subject:"\[Dnsmasq\-discuss\] excessive file descriptor usage after upgrading to 2.81"

Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

2020-11-05 Thread WU, CHRIS

Hello.  I have another update with more information.  It turns out this 
statement I made isn't entirely accurate:

"Since I knew this did not happen with 2.78 I also tried Dnsmasq versions 2.79 
and 2.80 and this does not happen."

This is true when IPv6 is disabled but if I remove the -DNO_IPV6 flag in the 
CFLAGS I can get it to happen.  Without the -DNO_IPV6 version 2.80 uses ~195 
file descriptors and version 2.78 uses ~45 file descriptors.

To get around this we're going to roll back to version 2.80 from 2.81, use the 
-DNO_IPV6 flag, and apply the patch for CVE-2019-14834.

From: WU, CHRIS
Sent: Wednesday, October 21, 2020 8:02 PM
To: 'dnsmasq-discuss@lists.thekelleys.org.uk' 

Subject: RE: excessive file descriptor usage after upgrading to 2.81

I have more information about what's happening.  It seems that the large number 
of file descriptors doesn't change when you leave dnsmasq running.  However, I 
realized that if I restarted dnsmasq that the number of file descriptors in use 
went back to normal (less than twenty).

I looked in /var/log/messages and I saw that there were an excessive number of 
these failures when dnsmasq initially started after boot. The date is Jan 1 
because the clock hadn't been set yet at this point.

Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: 
Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: 
Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: 
Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: 
Address already in use

The message is printed by the "make_sock" function. I don't see where it 
changed significantly between 2.80 and 2.81.

When I looked up how many times this error appears I found that it is almost 
equal to the number of file descriptors dnsmasq has open.

# grep -i failed.to.create /var/log/messages* | wc -l
140
# lsof -P -n | grep dnsmasq | grep -i udp | wc -l
144

The "can't identify protocol" in my earlier message was because I was using a 
version of lsof that didn't support v6 sockets. After uprading to a newer 
version of lsof those messages went away.

From: WU, CHRIS
Sent: Thursday, October 15, 2020 7:48 PM
To: 'dnsmasq-discuss@lists.thekelleys.org.uk' 
mailto:dnsmasq-discuss@lists.thekelleys.org.uk>>
Subject: excessive file descriptor usage after upgrading to 2.81

Hello. We've been using Dnsmasq version 2.78 for quite a while but upgraded to 
2.81 because of CVE-2019-14834. Upon inspecting the output of lsof we realized 
that Dnsmasq is using almost 200 file descriptors upon boot and after an hour 
later the number remains unchanged. Since I knew this did not happen with 2.78 
I also tried Dnsmasq versions 2.79 and 2.80 and this does not happen. It looks 
like it started with 2.81 and also happens with 2.82. My operating environment 
is armv7l GNU/Linux.

Here's an example of (clipped) output of lsof:

version 2.81 (195 file descriptors open)
dnsmasq1222 nobody  187u inet   2847UDP 
10.10.12.1:53
dnsmasq1222 nobody  188u sock0,7   2849 can't 
identify protocol
dnsmasq1222 nobody  189u inet   2853UDP 
10.10.15.1:53
dnsmasq1222 nobody  190u inet   2855UDP 
10.10.12.1:53
dnsmasq1222 nobody  191u sock0,7   2857 can't 
identify protocol
dnsmasq1222 nobody  192u inet   2886UDP 
10.10.15.1:53
dnsmasq1222 nobody  193u inet   2888UDP 
10.10.12.1:53
dnsmasq1222 nobody  194u sock0,7   2890 can't 
identify protocol
dnsmasq1222 nobody  195u sock0,7   2893 can't 
identify protocol
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.81  Copyright (c) 2000-2020 Simon Kelley

version 2.80
dnsmasq   4893 nobody   10r 0,9   0  6 anon_inode
dnsmasq   4893 nobody   11r FIFO0,8   6848 pipe
dnsmasq   4893 nobody   12w FIFO0,8   6848 pipe
dnsmasq   4893 nobody   13u unix 0xf7791905   6850 socket
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.80  Copyright (c) 2000-2018 Simon Kelley

version 2.79
dnsmasq466 nobody7u inet   1760TCP 127.0.0.1:53 
(LISTEN)
dnsmasq466 nobody8u inet   1761UDP 127.0.0.1:53
dnsmasq466 nobody9u inet   1762TCP 127.0.0.1:53 
(LISTEN)
dnsmasq466 nobody   10r 0,9   0  6 anon_inode
dnsmasq466 nobody   11r FIFO0,8   1763 pipe
dnsmasq466 nobody   12w FIFO0,8   1763 pipe
dnsmasq466 nobody   13u unix 0xea856025   1765 socket
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.79  Copyright (c) 2000-2018 Simon Kelley

version 2.78
dnsmasq4

Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

2020-10-21 Thread WU, CHRIS

I have more information about what's happening.  It seems that the large number 
of file descriptors doesn't change when you leave dnsmasq running.  However, I 
realized that if I restarted dnsmasq that the number of file descriptors in use 
went back to normal (less than twenty).

