Skip to content

dig crashes when interrupted while waiting for TCP response

Summary

dig crashes when interrupted while waiting for TCP response

BIND version used

Steps to reproduce

SIGINT dig while it's waiting for TCP response. 💥

  1. Run python3 tcphang.py
  2. Run dig -d 99 +tcp @127.0.0.1 .
  3. SIGINT dig before it timeouts

(timeout --signal=SIGINT 1 dig -d 99 +tcp @127.0.0.1 . to do that in one go)

What is the current bug behavior?

dighost.c:1683: INSIST(query->readhandle == ((void *)0)) failed, back trace
(gdb) bt
#0  0x00007ffff6b15d22 in raise () from /usr/lib/libc.so.6
#1  0x00007ffff6aff862 in abort () from /usr/lib/libc.so.6
#2  0x00007ffff7a514b5 in isc_assertion_failed (file=0x55555557605c "dighost.c", line=1683, 
    type=isc_assertiontype_insist, cond=0x5555555770b8 "query->readhandle == ((void *)0)") at assertions.c:48
#3  0x0000555555567cf0 in _query_detach (queryp=0x7fffffffe5d8, file=0x55555557605c "dighost.c", line=4216)
    at dighost.c:1683
#4  0x0000555555571c3b in cancel_all () at dighost.c:4216
#5  0x0000555555562bc9 in dig_shutdown () at dig.c:2946
#6  0x0000555555562c2f in main (argc=4, argv=0x7fffffffe748) at dig.c:2957

What is the expected correct behavior?

Obviously, it should not crash.

Relevant configuration files

None, I believe.

Relevant logs and/or screenshots

``` $ timeout --signal=SIGINT 1 /tmp/main/bin/dig -d 99 +tcp @127.0.0.1 . setup_libs() setup_system() create_search_list() ndots is 1. timeout is 0. retries is 3. get_server_list() make_server(127.0.0.111) dig_query_setup parse_args() making new lookup make_empty_lookup() make_empty_lookup() = 0x7fd7117c0000->references = 1 digrc (open) main parsing -d main parsing 99 clone_lookup() make_empty_lookup() make_empty_lookup() = 0x7fd7117c1800->references = 1 clone_server_list() looking up 99 main parsing +tcp main parsing @127.0.0.1 make_server(127.0.0.1) main parsing . clone_lookup() make_empty_lookup() make_empty_lookup() = 0x7fd7117c3000->references = 1 clone_server_list() looking up . dig_startup() lock_lookup dighost.c:4186 success start_lookup() setup_lookup(0x7fd7117c1800) resetting lookup counter. using root origin recursive query AD query add_question() starting to render the message add_opt() done rendering create query 0x7fd710835000 linked to lookup 0x7fd7117c1800 dighost.c:2083:lookup_attach(0x7fd7117c1800) = 2 dighost.c:2587:new_query(0x7fd710835000) = 1 do_lookup() start_tcp(0x7fd710835000) dighost.c:2693:query_attach(0x7fd710835000) = 2 query->servname = 127.0.0.1

unlock_lookup dighost.c:4188 tcp_connected() tcp_connected(0x7fd710813300, success, 0x7fd710835000) lock_lookup dighost.c:3231 success dighost.c:3232:lookup_attach(0x7fd7117c1800) = 3 launch_next_query() dighost.c:3127:lookup_attach(0x7fd7117c1800) = 4 recvcount=1 have local timeout of 10000 dighost.c:3148:query_attach(0x7fd710835000) = 3 sending a request in launch_next_query dighost.c:3179:query_attach(0x7fd710835000) = 4 sendcount=1 dighost.c:3202:lookup_detach(0x7fd7117c1800) = 3 dighost.c:1676:query_detach(0x7fd710835000) = 3 dighost.c:3303:query_detach(0x7fd710835000) = 2 dighost.c:3304:lookup_detach(0x7fd7117c1800) = 2 unlock_lookup dighost.c:3305 send_done(0x7fd710813300, success, 0x7fd710835000) sendcount=0 lock_lookup dighost.c:2615 success dighost.c:2629:lookup_attach(0x7fd7117c1800) = 3 dighost.c:2648:query_detach(0x7fd710835000) = 1 dighost.c:2649:lookup_detach(0x7fd7117c1800) = 2 check_if_done() list full pending lookup 0x7fd7117c3000 unlock_lookup dighost.c:2652 destroy_lookup cancel_all() lock_lookup dighost.c:4202 success canceling pending query 0x7fd710835000, belonging to 0x7fd7117c1800 dighost.c:4216:query_detach(0x7fd710835000) = 0 dighost.c:1683: INSIST(query->readhandle == ((void *)0)) failed, back trace /tmp/main/lib/libisc-9.17.20.so(+0x4059d)[0x7fd7152cd59d] recv_done(0x7fd710813300, end of file, 0x7fd711579d90, 0x7fd710835000) lock_lookup dighost.c:3579 /tmp/main/lib/libisc-9.17.20.so(isc_assertion_failed+0x31)[0x7fd7152cd4b0] /tmp/main/bin/dig(+0x13cf0)[0x55d41bb0fcf0] /tmp/main/bin/dig(+0x1dc3b)[0x55d41bb19c3b] /tmp/main/bin/dig(+0xebc9)[0x55d41bb0abc9] /tmp/main/bin/dig(+0xec2f)[0x55d41bb0ac2f] /usr/lib/libc.so.6(__libc_start_main+0xd5)[0x7fd71437cb25] /tmp/main/bin/dig(+0x5e9e)[0x55d41bb01e9e] timeout: the monitored command dumped core

</details>

### Possible fixes

(If you can, link to the line of code that might be responsible for the
problem.)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information