Knot Resolver issueshttps://gitlab.nic.cz/knot/knot-resolver/-/issues2022-04-08T16:14:02+02:00https://gitlab.nic.cz/knot/knot-resolver/-/issues/44test: dns64 test2022-04-08T16:14:02+02:00Grigorii Demidovtest: dns64 testwrite test for dns64 module using deckardwrite test for dns64 module using deckardhttps://gitlab.nic.cz/knot/knot-resolver/-/issues/42Program received signal SIGSEGV, Segmentation fault. 0x00007ffff6ce24d9 in ??...2022-04-08T16:14:01+02:00Ondřej SurýProgram received signal SIGSEGV, Segmentation fault. 0x00007ffff6ce24d9 in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2```
Thread 6 (Thread 0x7ffff1f65700 (LWP 1359)):
#0 runtime.futex () at /usr/lib/go/src/runtime/sys_linux_amd64.s:289
No locals.
#1 0x00007ffff45d9913 in runtime.futexsleep (addr=0xc82005e110, val=0, ns=-1) at /usr/lib/go/src/runti...```
Thread 6 (Thread 0x7ffff1f65700 (LWP 1359)):
#0 runtime.futex () at /usr/lib/go/src/runtime/sys_linux_amd64.s:289
No locals.
#1 0x00007ffff45d9913 in runtime.futexsleep (addr=0xc82005e110, val=0, ns=-1) at /usr/lib/go/src/runtime/os1_linux.go:39
ts = {tv_sec = 0, tv_nsec = 0}
#2 0x00007ffff45c0868 in runtime.notesleep (n=0xc82005e110) at /usr/lib/go/src/runtime/lock_futex.go:142
gp = 0xc820060180
#3 0x00007ffff45e2916 in runtime.stopm () at /usr/lib/go/src/runtime/proc1.go:1128
_g_ = 0xc820060180
#4 0x00007ffff45e3c22 in runtime.findrunnable (gp=0x7ffff7f58138, inheritTime=false) at /usr/lib/go/src/runtime/proc1.go:1530
i = 16
gp = 0x7ffff7f58138
gp = 0x7ffff45b51e5 <runtime.atomicload+5>
gp = 0x7ffff45e9cfb <runtime.runqget+75>
gp = 0xc8200185b8
gp = 0x7fff00000001
_p_ = 0x2007fff00000001
_p_ = 0xc82004a000
_p_ = 0x7ffff45e0c04 <runtime.casgstatus+340>
_g_ = 0xc820060180
#5 0x00007ffff45e42ab in runtime.schedule () at /usr/lib/go/src/runtime/proc1.go:1639
inheritTime = false
gp = 0x0
_g_ = 0xc820060180
#6 0x00007ffff45e4938 in runtime.goexit0 (gp=0xc820001500) at /usr/lib/go/src/runtime/proc1.go:1765
_g_ = 0xc820060180
#7 0x00007ffff460bbb3 in runtime.mcall () at /usr/lib/go/src/runtime/asm_amd64.s:204
No locals.
#8 0x000000c82001aa00 in ?? ()
No symbol table info available.
#9 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 5 (Thread 0x7ffff2766700 (LWP 1358)):
#0 runtime.futex () at /usr/lib/go/src/runtime/sys_linux_amd64.s:289
No locals.
#1 0x00007ffff45d9913 in runtime.futexsleep (addr=0xc82002ae90, val=0, ns=-1) at /usr/lib/go/src/runtime/os1_linux.go:39
ts = {tv_sec = 0, tv_nsec = 0}
#2 0x00007ffff45c0868 in runtime.notesleep (n=0xc82002ae90) at /usr/lib/go/src/runtime/lock_futex.go:142
gp = 0xc820001080
#3 0x00007ffff45e2916 in runtime.stopm () at /usr/lib/go/src/runtime/proc1.go:1128
_g_ = 0xc820001080
#4 0x00007ffff45e3c22 in runtime.findrunnable (gp=0x7ffff7f58138, inheritTime=false) at /usr/lib/go/src/runtime/proc1.go:1530
i = 16
gp = 0x7ffff7f58138
gp = 0x7ffff45b51e5 <runtime.atomicload+5>
gp = 0x7ffff45e9cfb <runtime.runqget+75>
gp = 0xc8200185b8
gp = 0x7fff00000001
_p_ = 0x2007fff00000001
_p_ = 0xc82004a000
_p_ = 0xc820018000
_g_ = 0xc820001080
#5 0x00007ffff45e42ab in runtime.schedule () at /usr/lib/go/src/runtime/proc1.go:1639
inheritTime = false
gp = 0x0
_g_ = 0xc820001080
#6 0x00007ffff45e4938 in runtime.goexit0 (gp=0xc820001500) at /usr/lib/go/src/runtime/proc1.go:1765
_g_ = 0xc820001080
#7 0x00007ffff460bbb3 in runtime.mcall () at /usr/lib/go/src/runtime/asm_amd64.s:204
No locals.
#8 0x000000c820018000 in ?? ()
No symbol table info available.
#9 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 4 (Thread 0x7ffff2f67700 (LWP 1357)):
#0 runtime.futex () at /usr/lib/go/src/runtime/sys_linux_amd64.s:289
No locals.
#1 0x00007ffff45d9913 in runtime.futexsleep (addr=0xc82002aa10, val=0, ns=-1) at /usr/lib/go/src/runtime/os1_linux.go:39
ts = {tv_sec = 0, tv_nsec = 0}
#2 0x00007ffff45c0868 in runtime.notesleep (n=0xc82002aa10) at /usr/lib/go/src/runtime/lock_futex.go:142
gp = 0xc820000d80
#3 0x00007ffff45e2916 in runtime.stopm () at /usr/lib/go/src/runtime/proc1.go:1128
_g_ = 0xc820000d80
#4 0x00007ffff45e3c22 in runtime.findrunnable (gp=0x7ffff7f5a048, inheritTime=false) at /usr/lib/go/src/runtime/proc1.go:1530
i = 16
gp = 0x7ffff7f5a048
gp = 0x7ffff45b51e5 <runtime.atomicload+5>
gp = 0x7ffff45e9cfb <runtime.runqget+75>
gp = 0xc82001afb8
gp = 0x7fff00000002
_p_ = 0x2007fff00000001
_p_ = 0xc82013e000
_p_ = 0x7ffff45e0c04 <runtime.casgstatus+340>
_g_ = 0xc820000d80
#5 0x00007ffff45e42ab in runtime.schedule () at /usr/lib/go/src/runtime/proc1.go:1639
inheritTime = false
gp = 0x0
_g_ = 0xc820000d80
#6 0x00007ffff45e4938 in runtime.goexit0 (gp=0xc820122000) at /usr/lib/go/src/runtime/proc1.go:1765
_g_ = 0xc820000d80
#7 0x00007ffff460bbb3 in runtime.mcall () at /usr/lib/go/src/runtime/asm_amd64.s:204
No locals.
