[PATCH] Attempt to replicate DNS zones at domain join time (drepl server crash)
Andrew Bartlett
abartlet at samba.org
Thu Jun 21 17:02:01 MDT 2012
On Thu, 2012-06-21 at 16:20 +0200, Stefan (metze) Metzmacher wrote:
> Hi Andrew,
>
> > This patch tries to reduce the pain around replicating DNS. We now do
> > it at join time.
> >
> > However, at least during make test, it causes a segfault in the DRS
> > server, which I can't yet pin down (even with valgrind I don't get a
> > useful answer).
> >
> > I'm posting the patch here in case someone else has a clue why it
> > crashes our DRS server, as I think it is an existing bug (I just change
> > how we join, not the DRS server).
>
> HasMasterNCs is only for the 3 main partitions, while msDS-HasMasterNCs
> is for all of them...
> Maybe your bug is related.
>
> metze
The segfault is this:
Program received signal SIGSEGV, Segmentation fault.
0x00007fffebf26cc0 in dreplsrv_run_pull_ops (s=0x19d6d80)
at ../source4/dsdb/repl/drepl_out_pull.c:200
200 op->source_dsa->repsFrom1->last_attempt = now;
#0 0x00007fffebf26cc0 in dreplsrv_run_pull_ops (s=0x19d6d80)
at ../source4/dsdb/repl/drepl_out_pull.c:200
#1 0x00007fffebf24179 in dreplsrv_run_pending_ops (s=0x19d6d80)
at ../source4/dsdb/repl/drepl_periodic.c:131
#2 0x00007fffebf2a710 in dreplsrv_notify_run (service=0x19d6d80)
at ../source4/dsdb/repl/drepl_notify.c:480
#3 0x00007fffebf2a47b in dreplsrv_notify_handler_te (ev=0x630870,
te=0x1477280, t=..., ptr=0x19d6d80)
at ../source4/dsdb/repl/drepl_notify.c:421
#4 0x00007ffff68a4593 in tevent_common_loop_timer_delay (ev=0x630870)
at ../lib/tevent/tevent_timed.c:254
#5 0x00007ffff68a3385 in epoll_event_loop (std_ev=0x630950,
tvalp=0x7fffffff98e0) at ../lib/tevent/tevent_standard.c:298
#6 0x00007ffff68a3c13 in std_event_loop_once (ev=0x630870,
location=0x40fb9f "../source4/smbd/server.c:472")
at ../lib/tevent/tevent_standard.c:567
#7 0x00007ffff689ecf5 in _tevent_loop_once (ev=0x630870,
location=0x40fb9f "../source4/smbd/server.c:472")
at ../lib/tevent/tevent.c:506
#8 0x00007ffff689ef1a in tevent_common_loop_wait (ev=0x630870,
location=0x40fb9f "../source4/smbd/server.c:472")
at ../lib/tevent/tevent.c:607
#9 0x00007ffff689efe5 in _tevent_loop_wait (ev=0x630870,
location=0x40fb9f "../source4/smbd/server.c:472")
at ../lib/tevent/tevent.c:626
#10 0x000000000040b5a3 in binary_smbd_main (binary_name=0x40f58b
"samba", argc=6, argv=0x7fffffff9d28) at ../source4/smbd/server.c:472
#11 0x000000000040b5e9 in main (argc=6, argv=0x7fffffff9d28)
at ../source4/smbd/server.c:483
Missing separate debuginfos, use: debuginfo-install
glibc-2.14.90-24.fc16.7.x86_64 gnome-keyring-3.2.1-3.fc16.x86_64
gnutls-2.12.14-3.fc16.x86_64 krb5-libs-1.9.3-2.fc16.x86_64
libbsd-0.2.0-4.fc15.x86_64 libdb-5.2.36-1.fc16.x86_64
libgcrypt-1.5.0-2.fc16.x86_64 libgpg-error-1.10-1.fc16.x86_64
libtalloc-2.0.7-4.fc16.x86_64 libtasn1-2.12-1.fc16.x86_64
openssl-1.0.0j-1.fc16.x86_64 p11-kit-0.6-1.fc16.x86_64
python-libs-2.7.3-3.fc16.x86_64
This is because op->source (struct dreplsrv_partition_source_dsa) is I
think freed here:
source4/messaging/messaging.c:772
full talloc report on 'struct irpc_message' (total 4102 bytes in 23
blocks)
struct dreplsrv_partition_source_dsa contains 350 bytes in 3
blocks (ref 0) 0x1d3dae0
struct repsFromTo1OtherInfo contains 78 bytes in 2
blocks (ref 0) 0xe34500
178dcc89-2e73-4415-939b-0b3bb168ab09._msdcs.samba.example.com contains
62 bytes in 1 blocks (ref 0) 0x1d3dcd0
default/librpc/gen_ndr/ndr_drsuapi.c:14837 contains 416 bytes in
3 blocks (ref 0) 0xba93a0
default/librpc/gen_ndr/ndr_drsuapi.c:661 contains 376 bytes
in 2 blocks (ref 0) 0x198e730
char contains 272 bytes in 1
blocks (ref 0) 0x1cd5100
default/librpc/gen_ndr/ndr_drsuapi.c:14829 contains 20 bytes in
1 blocks (ref 0) 0x1d3df30
DATA_BLOB: ../librpc/ndr/ndr_basic.c:1301 contains 4 bytes in
1 blocks (ref 0) 0x15d1de0
default/source4/librpc/gen_ndr/ndr_irpc.c:57 contains 508 bytes
in 2 blocks (ref 0) 0x8980a0
default/librpc/gen_ndr/ndr_security.c:1001 contains 476 bytes
in 1 blocks (ref 0) 0xbf1300
struct ndr_pull contains 2660 bytes in 12 blocks
(ref 0) 0xff2520
struct ndr_push contains 2244 bytes in 5
blocks (ref 0) 0xec9d10
uint8_t contains 4 bytes in 1
blocks (ref 0) 0x13b80a0
struct ndr_push contains 1120 bytes in 2
blocks (ref 0) 0x1618a50
uint8_t contains 1024 bytes in
1 blocks (ref 0) 0xe4f050
uint8_t contains 1024 bytes in 1
blocks (ref 0) 0x16bca90
struct ndr_pull contains 96 bytes in 1
blocks (ref 0) 0x1f2a9a0
struct ndr_token_list contains 32 bytes in 1
blocks (ref 0) 0x19bcb80
struct ndr_token_list contains 32 bytes in 1
blocks (ref 0) 0xbf15c0
../source4/lib/messaging/messaging.c:802 contains 32 bytes
in 1 blocks (ref 0) 0xbf1540
struct ndr_pull contains 128 bytes in 2
blocks (ref 0) 0x1f2abb0
struct ndr_token_list contains 32 bytes in 1
blocks (ref 0) 0x18347a0
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list