Bug 10368 - samba 4.1.3 -- multiple bugs & 1, 297 coredumps -- coredump backtrace + full-backtrace included
samba 4.1.3 -- multiple bugs & 1, 297 coredumps -- coredump backtrace + full-...
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services
4.1.3
x64 Linux
: P5 major
: ---
Assigned To: Samba QA Contact
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-01-10 19:51 UTC by Justin Piszcz
Modified: 2014-02-27 18:55 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Piszcz 2014-01-10 19:51:37 UTC
Hi,

I've copied and pasted the detail here below:
http://www.marshut.com/imnkxm/samba-4-1-3-multiple-bugs-1-297-coredumps-coredump-backtrace-full-backtrace-included.html

Hello,

A few months ago the distribution I use (Debian Testing) moved from Samba 3 to Samba 4 – I started seeing a lot of problems.  Since then there are two bugs I find occurring on a regular basis:

1.	Consistent dumping core on a regular basis (very rarely, if ever occurred with Samba 3)
a.	$ ls -ltr *core*smbd* |wc -l
b.	1297
c.	$ du -ach *core*smbd*|tail -n 1
d.	3.2G    total
e.	The cores are when I went to Samba 4 starting on December 22nd 2013 to current.
2.	When I make changes on the Linux filesystem—the contents are not updated from the Window’s perspective, even if I refresh the window.
a.	Further, if I close out the share and re-access it, then I can see the updated contents.
3.	Perhaps some optimizations I have been using under 3 have bugs or are no longer recommended?
a.	Here is my Samba configuration:
i.	http://home.comcast.net/~jpiszcz/20140110/smb.conf

Example of the dump below with backtrace:

Jan 10 08:55:28 atom smbd[5409]: [2014/01/10 08:55:28.805807,  0] ../source3/lib/util.c:785(smb_panic_s3) 
Jan 10 08:55:28 atom smbd[5409]:   PANIC (pid 5409): num_bytes too large: 4294966797 
Jan 10 08:55:28 atom smbd[5409]: [2014/01/10 08:55:28.806522,  0] ../source3/lib/util.c:896(log_stack_trace) 
Jan 10 08:55:28 atom smbd[5409]:   BACKTRACE: 23 stack frames: 
Jan 10 08:55:28 atom smbd[5409]:    #0 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(log_stack_trace+0x1a) [0x7f6cb4091ffa] 
Jan 10 08:55:28 atom smbd[5409]:    #1 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(smb_panic_s3+0x20) [0x7f6cb40920d0] 
Jan 10 08:55:28 atom smbd[5409]:    #2 /usr/lib/x86_64-linux-gnu/libsamba-util.so.0(smb_panic+0x2f) [0x7f6cb55e8a6f] 
Jan 10 08:55:28 atom smbd[5409]:    #3 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0x121995) [0x7f6cb51ce995] 
Jan 10 08:55:28 atom smbd[5409]:    #4 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(reply_outbuf+0x20) [0x7f6cb51cfab0] 
Jan 10 08:55:28 atom smbd[5409]:    #5 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(send_trans_reply+0xee) [0x7f6cb516a7ee] 
Jan 10 08:55:28 atom smbd[5409]:    #6 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(api_reply+0x377) [0x7f6cb5179a97] 
Jan 10 08:55:28 atom smbd[5409]:    #7 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0xbe723) [0x7f6cb516b723] 
Jan 10 08:55:28 atom smbd[5409]:    #8 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(reply_trans+0x5b9) [0x7f6cb516bfb9] 
Jan 10 08:55:28 atom smbd[5409]:    #9 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0x122dc1) [0x7f6cb51cfdc1] 
Jan 10 08:55:28 atom smbd[5409]:    #10 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0x123e8f) [0x7f6cb51d0e8f] 
Jan 10 08:55:28 atom smbd[5409]:    #11 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0x124460) [0x7f6cb51d1460] 
Jan 10 08:55:28 atom smbd[5409]:    #12 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(run_events_poll+0x16c) [0x7f6cb40b05bc] 
Jan 10 08:55:28 atom smbd[5409]:    #13 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(+0x43810) [0x7f6cb40b0810] 
Jan 10 08:55:28 atom smbd[5409]:    #14 /usr/lib/x86_64-linux-gnu/libtevent.so.0(_tevent_loop_once+0x8d) [0x7f6cb2a68c0d] 
Jan 10 08:55:28 atom smbd[5409]:    #15 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(smbd_process+0xb00) [0x7f6cb51d26b0] 
Jan 10 08:55:28 atom smbd[5409]:    #16 /usr/sbin/smbd(+0xa084) [0x7f6cb5c4b084] 
Jan 10 08:55:28 atom smbd[5409]:    #17 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(run_events_poll+0x16c) [0x7f6cb40b05bc] 
