Hi, while playing around with the "dnseval" tool from the dnsdiag package[0], I accidently crashed my dnsmasq instance that was running on my router. This router is running Dnsmasq version 2.77 on a current LEDE operating system, where similar have been reported in the past:
> sending SIGSEGV to dnsmasq for invalid read access from 00000000 > https://bugs.lede-project.org/index.php?do=details&task_id=251 > Intermittent SIGSEGV crash of dnsmasq-full > https://bugs.lede-project.org/index.php?do=details&task_id=766 However, both bugs were closed because they either were related to some busybox machinery errors or were pointing to the upstream project to look at this. In the dnsmasq-discuss archives I found a thread from last year[1] with a crash message that looked very much like the message I receive when dnsmasq crashes on the LEDE router: =================== kernel: [ 2860.890789] do_page_fault(): sending SIGSEGV to dnsmasq for invalid write access to 00552000 kernel: [ 2860.899402] epc = 77cd488c in libc.so[77c62000+92000] kernel: [ 2860.904552] ra = 00406c41 in dnsmasq[400000+21000] =================== So, I tried to reproduce this scenario on a Debian/amd64 VM and compiled today's git checkout with -Og -g and used a fairly simple configuration file to start dnsmasq: =================== $ cat ~/test/dnsmasq.conf.bug listen-address=192.168.56.130 bind-interfaces no-daemon no-hosts no-resolv log-queries=extra server=8.8.8.8 $ sudo -H src/dnsmasq -C ~/test/dnsmasq.conf.bug dnsmasq: started, version 2.78test2-6-g69a815a cachesize 150 dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify dnsmasq: using nameserver 8.8.8.8#53 dnsmasq: cleared cache dnsmasq: 1 192.168.56.1/59405 query[A] www.aol.com from 192.168.56.1 Segmentation fault =================== The segfault happened after I started "dnseval" against this newly spawned dnsmasq instance. This "dnseval" thingy is described as: > dnseval: - bulk ping utility that sends an arbitrary DNS query to > a list of DNS servers Per default, "bulk" means it sends 10 requests to the DNS server, but dnsmasq segfaults pretty quickly: GDB output (still carries optimized out values, hm...) https://paste.fedoraproject.org/paste/awbvnGEvj57ru1TtAuA3ag tcpdump for this run: https://paste.fedoraproject.org/paste/X-9Qa67oKT-jlmpKb4IU7A Ideas welcome :-) Thanks, Christian. [0] https://github.com/farrokhi/dnsdiag [1] http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q3/010830.html -- BOFH excuse #37: heavy gravity fluctuation, move computer to floor rapidly _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss