[Dnsmasq-discuss] excessive file descriptor usage after upgrading to 2.81

WU, CHRIS cw1921 at att.com
Thu Oct 22 01:01:44 BST 2020


I have more information about what's happening.  It seems that the large number of file descriptors doesn't change when you leave dnsmasq running.  However, I realized that if I restarted dnsmasq that the number of file descriptors in use went back to normal (less than twenty).

I looked in /var/log/messages and I saw that there were an excessive number of these failures when dnsmasq initially started after boot. The date is Jan 1 because the clock hadn't been set yet at this point.

Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: Address already in use
Jan  1 01:00:00 dnsmasq[1149]: failed to create listening socket for 127.0.0.1: Address already in use

The message is printed by the "make_sock" function. I don't see where it changed significantly between 2.80 and 2.81.

When I looked up how many times this error appears I found that it is almost equal to the number of file descriptors dnsmasq has open.

# grep -i failed.to.create /var/log/messages* | wc -l
140
# lsof -P -n | grep dnsmasq | grep -i udp | wc -l
144

The "can't identify protocol" in my earlier message was because I was using a version of lsof that didn't support v6 sockets. After uprading to a newer version of lsof those messages went away.

From: WU, CHRIS
Sent: Thursday, October 15, 2020 7:48 PM
To: 'dnsmasq-discuss at lists.thekelleys.org.uk' <dnsmasq-discuss at lists.thekelleys.org.uk>
Subject: excessive file descriptor usage after upgrading to 2.81

Hello. We've been using Dnsmasq version 2.78 for quite a while but upgraded to 2.81 because of CVE-2019-14834. Upon inspecting the output of lsof we realized that Dnsmasq is using almost 200 file descriptors upon boot and after an hour later the number remains unchanged. Since I knew this did not happen with 2.78 I also tried Dnsmasq versions 2.79 and 2.80 and this does not happen. It looks like it started with 2.81 and also happens with 2.82. My operating environment is armv7l GNU/Linux.

Here's an example of (clipped) output of lsof:

version 2.81 (195 file descriptors open)
dnsmasq    1222 nobody  187u     inet       2847                UDP 10.10.12.1:53
dnsmasq    1222 nobody  188u     sock        0,7               2849 can't identify protocol
dnsmasq    1222 nobody  189u     inet       2853                UDP 10.10.15.1:53
dnsmasq    1222 nobody  190u     inet       2855                UDP 10.10.12.1:53
dnsmasq    1222 nobody  191u     sock        0,7               2857 can't identify protocol
dnsmasq    1222 nobody  192u     inet       2886                UDP 10.10.15.1:53
dnsmasq    1222 nobody  193u     inet       2888                UDP 10.10.12.1:53
dnsmasq    1222 nobody  194u     sock        0,7               2890 can't identify protocol
dnsmasq    1222 nobody  195u     sock        0,7               2893 can't identify protocol
[root at U115 ~]# dnsmasq -v
Dnsmasq version 2.81  Copyright (c) 2000-2020 Simon Kelley

version 2.80
dnsmasq   4893 nobody   10r     0000        0,9       0          6 anon_inode
dnsmasq   4893 nobody   11r     FIFO        0,8               6848 pipe
dnsmasq   4893 nobody   12w     FIFO        0,8               6848 pipe
dnsmasq   4893 nobody   13u     unix 0xf7791905               6850 socket
[root at U115 ~]# dnsmasq -v
Dnsmasq version 2.80  Copyright (c) 2000-2018 Simon Kelley

version 2.79
dnsmasq    466 nobody    7u     inet       1760                TCP 127.0.0.1:53 (LISTEN)
dnsmasq    466 nobody    8u     inet       1761                UDP 127.0.0.1:53
dnsmasq    466 nobody    9u     inet       1762                TCP 127.0.0.1:53 (LISTEN)
dnsmasq    466 nobody   10r     0000        0,9       0          6 anon_inode
dnsmasq    466 nobody   11r     FIFO        0,8               1763 pipe
dnsmasq    466 nobody   12w     FIFO        0,8               1763 pipe
dnsmasq    466 nobody   13u     unix 0xea856025               1765 socket
[root at U115 ~]# dnsmasq -v
Dnsmasq version 2.79  Copyright (c) 2000-2018 Simon Kelley

version 2.78
dnsmasq    430 nobody   10r     0000        0,9       0          6 anon_inode
dnsmasq    430 nobody   11r     FIFO        0,8                460 pipe
dnsmasq    430 nobody   12w     FIFO        0,8                460 pipe
dnsmasq    430 nobody   13u     unix 0xcc699e5c                462 socket
[root at U115 ~]# dnsmasq -v
Dnsmasq version 2.78  Copyright (c) 2000-2017 Simon Kelley

.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20201022/1e2d2380/attachment.html>


More information about the Dnsmasq-discuss mailing list