Jan 10 08:55:28 atom smbd[5409]:    #18 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(+0x43810) [0x7f6cb40b0810] 
Jan 10 08:55:28 atom smbd[5409]:    #19 /usr/lib/x86_64-linux-gnu/libtevent.so.0(_tevent_loop_once+0x8d) [0x7f6cb2a68c0d] 
Jan 10 08:55:28 atom smbd[5409]:    #20 /usr/sbin/smbd(main+0x1401) [0x7f6cb5c47c61] 
Jan 10 08:55:28 atom smbd[5409]:    #21 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f6cb26da995] 
Jan 10 08:55:28 atom smbd[5409]:    #22 /usr/sbin/smbd(+0x6ff3) [0x7f6cb5c47ff3] 
Jan 10 08:55:28 atom smbd[5409]: [2014/01/10 08:55:28.806929,  0] ../source3/lib/dumpcore.c:317(dump_core) 
Jan 10 08:55:28 atom smbd[5409]:   dumping core in /local/cores 
Jan 10 08:55:28 atom smbd[5409]: 
Jan 10 08:55:31 atom smbd[6080]: [2014/01/10 08:55:31.907771,  0] ../source3/lib/util.c:785(smb_panic_s3) 
Jan 10 08:55:31 atom smbd[6080]:   PANIC (pid 6080): num_bytes too large: 4294966797 
Jan 10 08:55:31 atom smbd[6080]: [2014/01/10 08:55:31.908396,  0] ../source3/lib/util.c:896(log_stack_trace) 
Jan 10 08:55:31 atom smbd[6080]:   BACKTRACE: 23 stack frames: 
Jan 10 08:55:31 atom smbd[6080]:    #0 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(log_stack_trace+0x1a) [0x7f6cb4091ffa] 
Jan 10 08:55:31 atom smbd[6080]:    #1 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(smb_panic_s3+0x20) [0x7f6cb40920d0] 
Jan 10 08:55:31 atom smbd[6080]:    #2 /usr/lib/x86_64-linux-gnu/libsamba-util.so.0(smb_panic+0x2f) [0x7f6cb55e8a6f] 
Jan 10 08:55:31 atom smbd[6080]:    #3 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0x121995) [0x7f6cb51ce995] 
Jan 10 08:55:31 atom smbd[6080]:    #4 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(reply_outbuf+0x20) [0x7f6cb51cfab0] 
Jan 10 08:55:31 atom smbd[6080]:    #5 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(send_trans_reply+0xee) [0x7f6cb516a7ee] 
Jan 10 08:55:31 atom smbd[6080]:    #6 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(api_reply+0x377) [0x7f6cb5179a97] 
Jan 10 08:55:31 atom smbd[6080]:    #7 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0xbe723) [0x7f6cb516b723] 
Jan 10 08:55:31 atom smbd[6080]:    #8 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(reply_trans+0x5b9) [0x7f6cb516bfb9] 
Jan 10 08:55:31 atom smbd[6080]:    #9 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0x122dc1) [0x7f6cb51cfdc1] 
Jan 10 08:55:31 atom smbd[6080]:    #10 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0x123e8f) [0x7f6cb51d0e8f] 
Jan 10 08:55:31 atom smbd[6080]:    #11 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(+0x124460) [0x7f6cb51d1460] 
Jan 10 08:55:31 atom smbd[6080]:    #12 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(run_events_poll+0x16c) [0x7f6cb40b05bc] 
Jan 10 08:55:31 atom smbd[6080]:    #13 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(+0x43810) [0x7f6cb40b0810] 
Jan 10 08:55:31 atom smbd[6080]:    #14 /usr/lib/x86_64-linux-gnu/libtevent.so.0(_tevent_loop_once+0x8d) [0x7f6cb2a68c0d] 
Jan 10 08:55:31 atom smbd[6080]:    #15 /usr/lib/x86_64-linux-gnu/samba/libsmbd_base.so.0(smbd_process+0xb00) [0x7f6cb51d26b0] 
Jan 10 08:55:31 atom smbd[6080]:    #16 /usr/sbin/smbd(+0xa084) [0x7f6cb5c4b084] 
Jan 10 08:55:31 atom smbd[6080]:    #17 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(run_events_poll+0x16c) [0x7f6cb40b05bc] 
Jan 10 08:55:31 atom smbd[6080]:    #18 /usr/lib/x86_64-linux-gnu/libsmbconf.so.0(+0x43810) [0x7f6cb40b0810] 
Jan 10 08:55:31 atom smbd[6080]:    #19 /usr/lib/x86_64-linux-gnu/libtevent.so.0(_tevent_loop_once+0x8d) [0x7f6cb2a68c0d] 
Jan 10 08:55:31 atom smbd[6080]:    #20 /usr/sbin/smbd(main+0x1401) [0x7f6cb5c47c61] 
Jan 10 08:55:31 atom smbd[6080]:    #21 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f6cb26da995] 
Jan 10 08:55:31 atom smbd[6080]:    #22 /usr/sbin/smbd(+0x6ff3) [0x7f6cb5c47ff3] 
Jan 10 08:55:31 atom smbd[6080]: [2014/01/10 08:55:31.908768,  0] ../source3/lib/dumpcore.c:317(dump_core) 
Jan 10 08:55:31 atom smbd[6080]:   dumping core in /local/cores 
Jan 10 08:55:31 atom smbd[6080]:

Full backtrace with debugging symbols:
# gdb /usr/sbin/smbd ./core.smbd.6080
GNU gdb (GDB) 7.6.1 (Debian 7.6.1-1)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/sbin/smbd...Reading symbols from /usr/lib/debug/.build-id/91/5abb8f47b1f99b208b9a85e299707d92d7da37.debug...done.
