An un-authenticated NULL pointer de-reference can be triggered in the Heimdal KDC. Samba's KDC should auto-restart, but this still needs to be fixed and backported.
Upstream fix: https://github.com/heimdal/heimdal/commit/2e7d996ea9e698b4edcbf9c5cf22a36e26ae3de5
At least for this particular codepath, perhaps due to how Samba as an AD DC handles referrals, I can't reproduce this issue.
Marking as WONTFIX, but we will have imported this commit for Samba 4.19 in any case with the Heimdal updates.