Bug 3195 - smbd dumps core during open samba server with MMC console/services
Summary: smbd dumps core during open samba server with MMC console/services
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: File Services (show other bugs)
Version: 3.0.20b
Hardware: All Solaris
: P3 normal
Target Milestone: none
Assignee: Samba Bugzilla Account
QA Contact: Samba QA Contact
Depends on:
Reported: 2005-10-19 10:13 UTC by Alex Deiter
Modified: 2005-10-24 10:22 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Alex Deiter 2005-10-19 10:13:38 UTC
smbd dumps core during open samba server with MMC console/services:

1. on Windows XP SP2 run Administrative tools -> services, open menu action ->
connect to another computer and select samba server.

2. on samba server (Soalaris 9/04):
Oct 19 20:54:45 samba genunix: [ID 603404 kern.notice] NOTICE: core_log:
smbd[27382] core dumped: /var/core/core.smbd.27382

#0  0xffffffff7dea822c in _lwp_kill () from /usr/lib/64/libc.so.1
(gdb) bt
#0  0xffffffff7dea822c in _lwp_kill () from /usr/lib/64/libc.so.1
#1  0xffffffff7de58a94 in raise () from /usr/lib/64/libc.so.1
#2  0xffffffff7de3e3c0 in abort () from /usr/lib/64/libc.so.1
#3  0x00000001001dc7dc in smb_panic2 (why=0x1002ae340 "internal error",
    decrement_pid_count=Variable "decrement_pid_count" is not available.
) at lib/util.c:1614
#4  0x00000001001c5d38 in sig_fault (sig=10) at lib/fault.c:42
#5  0xffffffff7f218480 in __sighndlr () from /usr/lib/64/libthread.so.1
#6  0xffffffff7f21207c in call_user_handler () from /usr/lib/64/libthread.so.1
#7  <signal handler called>
#8  make_sec_desc (ctx=0x100494d38, revision=1, type=32768, owner_sid=0x0,
    sacl=0x0, dacl=0x10049ad68, sd_size=0xffffffff7ffbaa44) at lib/secdesc.c:188
#9  0x00000001000f6bcc in _svcctl_open_scmanager (p=0x1004e36e0,
    r_u=0xffffffff7ffbab10) at rpc_server/srv_svcctl_nt.c:102
#10 0x00000001000f5f9c in api_svcctl_open_scmanager (p=0x1) at
#11 0x0000000100141388 in api_rpcTNP (p=0x1004e36e0, rpc_name=0x1004e36fa "svcctl",
    api_rpc_cmds=0x1003f3c28, n_cmds=Variable "n_cmds" is not available.
) at rpc_server/srv_pipe.c:1571
#12 0x0000000100141aa4 in api_pipe_request (p=0x1004e36e0) at
#13 0x000000010013cf0c in write_to_internal_pipe (np_conn=0x1004e36e0,
    data=0x10041f380 "$", n=60) at rpc_server/srv_pipe_hnd.c:668
#14 0x000000010013b958 in write_to_pipe (p=Variable "p" is not available.
) at rpc_server/srv_pipe_hnd.c:860
#15 0x0000000100053548 in api_fd_reply (conn=Variable "conn" is not available.
) at smbd/ipc.c:304
#16 0x0000000100054654 in reply_trans (conn=0x100495d78, inbuf=0x10049cf00 "",
    outbuf=0x1004bd360 "", size=148, bufsize=131072) at smbd/ipc.c:350
#17 0x00000001000a3e30 in switch_message (type=37, inbuf=0x10049cf00 "",
    outbuf=0x1004bd360 "", size=148, bufsize=131072) at smbd/process.c:991
#18 0x00000001000a4424 in process_smb (inbuf=0x10049cf00 "", outbuf=0x1004bd360 "")
    at smbd/process.c:1021
#19 0x00000001000a55b4 in smbd_process () at smbd/process.c:1670
#20 0x000000010025193c in main (argc=Variable "argc" is not available.
) at smbd/server.c:975

Comment 1 Gerald (Jerry) Carter (dead mail address) 2005-10-24 09:58:52 UTC
Could you retest agains 3.0.21pre1.  The service control 
code has been modified quite a lot and there are some 
additional fixes that should help address this bug.
Please reopen if the bug is not fixed.
Comment 2 Alex Deiter 2005-10-24 10:22:26 UTC
Thanks! Work fine for me. Tested 3.0.21pre1 on Solaris 9.