#8 0x000000c820019500 in ?? ()
No symbol table info available.
#9 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 3 (Thread 0x7ffff3768700 (LWP 1356)):
#0 runtime.usleep () at /usr/lib/go/src/runtime/sys_linux_amd64.s:95
No locals.
#1 0x00007ffff45e828e in runtime.sysmon () at /usr/lib/go/src/runtime/proc1.go:2994
delay = 10000
unixnow = 1447771255976941101
scavengelimit = 300000000000
nscavenge = 0
now = 512887854141937
maxsleep = 60000000000
lasttrace = 0
lastscavenge = 512880682902989
lastpoll = 0
idle = 180
forcegcperiod = 120000000000
gp = 0xc820000900
#2 0x00007ffff45e193c in runtime.mstart1 () at /usr/lib/go/src/runtime/proc1.go:721
_g_ = 0xc820000900
#3 0x00007ffff45e1844 in runtime.mstart () at /usr/lib/go/src/runtime/proc1.go:691
size = 8388608
#4 0x00007ffff45b04a3 in crosscall_amd64 () at /usr/lib/go/src/runtime/cgo/gcc_amd64.S:35
No locals.
#5 0x00007ffff3768700 in ?? ()
No symbol table info available.
#6 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 2 (Thread 0x7ffff40c9700 (LWP 1355)):
#0 runtime.epollwait () at /usr/lib/go/src/runtime/sys_linux_amd64.s:420
No locals.
#1 0x00007ffff45d9736 in runtime.netpoll (block=true, ~r1=0x0) at /usr/lib/go/src/runtime/netpoll_epoll.go:68
waitms = -1
n = 0
i = 0
gp = 0
events = {{events = 0, data = "\000\000\000\000\000\000\000"} <repeats 128 times>}
#2 0x00007ffff45e3b1c in runtime.findrunnable (gp=0x7ffff7f58138, inheritTime=false) at /usr/lib/go/src/runtime/proc1.go:1512
i = 16
gp = 0x7ffff7f58138
gp = 0x7ffff45b51e5 <runtime.atomicload+5>
gp = 0x7ffff45e9cfb <runtime.runqget+75>
gp = 0xc8200185b8
gp = 0x7fff00000003
_p_ = 0x2007fff00000001
_p_ = 0xc82004a000
_p_ = 0x7ffff45e0c04 <runtime.casgstatus+340>
_g_ = 0x7ffff4d41020 <runtime.g0>
#3 0x00007ffff45e42ab in runtime.schedule () at /usr/lib/go/src/runtime/proc1.go:1639
inheritTime = false
gp = 0x0
_g_ = 0x7ffff4d41020 <runtime.g0>
#4 0x00007ffff45e4938 in runtime.goexit0 (gp=0xc820001680) at /usr/lib/go/src/runtime/proc1.go:1765
_g_ = 0x7ffff4d41020 <runtime.g0>
#5 0x00007ffff460bbb3 in runtime.mcall () at /usr/lib/go/src/runtime/asm_amd64.s:204
No locals.
#6 0x00007ffff4d41060 in runtime.g0 () from /usr/lib/knot-resolver/tinyweb.so
No symbol table info available.
#7 0x00007ffff40c8de0 in ?? ()
No symbol table info available.
#8 0x00007ffff4d41020 in __bss_start () from /usr/lib/knot-resolver/tinyweb.so
No symbol table info available.
#9 0x00007ffff45e1844 in runtime.mstart () at /usr/lib/go/src/runtime/proc1.go:691
size = 0
#10 0x00007ffff460baac in runtime.rt0_go () at /usr/lib/go/src/runtime/asm_amd64.s:120
No locals.
#11 0x00007fff00000007 in ?? ()
No symbol table info available.
#12 0x00007fffffffec58 in ?? ()
No symbol table info available.
#13 0x0000000000000007 in ?? ()
No symbol table info available.
#14 0x00007fffffffec58 in ?? ()
No symbol table info available.
#15 0x00007ffff40c9700 in ?? ()
No symbol table info available.
#16 0x00007ffff73600a4 in start_thread (arg=0x7ffff40c9700) at pthread_create.c:309
__res = <optimized out>
pd = 0x7ffff40c9700
now = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140737287853824, 9002629999368315110, 1, 140737354125408, 140737300792552, 140737287853824, -9002646931782000410, -9002649315297615642},
mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
pagesize_m1 = <optimized out>
sp = <optimized out>
freesize = <optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#17 0x00007ffff670a04d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
No locals.
Thread 1 (Thread 0x7ffff7fe5840 (LWP 1354)):
#0 0x00007ffff6ce24d9 in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#1 0x00007ffff6cd9cad in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#2 0x00007ffff6cfef6c in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#3 0x00007ffff6cff4a4 in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#4 0x00007ffff6d0e488 in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#5 0x00007ffff6cd7a88 in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#6 0x00007ffff6d1af60 in lua_pcall () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#7 0x0000000000410709 in l_ffi_call (argc=<optimized out>, L=<optimized out>) at daemon/ffimodule.c:84
status = -19824
#8 l_ffi_layer_consume (ctx=0xf, pkt=0x0) at daemon/ffimodule.c:180
L = 0x40000378
#9 0x0000000000414c78 in kr_resolve_consume (request=request@entry=0xda85d0, src=src@entry=0x7fffffffb3e0, packet=packet@entry=0x661e40) at lib/resolve.c:422
layer = {node = {next = 0x0, prev = 0x0}, state = 4, mm = 0x0, data = 0xda85d0, api = 0x662580}
mod = <optimized out>
i = 4
qname_raw = <optimized out>
rplan = 0xda8630
ctx = 0x7fffffffe9f0
qry = 0xdaa9c0
tried_tcp = false
#10 0x000000000040de58 in qr_task_step (task=0xda85d0, packet_source=packet_source@entry=0x7fffffffb3e0, packet=0x661e40) at daemon/worker.c:449
sock_type = -1
state = <optimized out>
choice = <optimized out>
#11 0x000000000040e385 in worker_exec (worker=worker@entry=0x7ffff7f94010, handle=handle@entry=0xad72c0, query=<optimized out>, addr=addr@entry=0x7fffffffb3e0) at daemon/worker.c:538
task = <optimized out>
is_master_socket = <optimized out>
#12 0x000000000040afa4 in udp_recv (handle=0xad72c0, nread=<optimized out>, buf=<optimized out>, addr=0x7fffffffb3e0, flags=<optimized out>) at daemon/io.c:65
loop = <optimized out>
worker = 0x7ffff7f94010
query = <optimized out>
#13 0x00007ffff7793139 in ?? () from /usr/lib/x86_64-linux-gnu/libuv.so.1
No symbol table info available.
