Ubuntu
dnsmasq package

occasional crashes: glibc detected double free or corruption

Bug #674645 reported by Dave Walker
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
dnsmasq (Debian)
Fix Released
Unknown
dnsmasq (Ubuntu)
Fix Released
Medium
Dave Walker
Lucid
Fix Released
Undecided
Unassigned
Maverick
Won't Fix
Undecided
Unassigned

Bug Description

Binary package hint: dnsmasq

*** glibc detected *** /usr/sbin/dnsmasq: double free or corruption (top): 0x08ab60b8 ***

(As initially reported: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q3/004369.html)

IMPACT: Under heavy work load, dnsmasq occasionally crashes.
RESOLUTION: Patch on upstream, as linked in report
REPRODUCE: Put dnsmasq under heavy work load, with frequent requests - and watch for crash.
REGRESSION POTENTIAL: Low, patch in both upstream trunk, Natty and Debian already.

See original description
Dave Walker (davewalker)
Changed in dnsmasq (Ubuntu):
status: New → Confirmed
assignee: nobody → Dave Walker (davewalker)
importance: Undecided → Medium
Revision history for this message
Dave Walker (davewalker) wrote :

This is fixed on Natty, with a trivial patch.

Requires backporting to Lucid and Maverick.

Revision history for this message
dann frazier (dannf) wrote :
Revision history for this message
Simon Kelley (simon-thekelleys) wrote : Re: [Bug 674645] [NEW] occasional crashes: glibc detected double free or corruption

On 12/11/10 19:09, Dave Walker wrote:
> Public bug reported:
>
> Binary package hint: dnsmasq
>
> *** glibc detected *** /usr/sbin/dnsmasq: double free or corruption
> (top): 0x08ab60b8 ***
>
> (As initially reported: http://lists.thekelleys.org.uk/pipermail
> /dnsmasq-discuss/2010q3/004369.html)
>

This was fixed in Debian with 2.55-2. That will be added to Ubuntu
automatically, yes?

Simon.

Dave Walker (davewalker)
description: updated
Brian Murray (brian-murray)
tags: added: patch
Revision history for this message
Dave Walker (davewalker) wrote :

@Simon, yes - It is fixed in the latest development version via the fix from Debian. However, the fix will not automatically happen in both Maverick and Lucid.

Revision history for this message
Martin Pitt (pitti) wrote :

> This is fixed on Natty, with a trivial patch.

.. so please close the bug.

Thanks!

Changed in dnsmasq (Ubuntu):
status: Confirmed → Fix Released
Changed in dnsmasq (Ubuntu Lucid):
status: New → Fix Committed
tags: added: verification-needed
Revision history for this message
Martin Pitt (pitti) wrote : Please test proposed package

Accepted dnsmasq into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Revision history for this message
Imre Gergely (cemc) wrote :

I've managed to reproduce the crash 3 consecutive times, like this:

- installed dnsmasq on the host (ubuntu 10.04 64bit), and started it like this:

/usr/sbin/dnsmasq -d -x /var/run/dnsmasq/dnsmasq.pid -udnsmasq -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --dhcp-option=3,172.16.21.253 --dhcp-script=/tmp/myscript.sh

- myscript.sh contains the following:

#!/bin/bash

sleep 10
echo $@
exit 0

- ran 4 ubuntu guests in KVM
- logged in on every guest, and ran the following command from console:

while [ true ]; do dhclient3 eth0 ; done (this basically renews the lease on the guests all the time, generating some load for dnsmasq)

After ~10 minutes dnsmasq crashed with "*** glibc detected *** /usr/sbin/dnsmasq: double free or corruption (fasttop): 0x00000000006a1040 ***" (this happened 3 times out of 3 runs).

After installing the package from -proposed, I tried once more, same setup but it did not crash. It's been running like this for >30 minutes.

I'll let it run for a couple of hours to see if anything happens.

Revision history for this message
Imre Gergely (cemc) wrote :

It ran for over 8 hours and it did not crash. I consider this a successful test.

Jean-Baptiste Lallement (jibel)
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package dnsmasq - 2.52-1ubuntu0.1

---------------
dnsmasq (2.52-1ubuntu0.1) lucid-proposed; urgency=low

  * src/rfc2131.c: Fix crash on double free. Patch courtesy of
    upstream. (LP: #674645)
 -- Dave Walker (Daviey) <email address hidden> Fri, 12 Nov 2010 13:18:56 -0600

Changed in dnsmasq (Ubuntu Lucid):
status: Fix Committed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in dnsmasq (Debian):
status: Unknown → Fix Released
Revision history for this message
Rolf Leggewie (r0lf) wrote :

Maverick has long since stopped to receive any updates. Marking the Maverick task for this ticket as "Won't Fix".

Changed in dnsmasq (Ubuntu Maverick):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.