I just had the unpleasant experience of crashing a production server _twice_ when trying to access a file share. The server is 64-bit Windows 2003 on an itanium3. My box is RedHat Linux 8.0 with Samba 3.0.0-2. Here's some messages from syslog: Mar 19 09:13:58 hedron automount[1037]: attempting to mount entry /dborg/POS Mar 19 09:13:58 hedron mount.smbfs[23153]: [2004/03/19 09:13:58, 0] client/smbmount.c:send_fs_socket(405) Mar 19 09:13:59 hedron mount.smbfs[23153]: mount.smbfs: entering daemon mode for service \\dborg\POS, pid=23153 Mar 19 09:14:29 hedron kernel: SMB server not responding Mar 19 09:14:29 hedron kernel: smb_get_length: recv error = 5 Mar 19 09:14:29 hedron kernel: smb_trans2_request: result=-5, setting invalid Mar 19 09:15:29 hedron kernel: smb_lookup: find //Store_257 failed, error=-5 Mar 19 09:16:29 hedron kernel: smb_lookup: find //Store_257 failed, error=-5 Mar 19 09:16:39 hedron kernel: smb_retry: caught signal Mar 19 09:16:39 hedron kernel: smb_lookup: find //Store_261 failed, error=-5 Normally, I automount my windows shares. This has been working actually, for about 3 months, without a problem. Call it a testament to the reliability of 64-bit Win2003 that trying to do a file listing with Samba blue-screens the server. The first time I thought it must just be a coincidence, but after a reboot, it did it again! They have to constantly patch the window's boxes here for security problems of course; this could be an early warning that M$ has changed something to be incompatible with Samba. Kyle
On Fri, 19 Mar 2004, Kyle Davenport wrote:> I just had the unpleasant experience of crashing a production server > _twice_ when trying to access a file share. > The server is 64-bit Windows 2003 on an itanium3. My box is RedHat Linux > 8.0 with Samba 3.0.0-2. Here's some messages from syslog:(...)> Call it a testament to the reliability of 64-bit Win2003 that trying to do > a file listing with Samba blue-screens the server. The first time I > thought it must just be a coincidence, but after a reboot, it did it again! > They have to constantly patch the window's boxes here for security problems > of course; this could be an early warning that M$ has changed something to > be incompatible with Samba.Even it had been, the result should have been just an error in your and/or their log , not a crash on the system . If it is the case it would be a severe security bug on M$ part, since at leas anyone could do am easy DoS this way ... Can someone try to repeat it ? (sorry, no win2003 here ...)
On Fri, Mar 19, 2004 at 11:14:34AM -0600, Kyle Davenport wrote:> I just had the unpleasant experience of crashing a production server > _twice_ when trying to access a file share. > > The server is 64-bit Windows 2003 on an itanium3. My box is RedHat Linux > 8.0 with Samba 3.0.0-2. Here's some messages from syslog: > > Mar 19 09:13:58 hedron automount[1037]: attempting to mount entry > /dborg/POS > Mar 19 09:13:58 hedron mount.smbfs[23153]: [2004/03/19 09:13:58, 0] > client/smbmount.c:send_fs_socket(405) > Mar 19 09:13:59 hedron mount.smbfs[23153]: mount.smbfs: entering daemon > mode for service \\dborg\POS, pid=23153 > Mar 19 09:14:29 hedron kernel: SMB server not responding > Mar 19 09:14:29 hedron kernel: smb_get_length: recv error = 5 > Mar 19 09:14:29 hedron kernel: smb_trans2_request: result=-5, setting > invalid > Mar 19 09:15:29 hedron kernel: smb_lookup: find //Store_257 failed, > error=-5 > Mar 19 09:16:29 hedron kernel: smb_lookup: find //Store_257 failed, > error=-5 > Mar 19 09:16:39 hedron kernel: smb_retry: caught signal > Mar 19 09:16:39 hedron kernel: smb_lookup: find //Store_261 failed, > error=-5 > > Normally, I automount my windows shares. This has been working actually, > for about 3 months, without a problem. > > Call it a testament to the reliability of 64-bit Win2003 that trying to do > a file listing with Samba blue-screens the server. The first time I > thought it must just be a coincidence, but after a reboot, it did it again! > They have to constantly patch the window's boxes here for security problems > of course; this could be an early warning that M$ has changed something to > be incompatible with Samba.Can you please get an ethereal capture trace of this problem and send it to security@samba.org. We need to be able to produce a binary using the smbclient code that can reproduce this so we can send it to Microsoft and get them to fix it. Thanks, Jeremy.