#14 0x00007ffff7794c2a in ?? () from /usr/lib/x86_64-linux-gnu/libuv.so.1
No symbol table info available.
#15 0x00007ffff77875d8 in uv_run () from /usr/lib/x86_64-linux-gnu/libuv.so.1
No symbol table info available.
#16 0x00000000004087c6 in run_worker (engine=0x7fffffffe9f0, loop=0x7ffff799f980) at daemon/main.c:193
sock_file = 0x62d810 "tty/1354"
pipe = {data = 0x7fffffffe9f0, loop = 0x7ffff799f980, type = UV_NAMED_PIPE, close_cb = 0x0, handle_queue = {0x6962c0, 0x662270}, u = {fd = 5, reserved = {0x5, 0x17, 0x7ffff7fe9cb8,
0x7ffff7de55ce <do_lookup_x+2334>}}, next_closing = 0x0, flags = 24576, write_queue_size = 0, alloc_cb = 0x0, read_cb = 0x0, connect_req = 0x0, shutdown_req = 0x0, io_watcher = {
cb = 0x7ffff7790540, pending_queue = {0x7fffffffe970, 0x7fffffffe970}, watcher_queue = {0x7fffffffe980, 0x7fffffffe980}, pevents = 1, events = 1, fd = 21}, write_queue = {
0x7fffffffe9a0, 0x7fffffffe9a0}, write_completed_queue = {0x7fffffffe9b0, 0x7fffffffe9b0}, connection_cb = 0x411010 <tty_accept>, delayed_error = 0, accepted_fd = -1, queued_fds = 0x0,
ipc = 0, pipe_fname = 0x62d9b0 "tty/1354"}
#17 main (argc=<optimized out>, argv=<optimized out>) at daemon/main.c:350
forks = <optimized out>
addr_set = {at = 0x648470, len = 2, cap = <optimized out>}
keyfile = 0x6289c0 <keyfile_buf> "/usr/share/dns/root.key"
config = 0x0
keyfile_buf = "/usr/share/dns/root.key", '\000' <repeats 4073 times>
c = <optimized out>
li = 0
ret = 0
opts = {{name = 0x42000d "addr", has_arg = 1, flag = 0x0, val = 97}, {name = 0x41e96c "config", has_arg = 1, flag = 0x0, val = 99}, {name = 0x420422 "keyfile", has_arg = 1, flag = 0x0,
val = 107}, {name = 0x42042a "forks", has_arg = 1, flag = 0x0, val = 102}, {name = 0x41e9ae "verbose", has_arg = 0, flag = 0x0, val = 118}, {name = 0x420430 "version", has_arg = 0,
flag = 0x0, val = 86}, {name = 0x41e99b "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
loop = 0x7ffff799f980
sigint = {data = 0x7ffff7fe9cb8, loop = 0x7ffff799f980, type = UV_SIGNAL, close_cb = 0x97a26e6c, handle_queue = {0x7fffffffe760, 0x7ffff799fa50}, u = {fd = -134308680, reserved = {
0x7ffff7fe9cb8, 0x7ffff7de55ce <do_lookup_x+2334>, 0x7ffff7ff8160, 0x7fffffffe720}}, next_closing = 0x0, flags = 24576, signal_cb = 0x410fd0 <signal_handler>, signum = 2,
tree_entry = {rbe_left = 0x0, rbe_right = 0x7fffffffe740, rbe_parent = 0x0, rbe_color = 0}, caught_signals = 0, dispatched_signals = 0}
sigterm = {data = 0x7ffff5ec1438, loop = 0x7ffff799f980, type = UV_SIGNAL, close_cb = 0x1000000ab, handle_queue = {0x6616e0, 0x7fffffffe6c0}, u = {fd = -5952, reserved = {0x7fffffffe8c0,
0x7ffff7de4c5c <check_match+300>, 0x7fffffffe8e8, 0xd82b830}}, next_closing = 0x0, flags = 24576, signal_cb = 0x410fd0 <signal_handler>, signum = 15, tree_entry = {rbe_left = 0x0,
rbe_right = 0x0, rbe_parent = 0x7fffffffe6a0, rbe_color = 1}, caught_signals = 0, dispatched_signals = 0}
pool = {ctx = 0x648530, alloc = 0x411830 <mp_alloc>, free = 0x0}
engine = {resolver = {options = 0, opt_rr = 0x6485a0, trust_anchors = {root = 0x632880, malloc = 0x411e50 <malloc_std>, free = 0x411e40 <free_std>, baton = 0x0}, negative_anchors = {
root = 0x0, malloc = 0x411e50 <malloc_std>, free = 0x411e40 <free_std>, baton = 0x0}, root_hints = {name = 0x6485d8 "", nsset = {root = 0x6486a1, malloc = 0x7ffff7bcb7b0 <mm_alloc>,
free = 0x7ffff7bcb7d0 <mm_free>, baton = 0x7fffffffe680}, key = 0x0, trust_anchor = 0x0, parent = 0x0, pool = 0x7fffffffe680}, cache = {db = 0x648cb8, api = 0x7ffff7dda300,
stats = {hit = 12770, miss = 13602, insert = 810, delete = 0, txn_read = 4551, txn_write = 998}}, cache_rtt = 0x649550, cache_rep = 0x659590, modules = 0x7fffffffeaf8,
pool = 0x7fffffffe680}, net = {loop = 0x7ffff799f980, endpoints = {root = 0x62b911, malloc = 0x411e50 <malloc_std>, free = 0x411e40 <free_std>, baton = 0x0}}, modules = {at = 0x6634a0,
