Package: bind9 Version: 1:9.8.1.dfsg-1 Severity: normal named process takes about 100% of CPU (one core) without any external load.
Here some strace log: [pid 13585] futex(0x7f76b626207c, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 11977183, {1322159632, 411160000}, ffffffff [pid 13582] futex(0x7f76b626207c, FUTEX_WAKE_OP_PRIVATE, 1, 1, 0x7f76b6262078, {FUTEX_OP_SET, 0, FUTEX_OP_CMP_GT, 1} [pid 13585] <... futex resumed> ) = -1 EAGAIN (Resource temporarily unavailable) [pid 13582] <... futex resumed> ) = 0 [pid 13585] futex(0x7f76b6262028, FUTEX_WAIT_PRIVATE, 2, NULL [pid 13582] futex(0x7f76b6262028, FUTEX_WAKE_PRIVATE, 1 [pid 13585] <... futex resumed> ) = -1 EAGAIN (Resource temporarily unavailable) [pid 13582] <... futex resumed> ) = 0 [pid 13585] futex(0x7f76b6262028, FUTEX_WAKE_PRIVATE, 1) = 0 [pid 13582] futex(0x7f76b6262078, FUTEX_WAIT_PRIVATE, 2, NULL [pid 13585] futex(0x7f76b6262078, FUTEX_WAKE_PRIVATE, 1 [pid 13582] <... futex resumed> ) = -1 EAGAIN (Resource temporarily unavailable) [pid 13585] <... futex resumed> ) = 0 [pid 13582] futex(0x7f76b626207c, FUTEX_WAKE_OP_PRIVATE, 1, 1, 0x7f76b6262078, {FUTEX_OP_SET, 0, FUTEX_OP_CMP_GT, 1} [pid 13585] futex(0x7f76b626207c, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 11977185, {1322159632, 411160000}, ffffffff [pid 13582] <... futex resumed> ) = 0 [pid 13585] <... futex resumed> ) = -1 EAGAIN (Resource temporarily unavailable) log is clear (even with debug level), status displays: version: 9.8.1 CPUs found: 4 worker threads: 4 number of zones: 30 debug level: 0 xfers running: 0 xfers deferred: 0 soa queries in progress: 0 query logging is OFF recursive clients: 0/0/1000 tcp clients: 0/100 server is up and running -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.1.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages bind9 depends on: ii adduser 3.113 ii bind9utils 1:9.8.1.dfsg-1 ii debconf [debconf-2.0] 1.5.41 ii libbind9-80 1:9.8.1.dfsg-1 ii libc6 2.13-21 ii libcap2 1:2.22-1 ii libdns81 1:9.8.1.dfsg-1 ii libgssapi-krb5-2 1.9.1+dfsg-3 ii libisc83 1:9.8.1.dfsg-1 ii libisccc80 1:9.8.1.dfsg-1 ii libisccfg82 1:9.8.1.dfsg-1 ii liblwres80 1:9.8.1.dfsg-1 ii libssl1.0.0 1.0.0e-2.1 ii libxml2 2.7.8.dfsg-5 ii lsb-base 3.2-28 ii net-tools 1.60-24.1 ii netbase 4.47 bind9 recommends no packages. Versions of packages bind9 suggests: pn bind9-doc 1:9.8.1.dfsg-1 pn dnsutils 1:9.8.1.dfsg-1 pn resolvconf <none> pn ufw <none> -- Configuration Files: /etc/bind/named.conf.local changed: // // Do any local configuration here // // Consider adding the 1918 zones here, if they are not used in your // organization //include "/etc/bind/zones.rfc1918"; key "rndc-key" { algorithm hmac-md5; secret "r8Yb4yQ9z09i6RK0U3OAWg=="; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; }; }; controls { inet ::1 port 953 allow { ::1; } keys { "rndc-key"; }; }; zone "desunote.ru" { type master; notify yes; allow-transfer { 80.249.182.250;80.249.182.254; 192.168.2.4; }; file "/etc/bind/db.desunote.ru"; }; zone "kirius.spb.ru" { type master; notify yes; allow-transfer { 80.249.182.250; 80.249.182.254;192.168.2.4; 193.124.22.65;}; file "/etc/bind/db.kirius.spb.ru"; }; zone "amarao.spb.ru" { type master; notify yes; allow-transfer { 80.249.182.250; 80.249.182.252; 80.249.182.254;192.168.2.4; 193.124.22.65;}; file "/etc/bind/db.generic"; }; zone "oldbooks.spb.su" { type master; notify yes; allow-transfer { 80.249.182.250; 80.249.182.252; 80.249.182.254;192.168.2.4; 193.124.22.65;}; file "/etc/bind/db.generic"; }; zone "shuklin.pp.ru" { type master; notify yes; allow-transfer { 80.249.182.250; 80.249.182.252; 80.249.182.254;192.168.2.4; 193.124.22.65;}; file "/etc/bind/db.generic"; }; zone "shuklin.spb.ru" { type master; notify yes; allow-transfer { 80.249.182.250; 80.249.182.252; 80.249.182.254;192.168.2.4; 193.124.22.65;}; file "/etc/bind/db.generic"; }; zone "voterra.spb.ru" { type master; notify yes; allow-transfer { 80.249.182.250; 