I have a large list of sites which are blocked due to a bad reputation. Because the list contains +-60K entries, the memory footprint is huge. Therefore, I'd like to use DLZ for all those ad sites. Unfortunately, the mysql driver segfaults, depending on config options, it is either in glibc-2.32, libmysqlclient-21.1.22, libisc.so or isc-worker. using mariadb 10.5.8 Reproducible: Always Steps to Reproduce: 1. config bind to use dlz 2. run mysql 3. run bind Actual Results: segfault Expected Results: running bind
A stack trace if possible could help. https://wiki.gentoo.org/wiki/Debugging
(In reply to Sam James from comment #1) > A stack trace if possible could help. > > https://wiki.gentoo.org/wiki/Debugging Which packages need recompiling for this stack trace? - bind - mysql-connector-c - mariadb - glibc - kernel debug info thx
(In reply to Janpieter Sollie from comment #2) > (In reply to Sam James from comment #1) > > A stack trace if possible could help. > > > > https://wiki.gentoo.org/wiki/Debugging > > Which packages need recompiling for this stack trace? > - bind > - mysql-connector-c > - mariadb These might be relevant, please provide them and open this bug again if still exists.
The issue is still valid. A backtrace from GDB: > 24-Feb-2021 09:16:01.262 managed-keys-zone: loaded serial 1 > double free or corruption (!prev) > double free or corruption (out) > --Type <RET> for more, q to quit, c to continue without paging-- > > Thread 55 "isc-worker0021" received signal SIGABRT, Aborted. > [Switching to Thread 0x7fffd9893640 (LWP 13853)] > 0x00007ffff70a0aa1 in raise () from /lib64/libc.so.6 (gdb) bt > #0 0x00007ffff70a0aa1 in raise () from /lib64/libc.so.6 > #1 0x00007ffff708a2b6 in abort () from /lib64/libc.so.6 > #2 0x00007ffff70e3607 in ?? () from /lib64/libc.so.6 > #3 0x00007ffff70eb3ba in ?? () from /lib64/libc.so.6 > #4 0x00007ffff70ed40c in ?? () from /lib64/libc.so.6 > #5 0x00007ffff761f130 in Vio::~Vio (this=<optimized out>, __in_chrg=<optimized out>) at /var/tmp/portage/dev-db/mysql-connector-c-8.0.22/work/mysql-8.0.22/vio/vio.cc:115 > #6 0x00007ffff761fa6d in internal_vio_delete (vio=0x7fff23139db0) at /var/tmp/portage/dev-db/mysql-connector-c-8.0.22/work/mysql-8.0.22/vio/vio.cc:541 > #7 0x00007ffff75bb079 in end_server (mysql=0x7fff23139460) at /var/tmp/portage/dev-db/mysql-connector-c-8.0.22/work/mysql-8.0.22/sql-common/client.cc:1808 > #8 0x00007ffff75bb491 in cli_safe_read_with_ok_complete (mysql=0x7fff23139460, parse_ok=<optimized out>, is_data_packet=0x0, len=18446744073709551615) > at /var/tmp/portage/dev-db/mysql-connector-c-8.0.22/work/mysql-8.0.22/sql-common/client.cc:1154 > #9 0x00007ffff75c078e in cli_read_query_result (mysql=0x7fff23139460) at /var/tmp/portage/dev-db/mysql-connector-c-8.0.22/work/mysql-8.0.22/sql-common/client.cc:6984 > #10 0x00007ffff75c4315 in mysql_real_query (mysql=0x7fff23139460, query=query@entry=0x7fff26619158 "select 'centro.pixel.ad' AS zone from dns_records where zone = 'null' OR zone = 'centro.pixel.ad'", length=97) > at /var/tmp/portage/dev-db/mysql-connector-c-8.0.22/work/mysql-8.0.22/sql-common/client.cc:7195 > #11 0x00007ffff75b0d4a in mysql_query (mysql=<optimized out>, query=query@entry=0x7fff26619158 "select 'centro.pixel.ad' AS zone from dns_records where zone = 'null' OR zone = 'centro.pixel.ad'") > at /var/tmp/portage/dev-db/mysql-connector-c-8.0.22/work/mysql-8.0.22/libmysql/libmysql.cc:658 > #12 0x00005555555adeae in mysql_get_resultset (rs=<synthetic pointer>, dbdata=0x7fff22f1f520, query=4, client=0x0, record=0x0, zone=0x7fffd9892740 "centro.pixel.ad") at ../../contrib/dlz/drivers/dlz_mysql_driver.c:308 > #13 mysql_findzone (driverarg=<optimized out>, dbdata=0x7fff22f1f520, name=0x7fffd9892740 "centro.pixel.ad", methods=<optimized out>, clientinfo=<optimized out>) at ../../contrib/dlz/drivers/dlz_mysql_driver.c:489 > #14 0x00007ffff7e6d106 in dns_sdlzfindzone (driverarg=0x7ffff6b33290, dbdata=0x7fff22f1f520, mctx=0x5555555ed090, rdclass=<optimized out>, name=0x7fff2d993c90, methods=0x0, clientinfo=0x0, dbp=0x7fffd9892bd8) at sdlz.c:1681 > #15 0x00007ffff7ecf0e4 in zone_load (zone=0x7fff2d993b50, flags=<optimized out>, locked=locked@entry=true) at zone.c:2159 > #16 0x00007ffff7ecf5a1 in zone_asyncload (task=0x7fff34dbd308, event=<optimized out>) at zone.c:2303 > #17 0x00007ffff7c88150 in dispatch (threadid=<optimized out>, manager=0x7fffe49fa010) at task.c:1152 > #18 run (queuep=<optimized out>) at task.c:1344 > #19 0x00007ffff756bfde in start_thread () from /lib64/libpthread.so.0 > #20 0x00007ffff715873f in clone () from /lib64/libc.so.6 > (gdb)
Created attachment 688218 [details] bind output with reduced DLZ + -d 1 The zones being queried are the zones I want to blacklist, I'll add the blacklist.dlz file. I'll also add a SQL dump of the database + the described queries in DLZ
Created attachment 688221 [details] SQL db info these are the settings in /etc/named.conf + the sql dump of the database
Created attachment 688230 [details] bind blocked zone file
Further investigation shows it was in the "update counter" statement. So I performed some deeper inspection on these: > (gdb) set args -u named -f -d 1 -c /etc/bind/named.conf -n 1 > (gdb) run > Starting program: /usr/sbin/named -u named -f -d 1 -c /etc/bind/named.conf -n 1 > [Thread debugging using libthread_db enabled] > Using host libthread_db library "/lib64/libthread_db.so.1". > [New Thread 0x7ffff69f0640 (LWP 15498)] > [New Thread 0x7ffff61ef640 (LWP 15499)] > [New Thread 0x7ffff59ee640 (LWP 15500)] > [New Thread 0x7ffff51c3640 (LWP 15501)] > > Thread 3 "isc-worker0000" received signal SIGSEGV, Segmentation fault. > [Switching to Thread 0x7ffff61ef640 (LWP 15499)] > 0x00007ffff70f5746 in strlen () from /lib64/libc.so.6 > (gdb) bt > #0 0x00007ffff70f5746 in strlen () from /lib64/libc.so.6 > #1 0x00005555555abe3d in sdlzh_build_querystring > (mctx=mctx@entry=0x5555555ed090, querylist=0x7fffd6ac4d70) at ../../contrib/dlz/drivers/sdlz_helper.c:287 > #2 0x00005555555ad32c in mysql_get_resultset (zone=<optimized out>, record=<optimized out>, client=<optimized out>, query=5, dbdata=0x7fffd6adb8c8, rs=0x0) at ../../contrib/dlz/drivers/dlz_mysql_driver.c:276 > #3 0x00005555555ae077 in mysql_findzone (driverarg=<optimized out>, methods=<optimized out>, clientinfo=<optimized out>, name=0x7ffff61ee740 "www.weknow.ac", dbdata=0x7fffd6adb8c8) at ../../contrib/dlz/drivers/dlz_mysql_driver.c:508 > #4 mysql_findzone (driverarg=<optimized out>, dbdata=0x7fffd6adb8c8, name=0x7ffff61ee740 "www.weknow.ac", methods=<optimized out>, clientinfo=<optimized out>) at ../../contrib/dlz/drivers/dlz_mysql_driver.c:478 > #5 0x00007ffff7e6d106 in dns_sdlzfindzone (driverarg=0x7ffff6b33330, dbdata=0x7fffd6adb8c8, mctx=0x5555555ed090, rdclass=<optimized out>, name=0x7fffe2dcd0c0, methods=0x0, clientinfo=0x0, dbp=0x7ffff61eebd8) at sdlz.c:1681 > #6 0x00007ffff7ecf0e4 in zone_load (zone=0x7fffe2dccf80, flags=<optimized out>, locked=locked@entry=true) at zone.c:2159 > #7 0x00007ffff7ecf5a1 in zone_asyncload (task=0x7ffff092c398, event=<optimized out>) at zone.c:2303 > #8 0x00007ffff7c88150 in dispatch (threadid=<optimized out>, manager=0x7ffff6b3e010) at task.c:1152 > #9 run (queuep=<optimized out>) at task.c:1344 > #10 0x00007ffff756bfde in start_thread () from /lib64/libpthread.so.0 > #11 0x00007ffff715873f in clone () from /lib64/libc.so.6 > (gdb) up > #1 0x00005555555abe3d in sdlzh_build_querystring (mctx=mctx@entry=0x5555555ed090, querylist=0x7fffd6ac4d70) at ../../contrib/dlz/drivers/sdlz_helper.c:287 ../../contrib/dlz/drivers/sdlz_helper.c: No such file or directory. > (gdb) print *tseg > $1 = {sql = 0x7fffd6adb918, strlen = 0, direct = false, link = {prev = 0x7ffff03823d0, next = 0x7ffff0394240}} > (gdb) print *tseg->sql > Attempt to dereference a generic pointer. > (gdb) print *((char**)tseg->sql) > $2 = 0x0 > (gdb) print *querylist > $3 = {head = 0x7ffff03e5c10, tail = 0x7ffff0394240} > (gdb) print *querylist->head > $4 = {sql = 0x7ffff6b333d8, strlen = 71, direct = true, link = {prev = 0x0, next = 0x7ffff0622a00}} > (gdb) print *querylist->head->link->next > $5 = {sql = 0x7fffd6adb908, strlen = 0, direct = false, link = {prev = 0x7ffff03e5c10, next = 0x7ffff03823d0}} > (gdb) print *querylist->head->link->next->link->next > $6 = {sql = 0x7ffff0100598, strlen = 17, direct = true, link = {prev = 0x7ffff0622a00, next = 0x7fffe83d0970}} > (gdb) print *querylist->head->link->next->link->next->link->next > $7 = {sql = 0x7fffd6adb918, strlen = 0, direct = false, link = {prev = 0x7ffff03823d0, next = 0x7ffff0394240}} > (gdb) frame 2 > #2 0x00005555555ad32c in mysql_get_resultset (zone=<optimized out>, record=<optimized out>, client=<optimized out>, query=5, dbdata=0x7fffd6adb8c8, rs=0x0) at ../../contrib/dlz/drivers/dlz_mysql_driver.c:276 ../../contrib/dlz/drivers/dlz_mysql_driver.c: No such file or directory. > (gdb) print *dbi->countzone_q > $8 = {head = 0x7ffff03e5c10, tail = 0x7ffff0394240} > (gdb) print *dbi->countzone_q->head > $9 = {sql = 0x7ffff6b333d8, strlen = 71, direct = true, link = {prev = 0x0, next = 0x7ffff0622a00}} > (gdb) print *((char*) dbi->countzone_q->head->sql) $10 = 117 'u' > (gdb) printf "%s\n", *((char*) dbi->countzone_q->head->sql) Cannot access memory at address 0x75 > (gdb) print *dbi->zone > $11 = 119 'w' > (gdb) print *dbi > $12 = {dbconn = 0x7fffd6cf44d0, allnodes_q = 0x7fffd6adad70, allowxfr_q = 0x7fffd6ad6d70, authority_q = 0x7fffd6acfd70, findzone_q = 0x7fffd6acad70, lookup_q = 0x7fffd6abdd70, countzone_q = 0x7fffd6ac4d70, query_buf = 0x0, zone = 0x7fffd7a1c900 "www.weknow.ac", record = 0x0, client = 0x0, mctx = 0x5555555ed090, instance_lock = {__data = {__lock = 0, __count = 0, __owner = 0, __nusers = 0, __kind = 3, __spins = 0, __elision = 0, __list = {__prev = 0x0, __next = 0x0}}, __size = '\000' <repeats 16 times>, "\003", '\000' <repeats 22 times>, __align = 0}, link = {prev = 0x0, next = 0x0}} > (gdb) print *dbi->countzone_q > $13 = {head = 0x7ffff03e5c10, tail = 0x7ffff0394240} > (gdb) print *dbi->countzone_q->head > $14 = {sql = 0x7ffff6b333d8, strlen = 71, direct = true, link = {prev = 0x0, next = 0x7ffff0622a00}} > (gdb) print *((char**)dbi->countzone_q->head->sql) $15 = 0x6420657461647075 <error: Cannot access memory at address 0x6420657461647075>
Created attachment 688236 [details] mysql dump including contents
the issue was somewhere in my config files. Due to poor documentation, I got myself confused in dirty config settings. To address the "poor documentation" issue, I'll write a documentation about it in the forum in case someone else has issues with it
(In reply to Janpieter Sollie from comment #10) > the issue was somewhere in my config files. Due to poor documentation, I > got myself confused in dirty config settings. > To address the "poor documentation" issue, I'll write a documentation about > it in the forum in case someone else has issues with it Please, provide a link to said forum-post, I'm facing the very same issues. BR Charlie
(In reply to Charlie Gehlin from comment #11) > (In reply to Janpieter Sollie from comment #10) > > the issue was somewhere in my config files. Due to poor documentation, I > > got myself confused in dirty config settings. > > To address the "poor documentation" issue, I'll write a documentation about > > it in the forum in case someone else has issues with it > > Please, provide a link to said forum-post, I'm facing the very same issues. > BR Charlie Sorry, it seemed to be a bind connector bug ater all ... I opened a bug at ISC, but so far, no news. https://gitlab.isc.org/isc-projects/bind9/-/issues/2530
Ok, thanks for info. Please consider revisiting this bug when you receive any info over at ISC, as "voters" get notified :) BR /Charlie
