<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
text-align:justify;
text-justify:inter-ideograph;
font-size:10.5pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
/* Page Definitions */
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="ZH-CN" link="#0563C1" vlink="#954F72" style="text-justify-trim:punctuation">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US">Hi,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I have a problem with a Segmentation fault. The log is as follows:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">024-07-24T17:06:00.540592+08:00 info kernel[-][25317.980044] dnsmasq[597243]: segfault at 9 ip 000015257897bObe sp 00007fffba533380 error 4 in libc.so.6 15257890c000+1710001<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">This Segmentation fault is triggered when dnsmasq clears dynamic config in the reload phase. The coredump is as follows:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">[New LWP 2925451]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">[Thread debugging using libthread_db enabled]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Using host libthread_db library "/usr/lib64/libthread_db.so.1".<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Core was generated by `dnsmasq --no-hosts --no-resolv --pid-file=/var/lib/neutron/dhcp/d7435322-bf42-4'.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Program terminated with signal SIGSEGV, Segmentation fault.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#0 0x0000151e5168b0be in free () from /usr/lib64/libc.so.6<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">(gdb) bt<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#0 0x0000151e5168b0be in free () from /usr/lib64/libc.so.6<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#1 0x00005651025a08f0 in dhcp_netid_free (nid=0xc08b255501ae7f00) at option.c:1022<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#2 dhcp_netid_list_free (netid=0x0) at option.c:1053<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#3 dhcp_config_free (config=0x565104124bc0) at option.c:1071<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#4 0x00005651025aa011 in clear_dynamic_conf () at option.c:5204<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#5 reread_dhcp () at option.c:5245<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#6 0x00005651025b2c53 in clear_cache_and_reload (now=1722067132) at dnsmasq.c:1699<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#7 0x00005651025960ac in async_event (now=1722067132, pipe=15) at dnsmasq.c:1449<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">#8 main (argc=<optimized out>, argv=<optimized out>) at dnsmasq.c:1192<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">(gdb)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I also reproduced the issue on the latest dnsmasq.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I created multiple namespaces and ran dnsmasq in each namespace. The dnsmasq run parameters are as follows: (The path varies according to the dnsmasq process parameter.)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">dnsmasq --no-hosts --no-resolv --pid-file=/var/lib/neutron/dhcp/d7435322-bf42-48a6-b95d-015e2953ff5f/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/d7435322-bf42-48a6-b95d-015e2953ff5f/host --addn-hosts=/var/lib/neutron/dhcp/d7435322-bf42-48a6-b95d-015e2953ff5f/addn_hosts
--dhcp-optsfile=/var/lib/neutron/dhcp/d7435322-bf42-48a6-b95d-015e2953ff5f/opts --dhcp-leasefile=/var/lib/neutron/dhcp/d7435322-bf42-48a6-b95d-015e2953ff5f/leases --dhcp-match=set:ipxe,175 --dhcp-userclass=set:ipxe6,iPXE --local-service --bind-dynamic --enable-ra
--ra-param=tap75e693e7-82,0,0 --dhcp-range=set:subnet-bcf0c6db-49ad-42e4-9651-a98c1d7ede7e,fc52:152:42:100::,ra-stateless,64,infinite --dhcp-lease-max=16777216 --conf-file=/etc/neutron/dnsmasq.conf --domain=openstacklocal<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">The issue does not reproduce the issue before the committe 10d8b5f001, and it does not reproduce the issue when I rollback 10d8b5f001 in the latest version.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Commit 10d8b5f001 removes duplicate code and replaces free (list->list) with dhcp_netid_free(tmplist->list).<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Before:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">clear_dynamic_conf<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> for (list = configs->netid; list; list = tmplist)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> free(list->list);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> tmplist = list->next;<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> free(list);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> }<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">NOW:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">clear_dynamic_conf<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> dhcp_config_free<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> dhcp_netid_list_free<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> while (netid)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> struct dhcp_netid_list *tmplist = netid;<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> netid = netid->next;<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> dhcp_netid_free(tmplist->list);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> free(tmplist);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> }<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Recurrence operation:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">The following method may be used to reproduce the problem.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Keep adding new stuff to the optsfile and reload dnsmasq. This problem recurs when about 300 contents are added.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">However, this problem does not recur on each host.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">There is another strange phenomenon. When I add logs as follow, the problem cannot be reproduced:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">diff --git a/src/option.c b/src/option.c<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">index f4ff7c0..958b761 100644<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">--- a/src/option.c<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">+++ b/src/option.c<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">@@ -1329,6 +1329,7 @@ static void dhcp_netid_free(struct dhcp_netid *nid)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> struct dhcp_netid *tmp = nid;<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> nid = nid->next;<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">+ my_syslog(MS_DHCP | LOG_INFO, "=====tmp->net=%p\n", tmp->net);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> free(tmp->net);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> free(tmp);<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> }<o:p></o:p></span></p>
</div>
</body>
</html>