Re: BIND 9.6.1-P1 crashing
At Tue, 05 Jan 2010 08:24:16 +0100,
Dario Miculinic dario.miculi...@t-com.hr wrote:
I dont't have the same core dump, but this is from one that happend yesterday:
Thanks, but unfortunately the detailed stack traces don't seem to
provide a useful hint for the race.
If you can help debug this further, could you apply the patch copied
below, rebuild named and run it? It *may* catch the race condition at
a closer point to the real cause. (note: this patch only does
diagnose, so it will not fix the problem).
Or, if you need any workaround that *may* work, you may want to
rebuild named with disabling atomic operations.
./configure --disable-atomic [...other options]
I'm not sure if this stops the problem, but I believe it's worth
trying.
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
Index: heap.c
===
RCS file: /proj/cvs/prod/bind9/lib/isc/heap.c,v
retrieving revision 1.37
diff -u -r1.37 heap.c
--- heap.c 19 Oct 2007 17:15:53 - 1.37
+++ heap.c 8 Jan 2010 08:01:19 -
@@ -149,10 +149,12 @@
i 1 heap-compare(elt, heap-array[p]) ;
i = p, p = heap_parent(i)) {
heap-array[i] = heap-array[p];
+ INSIST(heap-array[i] != NULL);
if (heap-index != NULL)
(heap-index)(heap-array[i], i);
}
heap-array[i] = elt;
+ INSIST(heap-array[i] != NULL);
if (heap-index != NULL)
(heap-index)(heap-array[i], i);
@@ -173,11 +175,13 @@
if (heap-compare(elt, heap-array[j]))
break;
heap-array[i] = heap-array[j];
+ INSIST(heap-array[i] != NULL);
if (heap-index != NULL)
(heap-index)(heap-array[i], i);
i = j;
}
heap-array[i] = elt;
+ INSIST(heap-array[i] != NULL);
if (heap-index != NULL)
(heap-index)(heap-array[i], i);
@@ -217,6 +221,7 @@
less = heap-compare(elt, heap-array[index]);
heap-array[index] = elt;
+ INSIST(heap-array[index] != NULL);
if (less)
float_up(heap, index, heap-array[index]);
else
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: BIND 9.6.1-P1 crashing
At Wed, 30 Dec 2009 10:23:17 +0100,
Dario Miculinic dario.miculi...@t-com.hr wrote:
I'm administrating 4 DNS servers running CentOS release 5.4 and Red Hat
Enterprise Linux Server release 5.2. with BIND
version 9.6.1-P1. On 3 of them BIND crashed 7 times in last 10 days. There's
nothing in log files, but we have core dump
file. I found this in the core dump:
#0 0x080db986 in ttl_sooner (v1=0x0, v2=0x3385b628) at rbtdb.c:752
752 ttl_sooner(void *v1, void *v2) {
(gdb) where
#0 0x080db986 in ttl_sooner (v1=0x0, v2=0x3385b628) at rbtdb.c:752
What's the result of the following gdb command?
(gdb) thread apply all bt full
We've seen crash like this one, but we've not figured out how this
happens. This is pretty likely an inter-thread race, and it may be
tricky. According to the v1/v2 values in your stack trace, a full
backtrace with information of other threads may provide more useful
hint.
If you need immediate workaround rather than chasing the bug,
rebuilding named with --disable-atomic may help (we cannot be sure
because we don't yet know how this bug happens in the first place).
This will use locks in a more conservative way and may avoid the
tricky race condition at the cost of lower performance (so if you want
to try that you'll also need to watch the server load).
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Bind 9.6.1-P1 ignoring listen-on directive
Hi,
I'm testing Bind 9.6.1-P1 on Solaris 10 SPARC (64bit/Sun Studio 12.1)
I noticed this in the logs:
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface lo0, 127.0.0.1#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge0, 153.104.92.2#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge0:1, 153.104.92.4#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge1, 10.104.36.20#53
I only wanted named to listen on one interface + the loopback, so I
added a listen-on statement in named.conf:
acl testnets { 153.104.244.0/24; 153.104.248.0/24; };
options {
directory /opt/isc/bind/var/db;
allow-query { testnets; };
listen-on { localhost; 153.104.92.2; };
listen-on-v6 { none; };
};
zone 0.0.127.in-addr.arpa in {
type master;
file db.127.0.0;
notify no;
};
But, I still have the same log entries when I start named. I then
modified named.conf to specifically exclude the other interfaces:
listen-on { localhost; 153.104.92.2; !153.104.92.4; !10.104.36.20; };
But, again, I'm still seeing it state that it is listening on the
excluded interfaces. I tried increasing the debug level, but I didn't
see any additional info pertaining to this. I know that it is listening
on the excluded interfaces because I see a queries on the 10.104.36.20
interface:
Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client
10.104.109.0#1041: query (cache) 'ATF/A/IN' denied
Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client
10.104.109.0#1046: query (cache) 'ATP.villanova.edu/A/IN' denied
Is this a known problem? It's an issue for us because we restrict DNS
queries to particular interfaces. If it isn't a known bug, I'd be glad
to help troubleshoot this problem.
Thanks.