80.249.182.252; 80.249.182.254;192.168.2.4; 193.124.22.65;}; file "/etc/bind/db.voterra.spb.ru"; }; zone "rakshas.spb.ru" { type master; notify yes; allow-transfer { 80.249.182.250; 80.249.182.252; 80.249.182.254;192.168.2.4; 193.124.22.65;}; file "/etc/bind/db.rakshas.spb.ru"; }; zone "activate.adobe.com" { type master; file "/etc/bind/db.generic"; }; zone "animehistory.ru" { type master; file "/etc/bind/db.animehistory.ru"; allow-transfer { any; }; }; zone "fakedream.ru" { type master; file "/etc/bind/db.fakedream.ru"; allow-transfer {any;}; }; zone "xencloud.ru"{ type master; file "/etc/bind/db.xencloud.ru"; allow-transfer {any;}; }; /etc/bind/named.conf.options changed: options { directory "/var/cache/bind"; // If there is a firewall between you and nameservers you want // to talk to, you may need to fix the firewall to allow multiple // ports to talk. See http://www.kb.cert.org/vuls/id/800113 // If your ISP provided one or more IP addresses for stable // nameservers, you probably want to use them as forwarders. // Uncomment the following block, and insert the addresses replacing // the all-0's placeholder. // forwarders { // 0.0.0.0; // }; //======================================================================== // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //======================================================================== dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; /etc/init.d/bind9 changed: PATH=/sbin:/bin:/usr/sbin:/usr/bin OPTIONS="" RESOLVCONF=no test -f /etc/default/bind9 && . /etc/default/bind9 test -x /usr/sbin/rndc || exit 0 . /lib/lsb/init-functions PIDFILE=/var/run/named/named.pid check_network() { if [ -x /usr/bin/uname ] && [ "X$(/usr/bin/uname -o)" = XSolaris ]; then IFCONFIG_OPTS="-au" else IFCONFIG_OPTS="" fi if [ -z "$(/sbin/ifconfig $IFCONFIG_OPTS)" ]; then #log_action_msg "No networks configured." return 1 fi return 0 } case "$1" in start) log_daemon_msg "Starting domain name service..." "bind9" modprobe capability >/dev/null 2>&1 || true # dirs under /var/run can go away on reboots. mkdir -p /var/run/named chmod 775 /var/run/named chown root:bind /var/run/named >/dev/null 2>&1 || true if [ ! -x /usr/sbin/named ]; then log_action_msg "named binary missing - not starting" log_end_msg 1 fi if ! check_network; then log_action_msg "no networks configured" log_end_msg 1 fi if start-stop-daemon --start --oknodo --quiet --exec /usr/sbin/named \ --pidfile ${PIDFILE} -- $OPTIONS; then if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.named fi log_end_msg 0 else log_end_msg 1 fi ;; stop) log_daemon_msg "Stopping domain name service..." "bind9" if ! check_network; then log_action_msg "no networks configured" log_end_msg 1 fi echo stage 0 if [ "X$RESOLVCONF" != "Xno" ] && [ -x /sbin/resolvconf ] ; then /sbin/resolvconf -d lo.named fi if [ -z "$pid" ]; then # no pid found, so either not running, or error pid=$(pgrep -f ^/usr/sbin/named) || true echo stage1 start-stop-daemon --stop --oknodo --quiet --exec /usr/sbin/named \ --pidfile ${PIDFILE} -- $OPTIONS echo stage2 fi if [ -n $pid ]; then while kill -0 $pid 2>/dev/null; do log_progress_msg "waiting for pid $pid to die" sleep 1 done fi log_end_msg 0 ;; reload|force-reload) log_daemon_msg "Reloading domain name service..." "bind9" if ! check_network; then log_action_msg "no networks configured" log_end_msg 1 fi /usr/sbin/rndc reload >/dev/null && log_end_msg 0 || log_end_msg 1 ;; restart) if ! check_network; then log_action_msg "no networks configured" exit 1 fi $0 stop $0 start ;; status) ret=0 status_of_proc -p ${PIDFILE} /usr/sbin/named bind9 2>/dev/null || ret=$? exit $ret ;; *) log_action_msg "Usage: /etc/init.d/bind9 {start|stop|reload|restart|force-reload|status}" exit 1 ;; esac exit 0 -- debconf information: * bind9/different-configuration-file: * bind9/run-resolvconf: false * bind9/start-as-user: bind -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org