Bug 4804 - Internal error when using SAMBA with ADSI Edit
Summary: Internal error when using SAMBA with ADSI Edit
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: Other (show other bugs)
Version: unspecified
Hardware: All All
: P3 normal (vote)
Target Milestone: ---
Assignee: Andrew Bartlett
QA Contact: Andrew Bartlett
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-07-19 14:46 UTC by Matthias Dieter Wallnöfer
Modified: 2007-07-21 05:16 UTC (History)
0 users

See Also:


Attachments
Valgrind 1 (16.18 KB, text/plain)
2007-07-20 07:19 UTC, Matthias Dieter Wallnöfer
no flags Details
Valgrind 2 (20.07 KB, text/plain)
2007-07-20 07:19 UTC, Matthias Dieter Wallnöfer
no flags Details
Valgrind new (17.82 KB, application/octet-stream)
2007-07-21 04:00 UTC, Matthias Dieter Wallnöfer
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Dieter Wallnöfer 2007-07-19 14:46:13 UTC
When I tried to play a little bit with Microsoft's ADSI Edit tool under Windows XP on a SAMBA 4 domain. Later I wanted to display the properties of a user account and I got on the serverside the following panic (here listed with loglevel 10):

SearchRequest: attrs: [<attributes>]
ldb_request BASE dn=cn=<username>,CN=Users,DC=<domainname>,DC=<domainname> filter=(objectClass=*)
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
INTERNAL ERROR: Signal 11 in pid 3978 (4.0.0tp6-SVN-build-23561)
Please read the file BUGS.txt in the distribution
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
PANIC: internal error
BACKTRACE: 54 stack frames:
 #0 smbd(call_backtrace+0x2b) [0x88bfbef]
 #1 smbd(smb_panic+0x21e) [0x88bfec0]
 #2 smbd [0x88c0013]
 #3 smbd [0x88c0054]
 #4 [0xffffe420]
 #5 smbd(dsdb_class_by_lDAPDisplayName+0x41) [0x8656986]
 #6 smbd [0x8627e56]
 #7 smbd [0x8628182]
 #8 smbd [0x86230a1]
 #9 smbd [0x8612d1e]
 #10 smbd [0x8618444]
 #11 smbd(ltdb_search_indexed+0x2db) [0x8618769]
 #12 smbd(ltdb_search+0x179) [0x8616150]
 #13 smbd(ldb_next_request+0xa7) [0x86003b1]
 #14 smbd [0x8611120]
 #15 smbd [0x861132b]
 #16 smbd(ldb_next_request+0xa7) [0x86003b1]
 #17 smbd [0x86130f5]
 #18 smbd(ldb_next_request+0xa7) [0x86003b1]
 #19 smbd [0x862334c]
 #20 smbd(ldb_next_request+0xa7) [0x86003b1]
 #21 smbd [0x862413e]
 #22 smbd(ldb_next_request+0xa7) [0x86003b1]
 #23 smbd [0x861c068]
 #24 smbd(ldb_next_request+0xa7) [0x86003b1]
 #25 smbd [0x8631af5]
 #26 smbd(ldb_next_request+0xa7) [0x86003b1]
 #27 smbd [0x860d13d]
 #28 smbd(ldb_next_request+0xa7) [0x86003b1]
 #29 smbd [0x8628545]
 #30 smbd(ldb_next_request+0xa7) [0x86003b1]
 #31 smbd [0x860986c]
 #32 smbd(ldb_request+0xa7) [0x85f8ca5]
 #33 smbd [0x80cbdd0]
 #34 smbd(ldapsrv_do_call+0x91) [0x80cdbd7]
 #35 smbd [0x80ca0c8]
 #36 smbd [0x80ca3b8]
 #37 smbd(packet_recv+0x667) [0x87ae9ae]
 #38 smbd(ldapsrv_recv+0x87) [0x80ca4a8]
 #39 smbd [0x80e0b0e]
 #40 smbd [0x80e0b7e]
 #41 smbd [0x87b63dc]
 #42 smbd [0x87b6b7d]
 #43 smbd [0x87b6beb]
 #44 smbd(event_loop_wait+0x16) [0x87b5b30]
 #45 smbd [0x88b5f02]
 #46 smbd(task_server_startup+0x79) [0x80e15c7]
 #47 smbd [0x80cb27e]
 #48 smbd [0x80beefc]
 #49 smbd(server_service_startup+0x10b) [0x80bf03b]
 #50 smbd [0x80be861]
 #51 smbd(main+0x44) [0x80be93b]
 #52 /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xd2) [0xb7dffea2]
 #53 smbd [0x80bde51]
smbsrv_recv
standard_terminate: reason[NT_STATUS_END_OF_FILE]

