Bug 966 - Internal error (malloc / glibc?)
Internal error (malloc / glibc?)
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: File Services
3.0.0
All Linux
: P3 critical
: none
Assigned To: Samba Bugzilla Account
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-01-13 08:00 UTC by Ragnar Holjand Espinosa
Modified: 2005-11-14 09:28 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ragnar Holjand Espinosa 2004-01-13 08:00:01 UTC
I'm not enterily sure hows that malloc is there (glibc?), so I spent a while
trying to find the code path just in case it helps. Note its manual work as the
binary is optimized, and there's no available corefile.

reply_trans2 -> call_trans2findfirst -> get_lanman2_dir_entry:542 -> mangle_map
-> mangle_map_filename -> lp_mangled_map -> lp_string -> talloc_strdup -> talloc

[0x81c2e94] is fault_setup

[2004/01/12 00:15:57, 0] lib/fault.c:fault_report(36)
  ===============================================================
[2004/01/12 00:15:57, 0] lib/fault.c:fault_report(37)
  INTERNAL ERROR: Signal 11 in pid 2077 (3.0.0)
  Please read the appendix Bugs of the Samba HOWTO collection
[2004/01/12 00:15:57, 0] lib/fault.c:fault_report(39)
  ===============================================================
[2004/01/12 00:15:57, 0] lib/util.c:smb_panic(1400)
  PANIC: internal error
[2004/01/12 00:15:57, 0] lib/util.c:smb_panic(1407)
  BACKTRACE: 18 stack frames:
   #0 /usr/sbin/smbd(smb_panic+0x11d) [0x81d561d]
   #1 /usr/sbin/smbd [0x81c2e94]
   #2 /lib/libc.so.6 [0x400aadb8]
   #3 /lib/libc.so.6(malloc+0xa1) [0x400f65d1]
   #4 /usr/sbin/smbd(talloc+0x4a) [0x81dc17a]
   #5 /usr/sbin/smbd(talloc_strdup+0x30) [0x81dc840]
   #6 /usr/sbin/smbd [0x807871f]
   #7 /usr/sbin/smbd(mangle_map_filename+0x17) [0x80d1647]
   #8 /usr/sbin/smbd(mangle_map+0x6c) [0x80d05ac]
   #9 /usr/sbin/smbd [0x80b247f]
   #10 /usr/sbin/smbd [0x80aa20d]
   #11 /usr/sbin/smbd(reply_trans2+0x749) [0x80a8119]
   #12 /usr/sbin/smbd [0x80c922f]
   #13 /usr/sbin/smbd(process_smb+0x1d0) [0x80c7b20]
   #14 /usr/sbin/smbd(smbd_process+0x1ab) [0x80c829b]
   #15 /usr/sbin/smbd(main+0x4cd) [0x823d81d]
   #16 /lib/libc.so.6(__libc_start_main+0xc7) [0x400977a7]
   #17 /usr/sbin/smbd(yp_get_default_domain+0x79) [0x8071c21]
Comment 1 Gerald (Jerry) Carter 2004-01-14 20:45:19 UTC
The crash in malloc would indicate heap corruption
(a double free() somewhere perhaps).  Do you have any 
filenames that are not in the unix charset from smb.conf?
You should also retest 3.0.2pre1 since there has been a lot
or work done since 3.0.0.  Please reopen if you can reproduce 
this against 3.0.2pre1 (or the final 3.0.2 when it is released).
Comment 2 Gerald (Jerry) Carter 2005-08-24 10:24:19 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.
Comment 3 Gerald (Jerry) Carter 2005-11-14 09:28:19 UTC
database cleanup