Add universal crash backtrace via _Unwind_Backtrace by DL6ER · Pull Request #2811 · pi-hole/FTL

DL6ER · 2026-03-20T13:07:36Z

What does this implement/fix?

Implement automatic backtrace generation based on GCC's libgcc. The advantage of this is that it works on both glibc and musl, static-pie and dynamic builds, and across all supported architectures. More important, it works fine on binaries built on the CI and shipped to the users.

New subcommands:

pihole-FTL crash: triggers a deterministic SIGSEGV to test the crash handler and error reporting end-to-end
pihole-FTL backtrace: prints a live backtrace without crashing, for inspection on a given build or platform

While testing, I found and fixed two bugs:

removePID(): guard config.files.pid.v.s != NULL before fopen() to prevent a secondary SIGSEGV. This is kind of an edge-case and is only relevant if a crash happens really early on (like in our test), i.e., when config was not yet loaded
signal_handler(): flush stdout immediately after generate_backtrace() so the output is preserved even if cleanup() faults on uninitialized state before exit() can flush stdio

Example output:

./pihole-FTL crash
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
---------------------------->  FTL crashed!  <----------------------------
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Please report a bug at https://github.com/pi-hole/FTL/issues
and include in your report already the following details:
FTL has been running for 0 seconds
FTL branch: new/backtraces
FTL version: v6.5-46-g8149f073
FTL commit: 8149f073
FTL date: 2026-03-20 05:47:11 +0100
FTL user: started as d, ended as d
Compiled for x86_64 (compiled locally) using cc (Ubuntu 13.3.0-6ubuntu2~24.04.1) 13.3.0
Process details: MID: 0
                 PID: 3092519
                 TID: 3092519
                 Name: pihole-FTL
Received signal: Segmentation fault
     at address: 0x7641f3f29000
     with code:  SEGV_ACCERR (Invalid permissions for mapped object)
Backtrace (8 frames):                                                         <---------------
  #0   generate_backtrace              src/signals.c:255                      <---------------
  #1   signal_handler                  src/signals.c:393                      <---------------
  #2   0x7641f3a4532f  (libc.so.6, no debug info)                             <---------------
  #3   parse_args                      src/args.c:273                         <---------------
  #4   main                            src/main.c:66                          <---------------
  #5   0x7641f3a2a1c9  (libc.so.6, no debug info)                             <---------------
  #6   0x7641f3a2a28a  (libc.so.6  __libc_start_main+0x8a)                    <---------------
  #7   _start                          ??:?                                   <---------------
------ Listing content of directory /dev/shm ------
File Mode User:Group      Size  Filename
rwxrwxrwx root:root       380   .
rwxr-xr-x root:root         5k  ..
rw------- pihole:pihole   768k  FTL-2916536-recycler
rw------- pihole:pihole    36k  FTL-2916536-dns-cache-lookup
rw------- pihole:pihole    24k  FTL-2916536-domains-lookup
rw------- pihole:pihole     4k  FTL-2916536-clients-lookup
rw------- pihole:pihole   555k  FTL-2916536-fifo-log
rw------- pihole:pihole     4k  FTL-2916536-per-client-regex
rw------- pihole:pihole   948k  FTL-2916536-dns-cache
rw------- pihole:pihole     8k  FTL-2916536-overTime
rw------- pihole:pihole     3M  FTL-2916536-queries
rw------- pihole:pihole    28k  FTL-2916536-upstreams
rw------- pihole:pihole   340k  FTL-2916536-clients
rw------- pihole:pihole   440k  FTL-2916536-domains
rw------- pihole:pihole   240k  FTL-2916536-strings
rw------- pihole:pihole   144   FTL-2916536-settings
rw------- pihole:pihole   344   FTL-2916536-counters
rw------- pihole:pihole   120   FTL-2916536-lock
rwxrwx--- d:d             120   jack_db-1000
---------------------------------------------------
Please also include some lines from above the !!!!!!!!! header.
Thank you for helping us to improve our FTL engine!
Segmentation fault (core dumped)

Related issue or feature (if applicable): N/A

Pull request in docs with documentation (if applicable): N/A

By submitting this pull request, I confirm the following:

I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
I have commented my proposed changes within the code.
I am willing to help maintain this change if there are issues with it later.
It is compatible with the EUPL 1.2 license
I have squashed any insignificant commits. (git rebase)

Checklist:

The code change is tested and works locally.
I based my code and PRs against the repositories development branch.
I signed off all commits. Pi-hole enforces the DCO for all contributions
I signed all my commits. Pi-hole requires signatures to verify authorship
I have read the above and my PR is ready for review.