On the clientside I can see a message "Windows could not load the values for all the attributes."
Comment 1 Andrew Bartlett 2007-07-19 23:26:51 UTC
I will really need you to try this again, under gdb

start Samba with:

gdb --args smbd -i -M single -d5

Then run 'bt full' when it crashes.  Perhaps also try the same with 'valgrind smbd -i -M single -d5'. 

Also, can you give the details for the OS/hardware Samba is on?
Comment 2 Matthias Dieter Wallnöfer 2007-07-20 07:19:35 UTC
Created attachment 2830 [details]
Valgrind 1
Comment 3 Matthias Dieter Wallnöfer 2007-07-20 07:19:59 UTC
Created attachment 2831 [details]
Valgrind 2
Comment 4 Matthias Dieter Wallnöfer 2007-07-20 07:57:06 UTC
I use for SAMBA testing a Ubuntu Server Edition 6.06 on a VMWare virtual machine. The error seems to be in "kludge_acl_allowedAttributes()". When I compiled the ldb_modules of SAMBA, I also got some pointer-related warnings. The bug is a bit hard to reproduce, because sometime it works and sometime not. For the test I was logged in as Administrator in ADSI Edit.

The outputs of gdb:

ldb_request BASE dn=cn=Matthias,CN=Users,DC=wallnoefer2,DC=local filter=(objectClass=*)

Program received signal SIGSEGV, Segmentation fault.
0x08627e45 in kludge_acl_allowedAttributes ()
(gdb) bt full
#0  0x08627e45 in kludge_acl_allowedAttributes ()
No symbol table info available.
#1  0x08628182 in kludge_acl_callback ()
No symbol table info available.
#2  0x086230a1 in operational_callback ()
No symbol table info available.
#3  0x08612d1e in show_deleted_search_callback ()
No symbol table info available.
#4  0x08618444 in ltdb_index_filter ()
No symbol table info available.
#5  0x08618769 in ltdb_search_indexed ()
No symbol table info available.
#6  0x08616150 in ltdb_search ()
No symbol table info available.
#7  0x086003b1 in ldb_next_request ()
No symbol table info available.
#8  0x08611120 in partition_replicate ()
No symbol table info available.
#9  0x0861132b in partition_search ()
No symbol table info available.
#10 0x086003b1 in ldb_next_request ()
No symbol table info available.
#11 0x086130f5 in show_deleted_search ()
No symbol table info available.
#12 0x086003b1 in ldb_next_request ()
No symbol table info available.
#13 0x0862334c in operational_search ()
No symbol table info available.
#14 0x086003b1 in ldb_next_request ()
No symbol table info available.
#15 0x0862413e in asq_search ()
No symbol table info available.
#16 0x086003b1 in ldb_next_request ()
No symbol table info available.
#17 0x0861c068 in extended_search ()
No symbol table info available.
#18 0x086003b1 in ldb_next_request ()
No symbol table info available.
#19 0x08631af5 in server_sort_search ()
No symbol table info available.
#20 0x086003b1 in ldb_next_request ()
No symbol table info available.
#21 0x0860d13d in paged_search ()
No symbol table info available.
#22 0x086003b1 in ldb_next_request ()
No symbol table info available.
#23 0x08628545 in kludge_acl_search ()
No symbol table info available.
#24 0x086003b1 in ldb_next_request ()
No symbol table info available.
#25 0x0860986c in rootdse_search ()
No symbol table info available.
#26 0x085f8ca5 in ldb_request ()
No symbol table info available.
#27 0x080cbdd0 in ldapsrv_SearchRequest ()
No symbol table info available.
#28 0x080cdbd7 in ldapsrv_do_call ()
No symbol table info available.
#29 0x080ca0c8 in ldapsrv_process_message ()
No symbol table info available.
#30 0x080ca3b8 in ldapsrv_decode ()
No symbol table info available.
#31 0x087ae9ae in packet_recv ()
No symbol table info available.
#32 0x080ca4a8 in ldapsrv_recv ()
No symbol table info available.
#33 0x080e0b0e in stream_io_handler ()
No symbol table info available.
#34 0x080e0b7e in stream_io_handler_fde ()
No symbol table info available.
#35 0x087b63dc in epoll_event_loop ()
No symbol table info available.
#36 0x087b6b7d in std_event_loop_once ()
No symbol table info available.
#37 0x087b6beb in std_event_loop_wait ()
No symbol table info available.
#38 0x087b5b30 in event_loop_wait ()
No symbol table info available.
#39 0x080be8d4 in binary_smbd_main ()
No symbol table info available.
#40 0x080be93b in main ()
No symbol table info available.
(gdb) q
The program is running.  Exit anyway? (y or n)

I've also attached the Valgrind logs.
Comment 5 Andrew Bartlett 2007-07-20 17:34:50 UTC
This is all very useful, but can you recompile (make clean all) your samba after re-running configure with --enable-developer or at least --enable-debug?  That would give me line numbers in your valgrind/gdb output.

Thanks!
Comment 6 Matthias Dieter Wallnöfer 2007-07-21 04:00:20 UTC
Created attachment 2835 [details]
Valgrind new
Comment 7 Matthias Dieter Wallnöfer 2007-07-21 04:16:48 UTC
Here I've also attached the essential part of the gdb log.

ldb_request BASE dn=cn=Matthias,CN=Users,DC=wallnoefer2,DC=local filter=(objectClass=*)

Program received signal SIGSEGV, Segmentation fault.
0x08628735 in kludge_acl_allowedAttributes (ldb=0x8c81bd8, msg=0x8c5d8e8, 
    attrName=0x898ec38 "allowedAttributes")
    at dsdb/samdb/ldb_modules/kludge_acl.c:129
129			class = dsdb_class_by_lDAPDisplayName(schema, (const char *)oc_el->values[i].data);
(gdb) bt full
#0  0x08628735 in kludge_acl_allowedAttributes (ldb=0x8c81bd8, msg=0x8c5d8e8, 
    attrName=0x898ec38 "allowedAttributes")
    at dsdb/samdb/ldb_modules/kludge_acl.c:129
	oc_el = (struct ldb_message_element *) 0x8c1f548
	allowedAttributes = (struct ldb_message_element *) 0x8ac11d8
	schema = (const struct dsdb_schema *) 0x8a0e1e0
	class = (const struct dsdb_class *) 0x8bda1e8
	i = 1
	j = 4
	ret = 0
#1  0x08628a72 in kludge_acl_callback (ldb=0x8c81bd8, context=0x8c61058, 
    ares=0x8c5d8a0) at dsdb/samdb/ldb_modules/kludge_acl.c:191
	ac = (struct kludge_acl_context *) 0x8c61058
	data = (struct kludge_private_data *) 0x8cb2b28
	i = 251
	ret = 144634276
#2  0x08623991 in operational_callback (ldb=0x8c81bd8, context=0x8c628d8, 
    ares=0x8c5d8a0) at lib/ldb/modules/operational.c:203
	ac = (struct operational_context *) 0x8c628d8
#3  0x0861360e in show_deleted_search_callback (ldb=0x8c81bd8, 
    context=0x8c67498, ares=0x8c5d8a0)
    at dsdb/samdb/ldb_modules/show_deleted.c:76
	ar = (struct show_deleted_search_request *) 0x8c67498
#4  0x08618d34 in ltdb_index_filter (dn_list=0x8d0acf8, handle=0x8d0ac60)
    at lib/ldb/ldb_tdb/ldb_index.c:797
	dn = (struct ldb_dn *) 0x8c5d928
	ret = 0
	ac = (struct ltdb_context *) 0x8d0aca8
	ares = (struct ldb_reply *) 0x8c5d8a0
	i = 0
#5  0x08619059 in ltdb_search_indexed (handle=0x8d0ac60)
    at lib/ldb/ldb_tdb/ldb_index.c:877
	ac = (struct ltdb_context *) 0x8d0aca8
	ltdb = (struct ltdb_private *) 0x8b2b290
	dn_list = (struct dn_list *) 0x8d0acf8
	ret = 0
	idxattr = 1
	idxone = 0
#6  0x08616a40 in ltdb_search (module=0x8ac8b10, req=0x8c67430)
    at lib/ldb/ldb_tdb/ldb_search.c:496
	ltdb = (struct ltdb_private *) 0x8b2b290
	ltdb_ac = (struct ltdb_context *) 0x8d0aca8
	ares = (struct ldb_reply *) 0x17
	ret = 144564158
#7  0x08600ca1 in ldb_next_request (module=0x8ac8b10, request=0x8c67430)
    at lib/ldb/common/ldb_modules.c:393
	ret = 2
#8  0x08611a10 in partition_replicate (module=0x8a90f90, req=0x8c67430, 
    dn=0x8c545f8) at dsdb/samdb/ldb_modules/partition.c:343
	i = 145277488
	ret = 0
	partition = (struct dsdb_control_current_partition *) 0x8b2b198
	backend = (struct ldb_module *) 0x8d0ab48
