Package: samba Version: 2:3.4.5~dfsg-2 Severity: normal When trying to set printing preferences for network printers, the smbd server process segfaults. This is reproducible every time. We're using cups to print: ii cups 1.4.2-4 Common UNIX Printing System(tm)
This particular problem did not exist in samba 2:3.2.5-4lenny8, but we
upgraded
due to problems joining the domain with Windows XP SP3 clients (which works
perfectly fine with this version).
The printing preferences eventually do come up, but the user's smbd
processes
keep segfaulting until the dialog is closed.
Apart from being annoying and generating lots of panic reports, it also
causes
problems with open files.
Attached are a strace and gdb log, I couldn't get them from the same
process,
but they are caused by the same action.
Regards,
Tobias
-- System Information:
Debian Release: 5.0.4
APT prefers stable
APT policy: (150, 'stable'), (100, 'testing'), (50, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.30.1 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages samba depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0] 1.5.24 Debian configuration
management sy
ii libacl1 2.2.47-2 Access control list shared
library
ii libattr1 1:2.4.43-2 Extended attribute shared
library
ii libc6 2.10.2-2 GNU C Library: Shared libraries
ii libcap2 2.11-2 support for getting/setting
POSIX.
ii libcomerr2 1.41.3-1 common error description
library
ii libcups2 1.4.2-4 Common UNIX Printing
System(tm) -
ii libgnutls26 2.8.5-2 the GNU TLS library -
runtime libr
ii libgssapi-krb5-2 1.8+dfsg~alpha1-5 MIT Kerberos runtime
libraries - k
ii libk5crypto3 1.8+dfsg~alpha1-5 MIT Kerberos runtime
libraries - C
ii libkrb5-3 1.8+dfsg~alpha1-5 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.11-1+lenny1 OpenLDAP libraries
ii libpam-modules 1.1.1-1 Pluggable Authentication
Modules f
ii libpam-runtime 1.1.1-1 Runtime support for the PAM
librar
ii libpam0g 1.1.1-1 Pluggable Authentication
Modules l
ii libpopt0 1.15-1 lib for parsing cmdline
parameters
ii libtalloc2 2.0.1-1 hierarchical pool based
memory all
ii libwbclient0 2:3.4.5~dfsg-2 Samba winbind client library
ii lsb-base 3.2-20 Linux Standard Base 3.2
init scrip
ii procps 1:3.2.7-11 /proc file system utilities
ii samba-common 2:3.4.5~dfsg-2 common files used by both
the Samb
ii update-inetd 4.31 inetd configuration file
updater
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages samba recommends:
ii logrotate 3.7.1-5 Log rotation utility
Versions of packages samba suggests:
pn ctdb <none> (no description available)
pn ldb-tools <none> (no description available)
ii openbsd-inetd [inet-superse 0.20080125-2 The OpenBSD Internet
Superserver
ii smbldap-tools 0.9.4-1 Scripts to manage Unix and
Samba a
-- debconf information:
samba/nmbd_from_inetd:
samba/log_files_moved:
samba/tdbsam: false
samba/generate_smbpasswd: true
* samba/run_mode: daemons
samba-segfault-strace.txt.gz
Description: application/gunzip
[Thread debugging using libthread_db enabled]
[New Thread 0xb7b4c9b0 (LWP 25733)]
0xffffe424 in __kernel_vsyscall ()
#0 0xffffe424 in __kernel_vsyscall ()
#1 0xb7ce6193 in waitpid () from /lib/i686/cmov/libc.so.6
#2 0xb7c868eb in ?? () from /lib/i686/cmov/libc.so.6
#3 0xb7e6737d in system () from /lib/i686/cmov/libpthread.so.0
#4 0x0836646d in smb_panic (why=0x8708826 "internal error") at lib/util.c:1486
#5 0x08353c3e in sig_fault (sig=11) at lib/fault.c:52
#6 <signal handler called>
#7 0xb7da2b76 in ?? () from /usr/lib/libtalloc.so.2
#8 0x0879fff4 in ?? ()
#9 0x09721080 in ?? ()
#10 0xbf835098 in ?? ()
#11 0x0879fff4 in ?? ()
#12 0x0972e450 in ?? ()
#13 0x00000100 in ?? ()
#14 0x00000100 in ?? ()
#15 0x08199edd in prs_grow (ps=0x9720c20, extra_space=<value optimized out>)
at rpc_parse/parse_prs.c:298
#16 0xb7da1841 in _talloc_free () from /usr/lib/libtalloc.so.2
#17 0x082a67cb in api_spoolss_EnumPrinterData (p=0x972e3a0)
at ../librpc/gen_ndr/srv_spoolss.c:5706
#18 0x082e8f09 in api_rpcTNP (p=<value optimized out>,
api_rpc_cmds=<value optimized out>, n_cmds=96)
at rpc_server/srv_pipe.c:2329
#19 0x082e9752 in api_pipe_request (p=0x972e3a0) at rpc_server/srv_pipe.c:2269
#20 0x082e25fa in process_complete_pdu (p=0x972e3a0)
at rpc_server/srv_pipe_hnd.c:480
#21 0x082e2c97 in np_write_send (mem_ctx=0x97206d0, ev=0x9703ee0,
handle=0x9706c70, data=0x9720710 "\005", len=56)
at rpc_server/srv_pipe_hnd.c:741
#22 0x080e3d06 in api_fd_reply (conn=<value optimized out>,
vuid=<value optimized out>, req=0x97205e0, setup=0x972f7a8,
data=0x9729990 "\005", params=0x0, suwcnt=2, tdscnt=56, tpscnt=0,
mdrcnt=3648, mprcnt=0) at smbd/ipc.c:250
#23 0x080e430b in handle_trans (conn=<value optimized out>,
req=<value optimized out>, state=0x9709820) at smbd/ipc.c:513
#24 0x080e4e26 in reply_trans (req=0x97205e0) at smbd/ipc.c:755
#25 0x081496de in switch_message (type=<value optimized out>, req=0x97205e0,
size=144) at smbd/process.c:1377
#26 0x08149b4d in process_smb (conn=<value optimized out>,
inbuf=<value optimized out>, nread=144, unread_bytes=0,
encrypted=<value optimized out>, deferred_pcd=0x0) at smbd/process.c:1408
#27 0x0814a3ad in smbd_server_connection_handler (ev=0x9703ee0, fde=0x97071b0,
flags=<value optimized out>, private_data=0x9704e50) at smbd/process.c:1887
#28 0x0837745e in run_events (ev=0x9703ee0, selrtn=1, read_fds=0xbf835838,
write_fds=0xbf8357b8) at lib/events.c:126
#29 0x08148e37 in smbd_process () at smbd/process.c:820
#30 0x08646695 in smbd_accept_connection (ev=0x9703ee0, fde=0x974ac90,
flags=1, private_data=0x974ab70) at smbd/server.c:395
#31 0x0837745e in run_events (ev=0x9703ee0, selrtn=2, read_fds=0xbf835c3c,
write_fds=0xbf835bbc) at lib/events.c:126
#32 0x083776ff in s3_event_loop_once (ev=0x9703ee0,
location=0x8792128 "smbd/server.c:681") at lib/events.c:185
#33 0x08377d48 in _tevent_loop_once (ev=0x9703ee0,
location=0x8792128 "smbd/server.c:681") at ../lib/tevent/tevent.c:490
#34 0x086473c2 in main (argc=2, argv=0xbf836054) at smbd/server.c:681
The program is running. Quit anyway (and detach it)? (y or n) [answered Y;
input not from terminal]