len = 8, cap = 10}, storage_registry = {at = 0x661930, len = 1, cap = 5}, pool = 0x7fffffffe680, L = 0x40000378}
```https://gitlab.nic.cz/knot/knot-resolver/-/issues/41Program received signal SIGSEGV, Segmentation fault. 0x00007ffff66b48ed in ??...2022-04-08T16:14:00+02:00Ondřej SurýProgram received signal SIGSEGV, Segmentation fault. 0x00007ffff66b48ed in ?? () from /lib/x86_64-linux-gnu/libc.so.6Version v1.0.0-beta1-96-gc7e8224
And it's something in the config as it doesn't crash when config is empty:
config:
```
modules = {
view = 'true',
stats = 'true',
cachectl = 'true',
dns64 = '2...Version v1.0.0-beta1-96-gc7e8224
And it's something in the config as it doesn't crash when config is empty:
config:
```
modules = {
view = 'true',
stats = 'true',
cachectl = 'true',
dns64 = '2001:1488:ffff:64:ffff:ffff::',
tinyweb = {
addr = '127.0.0.1:8053',
geoip = '/root'
}
}
```
```
#0 0x00007ffff66b48ed in ?? () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#1 0x00007ffff6d0bd92 in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#2 0x00007ffff6d0d0aa in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#3 0x00007ffff6cd7a88 in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#4 0x00007ffff6d1af60 in lua_pcall () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#5 0x000000000041049f in l_ffi_call (argc=2, L=0x40000378) at daemon/ffimodule.c:84
status = <optimized out>
#6 l_ffi_layer_begin (ctx=0x7fffffffe2e0, module_param=<optimized out>) at daemon/ffimodule.c:153
cb_slot = <optimized out>
L = 0x40000378
#7 0x0000000000414ab8 in resolve_query (packet=0x6a07a0, request=0x6a07a0) at lib/resolve.c:390
layer = {node = {next = 0x0, prev = 0x0}, state = 2, mm = 0x0, data = 0x6a07a0, api = 0x662640}
mod = <optimized out>
i = 4
rplan = 0x6a0800
qtype = <optimized out>
negative_anchors = 0x7fffffffea20
trust_anchors = 0x7fffffffea00
answer = <optimized out>
qname = <optimized out>
qclass = <optimized out>
qry = 0x6a2b90
#8 kr_resolve_consume (request=request@entry=0x6a07a0, src=src@entry=0x0, packet=packet@entry=0x6965b0) at lib/resolve.c:407
rplan = 0x6a0800
ctx = 0x7fffffffe9f0
qry = <optimized out>
tried_tcp = <optimized out>
#9 0x000000000040de58 in qr_task_step (task=0x6a07a0, packet_source=packet_source@entry=0x0, packet=0x6965b0) at daemon/worker.c:449
sock_type = -1
state = <optimized out>
choice = <optimized out>
#10 0x000000000040e5d8 in worker_resolve (worker=worker@entry=0x7ffff7f95010, query=<optimized out>, options=options@entry=0, on_complete=<optimized out>, baton=<optimized out>)
at daemon/worker.c:616
task = <optimized out>
#11 0x000000000040fc0c in wrk_resolve (L=0x40000378) at daemon/bindings.c:658
worker = 0x7ffff7f95010
pkt = 0x6965b0
dname = '\000' <repeats 80 times>, "\270\003\000@\000\000\000\000x\003\000@\000\000\000\000\220\344\377\377\377\177\000\000\b\032\003@\000\000\000\000\210\345\001@\000\000\000\000\310\324\000@\000\000\000\000HN\001@\000\000\000\000\200\345\001@\000\000\000\000\324\344\377\377\377\177\000\000_\317\320\366\377\177\000\000X\237\000@\000\000\000\000\330\344\377\377\377\177\000\000\210\344\377\377\377\177\000\000\204\344\377\377\377\177\000\000x\003\000@\001\000\000\000"...
rrtype = 2
rrclass = <optimized out>
ret = 0
options = 0
#12 0x00007ffff6cd7a88 in ?? () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#13 0x00007ffff6d1af60 in lua_pcall () from /usr/lib/x86_64-linux-gnu/libluajit-5.1.so.2
No symbol table info available.
#14 0x000000000040c11c in engine_pcall (L=<optimized out>, argc=<optimized out>) at daemon/engine.c:469
No locals.
#15 0x000000000040fe03 in execute_callback (L=0x40000378, argc=1) at daemon/bindings.c:476
ret = <optimized out>
#16 0x000000000040d611 in qr_task_complete (handle=<optimized out>) at daemon/worker.c:280
task = 0x697750
worker = 0x7ffff7f95010
#17 0x00007ffff7787698 in uv_run () from /usr/lib/x86_64-linux-gnu/libuv.so.1
No symbol table info available.
