occasionally this double free error occurs here. Fix already in work by metze... [2011/11/01 21:14:13.001366, 0] lib/popt_common.c:64(popt_s3_talloc_log_fn) talloc: double free error - first free may be at rpc_server/srv_netlog_nt.c:998 [2011/11/01 21:14:13.001422, 0] lib/popt_common.c:64(popt_s3_talloc_log_fn) Bad talloc magic value - double free [2011/11/01 21:14:13.001437, 0] lib/util.c:1468(smb_panic) PANIC (pid 19566): Bad talloc magic value - double free [2011/11/01 21:14:13.015671, 0] lib/util.c:1572(log_stack_trace) BACKTRACE: 24 stack frames: #0 /usr/sbin/smbd(log_stack_trace+0x1c) [0x7f121e12f321] #1 /usr/sbin/smbd(smb_panic+0x55) [0x7f121e12f424] #2 /usr/sbin/smbd(+0x652f8a) [0x7f121e417f8a] #3 /usr/sbin/smbd(+0x652f9c) [0x7f121e417f9c] #4 /usr/sbin/smbd(_talloc_zero+0x76) [0x7f121e419022] #5 /usr/sbin/smbd(ndr_push_init_ctx+0x22) [0x7f121e1475cd] #6 /usr/sbin/smbd(+0x2938d4) [0x7f121e0588d4] #7 /usr/sbin/smbd(+0x2f63bb) [0x7f121e0bb3bb] #8 /usr/sbin/smbd(api_pipe_request+0x1f9) [0x7f121e0c004d] #9 /usr/sbin/smbd(np_write_send+0xff9) [0x7f121e0b8635] #10 /usr/sbin/smbd(reply_pipe_write_and_X+0x22e) [0x7f121def3700] #11 /usr/sbin/smbd(reply_write_and_X+0x18b) [0x7f121defc0b3] #12 /usr/sbin/smbd(+0x1757b8) [0x7f121df3a7b8] #13 /usr/sbin/smbd(+0x1759dd) [0x7f121df3a9dd] #14 /usr/sbin/smbd(+0x1761d2) [0x7f121df3b1d2] #15 /usr/sbin/smbd(run_events+0x26e) [0x7f121e13e70a] #16 /usr/sbin/smbd(smbd_process+0x950) [0x7f121df3c3a8] #17 /usr/sbin/smbd(+0x65149a) [0x7f121e41649a] #18 /usr/sbin/smbd(run_events+0x26e) [0x7f121e13e70a] #19 /usr/sbin/smbd(+0x379866) [0x7f121e13e866] #20 /usr/sbin/smbd(_tevent_loop_once+0x82) [0x7f121e13f1f0] #21 /usr/sbin/smbd(main+0x1063) [0x7f121e417679] #22 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7f121b1e4bfd] #23 /usr/sbin/smbd(+0xfd789) [0x7f121dec2789]
Created attachment 7048 [details] Patches for v3-5-test
Please provide a backtrace with debugging symbols so that I can properly review those patches. Alternatively, you might want to let Björn Jacke who reported this bug initially to me install the patches and verify them. Volker
Comment on attachment 7048 [details] Patches for v3-5-test looks good
Comment on attachment 7048 [details] Patches for v3-5-test triggering rpc_server/srv_netlog_nt.c +998 to reproduce the crash isn't easy. But the version with this patch didn't segfault anymore, so this fix obviously fixed the right thing.
Karolin, please get this to 3.5 ... thanks!
Pushed to v3-5-test. Closing out bug report. Thanks!
The fix inside _netr_ServerPasswordSet2() needs to be applied to master and 3.6.x also. Jeremy.
Created attachment 7060 [details] git-am fix for 3.6.2. Guenther please review for 3.6.x. This has gone into master.
Comment on attachment 7060 [details] git-am fix for 3.6.2. Adding metze for review.
Comment on attachment 7060 [details] git-am fix for 3.6.2. Looks good
Karolin, please pick this for the release
Pushed to v3-6-test. Closing out bug report. Thanks!