	data = (struct partition_private_data *) 0x8a8c230
#9  0x08611c1b in partition_search (module=0x8a90f90, req=0x8c67430)
    at dsdb/samdb/ldb_modules/partition.c:399
	data = (struct partition_private_data *) 0x8a8c230
	search_control = (struct ldb_control *) 0x0
	search_options = (struct ldb_search_options_control *) 0x0
#10 0x08600ca1 in ldb_next_request (module=0x8a90f90, request=0x8c67430)
    at lib/ldb/common/ldb_modules.c:393
	ret = 140481631
#11 0x086139e5 in show_deleted_search (module=0x8bcf528, req=0x8c627b8)
    at dsdb/samdb/ldb_modules/show_deleted.c:169
	control = (struct ldb_control *) 0x0
	saved_controls = (struct ldb_control **) 0x8c6d188
	ar = (struct show_deleted_search_request *) 0x8c67498
	down_req = (struct ldb_request *) 0x8c67430
	new_attrs = (char **) 0x88d1c9f
	num_attrs = 251
	i = 251
	ret = -1078322808
#12 0x08600ca1 in ldb_next_request (module=0x8bcf528, request=0x8c627b8)
    at lib/ldb/common/ldb_modules.c:393
	ret = 140481631
#13 0x08623c3c in operational_search (module=0x8c92bd8, req=0x8c62870)
    at lib/ldb/modules/operational.c:279
	ac = (struct operational_context *) 0x8c628d8
	down_req = (struct ldb_request *) 0x8c627b8
	search_attrs = (const char **) 0x8c6d1b8
	i = 4
	a = 251
	ret = 640
#14 0x08600ca1 in ldb_next_request (module=0x8c92bd8, request=0x8c62870)
    at lib/ldb/common/ldb_modules.c:393
	ret = 140532584
#15 0x08624a2e in asq_search (module=0x8c978f0, req=0x8c62870)
    at lib/ldb/modules/asq.c:405
	control = (struct ldb_control *) 0x0
	ac = (struct asq_context *) 0x8ccbd01
	h = (struct ldb_handle *) 0x0
#16 0x08600ca1 in ldb_next_request (module=0x8c978f0, request=0x8c62870)
    at lib/ldb/common/ldb_modules.c:393
	ret = 140532584
#17 0x0861c958 in extended_search (module=0x8adba88, req=0x8c62870)
    at dsdb/samdb/ldb_modules/extended_dn.c:220
	control = (struct ldb_control *) 0x0
	extended_ctrl = (struct ldb_extended_dn_control *) 0x36363636
	saved_controls = (struct ldb_control **) 0xb7f40358
	ac = (struct extended_context *) 0x4c852f00
	down_req = (struct ldb_request *) 0x65a03dd0
	new_attrs = (char **) 0xb7f3279b
	ret = 104
#18 0x08600ca1 in ldb_next_request (module=0x8adba88, request=0x8c62870)
    at lib/ldb/common/ldb_modules.c:393
	ret = 140532584
#19 0x086323e5 in server_sort_search (module=0x8a98ec0, req=0x8c62870)
    at lib/ldb/modules/sort.c:227
	control = (struct ldb_control *) 0x0
	sort_ctrls = (struct ldb_server_sort_control **) 0xbfba1c40
	saved_controls = (struct ldb_control **) 0x78
	ac = (struct sort_context *) 0xb7f327ed
	h = (struct ldb_handle *) 0xb7f40320
	ret = 147204096
#20 0x08600ca1 in ldb_next_request (module=0x8a98ec0, request=0x8c62870)
    at lib/ldb/common/ldb_modules.c:393
	ret = 140532584
#21 0x0860da2d in paged_search (module=0x8ccf2e8, req=0x8c62870)
    at lib/ldb/modules/paged_results.c:243
	control = (struct ldb_control *) 0x0
	private_data = (struct private_data *) 0xbfba1cb8
	paged_ctrl = (struct ldb_paged_control *) 0x88d1c9f
	saved_controls = (struct ldb_control **) 0x8c62840
	ac = (struct paged_context *) 0x8c67008
	h = (struct ldb_handle *) 0x8988c90
	ret = -1078321992
