Bug 549284 - ISC BIND (named) crashes with "keytable.c:286: REQUIRE(nextnodep != ((void *)0) && *nextnodep == ((void *)0)) failed"
Summary: ISC BIND (named) crashes with "keytable.c:286: REQUIRE(nextnodep != ((void *)...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: bind
Version: 11
Hardware: i386
OS: Linux
low
high
Target Milestone: ---
Assignee: Adam Tkac
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 551031 553814 (view as bug list)
Depends On:
Blocks: 554316 CVE-2010-3762
TreeView+ depends on / blocked
 
Reported: 2009-12-21 07:51 UTC by Frantisek Hanzlik
Modified: 2013-04-30 23:44 UTC (History)
9 users (show)

Fixed In Version: bind-9.6.1-9.P3.fc11
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 554316 (view as bug list)
Environment:
Last Closed: 2010-01-25 11:58:19 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
proposed patch (873 bytes, patch)
2010-01-11 10:55 UTC, Adam Tkac
no flags Details | Diff

Description Frantisek Hanzlik 2009-12-21 07:51:15 UTC
Description of problem:
named repeatedly crashes (on several independent sites), in "/var/log/messages" are lines:
Dec 21 07:21:43 ns named[1602]: no valid KEY resolving '77.in-addr.arpa/DNSKEY/IN': 192.36.125.2#53
Dec 21 07:21:43 ns named[1602]: no valid KEY resolving '77.in-addr.arpa/DNSKEY/IN': 199.212.0.53#53
Dec 21 07:21:43 ns named[1602]: no valid KEY resolving '77.in-addr.arpa/DNSKEY/IN': 193.0.0.195#53
Dec 21 07:21:43 ns named[1602]: no valid KEY resolving '77.in-addr.arpa/DNSKEY/IN': 202.12.28.140#53
Dec 21 07:21:44 ns named[1602]: keytable.c:286: REQUIRE(nextnodep != ((void *)0) && *nextnodep == ((void *)0)) failed
Dec 21 07:21:44 ns named[1602]: exiting (due to assertion failure)



Version-Release number of selected component (if applicable):
9.6.1-P2-RedHat-9.6.1-7.P2.fc11

Additional info:
At affected nodes named run with DNSSEC enabled. Crashes may be related with dlv.isc.org inaccessibility. But crashes are non acceptable

Comment 1 Frantisek Hanzlik 2009-12-28 13:37:41 UTC
Disabling DNSSEC (I suppose comment named.conf lines

//      dnssec-enable yes;
//      dnssec-validation yes;
//      dnssec-lookaside . trust-anchor dlv.isc.org.;

do it) does not help.

I call for increase priority of this bug.

Comment 2 Ray Todd Stevens 2009-12-29 19:51:36 UTC
For me this seems to relate to something about lots of bad lookups or doing inaddr lookups.  (or at least that is when I see it)

Example
Dec 28 07:47:23 *  named[3491]: network unreachable resolving '92.in-addr.arpa/DNSKEY/IN': 2001:660:3006:1::1:1#53
Dec 28 07:47:23 * named[3491]: network unreachable resolving '92.in-addr.arpa/DNSKEY/IN': 2001:dc0:1:0:4777::140#53

By the way we are not doing ip6, but the system regularly insists on trying to do lookups on ip6 addresses.

Hope this helps.

Comment 3 Frantisek Hanzlik 2010-01-06 04:29:41 UTC
On my sites we are not doing IPv6 too (loading ipv6.ko kernel module is supressed, then no interface own IPv6 address), and bind does not ip6 lookups.

But messages as:
Dec 21 07:21:42 ns named[1912]: no valid KEY resolving '95.in-addr.arpa/DNSKEY/IN': 199.212.0.53#53

Dec 21 07:21:42 ns named[1912]: unexpected RCODE (SERVFAIL) resolving '95.in-addr.arpa/DNSKEY/IN': 200.3.13.11#53

Jan  1 05:20:12 ns named[23401]: not insecure resolving '228.9.60.86.in-addr.arpa/PTR/IN': 192.36.125.2#53

Jan  1 05:20:18 ns named[23401]: no valid RRSIG resolving '228.9.60.86.in-addr.arpa/PTR/IN': 193.0.0.195#53

Jan  1 05:55:14 ns named[23401]: unexpected RCODE (REFUSED) resolving 'cache.freebsd.lublin.pl/A/IN': 77.79.235.102#53

appears frequently in /var/log/messages, first one even 10x per second.

Comment 4 Adam Tkac 2010-01-11 10:27:07 UTC
*** Bug 553814 has been marked as a duplicate of this bug. ***

Comment 5 Adam Tkac 2010-01-11 10:55:24 UTC
Created attachment 382949 [details]
proposed patch

Patch has been sent to upstream for review, will be part of next update.