Replace the glibc-only execinfo.h backtrace with _Unwind_Backtrace from GCC's libgcc, which works on glibc and musl, static-pie and dynamic, across all supported architectures. Key design decisions: - __ehdr_start (GNU ld linker symbol) gives the PIE load base reliably on all targets, replacing dl_iterate_phdr which does not enumerate the main executable consistently on musl static builds - SOURCE_ROOT compile definition strips the build machine prefix so backtraces show project-relative paths (src/signals.c:42) - dladdr() resolves dynamic symbol names from .dynsym for stripped shared-library frames; /proc/self/maps provides the library name as fallback when no symbol is exported - Each frame is logged as a single line: #N func_name src/file.c:line (resolved) #N 0xADDRESS (libc.so.6 sym+off) (unresolved) New subcommands: - crash: triggers a deterministic SIGSEGV via mmap(PROT_NONE) (not UB, not elided by the optimizer, not caught by sanitizers) to validate the crash handler end-to-end - backtrace: prints a live backtrace without crashing, for manual inspection on a given build or platform CI: add check_crash() to test/arch_test.sh, called unconditionally for every architecture to verify the handler fires and a backtrace is produced. Bug fixes: - removePID(): guard config.files.pid.v.s != NULL before fopen() to prevent a secondary SIGSEGV when config was never loaded (e.g. crash/backtrace subcommands) - signal_handler(): fflush(stdout) immediately after generate_backtrace() so the output is preserved even if cleanup() faults on uninitialized state before exit() can flush stdio Signed-off-by: Dominik <dl6er@dl6er.de>

rdwebdesign

Tested in a docker-pi-hole container (alpine).

I think we can add one more thing...

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>

pralor-bot · 2026-04-03T17:52:44Z

This pull request has been mentioned on Pi-hole Userspace. There might be relevant details there:

https://discourse.pi-hole.net/t/pi-hole-ftl-v6-6-web-v6-5-and-core-v6-4-1-released/85626/1