done.
[New LWP 6080]

Regular backtrace:

Core was generated by `/usr/sbin/smbd -D'.
Program terminated with signal 6, Aborted.
#0  0x00007f6cb26ee1d5 in __GI_raise (sig=sig@entry=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
56      ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x00007f6cb26ee1d5 in __GI_raise (sig=sig@entry=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007f6cb26f1388 in __GI_abort () at abort.c:90
#2  0x00007f6cb40a83db in dump_core () at ../source3/lib/dumpcore.c:336
#3  0x00007f6cb4092137 in smb_panic_s3 (why=<optimized out>)
    at ../source3/lib/util.c:808
#4  0x00007f6cb55e8a6f in smb_panic (
    why=0x7f6cb69b8d80 "num_bytes too large: 4294966797")
    at ../lib/util/fault.c:159
#5  0x00007f6cb51ce995 in create_outbuf (mem_ctx=mem_ctx@entry=0x7f6cb69c6040, 
    req=req@entry=0x7f6cb69c6040, inbuf=0x7f6cb69c5f60 "", 
    outbuf=outbuf@entry=0x7ffff37d3868, num_words=num_words@entry=10 '\n', 
    num_bytes=num_bytes@entry=4294966797) at ../source3/smbd/process.c:1286
#6  0x00007f6cb51cfab0 in reply_outbuf (req=req@entry=0x7f6cb69c6040, 
    num_words=num_words@entry=10 '\n', num_bytes=num_bytes@entry=4294966797)
    at ../source3/smbd/process.c:1314
#7  0x00007f6cb516a7ee in send_trans_reply (conn=conn@entry=0x7f6cb69cb620, 
    req=req@entry=0x7f6cb69c6040, rparam=0x7f6cb69d1f60 "", 
    rparam_len=<optimized out>, rdata=0x7f6cb69d0f50 "ATOM", 
    rdata_len=<optimized out>, buffer_too_large=buffer_too_large@entry=false)
    at ../source3/smbd/ipc.c:121
#8  0x00007f6cb5179a97 in api_reply (conn=conn@entry=0x7f6cb69cb620, 
    vuid=vuid@entry=31545, req=req@entry=0x7f6cb69c6040, data=data@entry=0x0, 
    params=params@entry=0x7f6cb69cd060 "h", tdscnt=tdscnt@entry=0, 
    tpscnt=tpscnt@entry=26, mdrcnt=mdrcnt@entry=4374, mprcnt=mprcnt@entry=8)
    at ../source3/smbd/lanman.c:5923
#9  0x00007f6cb516b723 in named_pipe (msrcnt=<optimized out>, mprcnt=8, 
    mdrcnt=4374, tpscnt=26, tdscnt=<optimized out>, suwcnt=<optimized out>, 
    params=<optimized out>, data=0x0, setup=<optimized out>, 
    name=0x7f6cb69cd5f6 "LANMAN", req=0x7f6cb69c6040, vuid=31545, 
    conn=0x7f6cb69cb620) at ../source3/smbd/ipc.c:543
#10 handle_trans (conn=0x7f6cb69cb620, req=0x7f6cb69c6040, 
    state=0x7f6cb69cc660) at ../source3/smbd/ipc.c:623
#11 0x00007f6cb516bfb9 in reply_trans (req=0x7f6cb69c6040)
    at ../source3/smbd/ipc.c:830
#12 0x00007f6cb51cfdc1 in switch_message (type=<optimized out>, 
    req=req@entry=0x7f6cb69c6040) at ../source3/smbd/process.c:1557
#13 0x00007f6cb51d0e8f in construct_reply (deferred_pcd=0x0, encrypted=false, 
    seqnum=0, unread_bytes=<optimized out>, size=122, inbuf=0x0, 
    sconn=0x7f6cb69aed10) at ../source3/smbd/process.c:1593
#14 process_smb (sconn=sconn@entry=0x7f6cb69aed10, inbuf=<optimized out>, 
    nread=122, unread_bytes=<optimized out>, seqnum=0, 
