s3: Fix a deadlock between notify_onelevel.tdb and notify.tdb

notify_add() locks notify_onlevel.tdb while having notify.tdb locked.
file_free() calls notify_remove_onelevel(), and due to this talloc hierarchy
problem the tdb record is not unlocked again timely. Thus notify.tdb will be
locked while notify_onelevel still has a lock.

Sorry, Ronnie, for causing you some grey hair and thanks for the stacktraces.

Volker

diff --git a/source3/smbd/notify_internal.c b/source3/smbd/notify_internal.c
index 243335c9fc61eaa8b17b174c7dcc58715c6a474a..c8f8616d8b469a85a301bd2f25074c8631a82af7 100644 (file)
--- a/source3/smbd/notify_internal.c
+++ b/source3/smbd/notify_internal.c
@@ -599,7 +599,7 @@ NTSTATUS notify_remove_onelevel(struct notify_context *notify,
        }
 
        rec = notify->db_onelevel->fetch_locked(
-               notify->db_onelevel, talloc_tos(),
+               notify->db_onelevel, array,
                make_tdb_data((uint8_t *)fid, sizeof(*fid)));
        if (rec == NULL) {
                DEBUG(10, ("notify_remove_onelevel: fetch_locked for %s failed"