while playing around with the "dnseval" tool from the dnsdiag package[0], 
I accidently crashed my dnsmasq instance that was running on my router. 
This router is running Dnsmasq version 2.77 on a current LEDE operating 
system, where similar have been reported in the past:

 > sending SIGSEGV to dnsmasq for invalid read access from 00000000
 > https://bugs.lede-project.org/index.php?do=details&task_id=251
 > Intermittent SIGSEGV crash of dnsmasq-full
 > https://bugs.lede-project.org/index.php?do=details&task_id=766

However, both bugs were closed because they either were related to some 
busybox machinery errors or were pointing to the upstream project to look 
at this.

In the dnsmasq-discuss archives I found a thread from last year[1] with
a crash message that looked very much like the message I receive when 
dnsmasq crashes on the LEDE router:

kernel: [ 2860.890789] do_page_fault(): sending SIGSEGV to dnsmasq for invalid 
write access to 00552000
kernel: [ 2860.899402] epc = 77cd488c in libc.so[77c62000+92000]
kernel: [ 2860.904552] ra  = 00406c41 in dnsmasq[400000+21000]

So, I tried to reproduce this scenario on a Debian/amd64 VM and 
compiled today's git checkout with -Og -g and used a fairly simple 
configuration file to start dnsmasq:

$ cat ~/test/dnsmasq.conf.bug

$ sudo -H src/dnsmasq -C ~/test/dnsmasq.conf.bug
dnsmasq: started, version 2.78test2-6-g69a815a cachesize 150
dnsmasq: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP 
DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify
dnsmasq: using nameserver
dnsmasq: cleared cache

dnsmasq: 1 query[A] www.aol.com from
Segmentation fault

The segfault happened after I started "dnseval" against this newly spawned 
dnsmasq instance. This "dnseval" thingy is described as:

  > dnseval: -  bulk ping utility that sends an arbitrary DNS query to
  > a list of DNS servers

Per default, "bulk" means it sends 10 requests to the DNS server, but 
dnsmasq segfaults pretty quickly:

  GDB output (still carries optimized out values, hm...)

  tcpdump for this run:

Ideas welcome :-)


[0] https://github.com/farrokhi/dnsdiag
[1] http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q3/010830.html
BOFH excuse #37:

heavy gravity fluctuation, move computer to floor rapidly

Dnsmasq-discuss mailing list

Reply via email to