    encrypted=<optimized out>, deferred_pcd=deferred_pcd@entry=0x0)
    at ../source3/smbd/process.c:1844
#15 0x00007f6cb51d1460 in smbd_server_connection_read_handler (
    sconn=0x7f6cb69aed10, fd=34) at ../source3/smbd/process.c:2433
#16 0x00007f6cb40b05bc in run_events_poll (ev=0x7f6cb69a5360, 
    pollrtn=<optimized out>, pfds=0x7f6cb69b7140, num_pfds=3)
    at ../source3/lib/events.c:257
#17 0x00007f6cb40b0810 in s3_event_loop_once (ev=0x7f6cb69a5360, 
    location=<optimized out>) at ../source3/lib/events.c:326
#18 0x00007f6cb2a68c0d in _tevent_loop_once ()
   from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#19 0x00007f6cb51d26b0 in smbd_process (ev_ctx=ev_ctx@entry=0x7f6cb69a5360, 
    msg_ctx=msg_ctx@entry=0x7f6cb69a5450, sock_fd=sock_fd@entry=34, 
    interactive=interactive@entry=false) at ../source3/smbd/process.c:3627
#20 0x00007f6cb5c4b084 in smbd_accept_connection (ev=0x7f6cb69a5360, 
    fde=<optimized out>, flags=<optimized out>, private_data=<optimized out>)
    at ../source3/smbd/server.c:621
#21 0x00007f6cb40b05bc in run_events_poll (ev=0x7f6cb69a5360, 
    pollrtn=<optimized out>, pfds=0x7f6cb69b7140, num_pfds=4)
    at ../source3/lib/events.c:257
#22 0x00007f6cb40b0810 in s3_event_loop_once (ev=0x7f6cb69a5360, 
    location=<optimized out>) at ../source3/lib/events.c:326
#23 0x00007f6cb2a68c0d in _tevent_loop_once ()
   from /usr/lib/x86_64-linux-gnu/libtevent.so.0
#24 0x00007f6cb5c47c61 in smbd_parent_loop (parent=<optimized out>, 
    ev_ctx=0x7f6cb69a5360) at ../source3/smbd/server.c:943
#25 main (argc=<optimized out>, argv=<optimized out>)

Full backtrace:

#0  0x00007f6cb26ee1d5 in __GI_raise (sig=sig@entry=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
        resultvar = 0
        pid = 6080
        selftid = 6080
#1  0x00007f6cb26f1388 in __GI_abort () at abort.c:90
        save_stage = 2
        act = {__sigaction_handler = {sa_handler = 0x14, sa_sigaction = 0x14}, 
          sa_mask = {__val = {4294966797, 140104878259616, 140104880532885, 1, 
              0, 17179869185, 140104826617064, 65534, 140104878259616, 10, 
              140104880558597, 140104876067920, 140104878326549, 
              140104878326288, 140737278456848, 6}}, sa_flags = -209897984, 
          sa_restorer = 0x7f6cb2a5e6a0 <_IO_file_jumps>}
        sigs = {__val = {32, 0 <repeats 15 times>}}
#2  0x00007f6cb40a83db in dump_core () at ../source3/lib/dumpcore.c:336
        called = true
        __FUNCTION__ = "dump_core"
#3  0x00007f6cb4092137 in smb_panic_s3 (why=<optimized out>)
    at ../source3/lib/util.c:808
        cmd = <optimized out>
        result = <optimized out>
        __FUNCTION__ = "smb_panic_s3"
#4  0x00007f6cb55e8a6f in smb_panic (
    why=0x7f6cb69b8d80 "num_bytes too large: 4294966797")
    at ../lib/util/fault.c:159
No locals.