#18 0x00000000004087c6 in run_worker (engine=0x7fffffffe9f0, loop=0x7ffff799f980) at daemon/main.c:193
sock_file = 0x62f250 "tty/29364"
pipe = {data = 0x7fffffffe9f0, loop = 0x7ffff799f980, type = UV_NAMED_PIPE, close_cb = 0x0, handle_queue = {0x697878, 0x662270}, u = {fd = 5, reserved = {0x5, 0x17, 0x7ffff7feacb8,
0x7ffff7de55ce}}, next_closing = 0x0, flags = 24576, write_queue_size = 0, alloc_cb = 0x0, read_cb = 0x0, connect_req = 0x0, shutdown_req = 0x0, io_watcher = {cb = 0x7ffff7790540,
pending_queue = {0x7fffffffe970, 0x7fffffffe970}, watcher_queue = {0x7fffffffe980, 0x7fffffffe980}, pevents = 1, events = 1, fd = 21}, write_queue = {0x7fffffffe9a0, 0x7fffffffe9a0},
write_completed_queue = {0x7fffffffe9b0, 0x7fffffffe9b0}, connection_cb = 0x411010 <tty_accept>, delayed_error = 0, accepted_fd = -1, queued_fds = 0x0, ipc = 0,
pipe_fname = 0x62f3f0 "tty/29364"}
#19 main (argc=<optimized out>, argv=<optimized out>) at daemon/main.c:350
forks = <optimized out>
addr_set = {at = 0x648470, len = 2, cap = <optimized out>}
keyfile = 0x6289c0 <keyfile_buf> "/usr/share/dns/root.key"
config = 0x0
keyfile_buf = "/usr/share/dns/root.key", '\000' <repeats 4073 times>
c = <optimized out>
li = 0
ret = 0
opts = {{name = 0x42000d "addr", has_arg = 1, flag = 0x0, val = 97}, {name = 0x41e96c "config", has_arg = 1, flag = 0x0, val = 99}, {name = 0x420422 "keyfile", has_arg = 1, flag = 0x0,
val = 107}, {name = 0x42042a "forks", has_arg = 1, flag = 0x0, val = 102}, {name = 0x41e9ae "verbose", has_arg = 0, flag = 0x0, val = 118}, {name = 0x420430 "version", has_arg = 0,
flag = 0x0, val = 86}, {name = 0x41e99b "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
loop = 0x7ffff799f980
sigint = {data = 0x7ffff7feacb8, loop = 0x7ffff799f980, type = UV_SIGNAL, close_cb = 0x97a26e6c, handle_queue = {0x7fffffffe760, 0x7ffff799fa50}, u = {fd = -134304584, reserved = {
0x7ffff7feacb8, 0x7ffff7de55ce, 0x7ffff7ff8160, 0x7fffffffe720}}, next_closing = 0x0, flags = 24576, signal_cb = 0x410fd0 <signal_handler>, signum = 2, tree_entry = {rbe_left = 0x0,
rbe_right = 0x7fffffffe740, rbe_parent = 0x0, rbe_color = 0}, caught_signals = 0, dispatched_signals = 0}
sigterm = {data = 0x7ffff5ec1438, loop = 0x7ffff799f980, type = UV_SIGNAL, close_cb = 0x1000000ab, handle_queue = {0x6616e0, 0x7fffffffe6c0}, u = {fd = -5952, reserved = {0x7fffffffe8c0,
0x7ffff7de4c5c, 0x7fffffffe8e8, 0xd82b830}}, next_closing = 0x0, flags = 24576, signal_cb = 0x410fd0 <signal_handler>, signum = 15, tree_entry = {rbe_left = 0x0, rbe_right = 0x0,
rbe_parent = 0x7fffffffe6a0, rbe_color = 1}, caught_signals = 0, dispatched_signals = 0}
pool = {ctx = 0x648530, alloc = 0x411830 <mp_alloc>, free = 0x0}
engine = {resolver = {options = 0, opt_rr = 0x6485a0, trust_anchors = {root = 0x634f30, malloc = 0x411e50 <malloc_std>, free = 0x411e40 <free_std>, baton = 0x0}, negative_anchors = {
root = 0x0, malloc = 0x411e50 <malloc_std>, free = 0x411e40 <free_std>, baton = 0x0}, root_hints = {name = 0x6485d8 "", nsset = {root = 0x6486a1, malloc = 0x7ffff7bcb7b0 <mm_alloc>,
free = 0x7ffff7bcb7d0 <mm_free>, baton = 0x7fffffffe680}, key = 0x0, trust_anchor = 0x0, parent = 0x0, pool = 0x7fffffffe680}, cache = {db = 0x648cb8, api = 0x7ffff7dda300,
stats = {hit = 26, miss = 2, insert = 2, delete = 0, txn_read = 1, txn_write = 3}}, cache_rtt = 0x649550, cache_rep = 0x659590, modules = 0x7fffffffeaf8, pool = 0x7fffffffe680},
net = {loop = 0x7ffff799f980, endpoints = {root = 0x62b911, malloc = 0x411e50 <malloc_std>, free = 0x411e40 <free_std>, baton = 0x0}}, modules = {at = 0x662750, len = 9, cap = 10},
storage_registry = {at = 0x661930, len = 1, cap = 5}, pool = 0x7fffffffe680, L = 0x40000378}
```https://gitlab.nic.cz/knot/knot-resolver/-/issues/37lib: remember empty-nonterm as zone cuts2022-04-08T16:14:00+02:00Ghost Userlib: remember empty-nonterm as zone cutsIn some cases like `co.jp`, all queries below that are going to ask for it again.
They should be flagged as closest non-terminal and reuse authority's nameservers.
Example:
--------
* Query `A abcd.co.jp` (queries `jp., co.jp., a...In some cases like `co.jp`, all queries below that are going to ask for it again.
They should be flagged as closest non-terminal and reuse authority's nameservers.
Example:
--------
* Query `A abcd.co.jp` (queries `jp., co.jp., abcd.co.jp`)
* Query `A efgh.co.jp` (queries `co.jp., efgh.co.jp`, while it should know that `co.jp` is an empty non-term)https://gitlab.nic.cz/knot/knot-resolver/-/issues/43ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fbae36...2022-04-08T16:13:59+02:00Ondřej SurýERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fbae363c064 bp 0x7fff04112bf0 sp 0x7fff04112bd0 T0)After some cycles of resperf with:
```
modules = {
view = 'true',
stats = 'true',
cachectl = 'true',
dns64 = '2001:1488:ffff:64:ffff:ffff::',
tinyweb = {
addr = '127.0.0....After some cycles of resperf with:
```
modules = {
view = 'true',
stats = 'true',
cachectl = 'true',
dns64 = '2001:1488:ffff:64:ffff:ffff::',
tinyweb = {
addr = '127.0.0.1:8053',
geoip = '/root'
}
}
```
crashes with:
```
ASAN:SIGSEGV
=================================================================
==8681==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fbae363c064 bp 0x7fff04112bf0 sp 0x7fff04112bd0 T0)
#0 0x7fbae363c063 in knot_dname_lf (/usr/lib/x86_64-linux-gnu/libknot.so.1+0xb063)
#1 0x7fbae3b32cc3 in __asan::AsanOnSIGSEGV(int, void*, void*) (/usr/sbin/kresd+0xb6cc3)
#2 0x7fbadc897b14 (/usr/lib/knot-resolver/tinyweb.so+0x31bb14)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 knot_dname_lf
==8681==ABORTING
```
https://gitlab.nic.cz/knot/knot-resolver/-/issues/703Optimize network configuration for lower verbosity2022-04-08T16:13:59+02:00Vaclav SraierOptimize network configuration for lower verbosityWhen we look at a more complicated configuration, for example our ODVR, the network section is unnecessarily verbose. We should make it more concise...
