Segfault in Samba

Bug #264982 reported by Geoff King
4
Affects Status Importance Assigned to Milestone
samba (Ubuntu)
Incomplete
Undecided
Unassigned

Bug Description

Binary package hint: samba

Just to clarify my setup.

I have a HP Prolient DL140 G3 with an External MSA60 Disk Storage Array setup as a file server for my users file areas. I have configured the disk array as software raid5 with LVM on top of it. There are then various LVM volumes for each group of users, mounted under /home. Each user of each group has their home directory located in one of these mounted volumes.

As my users are connected to a W2k3 domain (W2k8 DCs though) I share their home directories via samba at the group level. So /home/groupname/ is shared as groupname$. Thus samba is configured so the machine appears as a AD domain member server.

Here is the backtrace:

[Thread debugging using libthread_db enabled]
[New Thread 0x7fec77291700 (LWP 10340)]
0x00007fec744914a5 in waitpid () from /lib/libc.so.6
#0 0x00007fec744914a5 in waitpid () from /lib/libc.so.6
#1 0x00007fec74432461 in ?? () from /lib/libc.so.6
#2 0x0000000000613c3b in smb_panic (why=<value optimized out>)
    at lib/util.c:1639
#3 0x0000000000618cb1 in assert_uid (ruid=11884, euid=11884)
    at lib/util_sec.c:102
#4 0x000000000061b86b in message_notify (procid=<value optimized out>)
    at lib/messages.c:196
#5 0x000000000061bb7b in message_send_pid_internal (
    pid=<value optimized out>, msg_type=<value optimized out>, buf=0xb10030,
    len=72, duplicates_allowed=1, timeout=0) at lib/messages.c:365
#6 0x000000000061bf90 in messaging_send (msg=<value optimized out>, server=
        {id = {pid = 10378}}, msg_type=2133467292, data=<value optimized out>)
    at lib/messages.c:845
#7 0x000000000064a0a1 in notify_trigger (notify=0x9ed2c0, action=3,
    filter=68,
    path=0xaaeb80 "/home/year11/STBucknell/year 11 work/unit 22/sound unit/~WRL0002.tmp") at smbd/notify_internal.c:567
#8 0x0000000000648400 in notify_fname (conn=0xb0f160, action=3, filter=68,
    path=<value optimized out>) at smbd/notify.c:357
#9 0x000000000048f415 in rename_internals (conn=0xb0f160,
    name=<value optimized out>,
    newname=0x7fff7f2a3df0 "STBucknell/year 11 work/unit 22/sound unit/~WRL0002.tmp", attrs=<value optimized out>, replace_if_exists=0,
    src_has_wild=<value optimized out>, dest_has_wild=0) at smbd/reply.c:4412
#10 0x0000000000496699 in reply_mv (conn=0xb0f160, inbuf=0xacd980 "",
    outbuf=0xaeddd0 "", dum_size=<value optimized out>,
    dum_buffsize=<value optimized out>) at smbd/reply.c:4846
#11 0x00000000004c879e in switch_message (type=7, inbuf=0xacd980 "",
    outbuf=0xaeddd0 "", size=302, bufsize=131072) at smbd/process.c:1004
#12 0x00000000004c9b92 in smbd_process () at smbd/process.c:1031
#13 0x00000000006c5f5d in main (argc=<value optimized out>,
    argv=0x7fff7f2a4be8) at smbd/server.c:1120

Revision history for this message
Chuck Short (zulcss) wrote :

which version of samba are you using?

Thanks
chuck

Changed in samba:
status: New → Incomplete
Revision history for this message
Geoff King (gking-carrhill) wrote :

Server is running Hardy LTS so it's 3.0.28a-1ubuntu4

Revision history for this message
Geoff King (gking-carrhill) wrote :
Download full text (5.5 KiB)

Further similar segfaults today:

The Samba 'panic action' script, /usr/share/samba/panic-action,
was called for PID 15280 (/usr/sbin/smbd).

This means there was a problem with the program, such as a segfault.
Below is a backtrace for this process generated with gdb, which shows
the state of the program at the time the error occurred. The Samba log
files may contain additional information about the problem.

If the problem persists, you are encouraged to first install the
samba-dbg package, which contains the debugging symbols for the Samba
binaries. Then submit the provided information as a bug report to
Ubuntu by visiting this link:
https://launchpad.net/ubuntu/+source/samba/+filebug

[Thread debugging using libthread_db enabled]
[New Thread 0x7f1651085700 (LWP 15280)]
0x00007f164e2854a5 in waitpid () from /lib/libc.so.6
#0 0x00007f164e2854a5 in waitpid () from /lib/libc.so.6
#1 0x00007f164e226461 in ?? () from /lib/libc.so.6
#2 0x0000000000613c3b in smb_panic (why=<value optimized out>)
    at lib/util.c:1639
#3 0x0000000000618cb1 in assert_uid (ruid=11208, euid=11208)
    at lib/util_sec.c:102
#4 0x000000000061b86b in message_notify (procid=<value optimized out>)
    at lib/messages.c:196
#5 0x000000000061bb7b in message_send_pid_internal (
    pid=<value optimized out>, msg_type=<value optimized out>, buf=0xb11960,
    len=64, duplicates_allowed=1, timeout=0) at lib/messages.c:365
#6 0x000000000061bf90 in messaging_send (msg=<value optimized out>, server=
        {id = {pid = 15529}}, msg_type=1493783324, data=<value optimized out>)
    at lib/messages.c:845
#7 0x000000000064a0a1 in notify_trigger (notify=0xaccea0, action=5, filter=1,
    path=0xb14a30 "/home/year10/Lisa-MarieSmith/unit 5 dtp I.T/~WRL0002.tmp")
    at smbd/notify_internal.c:567
#8 0x0000000000648400 in notify_fname (conn=0xb0e120, action=5, filter=1,
    path=<value optimized out>) at smbd/notify.c:357
#9 0x000000000048f3ba in rename_internals (conn=0xb0e120,
    name=<value optimized out>,
    newname=0x7fff59097070 "Lisa-MarieSmith/unit 5 dtp I.T/~WRL0002.tmp",
    attrs=<value optimized out>, replace_if_exists=0,
    src_has_wild=<value optimized out>, dest_has_wild=0) at smbd/reply.c:4399
#10 0x0000000000496699 in reply_mv (conn=0xb0e120, inbuf=0xacd830 "",
    outbuf=0xaedc80 "", dum_size=<value optimized out>,
    dum_buffsize=<value optimized out>) at smbd/reply.c:4846
#11 0x00000000004c879e in switch_message (type=7, inbuf=0xacd830 "",
    outbuf=0xaedc80 "", size=252, bufsize=131072) at smbd/process.c:1004
#12 0x00000000004c9b92 in smbd_process () at smbd/process.c:1031
#13 0x00000000006c5f5d in main (argc=<value optimized out>,
    argv=0x7fff59097e68) at smbd/server.c:1120
The program is running. Quit anyway (and detach it)? (y or n) [answered Y; input not from terminal]

The Samba 'panic action' script, /usr/share/samba/panic-action,
was called for PID 15541 (/usr/sbin/smbd).

This means there was a problem with the program, such as a segfault.
Below is a backtrace for this process generated with gdb, which shows
the state of the program at the time the error occurred. The Samba log
files may contain additional information about the problem.
...

Read more...

Revision history for this message
Duane Hinnen (duanedesign) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. You reported this bug a while ago and there hasn't been any activity in it recently. We were wondering if this is still an issue for you. Can you try with the latest Ubuntu release? Thanks in advance.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.