Segfault in Samba

Bug #56255 reported by Patrik L
This bug report is a duplicate of:  Bug #100019: Segfault in Samba. Edit Remove
2
Affects Status Importance Assigned to Milestone
samba (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Binary package hint: samba

My nmbd dies quite frequently. About once a week.
Server: HP ProLiant DL360 G4p, 3.0 Ghz, 1 GB RAM.
Ubuntu 6.06.

The Samba 'panic action' script, /usr/share/samba/panic-action,
was called for pid 6162 (/usr/sbin/nmbd).

Below is a backtrace for this process generated with gdb, which shows
the state of the program at the time the error occurred.

Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1212475712 (LWP 6162)]
0xffffe410 in __kernel_vsyscall ()
#0 0xffffe410 in __kernel_vsyscall ()
#1 0xb7d43933 in waitpid () from /lib/tls/i686/cmov/libc.so.6
#2 0xb7ced3c9 in strtold_l () from /lib/tls/i686/cmov/libc.so.6
#3 0x080cbeb3 in smb_panic2 (
    why=0xfffffe00 <Address 0xfffffe00 out of bounds>, decrement_pid_count=1)
    at lib/util.c:1545
#4 0x080cbfd5 in smb_panic (why=0xfffffe00 <Address 0xfffffe00 out of bounds>)
    at lib/util.c:1506
#5 0x080ba0e5 in sig_fault (sig=-512) at lib/fault.c:42
#6 <signal handler called>
#7 find_workgroup_on_subnet (subrec=0x0, name=0x812c3f0 "MEDIETEKNIK")
    at nmbd/nmbd_workgroupdb.c:177
#8 0x08074f05 in write_browse_list (t=0, force_write=1)
    at nmbd/nmbd_serverlistdb.c:350
#9 0x08062440 in msg_reload_nmbd_services (msg_type=3001, src={pid = 0},
    buf=0xbfb6408c, len=0) at nmbd/nmbd.c:314
#10 0x08062c72 in main (argc=-1078578512, argv=0xbfb64124) at nmbd/nmbd.c:597

Revision history for this message
Patrik L (patrik-medieteknik) wrote :

Some update on this case.

The latest segfault reported looks like this:
--------------------------
The Samba 'panic action' script, /usr/share/samba/panic-action,
was called for pid 804 (/usr/sbin/nmbd).

Below is a backtrace for this process generated with gdb, which shows
the state of the program at the time the error occurred.

If the problem persists, you are encouraged to first install the
samba-dbg package which contains the debugging symbols for samba
binaries. Then, submit the provided information as a bug report to Ubuntu.
For information about the procedure for submitting bug reports, please
see http://www.ubuntulinux.org/support/bugs/document_view

Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
[Thread debugging using libthread_db enabled]
[New Thread -1212074304 (LWP 804)]
0xffffe410 in __kernel_vsyscall ()
#0 0xffffe410 in __kernel_vsyscall ()
#1 0xb7da5933 in waitpid () from /lib/tls/i686/cmov/libc.so.6
#2 0xb7d4f3c9 in strtold_l () from /lib/tls/i686/cmov/libc.so.6
#3 0x080cbeb3 in smb_panic2 (
    why=0xfffffe00 <Address 0xfffffe00 out of bounds>, decrement_pid_count=1)
    at lib/util.c:1545
#4 0x080cbfd5 in smb_panic (why=0xfffffe00 <Address 0xfffffe00 out of bounds>)
    at lib/util.c:1506
#5 0x080ba0e5 in sig_fault (sig=-512) at lib/fault.c:42
#6 <signal handler called>
#7 find_workgroup_on_subnet (subrec=0x0, name=0x812c3f0 "MEDIETEKNIK")
    at nmbd/nmbd_workgroupdb.c:177
#8 0x08074f05 in write_browse_list (t=0, force_write=1)
    at nmbd/nmbd_serverlistdb.c:350
#9 0x08062440 in msg_reload_nmbd_services (msg_type=3001, src={pid = 0},
    buf=0xbf8c639c, len=0) at nmbd/nmbd.c:314
#10 0x08062c72 in main (argc=-1081322048, argv=0xbf8c6434) at nmbd/nmbd.c:597
--------------------------

Dates of this happening is:
2006-08-02 06:25
2006-08-06 06:25
2006-08-06 15:10
2006-08-13 06:25
2006-08-13 18:18
2006-08-28 15:54
2006-08-29 06:25
2006-10-12 11:57
2006-10-18 06:25

Looks like this might be caused by something that is happening on specific times. I have not been able to find out what happens at those times yet.

Current kernel version is 2.6.15-25-server.

Revision history for this message
Lorenzo (lorenzo-delledonne) wrote :

Thank you for the accurate bug report. I mark this as Confirmed.

Changed in samba:
status: Unconfirmed → Confirmed
Revision history for this message
Chuck Short (zulcss) wrote :

Is this still a problem?

Thanks
chuck

Revision history for this message
Paul Dufresne (paulduf) wrote :

By the backtrace, I conclude this is a duplicate of fixed bug #100019, marking so.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.