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [jacklul/pihole](https://redirect.github.com/pi-hole/docker-pi-hole) | minor | `2026.02.0` → `2026.04.0` | --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (jacklul/pihole)</summary> ### [`v2026.04.0`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.04.0) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0)  #### What's Changed (Docker Specific - all related to CI/build) - Group dependabot PRs to reduce PR spam by [@yubiuser](https://redirect.github.com/yubiuser) in [#2004](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2004) - ci: switch image publishing to docker/github-builder by [@crazy-max](https://redirect.github.com/crazy-max) in [#2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - Readme Rework by [@PromoFaux](https://redirect.github.com/PromoFaux) in [#1958](https://redirect.github.com/pi-hole/docker-pi-hole/pull/1958) - Replace Python test suite with BATS and consolidate workflows by [@PromoFaux](https://redirect.github.com/PromoFaux) in [#2009](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2009) - Add timeout to curl command in branch validation by [@RynoCODE](https://redirect.github.com/RynoCODE) in [#2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - Use bats-assert library functions in BATS test suite by [@Copilot](https://redirect.github.com/Copilot) in [#2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) - ci: run build job on pull request event by [@crazy-max](https://redirect.github.com/crazy-max) in [#2021](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2021) - Update github-builder to v1.5.0 and enable fail-fast by [@yubiuser](https://redirect.github.com/yubiuser) in [#2022](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2022) #### New Contributors - [@crazy-max](https://redirect.github.com/crazy-max) made their first contribution in [#2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - [@RynoCODE](https://redirect.github.com/RynoCODE) made their first contribution in [#2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - [@Copilot](https://redirect.github.com/Copilot) made their first contribution in [#2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) **Full Changelog**: <pi-hole/docker-pi-hole@2026.02.0...2026.04.0> #### Component Release Notes  #### What's Changed (FTL v6.6) - Fix possible resolver issue on armv5tel by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2781](https://redirect.github.com/pi-hole/FTL/pull/2781) - Introduce CMake options for optional dependencies by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) - Fix build without mbedtls \[v2] by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2796](https://redirect.github.com/pi-hole/FTL/pull/2796) - Fix overTime data when database.DBimport = false by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2788](https://redirect.github.com/pi-hole/FTL/pull/2788) - Fix cross-compilation issues w/ custom toolchain by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2797](https://redirect.github.com/pi-hole/FTL/pull/2797) - Add new option for controling name resolution via MAC address by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2790](https://redirect.github.com/pi-hole/FTL/pull/2790) - Fix obtaining client groups by name by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2791](https://redirect.github.com/pi-hole/FTL/pull/2791) - Ensure API sessions are restored before starting the HTTP server by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2803](https://redirect.github.com/pi-hole/FTL/pull/2803) - Add form-action 'self' to Content-Security-Policy by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2804](https://redirect.github.com/pi-hole/FTL/pull/2804) - Add query\_frequency to /padd endpoint by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2806](https://redirect.github.com/pi-hole/FTL/pull/2806) - Guard query-count counters against unsigned underflow by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2815](https://redirect.github.com/pi-hole/FTL/pull/2815) - Add universal crash backtrace via \_Unwind\_Backtrace by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2811](https://redirect.github.com/pi-hole/FTL/pull/2811) - config: show totp\_secret presence in CLI output by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2813](https://redirect.github.com/pi-hole/FTL/pull/2813) - Fix client count inflation for rate-limited queries by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2814](https://redirect.github.com/pi-hole/FTL/pull/2814) - Fix stack buffer overflow in get\_process\_name() by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2821](https://redirect.github.com/pi-hole/FTL/pull/2821) - Do not restart FTL while `pihole -g` is still ongoing by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2419](https://redirect.github.com/pi-hole/FTL/pull/2419) #### Security Advisories - [GHSA-r7g8-3fj7-m5qq - Authorization