#22 0x08600ca1 in ldb_next_request (module=0x8ccf2e8, request=0x8c62870)
    at lib/ldb/common/ldb_modules.c:393
	ret = 140481631
#23 0x08628e35 in kludge_acl_search (module=0x8cd0870, req=0x8c60ff0)
    at dsdb/samdb/ldb_modules/kludge_acl.c:296
	ac = (struct kludge_acl_context *) 0x8c61058
	down_req = (struct ldb_request *) 0x8c62870
	data = (struct kludge_private_data *) 0x8cb2b28
	ret = -1208745184
	i = 17
#24 0x08600ca1 in ldb_next_request (module=0x8cd0870, request=0x8c60ff0)
    at lib/ldb/common/ldb_modules.c:393
	ret = 143464915
#25 0x0860a15c in rootdse_search (module=0x8be6d78, req=0x8c60ff0)
    at dsdb/samdb/ldb_modules/rootdse.c:269
	ac = (struct rootdse_context *) 0x8c60fc0
	down_req = (struct ldb_request *) 0x85f8f53
	ret = -1078321148
#26 0x085f9595 in ldb_request (ldb=0x8c81bd8, req=0x8c60ff0)
    at lib/ldb/common/ldb.c:529
	module = (struct ldb_module *) 0x8be6d78
	ret = 0
#27 0x080cc010 in ldapsrv_SearchRequest (call=0x8a77488)
    at ldap_server/ldap_backend.c:249
	req = (struct ldap_SearchRequest *) 0x8c17170
	ent = (struct ldap_SearchResEntry *) 0x9
	done = (struct ldap_Result *) 0xb7f40320
	ent_r = (struct ldapsrv_reply *) 0xb7f3eadc
	done_r = (struct ldapsrv_reply *) 0xb7f40320
	local_ctx = (void *) 0x8cc5948
	samdb = (struct ldb_context *) 0x8c81bd8
	basedn = (struct ldb_dn *) 0x8c545f8
	res = (struct ldb_result *) 0x8c0fd60
	lreq = (struct ldb_request *) 0x8c60ff0
	scope = LDB_SCOPE_BASE
	attrs = (const char **) 0x8c62398
	scope_str = 0x88d7798 "BASE"
	errstr = 0x0
	success_limit = 0
	result = -1
	ldb_ret = -1
	i = 250
	j = -1078321448
	__FUNCTION__ = "ldapsrv_SearchRequest"
#28 0x080cde17 in ldapsrv_do_call (call=0x8a77488)
    at ldap_server/ldap_backend.c:732
No locals.
#29 0x080ca308 in ldapsrv_process_message (conn=0x8a843e0, msg=0x8c17168)
    at ldap_server/ldap_server.c:85
	call = (struct ldapsrv_call *) 0x8a77488
	status = {v = 143469080}
	blob = {data = 0x89ef1a4 "\030ã\236\b", length = 3216646024}
	__FUNCTION__ = "ldapsrv_process_message"
#30 0x080ca5f8 in ldapsrv_decode (private=0x8a843e0, blob=
      {data = 0x0, length = 0}) at ldap_server/ldap_server.c:156
	status = {v = 0}
	conn = (struct ldapsrv_connection *) 0x8a843e0
	asn1 = (struct asn1_data *) 0x8cc89d8
	msg = (struct ldap_message *) 0x8c17168
#31 0x087af29e in packet_recv (pc=0x8aa73d8) at lib/stream/packet.c:381
	npending = 4352
	status = {v = 0}
	nread = 4332
	blob = {data = 0x8d148b8 "0\204", length = 4332}
	__FUNCTION__ = "packet_recv"
#32 0x080ca6e8 in ldapsrv_recv (c=0x8af47a8, flags=1)
    at ldap_server/ldap_server.c:192
	conn = (struct ldapsrv_connection *) 0x8a843e0
#33 0x080e0d4e in stream_io_handler (conn=0x8af47a8, flags=1)
    at smbd/service_stream.c:90
No locals.
#34 0x080e0dbe in stream_io_handler_fde (ev=0x89fd2e8, fde=0x8c37540, flags=1, 
    private=0x8af47a8) at smbd/service_stream.c:104
	conn = (struct stream_connection *) 0x8af47a8
#35 0x087b6c80 in epoll_event_loop (std_ev=0x89fd3c8, tvalp=0xbfba2214)
    at lib/events/events_standard.c:315
	fde = (struct fd_event *) 0x8c37540
	flags = 1
	ret = 1
	i = 0
	events = {{events = 1, data = {ptr = 0x8c37540, fd = 147027264, 
