smbd segfault during failed oplock break (Re: Problems with Samba 4 Beta 1 and a possible bug that was previously reported)

Trever L. Adams trever.adams at
Sat Jul 7 00:01:48 MDT 2012

On 07/06/2012 04:45 PM, Trever L. Adams wrote:
> On 07/06/2012 04:43 PM, Trever L. Adams wrote:
>> On 06/29/2012 02:54 AM, Andrew Bartlett wrote:
>>> On Fri, 2012-06-29 at 02:33 -0600, Trever L. Adams wrote:
>>>> On 06/29/2012 02:20 AM, Andrew Bartlett wrote:
>>>>> I've retitled the bug to get the attention of those who work on the file
>>>>> server, as this isn't a specifically AD related bug as far as I can see.
>>>>> If you can get it all under valgrind, it may help working out the
>>>>> details of the use-after-free().
>>>>> Thanks!
>>>>> Andrew Bartlett
>>>> Thank you Andrew. Are there any special instructions for using valgrind
>>>> with S4? Or can I just do like I would with any other program and just
>>>> put valgrind before with --memcheck=full (I probably have that a bit off)?
>>> Run with --trace-children=yes
>>>> The use-after-free() is still happening it seems under load even with
>>>> the off-line-files gone, so I think I should be able to duplicate it.
>>>> (In fact it seems to be more related to the "destination unreachable" I
>>>> mentioned an hour or so ago.)
>>> Thanks,
>>> Andrew Bartlett
>> I do not believe this is the segfault problem, but it just came up.
>> ==7816==    at 0x8DB8071: _itoa_word (in /usr/lib64/
>> ==7816==    by 0x8DBC989: vfprintf (in /usr/lib64/
>> ==7816==    by 0x8DE6533: vasprintf (in /usr/lib64/
>> ==7816==    by 0x7020F2C: ndr_print_debug_helper (ndr.c:176)
>> ==7816==    by 0x701ED11: ndr_print_uint16 (ndr_basic.c:1048)
>> ==7816==    by 0xDCD6E71: ndr_print_nbt_rdata_status (ndr_nbt.c:482)
>> ==7816==    by 0xDCD7655: ndr_print_nbt_rdata (ndr_nbt.c:622)
>> ==7816==    by 0xDCD797E: ndr_print_nbt_res_rec (ndr_nbt.c:668)
>> ==7816==    by 0xDCD8AD9: ndr_print_nbt_name_packet (ndr_nbt.c:819)
>> ==7816==    by 0x7021344: ndr_print_debug (ndr.c:252)
>> ==7816==    by 0x105C7BFF: nbt_name_reply_send (nbtsocket.c:461)
>> ==7816==    by 0x14264FB3: nbtd_node_status_reply (nodestatus.c:91)
> Sorry, I forgot to mention version 4.0.0beta4-GIT-0ed3433.
> Trever
Well, this is indeed coinciding with the crash. I do not know if it is
the crash or not, but I am not seeing anything else. I hope this helps
and I will keep trying to get other information.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the samba-technical mailing list