I looked in /var/log/messages and I saw that there were an excessive number of 
these failures when dnsmasq initially started after boot. The date is Jan 1 
because the clock hadn't been set yet at this point.

Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: 
Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: 
Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: 
Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: 
Address already in use

The message is printed by the "make_sock" function. I don't see where it 
changed significantly between 2.80 and 2.81.

When I looked up how many times this error appears I found that it is almost 
equal to the number of file descriptors dnsmasq has open.

# grep -i failed.to.create /var/log/messages* | wc -l
140
# lsof -P -n | grep dnsmasq | grep -i udp | wc -l
144

The "can't identify protocol" in my earlier message was because I was using a 
version of lsof that didn't support v6 sockets. After uprading to a newer 
version of lsof those messages went away.

From: WU, CHRIS
Sent: Thursday, October 15, 2020 7:48 PM
To: 'dnsmasq-discuss@lists.thekelleys.org.uk' 

Subject: excessive file descriptor usage after upgrading to 2.81

Hello. We've been using Dnsmasq version 2.78 for quite a while but upgraded to 
2.81 because of CVE-2019-14834. Upon inspecting the output of lsof we realized 
that Dnsmasq is using almost 200 file descriptors upon boot and after an hour 
later the number remains unchanged. Since I knew this did not happen with 2.78 
I also tried Dnsmasq versions 2.79 and 2.80 and this does not happen. It looks 
like it started with 2.81 and also happens with 2.82. My operating environment 
is armv7l GNU/Linux.

Here's an example of (clipped) output of lsof:

version 2.81 (195 file descriptors open)
dnsmasq1222 nobody  187u inet   2847UDP 
10.10.12.1:53
dnsmasq1222 nobody  188u sock0,7   2849 can't 
identify protocol
dnsmasq1222 nobody  189u inet   2853UDP 
10.10.15.1:53
dnsmasq1222 nobody  190u inet   2855UDP 
10.10.12.1:53
dnsmasq1222 nobody  191u sock0,7   2857 can't 
identify protocol
dnsmasq1222 nobody  192u inet   2886UDP 
10.10.15.1:53
dnsmasq1222 nobody  193u inet   2888UDP 
10.10.12.1:53
dnsmasq1222 nobody  194u sock0,7   2890 can't 
identify protocol
dnsmasq1222 nobody  195u sock0,7   2893 can't 
identify protocol
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.81  Copyright (c) 2000-2020 Simon Kelley

version 2.80
dnsmasq   4893 nobody   10r 0,9   0  6 anon_inode
dnsmasq   4893 nobody   11r FIFO0,8   6848 pipe
dnsmasq   4893 nobody   12w FIFO0,8   6848 pipe
dnsmasq   4893 nobody   13u unix 0xf7791905   6850 socket
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.80  Copyright (c) 2000-2018 Simon Kelley

version 2.79
dnsmasq466 nobody7u inet   1760TCP 127.0.0.1:53 
(LISTEN)
dnsmasq466 nobody8u inet   1761UDP 127.0.0.1:53
dnsmasq466 nobody9u inet   1762TCP 127.0.0.1:53 
(LISTEN)
dnsmasq466 nobody   10r 0,9   0  6 anon_inode
dnsmasq466 nobody   11r FIFO0,8   1763 pipe
dnsmasq466 nobody   12w FIFO0,8   1763 pipe
dnsmasq466 nobody   13u unix 0xea856025   1765 socket
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.79  Copyright (c) 2000-2018 Simon Kelley

version 2.78
dnsmasq430 nobody   10r 0,9   0  6 anon_inode
dnsmasq430 nobody   11r FIFO0,8460 pipe
dnsmasq430 nobody   12w FIFO0,8460 pipe
dnsmasq430 nobody   13u unix 0xcc699e5c462 socket
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.78  Copyright (c) 2000-2017 Simon Kelley

.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

2020-10-16 Thread WU, CHRIS

If any other output would be useful I'd be happy to provide it!