      u32 = 147027264, u64 = 147027264}}, {events = 921984, data = {
      ptr = 0x89ef1a4, fd = 144634276, u32 = 144634276, u64 = 144634276}}, {
    events = 3216646632, data = {ptr = 0x87b8e4a, fd = 142315082, 
      u32 = 142315082, u64 = 13815391932752039498}}, {events = 3216646604, 
    data = {ptr = 0x8adb984, fd = 145602948, u32 = 145602948, 
      u64 = 616191987370801540}}, {events = 144692168, data = {
      ptr = 0x89ef1a4, fd = 144634276, u32 = 144634276, u64 = 144634276}}, {
    events = 0, data = {ptr = 0xf8, fd = 248, u32 = 248, 
      u64 = 3959891127435512}}, {events = 1185005919, data = {ptr = 0xec0c9, 
      fd = 966857, u32 = 966857, u64 = 621447923389874377}}, {
    events = 144634276, data = {ptr = 0x0, fd = 0, u32 = 0, 
      u64 = 611193963847614464}}}
	destruction_count = 741
	timeout = 248922
#36 0x087b7421 in std_event_loop_once (ev=0x89fd2e8)
    at lib/events/events_standard.c:562
	std_ev = (struct std_event_context *) 0x89fd3c8
	tval = {tv_sec = 248, tv_usec = 921984}
#37 0x087b748f in std_event_loop_wait (ev=0x89fd2e8)
    at lib/events/events_standard.c:579
	std_ev = (struct std_event_context *) 0x89fd3c8
#38 0x087b63d4 in event_loop_wait (ev=0x89fd2e8) at lib/events/events.c:302
No locals.
#39 0x080beb14 in binary_smbd_main (binary_name=0x88d4667 "smbd", argc=5, 
    argv=0xbfba24a4) at smbd/server.c:319
	interactive = true
	opt = -1
	pc = (poptContext) 0x89f8008
	static_init = {0x80c0689 <server_service_wrepl_init>, 
  0x80c89bb <server_service_kdc_init>, 0x80cb4d1 <server_service_ldap_init>, 
  0x80cf255 <server_service_nbtd_init>, 0x80d3232 <server_service_smb_init>, 
  0x80d3bb9 <server_service_web_init>, 0x80d7878 <server_service_drepl_init>, 
  0x80da1cd <server_service_winbind_init>, 
  0x82a066a <server_service_rpc_init>, 0x8525b5c <server_service_auth_init>, 
  0x80df83a <server_service_cldapd_init>, 0}
	shared_init = (init_module_fn *) 0x0
	event_ctx = (struct event_context *) 0x89fd2e8
	status = {v = 0}
	model = 0x89f8218 "single"
	max_runtime = 0
	long_options = {{longName = 0x0, shortName = 0 '\0', argInfo = 4, 
    arg = 0x89ef920, val = 0, descrip = 0x88d4492 "Help options:", 
    argDescrip = 0x0}, {longName = 0x88d44a0 "interactive", 
    shortName = 105 'i', argInfo = 0, arg = 0x0, val = 1000, 
    descrip = 0x88d44ac "Run interactive (not a daemon)", argDescrip = 0x0}, {
    longName = 0x88d44cb "model", shortName = 77 'M', argInfo = 1, arg = 0x0, 
    val = 1001, descrip = 0x88d44d1 "Select process model", 
    argDescrip = 0x88d44e6 "MODEL"}, {longName = 0x88d44ec "maximum-runtime", 
    shortName = 0 '\0', argInfo = 2, arg = 0xbfba2388, val = 0, 
    descrip = 0x88d44fc "set maximum runtime of the server process, till autotermination", argDescrip = 0x88d453c "seconds"}, {longName = 0x0, 
    shortName = 0 '\0', argInfo = 4, arg = 0x89ef6a0, val = 0, 
    descrip = 0x88d4544 "Common samba options:", argDescrip = 0x0}, {
    longName = 0x0, shortName = 0 '\0', argInfo = 4, arg = 0x89ef7a0, val = 0, 
    descrip = 0x88d4544 "Common samba options:", argDescrip = 0x0}, {
    longName = 0x0, shortName = 0 '\0', argInfo = 0, arg = 0x0, val = 0, 