bypass: CLI API sessions can import Teleporter archives and modify configuration](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-r7g8-3fj7-m5qq) reported by [@mzalzahrani](https://redirect.github.com/mzalzahrani) - Remote Code Execution (RCE) via Newline Injection in Multiple Configuration Parameters reported by [@T0X1Cx](https://redirect.github.com/T0X1Cx) - [pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c) - [pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp) - [pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m) - [pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj) - [pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj) #### New Contributors - [@aeolio](https://redirect.github.com/aeolio) made their first contribution in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) **Full Changelog**: <pi-hole/FTL@v6.5...v6.6>  #### What's Changed (Web v6.5) - Amend teleporter help text that the long-term data is not included by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3721](https://redirect.github.com/pi-hole/web/pull/3721) - Do not use 3 columns when boxed layout is used by [@rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3722](https://redirect.github.com/pi-hole/web/pull/3722) - Use <kbd>ENTER</kbd> instead of <kbd>⏎</kbd> by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3727](https://redirect.github.com/pi-hole/web/pull/3727) - Don't link to github releases if docker tag is nightly by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3718](https://redirect.github.com/pi-hole/web/pull/3718) - Do not try to compare component version when remote version info is not available by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3729](https://redirect.github.com/pi-hole/web/pull/3729) - Show loading overlay when adding/removing CNAME records as it requires a FTL restart by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3742](https://redirect.github.com/pi-hole/web/pull/3742) - fix: check on responseJSON when wrong password by [@guybrush2105](https://redirect.github.com/guybrush2105) in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) - Remove the loggingButton from Settings > System > Actions by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3747](https://redirect.github.com/pi-hole/web/pull/3747) #### Security Advisories - Multiple Stored HTML Injections and XSS in different web interface pages reported by [@andrejtomci](https://redirect.github.com/andrejtomci) - [GHSA-jx8x-mj2r-62vq - Stored HTML Injection in queries.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-jx8x-mj2r-62vq) - [GHSA-9rfm-c5g6-538p - Stored HTML attribute injection](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-9rfm-c5g6-538p) - [GHSA-px6w-85wp-ww9v - Stored XSS / HTML injection in the Network page/Dashboard](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-px6w-85wp-ww9v) - [GHSA-7xqw-r9pr-qv59 - Reflected XSS / HTML injection in taillog.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-7xqw-r9pr-qv59) (Also reported by [@n1rwhex](https://redirect.github.com/n1rwhex) and [@mzalzahrani](https://redirect.github.com/mzalzahrani)) #### New Contributors - [@guybrush2105](https://redirect.github.com/guybrush2105) made their first contribution in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) **Full Changelog**: <pi-hole/web@v6.4.1...v6.5>  #### What's Changed (Core v6.4.1) - Remove additional ':' from debug log system time output by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6551](https://redirect.github.com/pi-hole/pi-hole/pull/6551) - Remove `readonly` from piholeNetworkFlush.sh to avoid error message by [@rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/pi-hole#6554](https://redirect.github.com/pi-hole/pi-hole/pull/6554) - Add antigravity index by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/pi-hole#6573](https://redirect.github.com/pi-hole/pi-hole/pull/6573) - Fix return status capture of FTL check\_download exists by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6572](https://redirect.github.com/pi-hole/pi-hole/pull/6572) - Remove misleading TODO comment for SetWebPassword by [@10adnan75](https://redirect.github.com/10adnan75) in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) #### Security Advisories - [GHSA-c935-8g63-qp74 – Local Privilege Escalation](https://redirect.github.com/pi-hole/pi-hole/security/advisories/GHSA-c935-8g63-qp74) reported by [@smittix](https://redirect.github.com/smittix) #### New Contributors - [@10adnan75](https://redirect.github.com/10adnan75) made their first contribution in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) - [@Copilot](https://redirect.github.com/Copilot) made their first contribution in [pi-hole/pi-hole#6580](https://redirect.github.com/pi-hole/pi-hole/pull/6580) **Full Changelog**: <pi-hole/pi-hole@v6.4...v6.4.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/bigbeartechworld/big-bear-universal-apps).

