Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

Thanks, I've now uploaded the fixed package to both unstable and bookworm-security. The bookworm-security package needs to be processed by the security team, so it might take a little bit longer than the version in unstable which should be building or already built. Ondrej -- Ondřej Surý (He/Hi

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

On Fri, 26 Jul 2024 14:28:12 +0200 Bernhard Schmidt wrote: ... > > Can anyone confirm the workaround from the Samba BZ setting > LDB_MODULES_DISABLE_DEEPBIND=true ? > > yes, the workaround has enabled my system to work again after the upgrade to 1:9.18.28-1~deb12u1

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

Ok, here's the patch: From 6b2ffa8216bcf65f3b20b14171d9732d9583e6f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Sat, 27 Jul 2024 04:57:36 +0200 Subject: [PATCH] Disable RTLD_DEEPBIND in Samba DLZ module When RTLD_DEEPBIND is enabled in the LDB modules inside the Samb

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

I think this confirms that: https://bugzilla.samba.org/show_bug.cgi?id=15643#c6 Ondrej -- Ondřej Surý (He/Him) > On 26. 7. 2024, at 5:33, Bernhard Schmidt wrote: > > Can anyone confirm the workaround from the Samba BZ setting > LDB_MODULES_DISABLE_DEEPBIND=true ?

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

There’s couple of things we can do: - revert the jemalloc patch (it will break different scenarios though) - compile without jemalloc (that affects memory fragmentation and performance) - set the deep bind in the ldopen call in BIND (though I disabled it for reason, except I can remember it now)

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

Control: found -1 9.18.28-1~deb12u1 Control: severity -1 serious Control: affects -1 samba-libs Control: forwarded -1 https://bugzilla.samba.org/show_bug.cgi?id=15643 Control: summary -1 Workaround: Set environment LDB_MODULES_DISABLE_DEEPBIND=true I don't know anything about that code so I can

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

Hi, we are also experiencing this issue with the stable packages: bind9 9.18.28-1~deb12u1 samba 4.17.12+dfsg-0+deb12u1 downgrading to 9.18.24-1 fixes the issue. Kind regards Jens Pranaitis -- Jens Pranaitis Linux Consultant & Trainer Tel.: +49 151 70674251 E-Mail: pranai...@b1-systems.de B1

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

Hello, just spotted this problem after the upgrade of bind9 to 9.18.28-1~deb12u1 (related to https://lists.debian.org/debian-security-announce/2024/msg00145.html) with samba 4.17.12+dfsg-0+deb12u1. If I can help with any testing or so, please let me know. Thanks -- Tomas Kasparek

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

On Sun, 30 Jun 2024 18:28:17 +0200 Michael Saxl wrote: Hello, just in case it would be of any help to clearly see where the allocation takes place. Attached file contains my steps to reproduce the crash in a minimal trixie VM. And shows the allocation from jemalloc and the free from glibc: Kin

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

just making some experiments and traces. first of all: I'm not a bind9 expert so I have not found the place where bind dload's the dlz module, but the issue seems to be the following: the dlz module gets loaded, the default tdb implementation is in a .so file loaded by this. then the ldb modules

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

Michael, I think your guess with RTLD_DEEPBIND is a correct one. I guess the quick test would be to compile BIND 9 without jemalloc. Ondrej -- Ondřej Surý (He/Him) > On 30. 6. 2024, at 18:03, Michael Saxl wrote: > > RTLD_DEEPBIND

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

just some findings (after the hint about jemalloc) The breaking commit is probably " 6328. [func] Add workaround to enforce dynamic linker to pull jemalloc earlier than libc to ensure all memory allocations are done via jemalloc. [GL #4404

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

BIND 9.18 (and up) uses jemalloc as an allocator and samba DLZ module backtrace shows free() from libc - perhaps a chunk of memory was allocated by jemalloc and it is being freed by libc? -- Ondřej Surý (He/Him) > On 30. 6. 2024, at 14:15, Michael Saxl wrote: > > Dear Maintainer, > > here a

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

just for comparison: here the stacktrace on a older bind9 (9.19.21-1+b1) with the same samba dlz module when set a breakpoint on the line that causes an issue on newer bind9 (and stepped into "free"): #0 __GI___libc_free (mem=0x55a6b4273020) at ./malloc/malloc.c:3356 #1 0x7f7bead76155 in s

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

Dear Maintainer, here a stacktrace with debug symbols #0 __pthread_kill_implementation (threadid=, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44 #1 0x7f67b8cf4b6f in __pthread_kill_internal (signo=6, threadid=) at ./nptl/pthread_kill.c:78 #2 0x7f67b8ca64e2 in

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

As requested: gdb /usr/sbin/named GNU gdb (Debian 13.2-1+b2) 13.2 Copyright (C) 2023 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the exten

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

On 6/27/24 16:33, Lucas Bocchi wrote: Package: bind9 Version: 1:9.19.24-185-g392e7199df2-1 Severity: important Dear Maintainer, BIND9 with default configs, only enabling BIND9_DLZ, appears SEGFAULT on new bind9 version to debian testing Jun 27 10:26:01 gw-fw-local named[146587]: Loading 'AD

Bug#1074378: bind9: Bind9 SEGFAULT when enable DLZ with samba

Package: bind9 Version: 1:9.19.24-185-g392e7199df2-1 Severity: important Dear Maintainer, BIND9 with default configs, only enabling BIND9_DLZ, appears SEGFAULT on new bind9 version to debian testing Jun 27 10:26:01 gw-fw-local systemd[1]: Starting named.service - BIND Domain Name Server... Jun