djbdns' tinydns does not answer requests after a few requests

[ThibautMarty]

Describe the bug
According to multiple sources [0,1,2,3] (and my experience), tinydns does not work well with glibc-2.32.
The first queries are answered (hence the NixOS test pass!) but at some point none of them are answered.
The (cryptic) errors show that tinydns drops the requests [4].

A fix consists of increasing the "softlimit". It worked for tinydns (see the patch is below).

I'm not sure how we want to handle this. This will probably not be patched upstream, so we could ship the patchs in nixpkgs.
I tested increasing the softlimit from -d300000 to -d4500000 and it works. But there are other tools in the package which could be affected as well (grep softlimit in the source code to find them) . I don't use them, don't know how to use them and don't know if they are currently broken (hence I'm filling an issue, not a PR for now). I admit that I did not read the whole mail thread. Other may have find the solutions.

[0] http://cr-yp-to.996295.n3.nabble.com/bug-in-tinydns-djbdns-td23629.html
[1] https://marc.info/?l=qmail&m=160609563211809&w=2
[2] https://rjp.is/blogging/posts/2020/11/tinydns-snafu/
[3] http://cr-yp-to.996295.n3.nabble.com/on-openbsd-s-malloc-init-mmap-failed-td23189.html
[4] ip:port:0000 / 0000 http://www.dqd.com/~mayoff/notes/djbdns/tinydns-log.html#noquery

diff --git a/tinydns-conf.c b/tinydns-conf.c
index d3a4ce5..8f43519 100644
--- a/tinydns-conf.c
+++ b/tinydns-conf.c
@@ -46,7 +46,7 @@ int main(int argc,char **argv)

  start("run");
  outs("#!/bin/sh\nexec 2>&1\nexec envuidgid "); outs(user);
-  outs(" envdir ./env softlimit -d300000 ");
+  outs(" envdir ./env softlimit -d4500000 ");
  outs(auto_home); outs("/bin/tinydns\n");
  finish();
  perm(0755);

To Reproduce
Steps to reproduce the behavior:

1. build a machine with the configuration below on commit 9e377a6, for instance a VM: nix-build -E '(import <nixpkgs/nixos> { configuration = ./configuration.nix; }).vm' -I nixpkgs=/path/to/nixpkgs
2. start it, wait and log in
3. run multiple requests: until ! dig bla.foo.bar @127.0.0.1 ; do echo ; done
4. the server should stop answering after a few successful requests and its log shows that it gets the request and dropped them.

Log:

(...)
Apr 10 17:23:54 nixos tinydns-start[716]: 7f000001:dd8b:5a27 + 0001 bla.foo.bar
Apr 10 17:23:54 nixos tinydns-start[716]: 7f000001:a030:7172 + 0001 bla.foo.bar
Apr 10 17:23:54 nixos tinydns-start[716]: 7f000001:aec4:ccdf - 0001 bla.foo.bar
Apr 10 17:23:54 nixos kernel: mmap: tinydns (716): VmData 307200 exceed data ulimit 300000. Update limits or use boot option ignore_rlimit_data.
Apr 10 17:23:59 nixos tinydns-start[716]: 7f000001:aec4:0000 / 0000 .
Apr 10 17:24:04 nixos tinydns-start[716]: 7f000001:aec4:0000 / 0000 .

configuration.nix:

{ pkgs, ... }:
{
  services.tinydns = {
    enable = true;
    data = ''
      .foo.bar:1.2.3.4
      +.bla.foo.bar:1.2.3.4:300
    '';
  };
  environment.systemPackages = [ pkgs.bind.dnsutils ];

Expected behavior
The server should answer to all correct requests.

Notify maintainers
@basvandijk @jerith666

Metadata

• system: "x86_64-linux"
• host os: Linux 5.10.27, NixOS, 21.05pre-git (Okapi)
• multi-user?: yes
• sandbox: yes
• version: nix-env (Nix) 2.3.10
• channels(root): "nixos-20.09.3774.a6847cb5460"
• nixpkgs: /nix/var/nix/profiles/per-user/root/channels/nixos

Note: I did not use the channel but a nixpkgs checkout on nixos-unstable (9e377a6).

Maintainer information:

# a list of nixpkgs attributes affected by the problem
attribute:
# a list of nixos modules affected by the problem
module:

[jerith666]

I don't have 30286eb in my server that's using djbdns yet, so haven't noticed this problem. But four web citations is enough to convince me it's a real issue.

Can we add a loop in the nixos test to capture the bug? If so then I think a patch that makes the test pass is a pretty easy sell.

Thanks for documenting this so thoroughly!

[stale]

I marked this as stale due to inactivity. → More info

[jerith666]

Has a PR, no longer stale.