[Dnsmasq-discuss] Core dumped when reloading

韩冰 hanbing0715 at gmail.com
Sat May 7 11:16:33 UTC 2022 

Hello everyone,
I found a core dump issue when I use dnsmasq as a DHCP server (Version
2.86, running on Linux). My setup and reproduction step is as follows.
Dnsmasq main config

> # Common Configure
> pid-file=/var/run/dnsmasq.pid
> log-facility=/var/log/dnsmasq.log
> user=root
> group=root
> interface=eth0
>
> # DNS Server Configure
> no-hosts
> no-resolv
> log-queries=extra
> port=53
>
> # DHCP Server Configure
> log-dhcp
> dhcp-range=172.17.12.128,static,255.255.255.192 # Change the network
> address and subnet mask.
> dhcp-hostsfile=/etc/dnsmasq/dhcp-hosts
> dhcp-optsfile=/etc/dnsmasq/dhcp-options
> dhcp-vendorclass=set:pxe-bios-x86,PXEClient:Arch:00000
> dhcp-vendorclass=set:pxe-uefi-amd64,PXEClient:Arch:00007
> dhcp-vendorclass=set:pxe-uefi-amd64,PXEClient:Arch:00009
> dhcp-boot=tag:pxe-bios-x86,pxelinux.0,pxeserver
> dhcp-boot=tag:pxe-uefi-amd64,bootnetx64.efi,pxeserver
> dhcp-ignore=tag:!known
>
External DHCP host file

> 08:c0:eb:cb:MM:NN,id:*,set:mytag,172.17.12.XXX,XXX-01,5m

External DHCP options file

> tag:mytag,option:netmask,255.255.255.128
> tag:mytag,option:router,172.17.12.190
> tag:mytag,option:dns-server,172.16.0.XXX
> tag:mytag,option:ntp-server,172.16.0.XXX
> tag:mytag,option:domain-name,mydomain
>
Reproduction step is
First start dnsmasq with the config shown above,
Then use 08:c0:eb:cb:MM:NN to obtain an IP address from dnsmasq server.
After we can see lease of 08:c0:eb:cb:MM:NN in dnsmasq.leases, send
signal HUP to dnsmasq,
Now I got dnsmasq core dumped and traceback is following

> #0  __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
> #1  0x00007f858837f535 in __GI_abort () at abort.c:79
> #2  0x00007f85883d6518 in __libc_message (action=action at entry=do_abort,
> fmt=fmt at entry=0x7f85884e028d "%s\n")
>     at ../sysdeps/posix/libc_fatal.c:181
> #3  0x00007f85883dcc3a in malloc_printerr (str=str at entry=0x7f85884e1fe0
> "double free or corruption (out)") at malloc.c:5359
> #4  0x00007f85883de770 in _int_free (av=0x7f8588517c40 <main_arena>,
> p=0x7ffd7d6e79a0, have_lock=<optimized out>) at malloc.c:4321
> #5  0x0000000000410187 in dhcp_netid_free (nid=0x7ffd7d6e79b0) at
> option.c:1019
> #6  0x0000000000410258 in dhcp_netid_list_free (netid=0x0) at option.c:1050
> #7  0x00000000004102c9 in dhcp_config_free (config=0x2273950) at
> option.c:1068
> #8  0x000000000041c313 in clear_dynamic_conf () at option.c:5186
> #9  0x000000000041c3bd in reread_dhcp () at option.c:5219
> #10 0x0000000000428a11 in clear_cache_and_reload (now=1650633404) at
> dnsmasq.c:1694
> #11 0x0000000000428303 in async_event (pipe=10, now=1650633404) at
> dnsmasq.c:1450
> #12 0x0000000000427cf4 in main (argc=3, argv=0x7ffd7d6e81a8) at
> dnsmasq.c:1193
>
It looks like there is some memory management issue about dhcp tag
I found another related fact that if I just start dnsmasq and reload it, or
dnsmasq only receive dhcp packet from UNKNOWN mac address and reload it,
dnsmasq will NOT core dumped when reloading, so I guess that the issue
maybe related to progress of DHCP packet
That is all about I found about core dumped issue when reloading, I'm
looking forward for someone found similar problem or have idea about this
issue

Thanks
Han Bing
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20220507/07ef5e0f/attachment.htm>

More information about the Dnsmasq-discuss mailing list