[Fwd: Segfault, full backtrace attached + possible patch (was: Internal
Error with Nexus tools)]
Andrew Bartlett
abartlet at pcug.org.au
Mon Jul 2 13:47:48 GMT 2001
Thankyou very much for your vital debugging work, it certainly made
looking at this much easier. I have forwarded this to samba at samba.org
and samba-technical at samba.org without the level 10 debug, as it looks
like the message was too big for the message filters...
I have to agree on the fix, and have applied it to HEAD. If sombody
could check it and apply it to SAMBA_2_2 (which I simply won't touch)
the I would appriciate it. I have checked the code-paths, and we ALWAYS
call file_free() twice.
Andrew Bartlett
-------- Original Message --------
Subject: Segfault, full backtrace attached + possible patch (was:
Internal Error with Nexus tools)
Date: Mon, 02 Jul 2001 14:00:25 +0100
From: Eelco Vriezekolk <eelco at nexus.com.na>
Organization: Nexus Consultants cc
To: samba at samba.org
CC: Andrew Bartlett <abartlet at pcug.org.au>
References: <3B3D91BB.3060905 at nexus.com.na>
<001401c10187$df70aa00$0600a8c0 at elbles>
<3B3E7A55.FA10DDEF at bartlett.house>
Hello,
More details on my problem. Server is a Linux box, based on Redhat 7.0
but adapted somewhat (e.g. kernel version is 2.4.5). Samba is running as
a PDC; CVS version as of an hour ago. Filesystem is Ext2+ACL. Client is
Windows 98 with Microsoft Nexus tools installed. Samba was compiled with
the following options to configure:
./configure.developer --with-fhs --prefix=/usr --sysconfdir=/etc
--localstatedir=/var --with-lockdir=/var/lock/samba --with-pam
--with-smbmount --with-acl-support
To reproduce the problem: in Win98, rightclick a file on a Samba share,
choose Properties, click the Security tab, click the Permissions button:
Samba segfaults.
I failed to make the 'panic action' parameter work, so I attached to
the, still running, smbd process and placed a breakpoint on function
fault_report. Full backtrace attached (report.txt). Level 10 log
attached (report.log).
File "report.txt" also contains the output of 'testparm'.
I *think* I found the problem, as in the patch below, but I'm not
familiar enough with the code to be sure. It seems that close_file()
already does a file_free.
--- rpc_server/srv_srvsvc_nt.c-orig Mon Jul 2 13:55:50 2001
+++ rpc_server/srv_srvsvc_nt.c Mon Jul 2 13:53:52 2001
@@ -1662,7 +1662,7 @@
psd->dacl->revision = (uint16) NT4_ACL_REVISION;
close_file(fsp, True);
- file_free(fsp);
+ //file_free(fsp);
close_cnum(conn, user.vuid);
return r_u->status;
@@ -1671,7 +1671,7 @@
if(fsp) {
close_file(fsp, True);
- file_free(fsp);
+ //file_free(fsp);
}
if (conn)
TIA,
--
Nexus Consultants cc, Eelco Vriezekolk <eelco at nexus.com.na>
Phone: +264 61 252345 AOL IM: "vriezekolk"
Mobile: +264 81 2495182
-------------- next part --------------
Script started on Mon Jul 2 12:20:45 2001
�[1mibox{root}1:�[m� cat /proc/version
Linux version 2.4.5 (eelco at bernie.phys.loc) (gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)) #1 Fri Jun 15 16:25:41 WAT 2001
�[1mibox{root}2:�[m� testparm
Load smb config files from /etc/smb.conf
INFO: Debug class all level = 10 (pid 4532 from pid 4532)
doing parameter max log size = 0
doing parameter hosts allow = 172.16.1. 127.
