[Bug 970679] Re: [SRU] winbind coredumps when encountering a group with over 1000 members

James Page Wed, 16 May 2012 05:11:13 -0700

** Description changed:

  Impact:
  winbind coredumps when encountering a group with more that 1000 members - 
this renders winbind unusable in deployments with > 1000 users in a single 
group.
  
  Development Fix:
  Cherry picked patch from upstream VCS - this fix should be included in 3.6.6.
+ Fix ensures that hunks of 1000 entries processed in winbind line up with 
talloc memory handling preventing the crash.
  
  Stable Fix:
+ Cherry picked patch from upstream VCS - see comments in Development fix.
  
  Test Case:
+ NOTE - hard to reproduce as requires deployment with large number of 
users/groups.
  Configure winbind to communicate with a Domain Controller with more that 1000 
users
  getent group groupWithLessThan1000Members - OK
  getent group groupWithMoreThan1000Members - HANGS (coredumps recorded in 
syslog).
  
  Regression Potential:
  Minimal - patch has been committed upstream and should be released in Samba 
3.6.6.
  
  Original Bug Report:
  
  Samba 3.6.3 precise
  
  winbind works as expected with groups with < 1000 members, core dumps
  when encountering groups with > 1000 members.
  
  e.g. getent group groupWithLessThan1000Members returns expected results
  
  getent group groupWithMoreThan1000Members hangs at CLI whilst winbind
  coredumps in the background and eventually returns nothing, however this
  can be found in syslog
  
  Apr  1 02:00:56 fs1 winbindd[1506]: [2012/04/01 02:00:56.252483,  0] 
../lib/util/debug.c:413(talloc_log_fn)
  Apr  1 02:00:56 fs1 winbindd[1506]:   Bad talloc magic value - unknown value
  Apr  1 02:00:56 fs1 winbindd[1506]: [2012/04/01 02:00:56.255072,  0] 
lib/util.c:1117(smb_panic)
  Apr  1 02:00:56 fs1 winbindd[1506]:   PANIC (pid 1506): Bad talloc magic 
value - unknown value
  Apr  1 02:00:56 fs1 winbindd[1506]: [2012/04/01 02:00:56.282138,  0] 
lib/util.c:1221(log_stack_trace)
  Apr  1 02:00:56 fs1 winbindd[1506]:   BACKTRACE: 20 stack frames:
  Apr  1 02:00:56 fs1 winbindd[1506]:    #0 
/usr/sbin/winbindd(log_stack_trace+0x1a) [0x7f4dab7704ca]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #1 /usr/sbin/winbindd(smb_panic+0x25) 
[0x7f4dab7705a5]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #2 
/usr/lib/x86_64-linux-gnu/libtalloc.so.2(talloc_strdup+0x299) [0x7f4da95ab429]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #3 /usr/sbin/winbindd(+0x4edb5d) 
[0x7f4dabab9b5d]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #4 
/usr/sbin/winbindd(dcerpc_lsa_lookup_sids3+0x2e) [0x7f4dababa24e]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #5 
/usr/sbin/winbindd(winbindd_lookup_sids+0x116) [0x7f4dab6b7306]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #6 /usr/sbin/winbindd(+0xeefa2) 
[0x7f4dab6bafa2]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #7 /usr/sbin/winbindd(+0xd9be2) 
[0x7f4dab6a5be2]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #8 
/usr/sbin/winbindd(_wbint_LookupGroupMembers+0x5e) [0x7f4dab6c497e]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #9 /usr/sbin/winbindd(+0x1029b4) 
[0x7f4dab6ce9b4]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #10 
/usr/sbin/winbindd(winbindd_dual_ndrcmd+0xbc) [0x7f4dab6c3f6c]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #11 /usr/sbin/winbindd(+0xf6cb4) 
[0x7f4dab6c2cb4]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #12 /usr/sbin/winbindd(+0xf7765) 
[0x7f4dab6c3765]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #13 
/usr/sbin/winbindd(tevent_common_loop_immediate+0xe2) [0x7f4dab781e92]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #14 
/usr/sbin/winbindd(run_events_poll+0x48) [0x7f4dab77ff88]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #15 /usr/sbin/winbindd(+0x1b43a6) 
[0x7f4dab7803a6]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #16 
/usr/sbin/winbindd(_tevent_loop_once+0x90) [0x7f4dab780fb0]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #17 /usr/sbin/winbindd(main+0x78b) 
[0x7f4dab699a3b]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #18 
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7f4da8bd376d]
  Apr  1 02:00:56 fs1 winbindd[1506]:    #19 /usr/sbin/winbindd(+0xcde91) 
[0x7f4dab699e91]
  Apr  1 02:00:56 fs1 winbindd[1506]: [2012/04/01 02:00:56.282756,  0] 
lib/fault.c:372(dump_core)
  Apr  1 02:00:56 fs1 winbindd[1506]:   dumping core in 
/var/log/samba/cores/winbindd
  Apr  1 02:00:56 fs1 winbindd[1506]:
  Apr  1 02:03:57 fs1 winbindd[1163]: [2012/04/01 02:03:57.387585,  0] 
winbindd/winbindd_util.c:330(trustdom_list_done)
  Apr  1 02:03:57 fs1 winbindd[1163]:   Got invalid trustdom response
  
  Fix submitted here: https://bugzilla.samba.org/show_bug.cgi?id=8807
  ubuntu version probbably just needs patching.


-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/970679

Title:
  [SRU] winbind coredumps when encountering a group with over 1000
  members

To manage notifications about this bug go to:
https://bugs.launchpad.net/samba/+bug/970679/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 970679] Re: [SRU] winbind coredumps when encountering a group with over 1000 members

Reply via email to