Winbindd using 100% of CPU. Any solution?

Richard Sharpe realrichardsharpe at
Mon Jan 6 10:54:15 MST 2014

On Mon, Jan 6, 2014 at 7:22 AM, Volker Lendecke
<Volker.Lendecke at> wrote:
> On Mon, Jan 06, 2014 at 07:12:21AM -0800, Richard Sharpe wrote:
>> Because that weird pair of domains with the same DNS address probably
>> violates one of our assumptions, setup_domain_child can return with an
>> existing entry that looks like it has been freshly TALLOC'd and we
>> re-insert it.
> Can you explain in very simple words to me what code flow
> you see destroying the _domain_list?
> The only call modifying _domain_list I see is
> DLIST_ADD_END(_domain_list, domain, struct winbindd_domain *);
> call in add_trusted_domain(). I fail to see a code flow how
> we can end up there without having malloc'ed "domain"
> before.
> Or is it another call that modifies _domain_list that you
> are talking about?

Sure. I know it took me a long while to figure this out.

It starts in rescan_forest_trusts and relates to the fact that two
domains, XCHANGE and EXCHANGE, which both have DNS names
xchange.some.dom, are reported.

In the loop we do not find the domain in find_domain_from_name_noinit,
but further down, because the flags seem to be correct, we call
add_trusted_domain because the earlier find came up empty.

add_trusted_domain does not find the domain based on its domain name,
but does find it based on its alternate name, and so it returns that
domain, after possibly updating the SID.

Back in rescan_forest_trusts, if we come up with a domain from
add_trusted_domain, we call setup_domain_child, which only calls
setup_child which sets the socket to -1 on a possibly already in the
list child ...

This only seems to hit when we have just recently inserted the other
domain into the list of children or something.

Richard Sharpe

More information about the samba-technical mailing list