From nobody Thu Feb 03 18:35:13 2022
X-Original-To: bugs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id F2663193C89F
	for <bugs@mlmmj.nyi.freebsd.org>; Thu,  3 Feb 2022 18:35:13 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4JqS5Y4FfXz4WcB
	for <bugs@FreeBSD.org>; Thu,  3 Feb 2022 18:35:13 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 734521D11D
	for <bugs@FreeBSD.org>; Thu,  3 Feb 2022 18:35:13 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 213IZDH6033499
	for <bugs@FreeBSD.org>; Thu, 3 Feb 2022 18:35:13 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 213IZDYV033498
	for bugs@FreeBSD.org; Thu, 3 Feb 2022 18:35:13 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 261694] jail getaddrinfo recvfrom hangs 5 seconds and returns
 "Name does not resolve"
Date: Thu, 03 Feb 2022 18:35:13 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: bin
X-Bugzilla-Version: 12.2-RELEASE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: igor.polovykh@gmail.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
Message-ID: <bug-261694-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-bugs
List-Help: <mailto:freebsd-bugs+help@freebsd.org>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Subscribe: <mailto:freebsd-bugs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-bugs+unsubscribe@freebsd.org>
Sender: owner-freebsd-bugs@freebsd.org
MIME-Version: 1.0
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1643913313;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=5OlieD4j0r508yYsi2Zhyjmz9sk8k4WSOdSQkJ3LAlM=;
	b=tvDtaj+F/rkWwfq8TKzef48ZjCd9Zqq3Cgmt+QpHaeYXW9KQHZZ9SxDssy21pcwWV4+UNf
	5041TapkK2ZLJRk1ajhK/I1S9oAs5a3MvVSdFmxb380TYG0wbN7H5ZU6yeU91XMK55pGxo
	DxzHMqDI/ssoA5Tb/8JziHmuAWGQE66UzDg1tZjLSEkmmRs1u762GXOlSt9HbsPtvaGdWm
	GDGUGxcvuhDAh1402CdOsh3o//yHQ8esMiNbDbRdqZx4+sSEDtA8MhRYV7enVpnUY9LImo
	wik6tzue4DX2hSoyHzt1DcLTZn9ultb/CsgNQG7PhkNLvLVAKsvfnuVIkhZEzA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1643913313; a=rsa-sha256; cv=none;
	b=YJ6dB6ibuEhbazgi/kPHtKc8R81y9k2gQf3eFNhaBL33thuea2PLQ14pv39iYrOuYb1o3Q
	e9oPLHXJtMZ9Ouork6e2GW72JIrp0IHB1Xy9pUskHziXeI0GZLVtqXuINXM2neCftHXRS3
	mz0ctO6G2zQteu9pADrVRxjPDlfjzOefKFgOnWGZ2l1MDBWocsqrRxDJrlbo0N6knTKmaj
	5hBne9ynkLuv22E4FxCtkeHKwWkaV30u/zsi2jS8I1tRkAm4gQ/jw6YuiWMPHgAXlvJ6Ll
	tL4A/HTSCYyPXcpJkkQCbF/cGFFSJyS3cOemdZxz1joUYUdgvCMIpU2hryAscw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261694

            Bug ID: 261694
           Summary: jail getaddrinfo recvfrom hangs 5 seconds and returns
                    "Name does not resolve"
           Product: Base System
           Version: 12.2-RELEASE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: igor.polovykh@gmail.com

[root:~]# uname -a
FreeBSD hostname 12.2-RELEASE-p10 FreeBSD 12.2-RELEASE-p10
12803d8a99c(releng/12.2) CUSTOM amd64


on host machine:

# ifconfig
em0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 1 mtu 1500
=20=20=20=20=20=20=20
options=3D81249b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LRO,WOL_=
MAGIC,VLAN_HWFILTER>
        ether 00:1b:21:d2:a5:b3
        inet 176.124.147.86 netmask 0xffffffc0 broadcast 176.124.147.127
        media: Ethernet 1000baseT (1000baseT <full-duplex>)
        status: active
        nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
em1: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
=20=20=20=20=20=20=20
options=3D81209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGI=
C,VLAN_HWFILTER>
        ether 90:e2:ba:80:fc:a7
        inet 10.108.1.1 netmask 0xffffff00 broadcast 10.108.1.255
        inet 10.108.1.12 netmask 0xffffffff broadcast 10.108.1.12
        media: Ethernet 1000baseT (1000baseT <full-duplex>)
        status: active
        nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
...