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [pihole/pihole](https://redirect.github.com/pi-hole/docker-pi-hole) | minor | `2026.02.0` → `2026.04.0` | --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (pihole/pihole)</summary> ### [`v2026.04.0`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.04.0) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0)  #### What's Changed (Docker Specific - all related to CI/build) - Group dependabot PRs to reduce PR spam by [@yubiuser](https://redirect.github.com/yubiuser) in [#2004](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2004) - ci: switch image publishing to docker/github-builder by [@crazy-max](https://redirect.github.com/crazy-max) in [#2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - Readme Rework by [@PromoFaux](https://redirect.github.com/PromoFaux) in [#1958](https://redirect.github.com/pi-hole/docker-pi-hole/pull/1958) - Replace Python test suite with BATS and consolidate workflows by [@PromoFaux](https://redirect.github.com/PromoFaux) in [#2009](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2009) - Add timeout to curl command in branch validation by [@RynoCODE](https://redirect.github.com/RynoCODE) in [#2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - Use bats-assert library functions in BATS test suite by [@Copilot](https://redirect.github.com/Copilot) in [#2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) - ci: run build job on pull request event by [@crazy-max](https://redirect.github.com/crazy-max) in [#2021](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2021) - Update github-builder to v1.5.0 and enable fail-fast by [@yubiuser](https://redirect.github.com/yubiuser) in [#2022](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2022) #### New Contributors - [@crazy-max](https://redirect.github.com/crazy-max) made their first contribution in [#2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - [@RynoCODE](https://redirect.github.com/RynoCODE) made their first contribution in [#2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - [@Copilot](https://redirect.github.com/Copilot) made their first contribution in [#2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) **Full Changelog**: <pi-hole/docker-pi-hole@2026.02.0...2026.04.0> #### Component Release Notes  #### What's Changed (FTL v6.6) - Fix possible resolver issue on armv5tel by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2781](https://redirect.github.com/pi-hole/FTL/pull/2781) - Introduce CMake options for optional dependencies by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) - Fix build without mbedtls \[v2] by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2796](https://redirect.github.com/pi-hole/FTL/pull/2796) - Fix overTime data when database.DBimport = false by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2788](https://redirect.github.com/pi-hole/FTL/pull/2788) - Fix cross-compilation issues w/ custom toolchain by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2797](https://redirect.github.com/pi-hole/FTL/pull/2797) - Add new option for controling name resolution via MAC address by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2790](https://redirect.github.com/pi-hole/FTL/pull/2790) - Fix obtaining client groups by name by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2791](https://redirect.github.com/pi-hole/FTL/pull/2791) - Ensure API sessions are restored before starting the HTTP server by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2803](https://redirect.github.com/pi-hole/FTL/pull/2803) - Add form-action 'self' to Content-Security-Policy by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2804](https://redirect.github.com/pi-hole/FTL/pull/2804) - Add query\_frequency to /padd endpoint by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2806](https://redirect.github.com/pi-hole/FTL/pull/2806) - Guard query-count counters against unsigned underflow by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2815](https://redirect.github.com/pi-hole/FTL/pull/2815) - Add universal crash backtrace via \_Unwind\_Backtrace by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2811](https://redirect.github.com/pi-hole/FTL/pull/2811) - config: show totp\_secret presence in CLI output by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2813](https://redirect.github.com/pi-hole/FTL/pull/2813) - Fix client count inflation for rate-limited queries by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2814](https://redirect.github.com/pi-hole/FTL/pull/2814) - Fix stack buffer overflow in get\_process\_name() by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2821](https://redirect.github.com/pi-hole/FTL/pull/2821) - Do not restart FTL while `pihole -g` is still ongoing by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2419](https://redirect.github.com/pi-hole/FTL/pull/2419) #### Security Advisories - [GHSA-r7g8-3fj7-m5qq - Authorization bypass: CLI API sessions can import Teleporter archives and modify configuration](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-r7g8-3fj7-m5qq) reported by [@mzalzahrani](https://redirect.github.com/mzalzahrani) - Remote Code Execution (RCE) via Newline Injection in Multiple Configuration Parameters reported by [@T0X1Cx](https://redirect.github.com/T0X1Cx) - [pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c) - [pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp) - [pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m) - [pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj) - [pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj) #### New Contributors - [@aeolio](https://redirect.github.com/aeolio) made their first contribution in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) **Full Changelog**: <pi-hole/FTL@v6.5...v6.6>  #### What's Changed (Web v6.5) - Amend teleporter help text that the long-term data is not included by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3721](https://redirect.github.com/pi-hole/web/pull/3721) - Do not use 3 columns when boxed layout is used by [@rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3722](https://redirect.github.com/pi-hole/web/pull/3722) - Use <kbd>ENTER</kbd> instead of <kbd>⏎</kbd> by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3727](https://redirect.github.com/pi-hole/web/pull/3727) - Don't link to github releases if docker tag is nightly by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3718](https://redirect.github.com/pi-hole/web/pull/3718) - Do not try to compare component version when remote version info is not available by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3729](https://redirect.github.com/pi-hole/web/pull/3729) - Show loading overlay when adding/removing CNAME records as it requires a FTL restart by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3742](https://redirect.github.com/pi-hole/web/pull/3742) - fix: check on responseJSON when wrong password by [@guybrush2105](https://redirect.github.com/guybrush2105) in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) - Remove the loggingButton from Settings > System > Actions by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3747](https://redirect.github.com/pi-hole/web/pull/3747) #### Security Advisories - Multiple Stored HTML Injections and XSS in different web interface pages reported by [@andrejtomci](https://redirect.github.com/andrejtomci) - [GHSA-jx8x-mj2r-62vq - Stored HTML Injection in queries.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-jx8x-mj2r-62vq) - [GHSA-9rfm-c5g6-538p - Stored HTML attribute injection](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-9rfm-c5g6-538p) - [GHSA-px6w-85wp-ww9v - Stored XSS / HTML injection in the Network page/Dashboard](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-px6w-85wp-ww9v) - [GHSA-7xqw-r9pr-qv59 - Reflected XSS / HTML injection in taillog.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-7xqw-r9pr-qv59) (Also reported by [@n1rwhex](https://redirect.github.com/n1rwhex) and [@mzalzahrani](https://redirect.github.com/mzalzahrani)) #### New Contributors - [@guybrush2105](https://redirect.github.com/guybrush2105) made their first contribution in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) **Full Changelog**: <pi-hole/web@v6.4.1...v6.5>  #### What's Changed (Core v6.4.1) - Remove additional ':' from debug log system time output by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6551](https://redirect.github.com/pi-hole/pi-hole/pull/6551) - Remove `readonly` from piholeNetworkFlush.sh to avoid error message by [@rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/pi-hole#6554](https://redirect.github.com/pi-hole/pi-hole/pull/6554) - Add antigravity index by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/pi-hole#6573](https://redirect.github.com/pi-hole/pi-hole/pull/6573) - Fix return status capture of FTL check\_download exists by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6572](https://redirect.github.com/pi-hole/pi-hole/pull/6572) - Remove misleading TODO comment for SetWebPassword by [@10adnan75](https://redirect.github.com/10adnan75) in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) #### Security Advisories - [GHSA-c935-8g63-qp74 – Local Privilege Escalation](https://redirect.github.com/pi-hole/pi-hole/security/advisories/GHSA-c935-8g63-qp74) reported by [@smittix](https://redirect.github.com/smittix) #### New Contributors - [@10adnan75](https://redirect.github.com/10adnan75) made their first contribution in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) - [@Copilot](https://redirect.github.com/Copilot) made their first contribution in [pi-hole/pi-hole#6580](https://redirect.github.com/pi-hole/pi-hole/pull/6580) **Full Changelog**: <pi-hole/pi-hole@v6.4...v6.4.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/bigbeartechworld/big-bear-universal-apps).

