Jeremy Allison jra at
Tue Dec 9 02:22:30 GMT 2003

On Mon, Dec 08, 2003 at 07:07:07PM -0600, Willis, Robert wrote:
> First, let me say I haven't done any C programming since college (10
> years ago), but I've been trying to debug a problem that I've had with
> Samba 3.0 in an ADS environment,  Basically I'm getting signal 11
> crashes in Winbindd.
> I think that I have narrowed down to the internal_resolve_name function
> in namequery.c at line 993 is it malloc'ing room for one ip_service
> struct, but at line 1041 it is passing it to the resolve_hosts function
> that could overfill it?
> I think the reason why I'm seeing the issue is that we have alot (30+)
> dc in our ads domain. 
> Is this what I am seeing or should I be looking elsewhere?

This is not actually the bug. When it mallocs room for only one
ip_service struct it's inside an if statement that will fill
that one entry and return immediately :

if (allzeros || allones || is_address) {

Although the code could do with a little cleaning here.

Can you catch the winbindd in the crash using the "panic action"
parameter and then use gdb to get a stack backtrace ? Remember
to compile with -g.



More information about the samba-technical mailing list