Note: issue changed topic due to a developing discussion. The previous topic was rec...When we look at a more complicated configuration, for example our ODVR, the network section is unnecessarily verbose. We should make it more concise...
Note: issue changed topic due to a developing discussion. The previous topic was recreated under knot-resolver-manager#46Aleš MrázekAleš Mrázekhttps://gitlab.nic.cz/knot/knot-resolver/-/issues/31tests: test binary using socket_wrapper (cwrap)2022-04-08T16:13:58+02:00Grigorii Demidovtests: test binary using socket_wrapper (cwrap)Write guide to using integration tests with arbitrary dns-servers.Write guide to using integration tests with arbitrary dns-servers.Grigorii DemidovGrigorii Demidovhttps://gitlab.nic.cz/knot/knot-resolver/-/issues/17daemon: improve tty interface2022-04-08T16:13:58+02:00Ghost Userdaemon: improve tty interface### Problem
The CLI interface is based on reading stdin lines, not a TTY, so it doesn't support text cursor, tab completion or multiline commands.
### Expected outcome
Basically it should behave like a Lua interpreter, but inte...### Problem
The CLI interface is based on reading stdin lines, not a TTY, so it doesn't support text cursor, tab completion or multiline commands.
### Expected outcome
Basically it should behave like a Lua interpreter, but integrated in libuv loop.
There is already TTY code in libuv, and Lua interpreters around so we might want to reuse something.
* [ ] Real TTY, support for arrows
* [ ] Basic introspection
* [ ] Tab completion2015 Q3https://gitlab.nic.cz/knot/knot-resolver/-/issues/735XDP broken in kresd, since libknot 3.12022-04-04T10:40:29+02:00makeXDP broken in kresd, since libknot 3.1There are some problem for us to get reply from knot resolver after we use xdp.
The details are shown below:
```
OS: Ubuntu 21.14
kernel: 5.13.0-35-generic
network card: Intel Corporation Ethernet Controller X710 for 10GbE SFP+ (driver i...There are some problem for us to get reply from knot resolver after we use xdp.
The details are shown below:
```
OS: Ubuntu 21.14
kernel: 5.13.0-35-generic
network card: Intel Corporation Ethernet Controller X710 for 10GbE SFP+ (driver i40e)
knot-resolver:5.5.0-cznic.1
knot:3.1.1-cznic.1
```
`kresd.conf`
```
-- SPDX-License-Identifier: CC0-1.0
-- vim:syntax=lua:set ts=4 sw=4:
-- Refer to manual: https://knot-resolver.readthedocs.org/en/stable/
-- Network interface configuration
net.listen('10.0.0.2', 53, { kind = 'xdp' })
--net.listen('10.0.0.2', 53, { kind = 'dns' })
--net.listen('127.0.0.1', 853, { kind = 'tls' })
--net.listen('127.0.0.1', 443, { kind = 'doh2' })
--net.listen('::1', 53, { kind = 'dns', freebind = true })
--net.listen('::1', 853, { kind = 'tls', freebind = true })
--net.listen('::1', 443, { kind = 'doh2' })
-- Load useful modules
modules = {
'hints > iterate', -- Allow loading /etc/hosts or custom root hints
'stats', -- Track internal statistics
'predict', -- Prefetch expiring/frequent records
}
-- Cache size
cache.size = 1024 * MB
```
`kresd@service`
```
# SPDX-License-Identifier: CC0-1.0
[Unit]
Description=Knot Resolver daemon
Documentation=man:kresd.systemd(7)
Documentation=man:kresd(8)
Wants=kres-cache-gc.service
Before=kres-cache-gc.service
Wants=network-online.target
After=network-online.target
Before=nss-lookup.target
Wants=nss-lookup.target
[Service]
Type=notify
Environment="SYSTEMD_INSTANCE=%i"
WorkingDirectory=/var/lib/knot-resolver
ExecStart=/usr/sbin/kresd -c /usr/lib/knot-resolver/distro-preconfig.lua -c /etc/knot-resolver/kresd.conf -n
ExecStopPost=/usr/bin/env rm -f "/run/knot-resolver/control/%i"
User=knot-resolver
Group=knot-resolver
CapabilityBoundingSet=CAP_NET_RAW CAP_NET_ADMIN CAP_SYS_ADMIN CAP_SYS_RESOURCE
AmbientCapabilities=CAP_NET_RAW CAP_NET_ADMIN CAP_SYS_ADMIN CAP_SYS_RESOURCE
TimeoutStopSec=10s
WatchdogSec=10s
Restart=on-abnormal
LimitNOFILE=524288
Slice=system-kresd.slice
[Install]
WantedBy=kresd.target
```
And after we start knot resolver through `systemctl start kresd@1.service`, and run `dig @10.0.0.2 www.baidu.com`, we
cannot get reply from knot resolver
```
root@master-ubuntu1:~# systemctl status kresd@1.service
● kresd@1.service - Knot Resolver daemon
Loaded: loaded (/lib/systemd/system/kresd@.service; disabled; vendor preset: enabled)
Active: active (running) since Tue 2022-03-22 14:32:34 CST; 4s ago
Docs: man:kresd.systemd(7)
man:kresd(8)
Main PID: 17028 (kresd)
Tasks: 1 (limit: 629145)
Memory: 21.2M
CPU: 106ms
CGroup: /system.slice/system-kresd.slice/kresd@1.service
└─17028 /usr/sbin/kresd -c /usr/lib/knot-resolver/distro-preconfig.lua -c /etc/knot-resolver/kresd.conf -n
3月 22 14:32:34 master-ubuntu1 systemd[1]: Starting Knot Resolver daemon...
3月 22 14:32:34 master-ubuntu1 kresd[17028]: libbpf: Kernel error message: XDP program already attached
3月 22 14:32:34 master-ubuntu1 systemd[1]: Started Knot Resolver daemon.
```
```
root@master-ubuntu1:~# dig @10.0.0.2 www.baidu.com
; <<>> DiG 9.16.15-Ubuntu <<>> @10.0.0.2 www.baidu.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
```https://gitlab.nic.cz/knot/knot-resolver/-/issues/729preventing manager from running multiple times with the same service prefix2022-03-31T16:46:13+02:00Vaclav Sraierpreventing manager from running multiple times with the same service prefix- We are guaranteed to have exclusive access to the working directory with changes in !1263
- However, in different configuration files, there could be still same systemd unit prefix, which would lead to weird failure.