-Original Message-
From: Dnsmasq-discuss  On Behalf Of 
Geert Stappers
Sent: Friday, October 16, 2020 1:37 AM
To: dnsmasq-disc...@thekelleys.org.uk
Subject: Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading 
to 2.81

On Thu, Oct 15, 2020 at 11:47:44PM +, WU, CHRIS wrote:
> Hello. We've been using Dnsmasq version 2.78 for quite a while but 
> upgraded to 2.81 because of CVE-2019-14834. Upon inspecting the output 
> of lsof we realized that Dnsmasq is using almost 200 file descriptors 
> upon boot and after an hour later the number remains unchanged. Since 
> I knew this did not happen with 2.78 I also tried Dnsmasq versions
> 2.79 and 2.80 and this does not happen. It looks like it started with
> 2.81 and also happens with 2.82.
> My operating environment is armv7l GNU/Linux.
> 

Looking forward to what  `git bisect` says.


Regards
Geert Stappers
--
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://urldefense.com/v3/__http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss__;!!BhdT!w73f5y3PfUpo3tfm5iA6GH8IveO_iC_S3-AQscg3-U_FIrSGPe0Ll2JISx1dRA$
 

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

2020-10-15 Thread Geert Stappers

On Thu, Oct 15, 2020 at 11:47:44PM +, WU, CHRIS wrote:
> Hello. We've been using Dnsmasq version 2.78 for quite a while but
> upgraded to 2.81 because of CVE-2019-14834. Upon inspecting the output
> of lsof we realized that Dnsmasq is using almost 200 file descriptors
> upon boot and after an hour later the number remains unchanged. Since
> I knew this did not happen with 2.78 I also tried Dnsmasq versions
> 2.79 and 2.80 and this does not happen. It looks like it started with
> 2.81 and also happens with 2.82.
> My operating environment is armv7l GNU/Linux.
> 

Looking forward to what  `git bisect` says.


Regards
Geert Stappers
-- 
Silence is hard to parse

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

2020-10-15 Thread WU, CHRIS

Hello. We've been using Dnsmasq version 2.78 for quite a while but upgraded to 
2.81 because of CVE-2019-14834. Upon inspecting the output of lsof we realized 
that Dnsmasq is using almost 200 file descriptors upon boot and after an hour 
later the number remains unchanged. Since I knew this did not happen with 2.78 
I also tried Dnsmasq versions 2.79 and 2.80 and this does not happen. It looks 
like it started with 2.81 and also happens with 2.82. My operating environment 
is armv7l GNU/Linux.

Here's an example of (clipped) output of lsof:

version 2.81 (195 file descriptors open)
dnsmasq1222 nobody  187u inet   2847UDP 
10.10.12.1:53
dnsmasq1222 nobody  188u sock0,7   2849 can't 
identify protocol
dnsmasq1222 nobody  189u inet   2853UDP 
10.10.15.1:53
dnsmasq1222 nobody  190u inet   2855UDP 
10.10.12.1:53
dnsmasq1222 nobody  191u sock0,7   2857 can't 
identify protocol
dnsmasq1222 nobody  192u inet   2886UDP 
10.10.15.1:53
dnsmasq1222 nobody  193u inet   2888UDP 
10.10.12.1:53
dnsmasq1222 nobody  194u sock0,7   2890 can't 
identify protocol
dnsmasq1222 nobody  195u sock0,7   2893 can't 
identify protocol
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.81  Copyright (c) 2000-2020 Simon Kelley

version 2.80
dnsmasq   4893 nobody   10r 0,9   0  6 anon_inode
dnsmasq   4893 nobody   11r FIFO0,8   6848 pipe
dnsmasq   4893 nobody   12w FIFO0,8   6848 pipe
dnsmasq   4893 nobody   13u unix 0xf7791905   6850 socket
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.80  Copyright (c) 2000-2018 Simon Kelley

version 2.79
dnsmasq466 nobody7u inet   1760TCP 127.0.0.1:53 
(LISTEN)
dnsmasq466 nobody8u inet   1761UDP 127.0.0.1:53
dnsmasq466 nobody9u inet   1762TCP 127.0.0.1:53 
(LISTEN)
dnsmasq466 nobody   10r 0,9   0  6 anon_inode
dnsmasq466 nobody   11r FIFO0,8   1763 pipe
dnsmasq466 nobody   12w FIFO0,8   1763 pipe
dnsmasq466 nobody   13u unix 0xea856025   1765 socket
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.79  Copyright (c) 2000-2018 Simon Kelley

version 2.78
dnsmasq430 nobody   10r 0,9   0  6 anon_inode
dnsmasq430 nobody   11r FIFO0,8460 pipe
dnsmasq430 nobody   12w FIFO0,8460 pipe
dnsmasq430 nobody   13u unix 0xcc699e5c462 socket
[root@U115 ~]# dnsmasq -v
Dnsmasq version 2.78  Copyright (c) 2000-2017 Simon Kelley

.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

Re: [Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

[Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

5 matches

Site Navigation

Mail list logo

Footer information