…ag to v2026.04.0 This PR contains the following updates: | Package | Update | Change | |---|---|---| | [bigbeartechworld/big-bear-pihole-unbound](https://redirect.github.com/pi-hole/docker-pi-hole) | minor | `2026.02.0` → `2026.04.0` | --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (bigbeartechworld/big-bear-pihole-unbound)</summary> ### [`v2026.04.0`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.04.0) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0)  #### What's Changed (Docker Specific - all related to CI/build) - Group dependabot PRs to reduce PR spam by [@yubiuser](https://redirect.github.com/yubiuser) in [#2004](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2004) - ci: switch image publishing to docker/github-builder by [@crazy-max](https://redirect.github.com/crazy-max) in [#2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - Readme Rework by [@PromoFaux](https://redirect.github.com/PromoFaux) in [#1958](https://redirect.github.com/pi-hole/docker-pi-hole/pull/1958) - Replace Python test suite with BATS and consolidate workflows by [@PromoFaux](https://redirect.github.com/PromoFaux) in [#2009](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2009) - Add timeout to curl command in branch validation by [@RynoCODE](https://redirect.github.com/RynoCODE) in [#2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - Use bats-assert library functions in BATS test suite by [@Copilot](https://redirect.github.com/Copilot) in [#2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) - ci: run build job on pull request event by [@crazy-max](https://redirect.github.com/crazy-max) in [#2021](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2021) - Update github-builder to v1.5.0 and enable fail-fast by [@yubiuser](https://redirect.github.com/yubiuser) in [#2022](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2022) #### New Contributors - [@crazy-max](https://redirect.github.com/crazy-max) made their first contribution in [#2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - [@RynoCODE](https://redirect.github.com/RynoCODE) made their first contribution in [#2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - [@Copilot](https://redirect.github.com/Copilot) made their first contribution in [#2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) **Full Changelog**: <pi-hole/docker-pi-hole@2026.02.0...2026.04.0> #### Component Release Notes  #### What's Changed (FTL v6.6) - Fix possible resolver issue on armv5tel by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2781](https://redirect.github.com/pi-hole/FTL/pull/2781) - Introduce CMake options for optional dependencies by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) - Fix build without mbedtls \[v2] by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2796](https://redirect.github.com/pi-hole/FTL/pull/2796) - Fix overTime data when database.DBimport = false by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2788](https://redirect.github.com/pi-hole/FTL/pull/2788) - Fix cross-compilation issues w/ custom toolchain by [@aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2797](https://redirect.github.com/pi-hole/FTL/pull/2797) - Add new option for controling name resolution via MAC address by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2790](https://redirect.github.com/pi-hole/FTL/pull/2790) - Fix obtaining client groups by name by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2791](https://redirect.github.com/pi-hole/FTL/pull/2791) - Ensure API sessions are restored before starting the HTTP server by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2803](https://redirect.github.com/pi-hole/FTL/pull/2803) - Add form-action 'self' to Content-Security-Policy by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2804](https://redirect.github.com/pi-hole/FTL/pull/2804) - Add query\_frequency to /padd endpoint by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2806](https://redirect.github.com/pi-hole/FTL/pull/2806) - Guard query-count counters against unsigned underflow by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2815](https://redirect.github.com/pi-hole/FTL/pull/2815) - Add universal crash backtrace via \_Unwind\_Backtrace by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2811](https://redirect.github.com/pi-hole/FTL/pull/2811) - config: show totp\_secret presence in CLI output by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2813](https://redirect.github.com/pi-hole/FTL/pull/2813) - Fix client count inflation for rate-limited queries by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2814](https://redirect.github.com/pi-hole/FTL/pull/2814) - Fix stack buffer overflow in get\_process\_name() by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2821](https://redirect.github.com/pi-hole/FTL/pull/2821) - Do not restart FTL while `pihole -g` is still ongoing by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2419](https://redirect.github.com/pi-hole/FTL/pull/2419) #### Security