I have seen a crash in 2.2.5 when the domain password server is not available:
Here are the relevant smbd logs: [2002/08/14 07:44:37, 0, pid=25083] smbd/password.c:domain_client_validate(1585) domain_client_validate: Domain password server not available. [2002/08/14 07:44:37, 0, pid=25083] passdb/pdb_smbpasswd.c:pdb_getsampwnam(1367) unable to open passdb database. [2002/08/14 07:44:37, 1, pid=25083] smbd/password.c:pass_check_smb(545) Couldn't find user 'user1' in passdb. [2002/08/14 07:44:37, 1, pid=25083] smbd/reply.c:reply_sesssetup_and_X(998) Rejecting user 'user1': authentication failed [2002/08/14 07:44:58, 1, pid=25083] lib/util_sock.c:open_socket_out(860) timeout connecting to 192.168.14.1:445 [2002/08/14 07:44:58, 1, pid=25083] lib/util_sock.c:open_socket_out(860) timeout connecting to 192.168.14.1:445 [2002/08/14 07:44:58, 1, pid=25083] lib/util_sock.c:open_socket_out(860) timeout connecting to 192.168.14.1:139 [2002/08/14 07:44:58, 1, pid=25083] libsmb/cliconnect.c:cli_connect(775) Error connecting to 192.168.14.1 (Operation now in progress) [2002/08/14 07:44:58, 0, pid=25083] libsmb/cliconnect.c:attempt_netbios_session_request(1091) [2002/08/14 07:44:58, 0, pid=25083] lib/fault.c:fault_report(38) =============================================================== [2002/08/14 07:44:58, 0, pid=25083] lib/fault.c:fault_report(39) INTERNAL ERROR: Signal 11 in pid 25083 (2.2.5) Please read the file BUGS.txt in the distribution [2002/08/14 07:44:58, 0, pid=25083] lib/fault.c:fault_report(41) =============================================================== [2002/08/14 07:44:58, 0, pid=25083] lib/util.c:smb_panic(1092) PANIC: internal error >From the core file... (gdb) bt #0 0xff21c840 in _libc_kill () from /usr/lib/libc.so.1 #1 0xff1b5ab4 in abort () from /usr/lib/libc.so.1 #2 0x11f770 in readdirname () #3 0x10b61c in fault_report () #4 0x10b670 in sig_fault () #5 <signal handler called> #6 0x87a04 in cli_errstr () #7 0x842d4 in attempt_netbios_session_request () #8 0x3a364 in connect_to_domain_password_server () #9 0x3abb0 in domain_client_validate () #10 0x4f46c in check_domain_security () #11 0x4ff64 in reply_sesssetup_and_X () #12 0x73a64 in switch_message () #13 0x73af0 in construct_reply () #14 0x73d9c in process_smb () #15 0x74798 in smbd_process () #16 0x316b4 in main () (gdb) frame 6 #6 0x87a04 in cli_errstr () (gdb) disass Dump of assembler code for function cli_errstr: 0x879f8 <cli_errstr>: save %sp, -128, %sp 0x879fc <cli_errstr+4>: mov %i0, %l0 0x87a00 <cli_errstr+8>: ld [ %l0 + 0xd64 ], %o0 0x87a04 <cli_errstr+12>: ldub [ %o0 + 0xe ], %o1 0x87a08 <cli_errstr+16>: ldub [ %o0 + 0xf ], %o0 0x87a0c <cli_errstr+20>: sll %o0, 8, %o0 0x87a10 <cli_errstr+24>: or %o1, %o0, %o1 0x87a14 <cli_errstr+28>: ld [ %l0 + 0xd6c ], %o0 0x87a18 <cli_errstr+32>: cmp %o0, 0 0x87a1c <cli_errstr+36>: bne,a 0x87a44 <cli_errstr+76> ... (gdb) print $i0 $71 = 2756632 (gdb) print $l0 $72 = 2756632 (gdb) print $o0 $73 = 11 (gdb) print *($l0 + 0xd64) $74 = 0 It look as though 0x87a04 is in the middle of the SVAL(cli->inbuf,smb_flg2) in the initialization of the local variable flgs2. My read of the assembly says that at 0x87a00 register o0 should have been assigned the value 2760060 (2756632 + 0xd64), but that did not happen. FWIW, I have only seen this crash once. Any ideas? Mike