RHEL8: samba server (smbd) repeatedly coredumps in open_directory ... TALLOC_FREE(lck) due to use after free or memory corruption

Solution In Progress - Updated -

Issue

  • On cifs client, a 'df' fails with 'Resource temporarily unavailable', 'Host is down' or 'Input/output error'
USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
df: /mnt/client: Resource temporarily unavailable

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
df: /mnt/client: Host is down

USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
df: /mnt/client: Input/output error
  • Checking on the server side at the time of the cifs client error(s), we see the samba server (smbd) repeately coredumps

Environment

  • Red Hat Enterprise Linux 8 (server)
    • samba-4.10.4-101.el8_1.x86_64
  • Red Hat Enterprise Linux 8 (client)
    • Seen with kernel-4.18.0-147.4.1.el8_1
    • share mounted without 'nohandlecache'

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content