I've finally narrowed down the conditions for this ; it is very
reproducible. It is only 64-bit Windows 2003 (not 32-bit) and the
problem started when I upgraded from linux kernel 2.4.22 to 2.4.25. I
verified there is no problem when I go back to 2.4.22. The pcap files I am
sending to security@samba.org are the same operation done on the share
using 2.4.22 or 2.4.25. You can see there is no response from DWDEV64 in
the 2.4.25 capture - because it is DEAD!
Steps to reproduce:
1. smbmount share
2. cd to mounted share
3. ls in top directory works
4. ls some sub-directory hangs the box
Curiously I also noticed that from a 32-bit win2k box, if I map the 64-bit
Win2003 drive, and I go there in a DOS shell, it will not let me cd to a
sub-directory. It returns the error message "Invalid Directory"
Kyle
Jeremy Allison
<jra@samba.org> To: Kyle Davenport
<Kyle_Davenport@compusa.com>
cc: samba@lists.samba.org
03/19/04 12:21 PM Subject: Re: [Samba] 64-bit
Windows advanced server 2003 hangs
Please respond to
Jeremy Allison
On Fri, Mar 19, 2004 at 11:14:34AM -0600, Kyle Davenport
wrote:> I just had the unpleasant experience of crashing a production server
> _twice_ when trying to access a file share.
>
> The server is 64-bit Windows 2003 on an itanium3. My box is RedHat Linux
> 8.0 with Samba 3.0.0-2. Here's some messages from syslog:
>
> Mar 19 09:13:58 hedron automount[1037]: attempting to mount entry
> /dborg/POS
> Mar 19 09:13:58 hedron mount.smbfs[23153]: [2004/03/19 09:13:58, 0]
> client/smbmount.c:send_fs_socket(405)
> Mar 19 09:13:59 hedron mount.smbfs[23153]: mount.smbfs: entering daemon
> mode for service \\dborg\POS, pid=23153
> Mar 19 09:14:29 hedron kernel: SMB server not responding
> Mar 19 09:14:29 hedron kernel: smb_get_length: recv error = 5
> Mar 19 09:14:29 hedron kernel: smb_trans2_request: result=-5, setting
> invalid
> Mar 19 09:15:29 hedron kernel: smb_lookup: find //Store_257 failed,
> error=-5
> Mar 19 09:16:29 hedron kernel: smb_lookup: find //Store_257 failed,
> error=-5
> Mar 19 09:16:39 hedron kernel: smb_retry: caught signal
> Mar 19 09:16:39 hedron kernel: smb_lookup: find //Store_261 failed,
> error=-5
>
> Normally, I automount my windows shares. This has been working actually,
> for about 3 months, without a problem.
>
> Call it a testament to the reliability of 64-bit Win2003 that trying to
do> a file listing with Samba blue-screens the server. The first time I
> thought it must just be a coincidence, but after a reboot, it did it
again!> They have to constantly patch the window's boxes here for security
problems> of course; this could be an early warning that M$ has changed something
to> be incompatible with Samba.
Can you please get an ethereal capture trace of this problem and
send it to security@samba.org. We need to be able to produce a binary
using the smbclient code that can reproduce this so we can send it to
Microsoft and get them to fix it.
Thanks,
Jeremy.
This one's different. All I have to do is attempt to list a
sub-directory, and windows crashes with this error message:
BCCode: 10000007e BCP1: FFFFFFFF80000002 BCP2: E0000164C2D2C8A4 BCP3:
E0000164C31EDD98
BCP4: E0000164C31ECE00 OSVer: 5_2_3790 SP: 0_0 Product: 274_3
Kyle
"Gerald (Jerry)
Carter" To: Jeremy Allison
<jra@samba.org>
<jerry@samba.org> cc: Kyle Davenport
<Kyle_Davenport@compusa.com>, samba@lists.samba.org
Subject: Re: [Samba] 64-bit
Windows advanced server 2003 hangs
03/22/04 08:46 AM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jeremy Allison wrote:
| Can you please get an ethereal capture trace of this problem
| and send it to security@samba.org. We need to be able
| to produce a binary using the smbclient code that can
| reproduce this so we can send it to Microsoft and get them
| to fix it.
I'[ve seen thsi before and I thought that MS had fixed it with a
hotfix. Maybe I'm remembering wrong though. Could have been
this one I was thinking about.
~ https://bugzilla.samba.org/show_bug.cgi?id=878
cheers, jerry
- ----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song" --Switchfoot
(2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAXvw9IR7qMdg1EfYRAk7+AJ0aUiYETva9YBfRKEkBM3F1uMWtegCgmLJ3
DOyuoPr6IJuaxRGgxChbhIA-----END PGP SIGNATURE-----