#5  0x00007f6cb51ce995 in create_outbuf (mem_ctx=mem_ctx@entry=0x7f6cb69c6040, 
    req=req@entry=0x7f6cb69c6040, inbuf=0x7f6cb69c5f60 "", 
    outbuf=outbuf@entry=0x7ffff37d3868, num_words=num_words@entry=10 '\n', 
    num_bytes=num_bytes@entry=4294966797) at ../source3/smbd/process.c:1286
        msg = 0x7f6cb69b8d80 "num_bytes too large: 4294966797"
        smb_len = 4294966852
#6  0x00007f6cb51cfab0 in reply_outbuf (req=req@entry=0x7f6cb69c6040, 
    num_words=num_words@entry=10 '\n', num_bytes=num_bytes@entry=4294966797)
    at ../source3/smbd/process.c:1314
        outbuf = 0x7f6cb55c2028 ""
#7  0x00007f6cb516a7ee in send_trans_reply (conn=conn@entry=0x7f6cb69cb620, 
    req=req@entry=0x7f6cb69c6040, rparam=0x7f6cb69d1f60 "", 
    rparam_len=<optimized out>, rdata=0x7f6cb69d0f50 "ATOM", 
    rdata_len=<optimized out>, buffer_too_large=buffer_too_large@entry=false)
    at ../source3/smbd/ipc.c:121
        this_ldata = 0
        this_lparam = -500
       tot_data_sent = 0
        tot_param_sent = 0
        align = 0
        ldata = 154
        lparam = 8
        sconn = 0x7f6cb69aed10
        max_send = 0
        __FUNCTION__ = "send_trans_reply"
#8  0x00007f6cb5179a97 in api_reply (conn=conn@entry=0x7f6cb69cb620, 
    vuid=vuid@entry=31545, req=req@entry=0x7f6cb69c6040, data=data@entry=0x0, 
    params=params@entry=0x7f6cb69cd060 "h", tdscnt=tdscnt@entry=0, 
    tpscnt=tpscnt@entry=26, mdrcnt=mdrcnt@entry=4374, mprcnt=mprcnt@entry=8)
    at ../source3/smbd/lanman.c:5923
        api_command = <optimized out>
        rdata = 0x7f6cb69d0f50 "ATOM"
        rparam = <optimized out>
        name1 = <optimized out>
        name2 = <optimized out>
        rdata_len = 154
        rparam_len = 8
        reply = <optimized out>
        i = <optimized out>
        __FUNCTION__ = "api_reply"
#9  0x00007f6cb516b723 in named_pipe (msrcnt=<optimized out>, mprcnt=8, 
    mdrcnt=4374, tpscnt=26, tdscnt=<optimized out>, suwcnt=<optimized out>, 
    params=<optimized out>, data=0x0, setup=<optimized out>, 
    name=0x7f6cb69cd5f6 "LANMAN", req=0x7f6cb69c6040, vuid=31545, 
    conn=0x7f6cb69cb620) at ../source3/smbd/ipc.c:543
No locals.
#10 handle_trans (conn=0x7f6cb69cb620, req=0x7f6cb69c6040, 
    state=0x7f6cb69cc660) at ../source3/smbd/ipc.c:623
        local_machine_name = <optimized out>
        name_offset = <optimized out>
        __FUNCTION__ = "handle_trans"
#11 0x00007f6cb516bfb9 in reply_trans (req=0x7f6cb69c6040)
    at ../source3/smbd/ipc.c:830
       conn = 0x7f6cb69cb620
        dsoff = <optimized out>
        dscnt = <optimized out>
        psoff = <optimized out>
        pscnt = <optimized out>
        state = 0x7f6cb69cc660
        result = <optimized out>
        __FUNCTION__ = "reply_trans"
#12 0x00007f6cb51cfdc1 in switch_message (type=<optimized out>, 
    req=req@entry=0x7f6cb69c6040) at ../source3/smbd/process.c:1557
        flags = <optimized out>
        session_tag = 31545
        conn = 0x7f6cb69cb620
        sconn = <optimized out>
        now = 130338357319076250
        session = 0x7f6cb69c5af0
        status = <optimized out>
        __FUNCTION__ = "switch_message"
#13 0x00007f6cb51d0e8f in construct_reply (deferred_pcd=0x0, encrypted=false, 
    seqnum=0, unread_bytes=<optimized out>, size=122, inbuf=0x0, 
    sconn=0x7f6cb69aed10) at ../source3/smbd/process.c:1593
        conn = <optimized out>
        req = 0x7f6cb69c6040
#14 process_smb (sconn=sconn@entry=0x7f6cb69aed10, inbuf=<optimized out>, 
    nread=122, unread_bytes=<optimized out>, seqnum=0, 
    encrypted=<optimized out>, deferred_pcd=deferred_pcd@entry=0x0)
    at ../source3/smbd/process.c:1844
        msg_type = <optimized out>
        __FUNCTION__ = "process_smb"
#15 0x00007f6cb51d1460 in smbd_server_connection_read_handler (
    sconn=0x7f6cb69aed10, fd=34) at ../source3/smbd/process.c:2433
        inbuf = 0x7f6cb69c5f60 ""
        inbuf_len = 122
        unread_bytes = 0
        encrypted = false
        mem_ctx = 0x7f6cb69c5f00
        status = <optimized out>
        seqnum = 0
        from_client = <optimized out>
        __FUNCTION__ = "smbd_server_connection_read_handler"
#16 0x00007f6cb40b05bc in run_events_poll (ev=0x7f6cb69a5360, 
    pollrtn=<optimized out>, pfds=0x7f6cb69b7140, num_pfds=3)
    at ../source3/lib/events.c:257
        pfd = <optimized out>
        flags = <optimized out>
        state = <optimized out>
        pollfd_idx = 0x7f6cb69b4860
        fde = 0x7f6cb69b8150
        pollrtn = <optimized out>
        num_pfds = 3
        pfds = 0x7f6cb69b7140
        ev = 0x7f6cb69a5360
#17 0x00007f6cb40b0810 in s3_event_loop_once (ev=0x7f6cb69a5360, 
    location=<optimized out>) at ../source3/lib/events.c:326
        state = 0x7f6cb69a4030
        timeout = 59993
        num_pfds = 3
        poll_errno = 0
#18 0x00007f6cb2a68c0d in _tevent_loop_once ()
   from /usr/lib/x86_64-linux-gnu/libtevent.so.0
No symbol table info available.