Advisories - [GHSA-r7g8-3fj7-m5qq - Authorization bypass: CLI API sessions can import Teleporter archives and modify configuration](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-r7g8-3fj7-m5qq) reported by [@mzalzahrani](https://redirect.github.com/mzalzahrani) - Remote Code Execution (RCE) via Newline Injection in Multiple Configuration Parameters reported by [@T0X1Cx](https://redirect.github.com/T0X1Cx) - [pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c) - [pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp) - [pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m) - [pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj) - [pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj) #### New Contributors - [@aeolio](https://redirect.github.com/aeolio) made their first contribution in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) **Full Changelog**: <pi-hole/FTL@v6.5...v6.6>  #### What's Changed (Web v6.5) - Amend teleporter help text that the long-term data is not included by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3721](https://redirect.github.com/pi-hole/web/pull/3721) - Do not use 3 columns when boxed layout is used by [@rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3722](https://redirect.github.com/pi-hole/web/pull/3722) - Use <kbd>ENTER</kbd> instead of <kbd>⏎</kbd> by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3727](https://redirect.github.com/pi-hole/web/pull/3727) - Don't link to github releases if docker tag is nightly by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3718](https://redirect.github.com/pi-hole/web/pull/3718) - Do not try to compare component version when remote version info is not available by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3729](https://redirect.github.com/pi-hole/web/pull/3729) - Show loading overlay when adding/removing CNAME records as it requires a FTL restart by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3742](https://redirect.github.com/pi-hole/web/pull/3742) - fix: check on responseJSON when wrong password by [@guybrush2105](https://redirect.github.com/guybrush2105) in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) - Remove the loggingButton from Settings > System > Actions by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3747](https://redirect.github.com/pi-hole/web/pull/3747) #### Security Advisories - Multiple Stored HTML Injections and XSS in different web interface pages reported by [@andrejtomci](https://redirect.github.com/andrejtomci) - [GHSA-jx8x-mj2r-62vq - Stored HTML Injection in queries.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-jx8x-mj2r-62vq) - [GHSA-9rfm-c5g6-538p - Stored HTML attribute injection](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-9rfm-c5g6-538p) - [GHSA-px6w-85wp-ww9v - Stored XSS / HTML injection in the Network page/Dashboard](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-px6w-85wp-ww9v) - [GHSA-7xqw-r9pr-qv59 - Reflected XSS / HTML injection in taillog.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-7xqw-r9pr-qv59) (Also reported by [@n1rwhex](https://redirect.github.com/n1rwhex) and [@mzalzahrani](https://redirect.github.com/mzalzahrani)) #### New Contributors - [@guybrush2105](https://redirect.github.com/guybrush2105) made their first contribution in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) **Full Changelog**: <pi-hole/web@v6.4.1...v6.5>  #### What's Changed (Core v6.4.1) - Remove additional ':' from debug log system time output by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6551](https://redirect.github.com/pi-hole/pi-hole/pull/6551) - Remove `readonly` from piholeNetworkFlush.sh to avoid error message by [@rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/pi-hole#6554](https://redirect.github.com/pi-hole/pi-hole/pull/6554) - Add antigravity index by [@DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/pi-hole#6573](https://redirect.github.com/pi-hole/pi-hole/pull/6573) - Fix return status capture of FTL check\_download exists by [@yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6572](https://redirect.github.com/pi-hole/pi-hole/pull/6572) - Remove misleading TODO comment for SetWebPassword by [@10adnan75](https://redirect.github.com/10adnan75) in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) #### Security Advisories - [GHSA-c935-8g63-qp74 – Local Privilege Escalation](https://redirect.github.com/pi-hole/pi-hole/security/advisories/GHSA-c935-8g63-qp74) reported by [@smittix](https://redirect.github.com/smittix) #### New Contributors - [@10adnan75](https://redirect.github.com/10adnan75) made their first contribution in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) - [@Copilot](https://redirect.github.com/Copilot) made their first contribution in [pi-hole/pi-hole#6580](https://redirect.github.com/pi-hole/pi-hole/pull/6580) **Full Changelog**: <pi-hole/pi-hole@v6.4...v6.4.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/bigbeartechworld/big-bear-universal-apps).

