fix wrong lock order in posix unlink

[Pavel Shilovsky]

Hi all,

I tried Samba-4.0.0 and found a error in smb_posix_unlink codepath
that leads to the following backtrace (a part of the level 10 log of
smbd):

check lock order 1 for /var/lib/samba/smbXsrv_open_global.tdb
Lock order violation: Trying /var/lib/samba/smbXsrv_open_global.tdb at
1 while /var/lib/samba/locking.tdb at 1 is locked
lock order:  1:/var/lib/samba/locking.tdb 2:<none> 3:<none>
PANIC (pid 2992): invalid lock_order
BACKTRACE: 27 stack frames:
 #0 /usr/lib/libsmbconf.so.0(log_stack_trace+0x29) [0xb716c889]
 #1 /usr/lib/libsmbconf.so.0(smb_panic_s3+0x31) [0xb716c991]
 #2 /usr/lib/libsamba-util.so.0(smb_panic+0x3a) [0xb76a478a]
 #3 /usr/lib/samba/libdbwrap.so(+0x24e1) [0xb6abc4e1]
 #4 /usr/lib/samba/libdbwrap.so(+0x265b) [0xb6abc65b]
 #5 /usr/lib/samba/libsmbd_base.so(smbXsrv_open_close+0x275) [0xb74c48b5]
 #6 /usr/lib/samba/libsmbd_base.so(+0x157d0e) [0xb74c4d0e]
 #7 /usr/lib/libtalloc.so.2(_talloc_free+0x778) [0xb6da2308]
 #8 /usr/lib/samba/libsmbd_base.so(file_free+0xbc) [0xb741034c]
 #9 /usr/lib/samba/libsmbd_base.so(close_file+0xa71) [0xb7472611]
 #10 /usr/lib/samba/libsmbd_base.so(smbd_do_setfilepathinfo+0x17ba) [0xb7459d2a]
 #11 /usr/lib/samba/libsmbd_base.so(+0xf044f) [0xb745d44f]
 #12 /usr/lib/samba/libsmbd_base.so(reply_trans2+0x565) [0xb74601d5]
 #13 /usr/lib/samba/libsmbd_base.so(+0x1211d3) [0xb748e1d3]
 #14 /usr/lib/samba/libsmbd_base.so(+0x122305) [0xb748f305]
 #15 /usr/lib/samba/libsmbd_base.so(+0x122a99) [0xb748fa99]
 #16 /usr/lib/libsmbconf.so.0(run_events_poll+0x11c) [0xb71909cc]
 #17 /usr/lib/libsmbconf.so.0(+0x40d25) [0xb7190d25]
 #18 /usr/lib/libtevent.so.0(_tevent_loop_once+0xa8) [0xb6d94318]
 #19 /usr/lib/samba/libsmbd_base.so(smbd_process+0xea7) [0xb7491157]
 #20 /usr/sbin/smbd() [0x8051b2f]
 #21 /usr/lib/libsmbconf.so.0(run_events_poll+0x358) [0xb7190c08]
 #22 /usr/lib/libsmbconf.so.0(+0x40db8) [0xb7190db8]
 #23 /usr/lib/libtevent.so.0(_tevent_loop_once+0xa8) [0xb6d94318]
 #24 /usr/sbin/smbd(main+0x1846) [0x804d746]
 #25 /lib/libc.so.6(__libc_start_main+0xf5) [0xb6c383d5]
 #26 /usr/sbin/smbd() [0x804dcd5]

The problem appears on cifs mount with forcemand mount option
(slightly hacked to force cifs client use NtCresateAndX command to
open files) in the following test case:
1) open file,
2) unlink file (appears here!),
3) close file.

I attached the patch that fixes the problem for me.

-- 
Best regards,
Pavel Shilovsky.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s3-smbd-fix-wrong-lock-order-in-posix-unlink.patch
Type: application/octet-stream
Size: 1142 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130117/4cf2b908/attachment.obj>