smbd crashed with SIGABRT in rep_strlcpy()/null pointer in connections_fetch_entry

StacktraceTop:
 rep_strlcpy (d=0x7fffe02c9974 "", s=0x0, bufsize=256) at ../lib/replace/replace.c:70
 connections_fetch_entry (mem_ctx=0x7f3301f943a0, conn=0x7f3301f88e90, name=0x0) at lib/conn_tdb.c:63
 yield_connection (conn=0x7f3301f88e90, name=0x0) at smbd/connection.c:37
 close_cnum (conn=0x7f3301f88e90, vuid=102) at smbd/service.c:1296
 reply_tdis (req=0x7f3301f94480) at smbd/reply.c:5110

Status changed to 'Confirmed' because the bug affects multiple users.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526325 .

Might be a repeat of https://bugzilla.samba.org/show_bug.cgi?id=6724

Thanks for taking the time to report this bug in Ubuntu.

It would be great if one or more of the reporters of this bug could try to grab a backtrace from smbd when it hits this issue.

Details on how todo this can be found here:

  https://wiki.ubuntu.com/DebuggingProgramCrash
  https://wiki.ubuntu.com/Backtrace

Marking this bug as 'Incomplete' pending further information - please set back to 'New' once a backtrace has been captured and attached to this bug report.

I'm also marking this as importance 'High' due to the number of duplicates.

Thanks

Okay, I finally took the time to get a backtrace. It seems that it only takes a few minutes before smbd crashes, I wonder how many tmes it crahes before apport catches.

Btw, I'm running the Quantal Alpha, and smbd crashes the same as it did in Precise.

Status changed to 'Confirmed' because the bug affects multiple users.

Hi Taylor

Thanks for trying to grab a backtrace for this issue; however the trace you provided is not the same as in the original bug report - its actually a trace for normal operation of samba (which uses SIGUSR1 for signaling between processes).

Again the original trace looks similar to http://lists.samba.org/archive/samba-technical/2012-May/083909.html.

I think we can see that a null pointer being passed is causing the issue - but we still need to figure out why this happens.

Please could reporters of this issue set the log level to 5:

    log level 5

in /etc/samba/smb.conf, reload smbd and try to reproduce again - hopefully samba will provide some useful debug messages which might help ID whats going on.

The output of:

   sudo testparm -s

would also be helpful.

For anyone who wants a fast fix... samba 3.6.6 from quantal works fine under precise, no more crashes so far!

I am experiencing this problem with Samba 3.6.3 on Ubuntu 12.04. I've attached a tarball containing some files that may be useful in diagnosing the problem. They are:

- log.smbd for a SAMBA server session (debug level 5)
- log.127.0.0.1 for a session with the localhost where I mounted a usershare, listed files, then unmounted it.
- smb.conf
- usershares directory (from /var/lib/samba/usershares)

The internal error is near the end of log.127.0.0.1, when the share was unmounted. I think the error might always happen when the connection is closed.

Also, I was unable to reproduce the problem after deleting the usershares and replacing them with sections in smb.conf. (The four usershares had previously been created using Nautilus).

gdb backtrace (with debug symbols) attached.

The problem was easy to reproduce; I simply created a usershare (this time from the command line, not Nautilus), mounted it from the localhost from the command line, then unmounted it. The crash happens on the unmount.

Started getting this bug in the last 2 weeks. Only change to my Ubuntu file server was installing gPodder. Does not appear to have any impact on performance or availability of the samba shares. Running 13.04 with all the current updates.

Hi
I got a similar error in Ubuntu 15.10, I'll try to upload the crash logs.