Suggested fix - ...- We are guaranteed to have exclusive access to the working directory with changes in !1263
- However, in different configuration files, there could be still same systemd unit prefix, which would lead to weird failure.
Suggested fix - use some form of `hash($cwd)` as a tag instead of configurable prefix. I don't have any other idea as of now.https://gitlab.nic.cz/knot/knot-resolver/-/issues/710modelling: more readable error messages2022-03-31T16:37:05+02:00Vaclav Sraiermodelling: more readable error messagessee https://relaxng.org/jclark/derivative.html#Error_handling for inspiration
an implementation of that is this https://relaxng.org/jclark/jing.html
cc @llhotkasee https://relaxng.org/jclark/derivative.html#Error_handling for inspiration
an implementation of that is this https://relaxng.org/jclark/jing.html
cc @llhotkaVaclav SraierVaclav Sraierhttps://gitlab.nic.cz/knot/knot-resolver/-/issues/618doh2: respond to invalid requests with proper status code2022-03-25T12:53:33+01:00Tomas Krizekdoh2: respond to invalid requests with proper status codeAs of version 5.2.0, DoH(2) only sends 200 OK HTTP status code, or closes the stream inside a connection without any status code. It would be cleaner to reply to at least some invalid requests, see test coverage `tests/config/doh2.test.l...As of version 5.2.0, DoH(2) only sends 200 OK HTTP status code, or closes the stream inside a connection without any status code. It would be cleaner to reply to at least some invalid requests, see test coverage `tests/config/doh2.test.lua` for commented out test cases.
Ignored queries (FORMERR) could also be handled, but it's outside the scope of this ticket, see #471https://gitlab.nic.cz/knot/knot-resolver/-/issues/619doh2: multiplexing DATA frames from multiple streams2022-03-21T16:18:59+01:00Tomas Krizekdoh2: multiplexing DATA frames from multiple streamsHTTP/2 can multiplex streams inside a single connection. If all the following conditions are met, one query won't be answered, even though it is a valid situation from HTTP/2 perspective.
- we have a large enough query to be split betwe...HTTP/2 can multiplex streams inside a single connection. If all the following conditions are met, one query won't be answered, even though it is a valid situation from HTTP/2 perspective.
- we have a large enough query to be split between multiple DATA frames (unlikely)
- we use POST
- the client sends two queries at the same time, interleaving their streams (probably quite unlikely)
Then, the frames on the connection could look as following:
```
HEADERS1 DATA1_1 HEADERS2 DATA2 DATA1_2
```
This is explicitly not supported, as it would require multiple session buffers for a single connection. All queries sent over POST must be serialized, e.g.:
```
HEADERS1 DATA1_1 DATA1_2 HEADERS2 DATA2
```
This does not affect GET, since all data is sent inside a HEADERS frame.https://gitlab.nic.cz/knot/knot-resolver/-/issues/727DNS64: PTR synthesis yields SERVFAIL for some cache contents2022-03-21T11:03:34+01:00Ondřej CaletkaDNS64: PTR synthesis yields SERVFAIL for some cache contentsSummary
-------
When cache is cold, PTR synthesis of DNS64 module works well. When cache gets populated by quering without DNS64 synthesis on, PTR synthesis stops working and SERVFAIL is returned instead.
Steps to reproduce
-----------...Summary
-------
When cache is cold, PTR synthesis of DNS64 module works well. When cache gets populated by quering without DNS64 synthesis on, PTR synthesis stops working and SERVFAIL is returned instead.
Steps to reproduce
------------------
```
# cat /etc/knot-resolver/kresd.conf
-- SPDX-License-Identifier: CC0-1.0
-- vim:syntax=lua:set ts=4 sw=4:
-- Refer to manual: https://knot-resolver.readthedocs.org/en/stable/
-- Network interface configuration
net.listen('127.0.0.1', 53, { kind = 'dns' })
net.listen('127.0.0.1', 853, { kind = 'tls' })
--net.listen('127.0.0.1', 443, { kind = 'doh2' })
net.listen('::1', 53, { kind = 'dns', freebind = true })
net.listen('::1', 853, { kind = 'tls', freebind = true })
--net.listen('::1', 443, { kind = 'doh2' })
-- Load useful modules
modules = {
'hints > iterate', -- Allow loading /etc/hosts or custom root hints
'stats', -- Track internal statistics
'predict', -- Prefetch expiring/frequent records
'dns64',
'view',
}
-- Disable DNS64 for IPv4
view:addr('0.0.0.0/0', policy.all(policy.FLAGS('DNS64_DISABLE')))
-- Cache size
cache.size = 100 * MB
```
First query over IPv6 works as expected:
```
# kdig @::1 -x 64:ff9b::101:101 +noall +answer
1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. 60 IN CNAME 1.1.1.1.in-addr.arpa.
1.1.1.1.in-addr.arpa. 1265 IN PTR one.one.one.one.