Comment 6 Adam Tkac 2010-01-11 11:28:35 UTC
*** Bug 551031 has been marked as a duplicate of this bug. ***

Comment 7 Need Real Name 2010-01-12 19:48:30 UTC
The problem continues to persist in bind-9.6.1-7.P2.fc11.x86_64 

Jan 12 14:22:37 mn3 named[1840]: general: keytable.c:286: REQUIRE(nextnodep != ((void *)0) && *nextnodep == ((void *)0)) failed
Jan 12 14:22:37 mn3 named[1840]: general: exiting (due to assertion failure)

Comment 8 Need Real Name 2010-01-13 08:53:01 UTC
Can you prioritize the fix & update.
The DNS server stops working 2-3 times a day because of this.

Comment 9 Adam Tkac 2010-01-13 11:08:27 UTC
I just built updated package but I'm not going to release it because I expect upstream release soon (~ 1 week). You can use it if you would like to fix this issue right now. Build is located on http://kojiweb.fedoraproject.org/koji/buildinfo?buildID=150709.

Comment 10 Gary Myers 2010-01-14 20:41:19 UTC
I have created a crude script to monitor the daemon via a cron job for the
servers I maintain.


#!/bin/bash

CHECK=`/sbin/service named status | grep -c "server is up"`

if [ $CHECK = 0 ]; then
  service named restart
fi

exit 0


I call this file 'named-monitor' and I placed it in /root with 700 permissions
and root:root ownership. I call the script from /etc/cron.d/named-monitor thus:


# Cron script to run named-check every 5 minutes.

*/5 * * * * root /root/named-check


If the named daemon is not running for any reason, it will be restarted. If it
is running, the script simply exits. This should keep us going until the new
packages are released.

HTH  :)

Comment 11 Need Real Name 2010-01-15 07:53:18 UTC
I used the named as
rpmbuild --rebuild http://kojipkgs.fedoraproject.org/packages/bind/9.6.1/8.P2.fc11/src/bind-9.6.1-8.P2.fc11.src.rpm

from the link above (updated, but not released)
seems to be working just fince since Wed 13 Jan 2010 08:58:47 AM EST

Comment 12 Adam Tkac 2010-01-25 11:58:19 UTC
Fixed in bind-9.6.1-9.P3.fc11.

Comment 13 Anthony Messina 2010-01-30 20:55:30 UTC
While my named daemon is not crashing, with version bind-9.6.1-16.P3.fc12.x86_64, I still have logs filled with entries like the following.  I do use IPv4 and IPv6.

Jan 30 14:50:45 chicago named[5908]: no valid RRSIG resolving '89.85.in-addr.arpa/DS/IN': 199.212.0.53#53                                                                                                      
Jan 30 14:50:45 chicago named[5908]: no valid KEY resolving '85.in-addr.arpa/DNSKEY/IN': 199.212.0.53#53                                                                                                       
Jan 30 14:50:45 chicago named[5908]: no valid KEY resolving '85.in-addr.arpa/DNSKEY/IN': 2001:660:3006:1::1:1#53                                                                                               
Jan 30 14:50:45 chicago named[5908]: no valid KEY resolving '85.in-addr.arpa/DNSKEY/IN': 193.0.0.195#53                                                                                                        
Jan 30 14:50:46 chicago named[5908]: no valid KEY resolving '85.in-addr.arpa/DNSKEY/IN': 192.36.125.2#53                                                                                                       
Jan 30 14:50:46 chicago named[5908]: no valid KEY resolving '85.in-addr.arpa/DNSKEY/IN': 202.12.28.140#53

Comment 14 Adam Tkac 2010-02-02 10:39:18 UTC
(In reply to comment #13)
> While my named daemon is not crashing, with version
> bind-9.6.1-16.P3.fc12.x86_64, I still have logs filled with entries like the
> following.  I do use IPv4 and IPv6.
> 
> Jan 30 14:50:45 chicago named[5908]: no valid RRSIG resolving
> '89.85.in-addr.arpa/DS/IN': 199.212.0.53#53                                     
> Jan 30 14:50:45 chicago named[5908]: no valid KEY resolving
> '85.in-addr.arpa/DNSKEY/IN': 199.212.0.53#53                                    
> Jan 30 14:50:45 chicago named[5908]: no valid KEY resolving
> '85.in-addr.arpa/DNSKEY/IN': 2001:660:3006:1::1:1#53                            
> Jan 30 14:50:45 chicago named[5908]: no valid KEY resolving
> '85.in-addr.arpa/DNSKEY/IN': 193.0.0.195#53                                     
> Jan 30 14:50:46 chicago named[5908]: no valid KEY resolving
> '85.in-addr.arpa/DNSKEY/IN': 192.36.125.2#53                                    
> Jan 30 14:50:46 chicago named[5908]: no valid KEY resolving
> '85.in-addr.arpa/DNSKEY/IN': 202.12.28.140#53    

This issue is tracked as bug #556366.


Note You need to log in before you can comment on or make changes to this bug.