#19 0x00007f6cb51d26b0 in smbd_process (ev_ctx=ev_ctx@entry=0x7f6cb69a5360, 
    msg_ctx=msg_ctx@entry=0x7f6cb69a5450, sock_fd=sock_fd@entry=34, 
    interactive=interactive@entry=false) at ../source3/smbd/process.c:3627
        frame = 0x7f6cb69c5f00
        conn = <optimized out>
        sconn = <optimized out>
        ss = {ss_family = 2, __ss_align = 0, 
          __ss_padding = "\001\000\000\000\000\000\000\000\350\001\304\265l\177", '\000' <repeats 34 times>, "\200\030", '\000' <repeats 22 times>, "@\005\304\265l\177\000\000\311\350\373\226", '\000' <repeats 20 times>, "\035\061\304\265l\177\000"}
        sa = 0x7ffff37d3db0
        sa_socklen = 16
        local_address = 0x7f6cb69a80e0
        remote_address = 0x7f6cb69b4c60
        locaddr = <optimized out>
        remaddr = <optimized out>
        rhost = 0x0
        ret = <optimized out>
        __FUNCTION__ = "smbd_process"
#20 0x00007f6cb5c4b084 in smbd_accept_connection (ev=0x7f6cb69a5360, 
    fde=<optimized out>, flags=<optimized out>, private_data=<optimized out>)
    at ../source3/smbd/server.c:621
        status = <optimized out>
        s = 0x0
        msg_ctx = 0x7f6cb69a5450
        addr = {ss_family = 2, __ss_align = 0, 
          __ss_padding = '\000' <repeats 24 times>, "\360?}\363\377\177\000\000%\372\177\363\377\177", '\000' <repeats 11 times>, "@}\363\377\177\000\000\020@}\363\377\177\000\000%\372\177\363\377\177\000\000\000\000\000\000\000\000\000\000 @}\363\377\177\000\000\060@\232\266l\177\000\000\004\000\000\000\000\000\000\000!\000\000\000\000\000\000"}
        in_addrlen = 16
        fd = 34
        pid = 0
        unique_id = 9885520618594194796
        __FUNCTION__ = "smbd_accept_connection"
#21 0x00007f6cb40b05bc in run_events_poll (ev=0x7f6cb69a5360, 
    pollrtn=<optimized out>, pfds=0x7f6cb69b7140, num_pfds=4)
    at ../source3/lib/events.c:257
        pfd = <optimized out>
        flags = <optimized out>
        state = <optimized out>
        pollfd_idx = 0x7f6cb69b4860
        fde = 0x7f6cb69b9080
        pollrtn = <optimized out>
        num_pfds = 4
        pfds = 0x7f6cb69b7140
        ev = 0x7f6cb69a5360
#22 0x00007f6cb40b0810 in s3_event_loop_once (ev=0x7f6cb69a5360, 
    location=<optimized out>) at ../source3/lib/events.c:326
        state = 0x7f6cb69a4030
        timeout = 20000
        num_pfds = 4
        poll_errno = 4
#23 0x00007f6cb2a68c0d in _tevent_loop_once ()
   from /usr/lib/x86_64-linux-gnu/libtevent.so.0
No symbol table info available.