DL6ER requested a review from a team as a code owner March 20, 2026 13:07

DL6ER added Enhancement Debugging labels Mar 20, 2026

DL6ER force-pushed the new/backtraces branch from 8149f07 to e112815 Compare March 20, 2026 13:09

DL6ER force-pushed the new/backtraces branch from e112815 to 227b695 Compare March 20, 2026 13:11

github-advanced-security AI found potential problems Mar 20, 2026

View reviewed changes

Comment thread src/signals.c Dismissed

Comment thread src/signals.c Dismissed

DL6ER mentioned this pull request Mar 20, 2026

v6.5: Crash due to segmentation fault #2783

Closed

rdwebdesign previously approved these changes Mar 20, 2026

View reviewed changes

Add autocompletion for the new commands

b5e9f1a

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>

rdwebdesign force-pushed the new/backtraces branch from 0f2149f to b5e9f1a Compare March 20, 2026 17:47

rdwebdesign approved these changes Mar 20, 2026

View reviewed changes

DL6ER merged commit 11c2aa9 into development Mar 20, 2026
18 checks passed

DL6ER deleted the new/backtraces branch March 20, 2026 19:20

PromoFaux mentioned this pull request Apr 2, 2026

Pi-hole FTL v6.6 #2825

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add universal crash backtrace via _Unwind_Backtrace#2811

Add universal crash backtrace via _Unwind_Backtrace#2811
DL6ER merged 2 commits into
developmentfrom
new/backtraces

DL6ER commented Mar 20, 2026

Uh oh!

Uh oh!

Uh oh!

rdwebdesign left a comment

Uh oh!

Uh oh!

pralor-bot commented Apr 3, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Uh oh!

Conversation

DL6ER commented Mar 20, 2026

What does this implement/fix?

Checklist:

Uh oh!

Uh oh!

Uh oh!

rdwebdesign left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

pralor-bot commented Apr 3, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants