Adblock crashes dnsmasq (SIGSEGV) in recent trunk

In recent trunk builds (specifically, using dnsmasq 2.86), now running r17747, I cannot use Adblock without crashing dnsmasq. The relevant messages in syslog are the following:

Wed Oct 13 09:15:33 2021 kern.info kernel: [58289.878532] do_page_fault(): sending SIGSEGV to dnsmasq for invalid read access from 6f727468
Wed Oct 13 09:15:33 2021 kern.info kernel: [58289.887236] epc = 555ad4cb in dnsmasq[5559a000+41000]
Wed Oct 13 09:15:33 2021 kern.info kernel: [58289.892394] ra  = 555aef39 in dnsmasq[5559a000+41000]

And then:
daemon.info procd: Instance dnsmasq::cfg01411c s in a crash loop 6 crashes, 19 seconds since last crash

Other messages are only related to dnsmasq restarting:

Wed Oct 13 09:15:45 2021 daemon.info dnsmasq[2589]: started, version 2.86 cachesize 150
Wed Oct 13 09:15:45 2021 daemon.info dnsmasq[2589]: compile time options: IPv6 GNU-getopt no-RTC no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua no-TFTP conntrack ipset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile
Wed Oct 13 09:15:45 2021 daemon.info dnsmasq[2589]: UBus support enabled: connected to system bus
Wed Oct 13 09:15:45 2021 daemon.info dnsmasq-dhcp[2589]: DHCP, IP range 192.168.196.1 -- 192.168.196.89, lease time 7d
Wed Oct 13 09:15:45 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for test
Wed Oct 13 09:15:45 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for onion
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for localhost
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for local
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for invalid
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for bind
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for www.distinctfreight.co.zw
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for candid.zone
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for dlvr.it
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for admarkt.marktplaats.nl
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for googleadservices.com
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for ziggo.nl
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for tinyurl.com
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for bit.ly
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for youtu.be
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for tweakers.net
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for avbohemen.lok
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using 19330 more local addresses
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: reading /tmp/resolv.conf.d/resolv.conf.auto
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using nameserver 84.116.46.23#53
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using nameserver 84.116.46.22#53
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for test
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for onion
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for localhost
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for local
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for invalid
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for bind
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for www.distinctfreight.co.zw
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using only locally-known addresses for candid.zone
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for dlvr.it
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for admarkt.marktplaats.nl
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for googleadservices.com
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for ziggo.nl
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for tinyurl.com
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for bit.ly
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for youtu.be
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for tweakers.net
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using standard nameservers for avbohemen.lok
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: using 19330 more local addresses
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: read /etc/hosts - 6 addresses
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: read /tmp/hosts/dhcp.cfg01411c - 2 addresses
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq[2589]: read /tmp/hosts/odhcpd - 3 addresses
Wed Oct 13 09:15:46 2021 daemon.info dnsmasq-dhcp[2589]: read /etc/ethers - 0 addresses

No messages indicating memory pressure. My blocklist used to be ~100,000 entries and it ran fine with dnsmasq 2.85. Router is a TP-Link Archer C7 v2 (128MB RAM). To be sure that the size of the blocklist was not an issue, I reduced the list first to ~50,000 entries and then 20,000. Still crashes.

Configs:

Adblock:

config adblock 'global'
        option adb_enabled '1'
        option adb_debug '0'
        option adb_forcedns '0'
        option adb_safesearch '0'
        option adb_dnsfilereset '0'
        option adb_mail '0'
        option adb_report '0'
        option adb_maxqueue '4'
        option adb_dns 'dnsmasq'
        option adb_fetchutil 'uclient-fetch'
        option adb_trigger 'wan'
        option adb_backup '0'
        list adb_sources 'adaway'
        list adb_sources 'adguard_tracking'
        list adb_sources 'bitcoin'
        list adb_sources 'openphish'
        list adb_sources 'smarttv_tracking'
        list adb_sources 'winspy'

Dnsmasq (from /etc/config/dhcp)

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option expandhosts '1'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option local '/avbohemen.lok/'
        option domain 'avbohemen.lok'
        option filterwin2k '1'
        list addnhosts '/tmp/adb_list.overall'
        option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
        option confdir '/tmp/dnsmasq.d'

The crash does not occur when I disable adblock completely.
Anyone got any ideas?

remove that entry and try again. That's not set by adblock.

Done. Still same crash, after 17 seconds:

Wed Oct 13 13:21:00 2021 user.info adblock-4.1.3[6768]: blocklist with overall 19331 blocked domains loaded successfully (TP-Link Archer C7 v2, OpenWrt SNAPSHOT r17747-9d994f35b4)
Wed Oct 13 13:21:37 2021 kern.info kernel: [73054.307295] do_page_fault(): sending SIGSEGV to dnsmasq for invalid read access from 6f727468
Wed Oct 13 13:21:37 2021 kern.info kernel: [73054.316025] epc = 555b54cb in dnsmasq[555a2000+41000]
Wed Oct 13 13:21:37 2021 kern.info kernel: [73054.321161] ra  = 555b6f39 in dnsmasq[555a2000+41000]

Sorry, no more ideas ... check if there any unusual files in /tmp/dnsmasq.d (or reboot the router). I'm on the same snapshot level and it's not reproducible for me ...

There was a talk about newer dnsmasq versions not supporting ipsets properly, could it be the case?

I have ipset enabled, I selected dnsmasq-full and ipset (actually, I selected everything except tftp). So, ipsets should work.

I reverted back to dnsmasq 2.85 and everythis is ok with adblock again.

adblock does not use any ipsets.

After trying again with a new build (and a new 5.10 kernel instead of 5.4) the issue remains the same. Dnsmasq still crashes for me if adblok is enabled, still with a SIGSEGV error, not memory pressure.

Build: OpenWrt SNAPSHOT, r18394-962c585580

Thu Dec 23 17:17:04 2021 kern.info kernel: [  478.702683] do_page_fault(): sending SIGSEGV to dnsmasq for invalid read access from 73000000
Thu Dec 23 17:17:04 2021 kern.info kernel: [  478.711383] epc = 555f389b in dnsmasq[555e0000+41000]
Thu Dec 23 17:17:04 2021 kern.info kernel: [  478.716828] ra  = 555f51f9 in dnsmasq[555e0000+41000]

I cant reproduce this on latest master on a r7800.

config adblock 'global'
	option adb_debug '0'
	option adb_safesearch '0'
	option adb_dnsfilereset '0'
	option adb_mail '0'
	option adb_report '0'
	option adb_backup '1'
	option adb_dns 'dnsmasq'
	option adb_fetchutil 'curl'
	option adb_dnsflush '1'
	option adb_trigger 'wan'
	option adb_forcedns '1'
	list adb_zonelist 'lan'
	option adb_enabled '1'
	option adb_triggerdelay '5'
	option adb_maxqueue '16'
	option adb_dnsinstance '0'
	option adb_dnstimeout '30'
	option adb_dnsallow '1'
	list adb_stb_sources 'hosts'
	list adb_sources 'adaway'
	list adb_sources 'adguard'
	list adb_sources 'anti_ad'
	list adb_sources 'bitcoin'
	list adb_sources 'spam404'
	list adb_sources 'yoyo'

You mite have to do a full reset and start again with your configs.

I see incorrect behavior and crashes with just server=/netflix.com/# and address=/netflix.com/100::1 entries.
I see some discussions on the dnsmasq mailing list (found via web search) that suggest there are some bugs they're trying to fix. I couldn't quite tell if those were fixed yet in any interim versions, or just in their trunk awaiting a new release. I'd keep an eye out for dnsmasq 2.87.

The bug with server & address that causes SEGV in dnsmasq is fixed post-2.86, here upstream:
https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=de372d6914ae20a1f9997815f258efbf3b14c39b
So maybe good to try this all again once 2.87 is ready.