at line 1250 cmd=160 (SMBnttrans) eclass=00000120
     [Error:
     Unknown error (32,0)]
     [1999/02/07 18:18:01, 6] lib/util_sock.c:write_socket(185)
       write_socket(7,75)
     [1999/02/07 18:18:01, 6] lib/util_sock.c:write_socket(188)
       write_socket(7,75) wrote 75
     [1999/02/07 18:18:01, 3] smbd/nttrans.c:reply_ntcancel(1144)
       reply_ntcancel: cancel called on mid = 321.
     [1999/02/07 18:18:01, 10]
     lib/util_sock.c:read_smb_length_return_keepalive(449)
       got smb length of 42

The result on the Samba server is that the text file "i.txt" has the correct size, but
"od" shows it's filled with NULL bytes.

This is really dramatic since it indicates Samba 2.0x cannot be trusted for file
integrity.

PS: BTW, Samba 2.0.2 announces itself on the network as "2.0.1" when using %v in the
"Comment" field.

PPS: My smb.conf is available in case anybody's interested (and I reproduce the problem
on multiple samba servers with different settings in smb.conf, but there are almost no
settings except one single share with all defaults)

Any insight welcome... or pointers to the location of the latest Samba 1.9x source code
:-(
-- N.

More information about the samba mailing list