#24 0x00007f6cb5c47c61 in smbd_parent_loop (parent=<optimized out>, 
    ev_ctx=0x7f6cb69a5360) at ../source3/smbd/server.c:943
        ret = <optimized out>
        frame = 0x7f6cb69a5f40
#25 main (argc=<optimized out>, argv=<optimized out>)
    at ../source3/smbd/server.c:1577
        is_daemon = <optimized out>
        interactive = <optimized out>
        Fork = true
        no_process_group = 208
        log_stdout = <optimized out>
        ports = 0x0
        profile_level = 0x0
        opt = <optimized out>
        pc = <optimized out>
        print_build_options = 80
        long_options = {{longName = 0x0, shortName = 0 '\000', argInfo = 4, 
            arg = 0x7f6cb3089400 <poptHelpOptions>, val = 0, 
            descrip = 0x7f6cb5c4d1f2 "Help options:", argDescrip = 0x0}, {
            longName = 0x7f6cb5c4d200 "daemon", shortName = 68 'D', 
            argInfo = 0, arg = 0x0, val = 1000, 
            descrip = 0x7f6cb5c4d207 "Become a daemon (default)", 
            argDescrip = 0x0}, {longName = 0x7f6cb5c4d221 "interactive", 
            shortName = 105 'i', argInfo = 0, arg = 0x0, val = 1001, 
            descrip = 0x7f6cb5c4dcf0 "Run interactive (not a daemon)", 
            argDescrip = 0x0}, {longName = 0x7f6cb5c4d22d "foreground", 
            shortName = 70 'F', argInfo = 0, arg = 0x0, val = 1002, 
            descrip = 0x7f6cb5c4dd10 "Run daemon in foreground (for daemontools, etc.)", argDescrip = 0x0}, {longName = 0x7f6cb5c4d238 "no-process-group", 
            shortName = 0 '\000', argInfo = 0, arg = 0x0, val = 1003, 
            descrip = 0x7f6cb5c4dd48 "Don't create a new process group", 
            argDescrip = 0x0}, {longName = 0x7f6cb5c4d249 "log-stdout", 
            shortName = 83 'S', argInfo = 0, arg = 0x0, val = 1004, 
            descrip = 0x7f6cb5c4d254 "Log to stdout", argDescrip = 0x0}, {
            longName = 0x7f6cb5c4d262 "build-options", shortName = 98 'b', 
            argInfo = 0, arg = 0x0, val = 98,
        ret = <optimized out>
        __FUNCTION__ = "smbd_process"
#20 0x00007f6cb5c4b084 in smbd_accept_connection (ev=0x7f6cb69a5360, 
    fde=<optimized out>, flags=<optimized out>, private_data=<optimized out>)
    at ../source3/smbd/server.c:621
        status = <optimized out>
        s = 0x0
        msg_ctx = 0x7f6cb69a5450
        addr = {ss_family = 2, __ss_align = 0, 
          __ss_padding = '\000' <repeats 24 times>, "\360?}\363\377\177\000\000%\372\177\363\377\177", '\000' <repeats 11 times>, "@}\363\377\177\000\000\020@}\363\377\177\000\000%\372\177\363\377\177\000\000\000\000\000\000\000\000\000\000 @}\363\377\177\000\000\060@\232\266l\177\000\000\004\000\000\000\000\000\000\000!\000\000\000\000\000\000"}
        in_addrlen = 16
        fd = 34
        pid = 0
        unique_id = 9885520618594194796
        __FUNCTION__ = "smbd_accept_connection"
#21 0x00007f6cb40b05bc in run_events_poll (ev=0x7f6cb69a5360, 
    pollrtn=<optimized out>, pfds=0x7f6cb69b7140, num_pfds=4)
    at ../source3/lib/events.c:257
        pfd = <optimized out>
        flags = <optimized out>
        state = <optimized out>
        pollfd_idx = 0x7f6cb69b4860
        fde = 0x7f6cb69b9080
        pollrtn = <optimized out>
        num_pfds = 4
        pfds = 0x7f6cb69b7140
        ev = 0x7f6cb69a5360
#22 0x00007f6cb40b0810 in s3_event_loop_once (ev=0x7f6cb69a5360, 
    location=<optimized out>) at ../source3/lib/events.c:326
        state = 0x7f6cb69a4030
        timeout = 20000
        num_pfds = 4
        poll_errno = 4
#23 0x00007f6cb2a68c0d in _tevent_loop_once ()
   from /usr/lib/x86_64-linux-gnu/libtevent.so.0
No symbol table info available.