    descrip = 0x0, argDescrip = 0x0}}
	__FUNCTION__ = "binary_smbd_main"
#40 0x080beb7b in main (argc=5, argv=0xbfba24a4) at smbd/server.c:330
No locals.
(gdb) c
Continuing.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
INTERNAL ERROR: Signal 11 in pid 13435 (4.0.0tp6-SVN-build-23561)
Please read the file BUGS.txt in the distribution
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
PANIC: internal error
BACKTRACE: 47 stack frames:
 #0 /usr/local/samba/sbin/smbd(call_backtrace+0x2b) [0x88c0633]
 #1 /usr/local/samba/sbin/smbd(smb_panic+0x21e) [0x88c0904]
 #2 /usr/local/samba/sbin/smbd [0x88c0a57]
 #3 /usr/local/samba/sbin/smbd [0x88c0a98]
 #4 [0xffffe420]
 #5 /usr/local/samba/sbin/smbd [0x8628a72]
 #6 /usr/local/samba/sbin/smbd [0x8623991]
 #7 /usr/local/samba/sbin/smbd [0x861360e]
 #8 /usr/local/samba/sbin/smbd [0x8618d34]
 #9 /usr/local/samba/sbin/smbd(ltdb_search_indexed+0x2db) [0x8619059]
 #10 /usr/local/samba/sbin/smbd(ltdb_search+0x179) [0x8616a40]
 #11 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #12 /usr/local/samba/sbin/smbd [0x8611a10]
 #13 /usr/local/samba/sbin/smbd [0x8611c1b]
 #14 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #15 /usr/local/samba/sbin/smbd [0x86139e5]
 #16 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #17 /usr/local/samba/sbin/smbd [0x8623c3c]
 #18 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #19 /usr/local/samba/sbin/smbd [0x8624a2e]
 #20 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #21 /usr/local/samba/sbin/smbd [0x861c958]
 #22 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #23 /usr/local/samba/sbin/smbd [0x86323e5]
 #24 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #25 /usr/local/samba/sbin/smbd [0x860da2d]
 #26 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #27 /usr/local/samba/sbin/smbd [0x8628e35]
 #28 /usr/local/samba/sbin/smbd(ldb_next_request+0xa7) [0x8600ca1]
 #29 /usr/local/samba/sbin/smbd [0x860a15c]
 #30 /usr/local/samba/sbin/smbd(ldb_request+0xa7) [0x85f9595]
 #31 /usr/local/samba/sbin/smbd [0x80cc010]
 #32 /usr/local/samba/sbin/smbd(ldapsrv_do_call+0x91) [0x80cde17]
 #33 /usr/local/samba/sbin/smbd [0x80ca308]
 #34 /usr/local/samba/sbin/smbd [0x80ca5f8]
 #35 /usr/local/samba/sbin/smbd(packet_recv+0x667) [0x87af29e]
 #36 /usr/local/samba/sbin/smbd(ldapsrv_recv+0x87) [0x80ca6e8]
 #37 /usr/local/samba/sbin/smbd [0x80e0d4e]
 #38 /usr/local/samba/sbin/smbd [0x80e0dbe]
 #39 /usr/local/samba/sbin/smbd [0x87b6c80]
 #40 /usr/local/samba/sbin/smbd [0x87b7421]
 #41 /usr/local/samba/sbin/smbd [0x87b748f]
 #42 /usr/local/samba/sbin/smbd(event_loop_wait+0x16) [0x87b63d4]
 #43 /usr/local/samba/sbin/smbd [0x80beb14]
 #44 /usr/local/samba/sbin/smbd(main+0x44) [0x80beb7b]
 #45 /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xd2) [0xb7e28ea2]
 #46 /usr/local/samba/sbin/smbd [0x80be091]

Program received signal SIGABRT, Aborted.
0xffffe410 in __kernel_vsyscall ()
(gdb) q
The program is running.  Exit anyway? (y or n) 
Comment 8 Andrew Bartlett 2007-07-21 05:16:09 UTC
I think this is fixed by -r 23982.

Thankyou *very* much for the detailed information.