# cat /etc/jail.conf
ds {
        host.hostname =3D "ds";                 # Hostname
        ip4.addr =3D "10.108.1.12";             # IP address of the jail
        interface =3D "em1";
        exec.prestart =3D "";
        exec.poststop =3D "";
}

[root:~]# ipfw show
00100 4008317 3317890748 reass ip from any to any via em0
00200       0          0 check-state :default
00300 1433928  714756256 allow ip from any to any via em1
00400       0          0 allow ip from any to any via em2
00500  150274   42378685 allow ip from any to any via em3
00600       0          0 allow ip from any to any via em4
00700 1229804  474111138 allow ip from any to any via lo0
00800       2         92 nat 100 ip from 10.108.1.12 to any via em0
00900       0          0 allow ip from any to any frag
01000       0          0 deny ip from any to any not verrevpath via em0
01100       0          0 deny ip from any to any not antispoof via em0
01200    1577      85211 allow icmp from any to any
01300     124       6997 allow tcp from any to me 21 setup keep-state :defa=
ult
01400    1127      61223 allow tcp from any to me 40000-50000 setup keep-st=
ate
:default
01500     203      19907 allow tcp from any to me 5432 setup keep-state
:default
01600       0          0 allow tcp from 10.0.0.0/8 to me 3306 setup keep-st=
ate
:default
01700     155       9300 deny ip from me to any 25 setup keep-state :default
01800       2         80 deny ip from any to me 25 via em0 keep-state :defa=
ult
01900   11933   11413892 allow tcp from me to any 80,443 setup keep-state
:default
02000     155      18243 allow tcp from any to any 53 setup keep-state :def=
ault
02100   11458    2097558 allow udp from any to any 53 keep-state :default
02200   62610   49601879 allow tcp from any to me 80 setup limit src-addr 1=
08
:default
02300 2336851 2496064782 allow tcp from any to me 443 setup limit src-addr =
108
:default
02400    1685    1886569 allow tcp from any to me 8888 setup limit src-addr=
 108
:default
02500      29       1376 allow tcp from any to me 108,22 setup keep-state
:default
02600       0          0 allow udp from me to any 123 keep-state :default
02700       0          0 deny ip from any to 0.0.0.0/8 via em0
02800       0          0 deny ip from any to 169.254.0.0/16 via em0
02900       0          0 deny ip from any to 192.0.2.0/24 via em0
03000       0          0 deny ip from any to 224.0.0.0/4 via em0
03100    7547     882381 deny ip from any to 240.0.0.0/4 via em0
03200       0          0 deny ip from table(0) to any
03300       0          0 deny log logamount 500 ip from me to table(1)
03400 1573073  755750158 nat 100 ip from any to any via em0
03500       0          0 deny log logamount 100000 ip from any to any
65535      14       1866 allow ip from any to any

[root:~]# sockstat -l4 | grep 53
unbound  unbound    83079 3  udp4   10.108.1.1:53         *:*
unbound  unbound    83079 4  tcp4   10.108.1.1:53         *:*
unbound  unbound    83079 5  udp4   10.108.1.12:53        *:*=20
<------------------
unbound  unbound    83079 6  tcp4   10.108.1.12:53        *:*
unbound  unbound    83079 7  udp4   10.108.2.1:53         *:*
unbound  unbound    83079 8  tcp4   10.108.2.1:53         *:*
unbound  unbound    83079 9  udp4   10.108.3.1:53         *:*
unbound  unbound    83079 10 tcp4   10.108.3.1:53         *:*
unbound  unbound    83079 15 udp4   127.0.0.1:53          *:*
unbound  unbound    83079 16 tcp4   127.0.0.1:53          *:*
unbound  unbound    83079 17 udp4   10.108.4.1:53         *:*
unbound  unbound    83079 18 tcp4   10.108.4.1:53         *:*
unbound  unbound    83079 20 tcp4   127.0.0.1:8953        *:*
nsd      nsd        82197 5  udp4   176.124.147.86:53     *:*
nsd      nsd        82197 6  tcp4   176.124.147.86:53     *:*
nsd      nsd        82196 5  udp4   176.124.147.86:53     *:*
nsd      nsd        82196 6  tcp4   176.124.147.86:53     *:*
nsd      nsd        60237 5  udp4   176.124.147.86:53     *:*
nsd      nsd        60237 6  tcp4   176.124.147.86:53     *:*
nsd      nsd        60236 5  udp4   176.124.147.86:53     *:*
nsd      nsd        60236 6  tcp4   176.124.147.86:53     *:*


inside jail ds:

=E2=9E=9C  / ifconfig
em0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 1 mtu 1500
=20=20=20=20=20=20=20
options=3D81249b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LRO,WOL_=
MAGIC,VLAN_HWFILTER>
        ether 00:1b:21:d2:a5:b3
        media: Ethernet 1000baseT (1000baseT <full-duplex>)
        status: active
em1: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
=20=20=20=20=20=20=20
options=3D81209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGI=
C,VLAN_HWFILTER>
        ether 90:e2:ba:80:fc:a7
        inet 10.108.1.12 netmask 0xffffffff broadcast 10.108.1.12
        media: Ethernet 1000baseT (1000baseT <full-duplex>)
        status: active