#24 0x00007f6cb5c47c61 in smbd_parent_loop (parent=<optimized out>, 
    ev_ctx=0x7f6cb69a5360) at ../source3/smbd/server.c:943
        ret = <optimized out>
        frame = 0x7f6cb69a5f40
#25 main (argc=<optimized out>, argv=<optimized out>)
    at ../source3/smbd/server.c:1577
        is_daemon = <optimized out>
        interactive = <optimized out>
        Fork = true
        no_process_group = 208
        log_stdout = <optimized out>
        ports = 0x0
        profile_level = 0x0
        opt = <optimized out>
        pc = <optimized out>
        print_build_options = 80
        long_options = {{longName = 0x0, shortName = 0 '\000', argInfo = 4, 
            arg = 0x7f6cb3089400 <poptHelpOptions>, val = 0, 
            descrip = 0x7f6cb5c4d1f2 "Help options:", argDescrip = 0x0}, {
            longName = 0x7f6cb5c4d200 "daemon", shortName = 68 'D', 
            argInfo = 0, arg = 0x0, val = 1000, 
            descrip = 0x7f6cb5c4d207 "Become a daemon (default)", 
            argDescrip = 0x0}, {longName = 0x7f6cb5c4d221 "interactive", 
            shortName = 105 'i', argInfo = 0, arg = 0x0, val = 1001, 
            descrip = 0x7f6cb5c4dcf0 "Run interactive (not a daemon)", 
            argDescrip = 0x0}, {longName = 0x7f6cb5c4d22d "foreground", 
            shortName = 70 'F', argInfo = 0, arg = 0x0, val = 1002, 
            descrip = 0x7f6cb5c4dd10 "Run daemon in foreground (for daemontools, etc.)", argDescrip = 0x0}, {longName = 0x7f6cb5c4d238 "no-process-group", 
            shortName = 0 '\000', argInfo = 0, arg = 0x0, val = 1003, 
            descrip = 0x7f6cb5c4dd48 "Don't create a new process group", 
            argDescrip = 0x0}, {longName = 0x7f6cb5c4d249 "log-stdout", 
            shortName = 83 'S', argInfo = 0, arg = 0x0, val = 1004, 
            descrip = 0x7f6cb5c4d254 "Log to stdout", argDescrip = 0x0}, {
            longName = 0x7f6cb5c4d262 "build-options", shortName = 98 'b', 
            argInfo = 0, arg = 0x0, val = 98, 
---Type <return> to continue, or q <return> to quit---
            descrip = 0x7f6cb5c4d270 "Print build options", argDescrip = 0x0}, 
          {longName = 0x7f6cb5c4d284 "port", shortName = 112 'p', argInfo = 1, 
            arg = 0x7ffff37d4190, val = 0, 
            descrip = 0x7f6cb5c4d289 "Listen on the specified ports", 
            argDescrip = 0x0}, {longName = 0x7f6cb5c4d2a7 "profiling-level", 
            shortName = 80 'P', argInfo = 1, arg = 0x7ffff37d4198, val = 0, 
            descrip = 0x7f6cb5c4d2b7 "Set profiling level", 
            argDescrip = 0x7f6cb5c4d2cb "PROFILE_LEVEL"}, {longName = 0x0, 
            shortName = 0 '\000', argInfo = 4, 
            arg = 0x7f6cb47266e0 <popt_common_samba>, val = 0, 
            descrip = 0x7f6cb5c4d2d9 "Common samba options:", 
            argDescrip = 0x0}, {longName = 0x0, shortName = 0 '\000', 
            argInfo = 4, arg = 0x7f6cb4725aa0 <popt_common_dynconfig>, 
            val = 0, 
            descrip = 0x7f6cb5c4dd70 "Build-time configuration overrides:", 
            argDescrip = 0x0}, {longName = 0x0, shortName = 0 '\000', 
            argInfo = 0, arg = 0x0, val = 0, descrip = 0x0, argDescrip = 0x0}}
        parent = 0x7f6cb69a7ff0
        frame = <optimized out>
        status = <optimized out>
        ev_ctx = 0x7f6cb69a5360
        msg_ctx = 0x7f6cb69a5450
        server_id = {pid = 27546, task_id = 0, vnn = 4294967295, 
          unique_id = 6895394172490219379}
        se = <optimized out>
        np_dir = <optimized out>
        smbd_shim_fns = {
          cancel_pending_lock_requests_by_fid = 0x7f6cb51bc170 <smbd_cancel_pending_lock_requests_by_fid>, 
          send_stat_cache_delete_message = 0x7f6cb51c1ca0 <smbd_send_stat_cache_delete_message>, 
          change_to_root_user = 0x7f6cb51ab180 <smbd_change_to_root_user>, 
          contend_level2_oplocks_begin = 0x7f6cb5207500 <smbd_contend_level2_oplocks_begin>, 
          contend_level2_oplocks_end = 0x7f6cb5207660 <smbd_contend_level2_oplocks_end>, become_root = 0x7f6cb51ab260 <smbd_become_root>, 
          unbecome_root = 0x7f6cb51ab290 <smbd_unbecome_root>, 
          exit_server = 0x7f6cb5200770 <smbd_exit_server>, 
          exit_server_cleanly = 0x7f6cb5200790 <smbd_exit_server_cleanly>}
        __FUNCTION__ = "main"
(gdb)

Justin.
Comment 1 Justin Piszcz 2014-01-10 19:53:09 UTC
Regarding the following:
https://www.samba.org/~asn/reporting_samba_bugs.txt

I already provided the full backtrace, please let me know if more information is required, I can also get that data later if needed.