```
Query over IPv4, where DNS64 is disabled, also works properly with `NXDOMAIN`:
```
# kdig @127.0.0.1 -x 64:ff9b::101:101
;; ->>HEADER<<- opcode: QUERY; status: NXDOMAIN; id: 41713
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 1; ADDITIONAL: 0
;; QUESTION SECTION:
;; 1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. IN PTR
;; AUTHORITY SECTION:
ip6.arpa. 3600 IN SOA b.ip6-servers.arpa. nstld.iana.org. 2021111921 1800 900 604800 3600
```
After this query, PTR synthesis does not work anymore and yields `SERVFAIL`:
```
# kdig @::1 -x 64:ff9b::101:101
;; ->>HEADER<<- opcode: QUERY; status: SERVFAIL; id: 25807
;; Flags: qr rd ra; QUERY: 1; ANSWER: 0; AUTHORITY: 0; ADDITIONAL: 0
;; QUESTION SECTION:
;; 1.0.1.0.1.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.b.9.f.f.4.6.0.0.ip6.arpa. IN PTR
```
Clearing the cache restores correct behavior for a while.https://gitlab.nic.cz/knot/knot-resolver/-/issues/670"map() error while connecting to control socket" regression [5.2.0, 5.2.1, 5....2022-03-16T16:42:56+01:00Jonathan Coetzee"map() error while connecting to control socket" regression [5.2.0, 5.2.1, 5.3.0]I've noticed this regression when using 5.2.0+ my ARMv7 (32-bit) on Docker on Raspberry Pi OS. My logs will fill up with hundreds of the following entries
map() error while connecting to control socket /srv/knot-resolver/data/contro...I've noticed this regression when using 5.2.0+ my ARMv7 (32-bit) on Docker on Raspberry Pi OS. My logs will fill up with hundreds of the following entries
map() error while connecting to control socket /srv/knot-resolver/data/control/9: socket:connect: Connection refused (ignoring this socket)
map() error while connecting to control socket /srv/knot-resolver/data/control/6: socket:connect: Connection refused (ignoring this socket)
map() error while connecting to control socket /srv/knot-resolver/data/control/9: socket:connect: Connection refused (ignoring this socket)
map() error while connecting to control socket /srv/knot-resolver/data/control/6: socket:connect: Connection refused (ignoring this socket)
map() error while connecting to control socket /srv/knot-resolver/data/control/9: socket:connect: Connection refused (ignoring this socket)
map() error while connecting to control socket /srv/knot-resolver/data/control/6: socket:connect: Connection refused (ignoring this socket)
These logs aren't present on 5.1.3. Please let me know what other information you need.https://gitlab.nic.cz/knot/knot-resolver/-/issues/722server selection: practical issues with some Microsoft domains2022-03-14T11:17:15+01:00Vladimír Čunátvladimir.cunat@nic.czserver selection: practical issues with some Microsoft domains With some Microsoft domains (outlook.com, office.com, office365.com) a small part of the nameservers is non-responsive, but kresd (sometimes) does not gracefully fall back to the other servers.
The same issue can surely happen with som... With some Microsoft domains (outlook.com, office.com, office365.com) a small part of the nameservers is non-responsive, but kresd (sometimes) does not gracefully fall back to the other servers.
The same issue can surely happen with someone else's names as well, but this set seems far the most commonly encountered in practice. It might be related to the NS server names being served by the same partially broken set.https://gitlab.nic.cz/knot/knot-resolver/-/issues/726manager: make sure we do not get stuck waiting for systemd2022-03-13T16:39:56+01:00Vaclav Sraiermanager: make sure we do not get stuck waiting for systemdIn some weird cases, manager can get stuck on waiting for systemd. Make sure this does not happen. If not possible, add timeout to detect these states and react accordingly.
The problem is due to races happening here (some of them are a...In some weird cases, manager can get stuck on waiting for systemd. Make sure this does not happen. If not possible, add timeout to detect these states and react accordingly.
The problem is due to races happening here (some of them are already solved by !1262):
https://gitlab.nic.cz/knot/knot-resolver/-/blob/manager/manager/knot_resolver_manager/kresd_controller/systemd/dbus_api.py#L61-108https://gitlab.nic.cz/knot/knot-resolver/-/issues/723manager: race condition with watchdog while starting workers2022-03-04T12:17:09+01:00Vaclav Sraiermanager: race condition with watchdog while starting workersHow to reproduce:
1. disable worker count limit
2. set worker count to 1000
3. run the manager
4. watch the world burn (like really, these steps will trash your system)
5. manager crashes (on my machine after starting 183 instances of k...How to reproduce:
1. disable worker count limit
2. set worker count to 1000
3. run the manager
4. watch the world burn (like really, these steps will trash your system)
5. manager crashes (on my machine after starting 183 instances of kresd)
I am guessing, that the same behavior could be reproduced by hammering manager with worker count change requests. But I haven't tested that.Vaclav SraierVaclav Sraierhttps://gitlab.nic.cz/knot/knot-resolver/-/issues/432module API: add ability not to respond2022-02-28T11:58:55+01:00Petr Špačekmodule API: add ability not to respondIt would be useful for rate-limiting but we need to investigate how hard it would be, and if the difference is big enough when compared to an empty answer.It would be useful for rate-limiting but we need to investigate how hard it would be, and if the difference is big enough when compared to an empty answer.https://gitlab.nic.cz/knot/knot-resolver/-/issues/724Failing to bind to IPv6 link local addresses2022-02-23T03:16:56+01:00Jon PolomFailing to bind to IPv6 link local addressesKnot Resolver 5.4.4 appears to fail to bind to IPv6 link local addresses. This was experienced on an up-to-date Fedora 35 system. The following `net.listen()` invocations produce errors:
```
net.listen(net.diag, 53, { kind = 'dns', free...Knot Resolver 5.4.4 appears to fail to bind to IPv6 link local addresses. This was experienced on an up-to-date Fedora 35 system. The following `net.listen()` invocations produce errors:
```
net.listen(net.diag, 53, { kind = 'dns', freebind = true })
```
or, directly referencing the link local address for the diag interface:
```
net.listen('fe80::ae1f:6bff:fe6f:e818', 53, { kind = 'dns', freebind = true })
```
When asking kresd to listen on the link local address, the service fails to start and the following is observed in the log:
```
Feb 21 18:35:44 fedora kresd[21349]: [net ] bind to 'fe80::ae1f:6bff:fe6f:e818@53' (UDP): Invalid argument
Feb 21 18:35:44 fedora kresd[21349]: [system] error while loading config: error occurred here
stack traceback:
[C]: in function 'listen'
/etc/knot-resolver/kresd.conf:7: in main chunk
ERROR: net.listen() failed to bind (workdir '/var/lib/knot-resolver')
Feb 21 18:35:44 fedora systemd[1]: kresd@1.service: Main process exited, code=exited, status=1/FAILURE
Feb 21 18:35:44 fedora systemd[1]: kresd@1.service: Failed with result 'exit-code'.
Feb 21 18:35:44 fedora systemd[1]: Failed to start kresd@1.service - Knot Resolver daemon.
```
Interestingly, an IPv6 wildcard address does not result in the same error (kresd starts up just fine):
```
net.listen('::', 53, { kind = 'dns', freebind = true })
```
I was originally intending to configure kresd to listen on several named _interfaces_ (not v4 or v6 subnets) to improve resiliency in the event networks are re-assigned by using `net.listen(net.interface_name, ...)` in the config. Unfortunately this does not seem to work as it attempts to listen on the link local, producing an error and preventing the resolver process from starting.
I was initially unsure if IPv6 link local addresses were supported but noticed that #101 was opened several years ago about IPv6 LL addresses. I noticed that there was an MR referenced so I assume this is still supported? The documentation is not clear but it does not mention a limitation here either.