-John
--
John Center
Villanova University
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind 9.6.1-P1 ignoring listen-on directive
Of course, right after hitting enter on this message, I came across a
message from last year about localhost mapping to all interfaces, not
just 127.0.0.1. I created a loopback acl used it instead that
worked. Sorry for the noise.
-John
On 09/09/2009 03:04 PM, John Center wrote:
Hi,
I'm testing Bind 9.6.1-P1 on Solaris 10 SPARC (64bit/Sun Studio 12.1)
I noticed this in the logs:
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface lo0, 127.0.0.1#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge0, 153.104.92.2#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge0:1, 153.104.92.4#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge1, 10.104.36.20#53
I only wanted named to listen on one interface + the loopback, so I
added a listen-on statement in named.conf:
acl testnets { 153.104.244.0/24; 153.104.248.0/24; };
options {
directory /opt/isc/bind/var/db;
allow-query { testnets; };
listen-on { localhost; 153.104.92.2; };
listen-on-v6 { none; };
};
zone 0.0.127.in-addr.arpa in {
type master;
file db.127.0.0;
notify no;
};
But, I still have the same log entries when I start named. I then
modified named.conf to specifically exclude the other interfaces:
listen-on { localhost; 153.104.92.2; !153.104.92.4; !10.104.36.20; };
But, again, I'm still seeing it state that it is listening on the
excluded interfaces. I tried increasing the debug level, but I didn't
see any additional info pertaining to this. I know that it is listening
on the excluded interfaces because I see a queries on the 10.104.36.20
interface:
Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client
10.104.109.0#1041: query (cache) 'ATF/A/IN' denied
Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client
10.104.109.0#1046: query (cache) 'ATP.villanova.edu/A/IN' denied
Is this a known problem? It's an issue for us because we restrict DNS
queries to particular interfaces. If it isn't a known bug, I'd be glad
to help troubleshoot this problem.
Thanks.
-John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: Bind 9.6.1-P1 ignoring listen-on directive
Syntax. The parser is matching on localhost before it sees the negated
elements.
- Kevin
John Center wrote:
Hi,
I'm testing Bind 9.6.1-P1 on Solaris 10 SPARC (64bit/Sun Studio 12.1)
I noticed this in the logs:
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface lo0, 127.0.0.1#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge0, 153.104.92.2#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge0:1, 153.104.92.4#53
Sep 9 13:15:31 ns3a/ns3a named[23042]: [ID 873579 daemon.info]
listening on IPv4 interface bge1, 10.104.36.20#53
I only wanted named to listen on one interface + the loopback, so I
added a listen-on statement in named.conf:
acl testnets { 153.104.244.0/24; 153.104.248.0/24; };
options {
directory /opt/isc/bind/var/db;
allow-query { testnets; };
listen-on { localhost; 153.104.92.2; };
listen-on-v6 { none; };
};
zone 0.0.127.in-addr.arpa in {
type master;
file db.127.0.0;
notify no;
};
But, I still have the same log entries when I start named. I then
modified named.conf to specifically exclude the other interfaces:
listen-on { localhost; 153.104.92.2; !153.104.92.4; !10.104.36.20; };
But, again, I'm still seeing it state that it is listening on the
excluded interfaces. I tried increasing the debug level, but I didn't
see any additional info pertaining to this. I know that it is
listening on the excluded interfaces because I see a queries on the
10.104.36.20 interface:
Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client
10.104.109.0#1041: query (cache) 'ATF/A/IN' denied
Sep 9 13:09:16 ns3a/ns3a named[22867]: [ID 873579 daemon.info] client
10.104.109.0#1046: query (cache) 'ATP.villanova.edu/A/IN' denied
Is this a known problem? It's an issue for us because we restrict DNS
queries to particular interfaces. If it isn't a known bug, I'd be glad
to help troubleshoot this problem.
Thanks.
-John
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
BIND 9.6.1-P1
Does anyone knows if there is any solaris .pkg distribution for BIND 9.6.1-P1? Im looking to replace old versions as per: https://www.isc.org/node/474 Thank you, Julian___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
BIND 9.6.1-P1
Does anyone knows if there is any solaris .pkg distribution for BIND 9.6.1-P1? Im looking to replace old versions as per: https://www.isc.org/node/474 Thank you, Julian___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
ISC BIND 9.6.1-P1 is now available
BIND 9.6.1-P1 is now available. BIND 9.6.1-P1 is a SECURITY PATCH for BIND 9.6.1. It addresses a denial-of-service bug in which a malformed UPDATE packet caused named to crash. Bugs should be reported to bind9-b...@isc.org. BIND 9.6.1-P1 can be downloaded from: ftp://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz PGP signatures of the distribution are at: ftp://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz.sha512.asc The signatures were generated with the ISC public key, which is available at https://www.isc.org/about/openpgp A binary kit for Windows XP, Windows 2003 and Windows 2008 is at: ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.zip ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.debug.zip PGP signatures of the binary kit are at: ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.zip.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.zip.sha512.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.debug.zip.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.debug.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.6.1-P1/BIND9.6.1-P1.debug.zip.sha512.asc Changes since 9.6.1: 2640. [security] A specially crafted update packet will cause named to exit. [RT #2] -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