doing parameter interfaces = 172.16.1.0/24
doing parameter bind interfaces only = yes
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter invalid users = bin daemon adm lp sync shutdown halt mail news uucp operator games man ftp
doing parameter map archive = yes
doing parameter map hidden = yes
doing parameter map system = yes
doing parameter follow symlinks = no
doing parameter netbios name = ibox
handle_netbios_name: set global_myname to: IBOX
doing parameter workgroup = INTERNAL
doing parameter server string = i-box Internet server
doing parameter local master = yes
doing parameter preferred master = yes
doing parameter domain master = yes
doing parameter wins support = yes
doing parameter name resolve order = lmhosts wins bcast host
doing parameter os level = 64
doing parameter domain logons = yes
doing parameter logon script = %U.bat
doing parameter logon drive = H:
doing parameter logon home = \\%L\%u\.profile
doing parameter logon path = \\%L\profiles\%u
doing parameter security = user
doing parameter encrypt passwords = yes
doing parameter username map = /etc/smbusers
doing parameter add user script = /usr/sbin/useradd -d / -g 100 -s /bin/false -M %u
doing parameter printcap name = /etc/printcap
doing parameter load printers = yes
doing parameter printing = lprng
doing parameter print command = /usr/bin/lpr -P%p -r %s
doing parameter lpq command = /usr/bin/lpq -P%p
doing parameter lprm command = /usr/bin/lprm -P%p %j
doing parameter lppause command = /usr/sbin/lpc hold %p %j
doing parameter lpresume command = /usr/sbin/lpc release %p %j
doing parameter queuepause command = /usr/sbin/lpc -P%p stop
doing parameter queueresume command = /usr/sbin/lpc -P%p start
doing parameter printer admin = iboxadmin
doing parameter addprinter command = /usr/bin/smbaddprinter
doing parameter deleteprinter command = /usr/bin/smbdelprinter
doing parameter enumports command = /usr/bin/smbenumports
doing parameter time server = yes
Processing section "[homes]"
doing parameter comment = Your home directory
doing parameter browseable = no
doing parameter writable = yes
doing parameter create mask = 0600
doing parameter directory mask = 0700
doing parameter invalid users = root
Processing section "[netlogon]"
doing parameter comment = Network Logon Service
doing parameter path = /samba/netlogon
doing parameter writable = no
doing parameter write list = iboxadmin
Processing section "[profiles]"
doing parameter comment = NT user profiles
doing parameter path = /samba/profiles
doing parameter browseable = no
doing parameter writeable = yes
doing parameter create mask = 0600
doing parameter directory mask = 0700
Processing section "[printers]"
doing parameter comment = All Printers
doing parameter path = /var/spool/samba
doing parameter browseable = no
doing parameter guest ok = no
doing parameter writable = no
doing parameter printable = yes
Processing section "[print$]"
doing parameter comment = Printer drivers for Windows clients
doing parameter path = /samba/printers
doing parameter guest ok = yes
doing parameter browseable = yes
doing parameter read only = yes
doing parameter write list = iboxadmin
Processing section "[OurDocuments]"
doing parameter comment = Shared documents folders
doing parameter path = /samba/documents
doing parameter writeable = yes
doing parameter force create mode = 666
doing parameter force directory mode = 777
doing parameter security mask = 0777
doing parameter force security mode = 0
doing parameter directory security mask = 0777
doing parameter force directory security mode = 0
Processing section "[_backup]"
doing parameter comment = All Samba files
doing parameter path = /samba
doing parameter browseable = no
doing parameter writeable = no
doing parameter valid users = root
pm_process() returned Yes
Loaded services file OK.
