Re: Possible Issue

[Michael Tremer <michael.tremer@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 7270 bytes --]

I have pretty much the same situation here, but on various machines and
even on virtual machines.

However I was not able to reproduce it with a single DNS record. It
rather seems to be that if there are a few DNS queries coming in at the
same time, dnsmasq tends to crash under certain circumstances. The only
thing that I can do is contacting upstream again and raise attention,
but I am not sure if they can do anything if we cannot show when the
crash is happening.

Best,
-Michael

On Sat, 2015-12-05 at 12:15 +0100, Matthias Fischer wrote:
> Hi,
> 
> just for information:
> 
> I just tried to reproduce your crash.
> I disabled 'noscript' (Firefox addon) - plus your list from below -
> and 
> allowed all redirections. No crash - as far as I can see, all pages
> and 
> images loaded without problems (sorry... ;-).
> 
> Regards,
> Matthias
> 
> P.S.: Using DNS-WATCH-servers => 
> https://wiki.ipfire.org/en/dns/public-servers (84.200.69.80 /
> 84.200.70.40)
> 
> On 05.12.2015 05:19, R. W. Rodolico wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > Just a follow up on the dnsmasq issue. It happened again tonight,
> > with
> > logs similar to what I had before. See at the bottom. Here is the
> > sequence of events:
> > 
> > I was opening http://news.bbc.co.uk (which redirects to
> > http://www.bbc.com/news). It made it halfway through the page when
> > dnsmasq apparently died (some of the images did not come up). I
> > then
> > tried to open a few additional pages, all at www.bbc.com, and when
> > they all failed, I checked the server. Note that at 21:53:13 it was
> > running fine, and at 21:54.25 it died, during a page load.
> > 
> > Just prior to all this, I had loaded several pages, each requiring
> > a
> > DNS operation. It appeared dnsmasq died during the loading of the
> > last
> > of them (news.bbc.co.uk) as that one had images only partially
> > complete. The sites were.
> > 
> > http://antwrp.gsfc.nasa.gov/apod/
> > http://news.bbc.co.uk/
> > http://www.publicbroadcasting.net/kera/news.newsmain
> > http://planet.ipfire.org/
> > http://www.kyivpost.com/
> > 
> > I tend to open these all at the same time in Firefox and they
> > generally work just fine. At the time I opened these, I also had 12
> > other tabs open in three additional instances of Firefox, one tab
> > open
> > in Chromium, my mail client open with 4 accounts. No other machines
> > were on in the location.
> > 
> > I see no patterns at all. The last time it happened, I do not
> > believe
> > I had nearly as many sessions open (there are always around 12 web
> > pages open in two Firefox windows). It is weird in that it happened
> > about a week ago also.
> > 
> > The IPFire machine is as follows:
> > AMD Geode, single core, 500Mhz
> > 512M RAM, no swap
> > 4 VIA VT6105M NIC's, Red, Green and two bridged Green
> > 1 TP-Link TL-WN75IND wireless PCI card (Qualcomm Atheros AR9227
> > Wireless NIC)
> > 
> > With the exception of bridging two NIC's into the Green, and the
> > wireless NIC, this is a standard configuration I have used in
> > dozens
> > of firewalls.
> > 
> > Michael, does any of this match your machine that has had the
> > issue?
> > Do you think I should look for anything else, or do you want to
> > just
> > wait for Core 96 and see if the new dnsmasq fixes it.
> > 
> > Rod
> > 
> > ===================================================================
> > =====
> > Dec  4 21:53:13 dd-router dnsmasq[2801]: reading
> > /var/state/dhcp/dhcpd.leases
> > Dec  4 21:54:25 dd-router kernel: dnsmasq[2801]: segfault at 0 ip
> > 0805daaf sp 5ec22580 error 4 in dnsmasq[8048000+32000]
