Bug 218745 - dig +trace segfault when primary dns is down
Summary: dig +trace segfault when primary dns is down
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: bind
Version: 6
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Adam Tkac
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-12-07 09:07 UTC by Edouard Bourguignon
Modified: 2013-04-30 23:34 UTC (History)
2 users (show)

Fixed In Version: 9.3.4-1.fc6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-02-15 16:03:06 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Edouard Bourguignon 2006-12-07 09:07:56 UTC 
Description of problem:

When primary dns listed in your resolv.conf is down, asking dig to make some
trace on any domains ends on a segmentation fault

Version-Release number of selected component (if applicable):

$ rpm -q bind-utils
bind-utils-9.3.3-6.fc6

How reproducible:

seems static

Steps to Reproduce:
1. add a false nameserver on the top of resolv.conf (to fake a dns down)
2. dig www.yahoo.fr +trace
3. seems dig is waiting for something just after printing a few trace, and then
seg fault
  
Actual results:

segmentation fault

Expected results:

should end normally

Additional info:

occurs on x86 and x86_64
Comment 1 Edouard Bourguignon 2006-12-08 09:11:17 UTC 
what i get in gdb:

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1208091760 (LWP 3795)]
0x00f3de5a in send_done (_task=0x970d450, event=0x97583a8) at dighost.c:1900
1900                    ISC_LIST_DEQUEUE(sevent->bufferlist, b, link);


I also have a core dumped if you want
Comment 2 Martin Stransky 2006-12-08 09:19:37 UTC 
Yes, it could be useful, thanks.
Comment 3 Edouard Bourguignon 2006-12-14 07:46:07 UTC 
core dumped is too big (31MB) I put it there:
http://bohort.ouam.fr/~madko/core.3808
Comment 4 Curtis Doty 2006-12-21 18:01:19 UTC 
Possibly related... I was doing a dig +trace on a rarely-used example.com domain
and it also segfaulted after a few second pause waiting for the display of the
*.GTLD-SERVERS.NET (third) response.

bind-utils-9.3.3-0.1.rc3.fc6.x86_64

The segfault wasn't reproducible so I didn't log it at the time, but today I see
something that may help in troubleshooting if these symptoms are related.

Dec 19 18:25:59 twiki kernel: dig[21310]: segfault at 000000000000001f rip
000055555555ec78 rsp 0000000040a000c0 error 6
Comment 5 Curtis Doty 2006-12-27 04:09:10 UTC 
Same server, different day, different +trace, same result:
Dec 26 20:00:59 twiki kernel: dig[25331]: segfault at 000000000000001f rip
000055555555ec78 rsp 0000000040a000c0 error 6

/etc/resolv.conf has two nameservers; first is localhost, second is on the wire

Both times:
 - successful reply for . from localhost
 - successful reply for TLD from a ROOT-SERVER
 - ~2 second pause, then segfault (waiting for a GTLD-SERVER)
Comment 6 Adam Tkac 2007-02-01 14:04:19 UTC 
I'm able to reproduce this bug with bind-utils-9.3.3-6.fc6 but not with
bind-utils-9.3.4-1.fc6 . Could you please update to 9.3.4-1.fc6 >= and send me
your test results? (If sigfault reoccurs)

Thanks, Adam
Comment 7 Adam Tkac 2007-02-15 16:03:06 UTC 
No response, bug looks fixed now (comment #6). If this problem still exists
please reopen this bug

Regards, Adam
Note You need to log in before you can comment on or make changes to this bug.