"stale-answer-client-timeout" > 0 can cause crashes when prefetch is enabled
named can crash in the following scenario:
stale-answer-client-timeoutis set to a positive value and that in the course of resolving a
cname.example/Aquery, the following records were cached:
cname.example. CNAME a.example. ; TTL=10 a.example. A 192.0.2.1 ; TTL=12
10 seconds pass, causing the relevant cache contents to become:
cname.example. CNAME a.example. ; expired a.example. A 192.0.2.1 ; TTL=2
The resolver is queried for
cname.example/CNAMEis expired, so recursion starts. As a part of this process, the
DNS_FETCHOPT_TRYSTALE_ONTIMEOUTflag is set in
The authoritative response for
a.example/Aexpires from the cache.
Query processing is restarted for
a.example/A(the CNAME target).
a.example/Ais found in the cache with a positive TTL which falls below the default prefetch trigger (2 seconds).
A prefetch for
a.example/Ais started with
DNS_FETCHOPT_TRYSTALE_ONTIMEOUTstill being set. This causes the "try stale" timer to be started for the prefetch query.
No response to the prefetch query arrives before the "try stale" timeout fires.
prefetch_done()is called and is passed an event of type
REQUIRE(event->ev_type == DNS_EVENT_FETCHDONE);assertion fails, causing