WARNING: You have some share names that are longer than 8 chars
These may give errors while browsing or may not be accessible
to some older clients
Press enter to see a dump of your service definitions
# Global parameters
[global]
coding system =
client code page = 850
code page directory = /usr/share/samba/codepages
workgroup = INTERNAL
netbios name = IBOX
netbios aliases =
netbios scope =
server string = i-box Internet server
interfaces = 172.16.1.0/24
bind interfaces only = Yes
security = USER
encrypt passwords = Yes
update encrypted = No
allow trusted domains = Yes
hosts equiv =
min passwd length = 5
map to guest = Never
null passwords = No
obey pam restrictions = No
password server =
smb passwd file = /etc/smbpasswd
root directory =
pam password change = No
passwd program = /bin/passwd
passwd chat = *new*password* %n\n *new*password* %n\n *changed*
passwd chat debug = No
username map = /etc/smbusers
password level = 0
username level = 0
unix password sync = No
restrict anonymous = No
lanman auth = Yes
use rhosts = No
log level = 10
syslog = 1
syslog only = No
log file = /var/log/samba/log.machines
max log size = 0
timestamp logs = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
protocol = NT1
large readwrite = No
max protocol = NT1
min protocol = CORE
read bmpx = No
read raw = Yes
write raw = Yes
nt smb support = Yes
nt pipe support = Yes
nt acl support = Yes
announce version = 4.5
announce as = NT
max mux = 50
max xmit = 65535
name resolve order = lmhosts wins bcast host
max packet = 65535
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = Yes
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max smbd processes = 0
max disk size = 0
max open files = 10000
read size = 16384
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
stat cache size = 50
total print jobs = 0
load printers = Yes
printcap name = /etc/printcap
enumports command = /usr/bin/smbenumports
addprinter command = /usr/bin/smbaddprinter
deleteprinter command = /usr/bin/smbdelprinter
show add printer wizard = Yes
os2 driver map =
strip dot = No
character set =
mangled stack = 50
stat cache = Yes
domain admin group =
domain guest group =
machine password timeout = 604800
add user script = /usr/sbin/useradd -d / -g 100 -s /bin/false -M %u
delete user script =
logon script = %U.bat
logon path = \\%L\profiles\%u
logon drive = H:
logon home = \\%L\%u\.profile
domain logons = Yes
os level = 64
lm announce = Auto
lm interval = 60
preferred master = True
local master = Yes
domain master = True
browse list = Yes
enhanced browsing = Yes
dns proxy = Yes
wins proxy = No
wins server =
wins support = Yes
wins hook =
kernel oplocks = Yes
oplock break wait time = 0
add share command =
change share command =
delete share command =
config file =
preload =
lock dir = /var/lock/samba
default service =
message command =
dfree command =
valid chars =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map =
time offset = 0
NIS homedir = No
source environment =
panic action =
hide local users = No
host msdfs = No
winbind uid =
winbind gid =
template homedir = /home/%D/%U
template shell = /bin/false
winbind separator = \
winbind cache time = 15
comment =
path =
alternate permissions = No
username =
guest account = nobody
invalid users = bin daemon adm lp sync shutdown halt mail news uucp operator games man ftp
valid users =
admin users =
read list =
write list =
printer admin = iboxadmin
force user =
force group =
read only = Yes
create mask = 0744
force create mode = 00
security mask = 0777
force security mode = 00
directory mask = 0755
force directory mode = 00
directory security mask = 0777
force directory security mode = 00
inherit permissions = No
guest only = No
guest ok = No
only user = No
hosts allow = 172.16.1. 127.
hosts deny =
status = Yes
max connections = 0
min print space = 0
strict sync = No
sync always = No
write cache size = 0
max print jobs = 1000
printable = No
postscript = No
printing = lprng
print command = /usr/bin/lpr -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
lppause command = /usr/sbin/lpc hold %p %j
lpresume command = /usr/sbin/lpc release %p %j
queuepause command = /usr/sbin/lpc -P%p stop
queueresume command = /usr/sbin/lpc -P%p start
printer name =
printer driver =
printer driver file = /etc/printers.def
printer driver location =
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
hide unreadable = No
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = Yes
map hidden = Yes
map archive = Yes
mangled names = Yes
mangled map =
browseable = Yes
blocking locks = Yes
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = Yes
oplock contention limit = 2
posix locking = Yes
strict locking = No
share modes = Yes
copy =
include =
exec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = No
dont descend =
magic script =
magic output =
delete readonly = No
dos filemode = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
recycle bin =
vfs object =
vfs options =
msdfs root = No
[homes]
comment = Your home directory
invalid users = root
read only = No
create mask = 0600
directory mask = 0700
browseable = No
[netlogon]
comment = Network Logon Service
path = /samba/netlogon
write list = iboxadmin
[profiles]
comment = NT user profiles
path = /samba/profiles
read only = No
create mask = 0600
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[print$]
comment = Printer drivers for Windows clients
path = /samba/printers
write list = iboxadmin
guest ok = Yes
[OurDocuments]
comment = Shared documents folders
path = /samba/documents
read only = No
force create mode = 0666
force directory mode = 0777
[_backup]
comment = All Samba files
path = /samba
valid users = root
browseable = No
�[1mibox{root}3:�[m� echo "Right-clicked a file, Properties, Security"
Right-clicked a file, Properties, Security
�[1mibox{root}4:�[m� smbstatus
INFO: Debug class all level = 10 (pid 4543 from pid 4543)
doing parameter max log size = 0
doing parameter hosts allow = 172.16.1. 127.
doing parameter interfaces = 172.16.1.0/24
doing parameter bind interfaces only = yes
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter invalid users = bin daemon adm lp sync shutdown halt mail news uucp operator games man ftp
doing parameter map archive = yes
doing parameter map hidden = yes
doing parameter map system = yes
doing parameter follow symlinks = no
doing parameter netbios name = ibox
handle_netbios_name: set global_myname to: IBOX
doing parameter workgroup = INTERNAL
doing parameter server string = i-box Internet server
doing parameter local master = yes
doing parameter preferred master = yes
doing parameter domain master = yes
doing parameter wins support = yes
doing parameter name resolve order = lmhosts wins bcast host
doing parameter os level = 64
doing parameter domain logons = yes
doing parameter logon script = %U.bat
doing parameter logon drive = H:
doing parameter logon home = \\%L\%u\.profile
doing parameter logon path = \\%L\profiles\%u
doing parameter security = user
doing parameter encrypt passwords = yes
doing parameter username map = /etc/smbusers
doing parameter add user script = /usr/sbin/useradd -d / -g 100 -s /bin/false -M %u
doing parameter printcap name = /etc/printcap
doing parameter load printers = yes
doing parameter printing = lprng
doing parameter print command = /usr/bin/lpr -P%p -r %s
doing parameter lpq command = /usr/bin/lpq -P%p
doing parameter lprm command = /usr/bin/lprm -P%p %j
doing parameter lppause command = /usr/sbin/lpc hold %p %j
doing parameter lpresume command = /usr/sbin/lpc release %p %j
doing parameter queuepause command = /usr/sbin/lpc -P%p stop
doing parameter queueresume command = /usr/sbin/lpc -P%p start
doing parameter printer admin = iboxadmin
doing parameter addprinter command = /usr/bin/smbaddprinter
doing parameter deleteprinter command = /usr/bin/smbdelprinter
doing parameter enumports command = /usr/bin/smbenumports
doing parameter time server = yes
Processing section "[homes]"
doing parameter comment = Your home directory
doing parameter browseable = no
doing parameter writable = yes
doing parameter create mask = 0600
doing parameter directory mask = 0700
doing parameter invalid users = root
Processing section "[netlogon]"
doing parameter comment = Network Logon Service
doing parameter path = /samba/netlogon
doing parameter writable = no
doing parameter write list = iboxadmin
Processing section "[profiles]"
doing parameter comment = NT user profiles
doing parameter path = /samba/profiles
doing parameter browseable = no
doing parameter writeable = yes
doing parameter create mask = 0600
doing parameter directory mask = 0700
Processing section "[printers]"
doing parameter comment = All Printers
doing parameter path = /var/spool/samba
doing parameter browseable = no
doing parameter guest ok = no
doing parameter writable = no
doing parameter printable = yes
Processing section "[print$]"
doing parameter comment = Printer drivers for Windows clients
doing parameter path = /samba/printers
doing parameter guest ok = yes
doing parameter browseable = yes
doing parameter read only = yes
doing parameter write list = iboxadmin
Processing section "[OurDocuments]"
doing parameter comment = Shared documents folders
doing parameter path = /samba/documents
doing parameter writeable = yes
doing parameter force create mode = 666
doing parameter force directory mode = 777
doing parameter security mask = 0777
doing parameter force security mode = 0
doing parameter directory security mask = 0777
doing parameter force directory security mode = 0
Processing section "[_backup]"
doing parameter comment = All Samba files
doing parameter path = /samba
doing parameter browseable = no
doing parameter writeable = no
doing parameter valid users = root
pm_process() returned Yes
Samba version 2.2.1
Service uid gid pid machine
----------------------------------------------
OurDocumen eelco eelco 4539 win98w1 (172.16.1.248) Mon Jul 2 12:21:23 2001
IPC$ eelco eelco 4539 win98w1 (172.16.1.248) Mon Jul 2 12:21:39 2001
Locked files:
Pid DenyMode R/W Oplock Name
--------------------------------------------------
4539 DENY_NONE RDWR EXCLUSIVE+BATCH /samba/documents/questionnaire_marketsurvey.doc Mon Jul 2 12:21:38 2001
�[1mibox{root}5:�[m� gdb /usr/sbin/smbd 4539
GNU gdb 5.0
Copyright 2000 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux"...
/root/4539: No such file or directory.
Attaching to program: /usr/sbin/smbd, Pid 4539
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /lib/libpam.so.0...done.
Loaded symbols for /lib/libpam.so.0
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_nisplus.so.2...done.
Loaded symbols for /lib/libnss_nisplus.so.2
Reading symbols from /lib/libnss_nis.so.2...done.
Loaded symbols for /lib/libnss_nis.so.2
Reading symbols from /lib/libnss_dns.so.2...done.
Loaded symbols for /lib/libnss_dns.so.2
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
0x4010b5ce in __select () from /lib/libc.so.6
(gdb) break fault_report
Breakpoint 1 at 0x80f02f3: file lib/fault.c, line 36.
(gdb) cont
Continuing.
Program received signal SIGSEGV, Segmentation fault.
__libc_free (mem=0x80) at malloc.c:3025
3025 malloc.c: No such file or directory.
(gdb) bt full
#0 __libc_free (mem=0x80) at malloc.c:3025
mem = (void *) 0x80
ar_ptr = (arena *) 0xbfffee0c
p = 0x81ea2c8
ar_ptr = (arena *) 0xbfffee0c
p = 0x81ea2c8
#1 0x80fa040 in string_free (s=0x81ea340) at lib/util_str.c:1120
s = (char **) 0x81ea340
#2 0x804c914 in file_free (fsp=0x81ea2c8) at smbd/files.c:300
fsp = (files_struct *) 0x81ea2c8
#3 0x80a540f in _srv_net_file_query_secdesc (p=0x81f2758, q_u=0xbffff7a4, r_u=0xbffff78c)
at rpc_server/srv_srvsvc_nt.c:1665
p = (pipes_struct *) 0xbffff264
psd = (SEC_DESC *) 0x81ede38
sd_size = 128
null_pw = "\000\003\013@Èöÿ¿\bøÿ¿\b\000\000\000\220l\034\b\004\000\000\000\030\000\000\000\020\000\000\000\000\032\025@<5\025@\000\032\025@\000\032\025@Äöÿ¿ö\032\013@Àöÿ¿\215þ\017\bÀöÿ¿Àþ\017\bL\n\025\b.\000\000\000 \000\000\000 \000\000\000àöÿ¿Â\035\t\b\005\000\000\000àöÿ¿Ó\035\t\b¬ç\022\bÌ÷ÿ¿HF\037\b8]\037\b\020÷ÿ¿æ\"\t\b\001\000\000\000=í\022\b\002\000\000\000HF\037\bä÷ÿ¿HF\037\b\030÷ÿ¿+\002\020\b`\215\031\b \000\000\000\004\000\000\000<÷ÿ¿_\031\t\b~ç\022\b`\215\031\b \000\000\000R\031\024\b"...