> > Dec  4 21:54:25 dd-router kernel: grsec: Segmentation fault
> > occurred
> > at    (nil) in /usr/sbin/dnsmasq[dnsmasq:2801] uid/euid:99/99
> > gid/egid:40/40, parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
> > Dec  4 21:54:25 dd-router kernel: grsec: bruteforce prevention
> > initiated due to crash of /usr/sbin/dnsmasq against uid 99, banning
> > suid/sgid execs for 15 minutes.  Please investigate the crash
> > report
> > for /usr/sbin/dnsmasq[dnsmasq:2801] uid/euid:99/99 gid/egid:40/40,
> > parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
> > ===================================================================
> > =====
> > 
> > 
> > On 12/01/2015 10:40 PM, R. W. Rodolico wrote:
> > > I tried to reproduce it, but was not successful. I saw no
> > > correlation between the two times it happened. If it breaks
> > > again,
> > > I'll see if I can create a conditions list, however.
> > > 
> > > My office firewall is set to always run the testing tree, so as
> > > soon as 96 goes into beta, it will automatically upgrade (I keep
> > > a
> > > very, very old router around in case I completely mess it up with
> > > the upgrade! ).
> > > 
> > > I really hate giving a report that says "this broke." I know you
> > > need more information than that.
> > > 
> > > Rod
> > > 
> > > On 12/01/2015 04:39 PM, Michael Tremer wrote:
> > > > Hi,
> > > 
> > > > yes, dnsmasq has some stability issues. This has become way
> > > > better since a few releases, but it is still not at the level
> > > > where it should be.
> > > 
> > > > Have you any information about how to reproduce the crash? I
> > > > experienced them for a time, but they were all random and I
> > > > could not debug this a lot.
> > > 
> > > > I just merged a patch with some fixes. Maybe it has been fixed
> > > > in
> > > >  there. Please test Core Update 96 as soon as it becomes
> > > > available for testing.
> > > 
> > > > Best, -Michael
> > > 
> > > > On Fri, 2015-11-27 at 16:32 -0600, R. W. Rodolico wrote:
> > > > > I am running 95 and have had two times in the past couple of
> > > > > weeks where dnsmasq has died on me. I have been able to fix
> > > > > the problem by starting it up again and it works just fine.
> > > > > 
> > > > > The error appears to be associated with these log entries:
> > > > > 
> > > > > Nov 24 13:38:26 dd-router kernel: dnsmasq[2789]: segfault at
> > > > > 0
> > > > > ip 0805daaf sp 5af771e0 error 4 in dnsmasq[8048000+32000] Nov
> > > > > 24 13:38:26 dd-router kernel: grsec: Segmentation fault
> > > > > occurred at (nil) in /usr/sbin/dnsmasq[dnsmasq:2789]
> > > > > uid/euid:99/99 gid/egid:40/40, parent /sbin/init[init:1]
> > > > > uid/euid:0/0 gid/egid:0/0 Nov 24 13:38:26 dd-router kernel:
> > > > > grsec: bruteforce prevention initiated due to crash of
> > > > > /usr/sbin/dnsmasq against uid 99, banning suid/sgid execs for
> > > > > 15 minutes.  Please investigate the crash report for
> > > > > /usr/sbin/dnsmasq[dnsmasq:2789] uid/euid:99/99
> > > > > gid/egid:40/40,
> > > > > parent /sbin/init[init:1] uid/euid:0/0 gid/egid:0/0
> > > > > 
> > > > > this is a fresh install of IPFire 94, then upgrade to 95.
> > > > > Please let me know what I can do to further troubleshoot
> > > > > this.
> > > > > 
> > > > > Rod
> > > 
> > > 
> > 
> > - --
> > Rod Rodolico
> > Daily Data, Inc.
> > POB 140465
> > Dallas TX 75214-0465
> > 214.827.2170
> > http://www.dailydata.net
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.12 (GNU/Linux)
> > 
> > iEYEARECAAYFAlZiZeQACgkQuVY3UpYMlTTr3wCfdDrr4+xDjM+rjopuFsUDkIPm
> > Je4An1fE+C4Jk3MKbTS1JpBxCev0HDR5
> > =ODLv
> > -----END PGP SIGNATURE-----
> > 
> 

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]