filename = "questionnaire_marketsurvey.doc\000\000\224òÿ¿¨\000\017\b\000\000\000\000à\013\026\b`\021\025@\000\000\000\000Èòÿ¿ \000\000\000\000\000\000\000\024óÿ¿\000\000\000\000\024óÿ¿©i\005@\000\000\000\000Ðòÿ¿}\000\017\b\e\000\000\000\024óÿ¿\001\000\000\000àòÿ¿¨\000\017\b\037Ý\024\bà\013\026\bôòÿ¿7\001\017\b\024óÿ¿ä÷ÿ¿HF\037\b\024÷ÿ¿Ø\002\017\b\024óÿ¿\024óÿ¿ÿ\003\000\000~ç\022\b ÷ÿ¿\200]\037\b 00a0 unknown3: 00000"...
qualname = "ourdocuments\000\000\000\000\000\000\000\000\n\000u \000\000\000\000\000\000\000\000Í\016\023\b\034ïÿ¿dùÿ¿\000\000\000\000\216ç\022\bìóÿ¿", '\000' <repeats 12 times>, "rç\022\b£ä\022\b", '\000' <repeats 16 times>, "±\017\023\bXïÿ¿ ùÿ¿\000\000\000\000<5\025@Ø3\034\bØ3\034\b\234õÿ¿\037Å\b@\000\000\000\000\e\021\023\b\200ïÿ¿Èùÿ¿\000\000\000\000\000\000\000\000Pôÿ¿\037\000\000\000<5\025@Ø3\034\bØ3\034\bÐõÿ¿\037Å\b@Øõÿ¿\037Å\b@á§\016@\000\000\000\000èóÿ¿<5\025@Ø3\034\b"...
fsp = (files_struct *) 0x81ea2c8
st = {st_dev = 775, __pad1 = 0, st_ino = 32611, st_mode = 33206, st_nlink = 1, st_uid = 507,
st_gid = 507, st_rdev = 0, __pad2 = 0, st_size = 50688, st_blksize = 4096, st_blocks = 112,
st_atime = 994072899, __unused1 = 0, st_mtime = 993039758, __unused2 = 0, st_ctime = 994072898,
__unused3 = 0, __unused4 = 0, __unused5 = 0}
bad_path = 0
access_mode = 0
action = 1
ecode = 0
user = {conn = 0x81ec938, vuid = 100, uid = 507, gid = 507, ngroups = 1, groups = 0x81eb4e8,
nt_user_token = 0x81eb4f8}
user_name = "eelco", '\000' <repeats 11 times>, "'\000\000\000uÆ\b@", '\000' <repeats 16 times>, "¬íÿ¿ô÷ÿ¿\000\000\000\000\001\000\000\000\000\000\000\0001\000\000\000ÿÿÿÿ\000\000\000\000Ï\016\023\b\000\000\000\000uÆ\b@`û\b@\000\000\000\000\001\000\000\000\000\000\000\000\200\017\023\b1\000\000\000¾î\n@@{\024 at U\t\023\b\000\000---Type <return> to continue, or q <return> to quit---
\000\000<5\025@\001\000\000\000Ü\017\023\bHôÿ¿uÆ\b@\200ôÿ¿`û\b@\001\000\000\000\000ïÿ¿\000\000\000\000<5\025@\001\000\000\000@{\024@\235a\023\bÀa\023\b", '\000' <repeats 12 times>, "tôÿ¿\037Å\b@<5\025@Ø"...
conn = (connection_struct *) 0x81c27e0
#4 0x80a2393 in api_srv_net_file_query_secdesc (p=0x81f2758) at rpc_server/srv_srvsvc.c:454
p = (pipes_struct *) 0x81f2758
q_u = {ptr_srv_name = 4495376, uni_srv_name = {uni_max_len = 7, undoc = 0, uni_str_len = 7,
buffer = 0x81ed110}, ptr_qual_name = 4495390, uni_qual_name = {uni_max_len = 13, undoc = 0,
uni_str_len = 13, buffer = 0x81ee5b8}, uni_file_name = {uni_max_len = 32, undoc = 0, uni_str_len = 32,
buffer = 0x81c6c50}, unknown1 = 7, unknown2 = 0, unknown3 = 0}
r_u = {ptr_response = 1, size_response = 176, ptr_secdesc = 1, size_secdesc = 176,
sec_desc = 0x81ede38, status = 0}
data = (prs_struct *) 0x80
rdata = (prs_struct *) 0x81f466c
#5 0x80a8708 in api_rpcTNP (p=0x81f2758, rpc_name=0x8133ec9 "api_srvsvc_rpc", api_rpc_cmds=0x815f154)
at rpc_server/srv_pipe.c:1214
api_rpc_cmds = (struct api_struct *) 0x815f154
fn_num = 168
name = "in_api_srvsvc_rpc\000\017\bbÝ\024\b\200Í\030\b\003\000\000\000©i\005@\002\000\000\000\024ùÿ¿\224\002\017\b\002\000\000\000\030\000\000\000X'\037\b|ùÿ¿\000\000\000\000\000\000\000\000Pùÿ¿\214\002\017\bbÝ\024\b\200Í\030\b6\034\013@©i\005@|ùÿ¿2&\013@\210]\037\bÿ\217#\001(\035\025@\000\000\000\000\020s\037\b\210\025\000\000\000\032\025@<5\025@Ø\\\037\b\020\035\025@\000\000\000\004c-\013 at h\000\000\000\030\016\000\0008\026\000\000\000\032\025@<5\025@\000\032\025@\000\032\025@ìøÿ¿ö\032\013@à\\\037\b\bùÿ¿H\211\037\b"...
offset1 = 0
offset2 = 135655764
#6 0x80a24f5 in api_srvsvc_rpc (p=0x81f2758) at rpc_server/srv_srvsvc.c:524
No locals.
#7 0x80a8560 in api_pipe_request (p=0x81f2758) at rpc_server/srv_pipe.c:1165
p = (pipes_struct *) 0x81f2758
i = 2
ret = 0
changed_user_id = 0
#8 0x809a445 in process_request_pdu (p=0x81f2758, rpc_in_p=0xbffff97c) at rpc_server/srv_pipe_hnd.c:537
ret = 0
p = (pipes_struct *) 0x81f2758
data_len = 0
#9 0x809a5ea in process_complete_pdu (p=0x81f2758) at rpc_server/srv_pipe_hnd.c:609
p = (pipes_struct *) 0x81f2758
rpc_in = {io = 1, bigendian_data = 0, align = 4 '\004', is_dynamic = 0, data_offset = 8,
buffer_size = 176, grow_size = 0, data_p = 0x81f3010 "¨", mem_ctx = 0x81c5ca8}
data_len = 176
data_p = 0x81f3010 "¨"
reply = 0
#10 0x809a7f5 in process_incoming_data (p=0x81f2758, data=0x81ed608 "¨", n=176)
---Type <return> to continue, or q <return> to quit---
at rpc_server/srv_pipe_hnd.c:705
p = (pipes_struct *) 0x81f2758
n = 176
data_to_copy = 176
#11 0x809a940 in write_to_pipe (p=0x81f2758, data=0x81ed5f8 "\005", n=192) at rpc_server/srv_pipe_hnd.c:734
data_used = 0
data = 0x81ed608 "¨"
data_left = 176
#12 0x8055534 in api_fd_reply (conn=0x81ec938, vuid=100, outbuf=0x81d96b9 "", setup=0x81ed6c0,
data=0x81ed5f8 "\005", params=0x0, suwcnt=2, tdscnt=192, tpscnt=0, mdrcnt=512, mprcnt=0) at smbd/ipc.c:308
setup = (short unsigned int *) 0x81f2758
reply = 0
p = (pipes_struct *) 0x81f2758
pnum = 28678
subcommand = 38
#13 0x80556fd in named_pipe (conn=0x81ec938, vuid=100, outbuf=0x81d96b9 "", name=0xbffffaea "",
setup=0x81ed6c0, data=0x81ed5f8 "\005", params=0x0, suwcnt=2, tdscnt=192, tpscnt=0, msrcnt=0, mdrcnt=512,
mprcnt=0) at smbd/ipc.c:352
vuid = 100
name = 0xbffffaeb ""
setup = (short unsigned int *) 0x81ed6c0
#14 0x8055e2d in reply_trans (conn=0x81ec938, inbuf=0x81c9271 "", outbuf=0x81d96b9 "", size=272, bufsize=2920)
at smbd/ipc.c:505
name = "\\PIPE\\", '\000' <repeats 249 times>
name_offset = 6
data = 0x81ed5f8 "\005"
params = 0x0
setup = (short unsigned int *) 0x81ed6c0
outsize = -1073743132
vuid = 100
tpscnt = 0
tdscnt = 192
mprcnt = 0
mdrcnt = 512
msrcnt = 0
close_on_completion = 0
one_way = 0
pscnt = 0
psoff = 74
dscnt = 192
dsoff = -1073743132
suwcnt = 2
#15 0x807ba0d in switch_message (type=37, inbuf=0x81c9271 "", outbuf=0x81d96b9 "", size=272, bufsize=2920)
---Type <return> to continue, or q <return> to quit---
at smbd/process.c:739
flags = 73
last_session_tag = 100
session_tag = 100
conn = (connection_struct *) 0x81ec938
type = 37
pid = 4539
outsize = 136090225
#16 0x807ba98 in construct_reply (inbuf=0x81c9271 "", outbuf=0x81d96b9 "", size=272, bufsize=2920)
at smbd/process.c:768
inbuf = 0x81c9271 ""
outbuf = 0x81d96b9 ""
type = 37
outsize = 0
msg_type = 0
#17 0x807bc85 in process_smb (inbuf=0x81c9271 "", outbuf=0x81d96b9 "") at smbd/process.c:856
outbuf = 0x81d96b9 ""
trans_num = 65
msg_type = 0
len = 268
nread = 272
#18 0x807c43f in smbd_process () at smbd/process.c:1240
deadtime = 604800
select_timeout = 60000
num_echos = 0
last_timeout_processing_time = 994072883
num_smbs = 62
#19 0x804c40a in main (argc=2, argv=0xbffffd34) at smbd/server.c:801
argc = 2
argv = (char **) 0xbffffd34
is_daemon = 1
specified_logfile = 0
port = 139
opt = 0
#20 0x40056790 in __libc_start_main (main=0x804be10 <main>, argc=2, ubp_av=0xbffffd34, init=0x804a544 <_init>,
fini=0x81153ec <_fini>, rtld_fini=0x4000d35c <_dl_fini>, stack_end=0xbffffd2c)
at ../sysdeps/generic/libc-start.c:111
ubp_av = (char **) 0xbffffd34
fini = (void (*)()) 0x40015d18 <_dl_debug_impcalls>
rtld_fini = (void (*)()) 0x40151a00 <main_arena>
ubp_ev = (char **) 0xbffffd40
(gdb) quit
The program is running. Quit anyway (and detach it)? (y or n) y
Detaching from program: /usr/sbin/smbd, Pid 4539
�[1mibox{root}6:�[m� ^D
Script done on Mon Jul 2 12:23:03 2001
More information about the samba-technical
mailing list