=E2=9E=9C  / getaddrinfo ya.ru
getaddrinfo: Name does not resolve
=E2=9E=9C  /=20

result of tcpdump on host machine
# tcpdump -ilo0 port 53
12:32:57.975594 IP 10.108.1.12.57977 > 10.108.1.12.domain: 12187+ A? ya.ru.
(23)
12:32:58.054052 IP 10.108.1.12.domain > 10.108.1.12.57977: 12187 1/0/0 A
87.250.250.242 (39)
12:33:02.982464 IP 10.108.1.12.57977 > 10.108.1.12.domain: 12187+ A? ya.ru.
(23)
12:33:02.982574 IP 10.108.1.12.domain > 10.108.1.12.57977: 12187 1/0/0 A
87.250.250.242 (39)
12:33:13.038802 IP 10.108.1.12.24044 > 10.108.1.12.domain: 35156+ AAAA? ya.=
ru.
(23)
12:33:13.112982 IP 10.108.1.12.domain > 10.108.1.12.24044: 35156 1/0/0 AAAA
2a02:6b8::2:242 (51)
12:33:18.041204 IP 10.108.1.12.24044 > 10.108.1.12.domain: 35156+ AAAA? ya.=
ru.
(23)
12:33:18.041312 IP 10.108.1.12.domain > 10.108.1.12.24044: 35156 1/0/0 AAAA
2a02:6b8::2:242 (51)


This is a truss tracing of execution of getaddrinfo

0.003748492 mmap(0x0,69632,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0=
) =3D
34366791680 (0x8006ba000)
0.003790758 socket(PF_INET,SOCK_DGRAM|SOCK_CLOEXEC,0) =3D 3 (0x3)
0.003823702 connect(3,{ AF_INET 127.0.0.1:53 },16) =3D 0 (0x0)
0.003870634 sendto(3,"\M-l"\^A\0\0\^A\0\0\0\0\0\0\^Bya"...,23,0,NULL,0) =3D=
 23
(0x17)
0.214132672 poll({ 3/POLLRDNORM },1,5000)        =3D 1 (0x1)
0.214170561 recvfrom(3,"\M-l"\M^A\M^@\0\^A\0\^A\0\0\0\0"...,65536,0,{ AF_IN=
ET
10.108.1.12:53 },0x7fffffffcb78) =3D 39 (0x27)  <--------------------------=
------
5.027590716 poll({ 3/POLLRDNORM },1,4789)        =3D 0 (0x0)
5.027711767 sendto(3,"\M-l"\^A\0\0\^A\0\0\0\0\0\0\^Bya"...,23,0,NULL,0) =3D=
 23
(0x17)
5.027788954 poll({ 3/POLLRDNORM },1,10000)       =3D 1 (0x1)
5.027819955 recvfrom(3,"\M-l"\M^A\M^@\0\^A\0\^A\0\0\0\0"...,65536,0,{ AF_IN=
ET
10.108.1.12:53 },0x7fffffffcb78) =3D 39 (0x27)
15.048610172 poll({ 3/POLLRDNORM },1,9999)       =3D 0 (0x0)
15.048707283 close(3)                            =3D 0 (0x0)
15.048752068 socket(PF_INET,SOCK_DGRAM|SOCK_CLOEXEC,0) =3D 3 (0x3)
15.048787800 connect(3,{ AF_INET 127.0.0.1:53 },16) =3D 0 (0x0)
15.048845592 sendto(3,"\M-a\M-s\^A\0\0\^A\0\0\0\0\0\0"...,23,0,NULL,0) =3D =
23
(0x17)
15.057370310 poll({ 3/POLLRDNORM },1,5000)       =3D 1 (0x1)
15.057398968 recvfrom(3,"\M-a\M-s\M^A\M^@\0\^A\0\^A\0\0\0"...,65536,0,{ AF_=
INET
10.108.1.12:53 },0x7fffffffcb78) =3D 51 (0x33)
20.078299792 poll({ 3/POLLRDNORM },1,4991)       =3D 0 (0x0)
20.078428565 sendto(3,"\M-a\M-s\^A\0\0\^A\0\0\0\0\0\0"...,23,0,NULL,0) =3D =
23
(0x17)
20.078507334 poll({ 3/POLLRDNORM },1,10000)      =3D 1 (0x1)
20.078537445 recvfrom(3,"\M-a\M-s\M^A\M^@\0\^A\0\^A\0\0\0"...,65536,0,{ AF_=
INET
10.108.1.12:53 },0x7fffffffcb78) =3D 51 (0x33)
30.096357048 poll({ 3/POLLRDNORM },1,9999)       =3D 0 (0x0)
30.096433347 close(3)                            =3D 0 (0x0)


=E2=9E=9C  / drill ya.ru
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 35596
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; ya.ru.       IN      A

;; ANSWER SECTION:
ya.ru.  485     IN      A       87.250.250.242

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 23 msec
;; SERVER: 127.0.0.1
;; WHEN: Thu Feb  3 12:06:14 2022
;; MSG SIZE  rcvd: 39
=E2=9E=9C  /

result of tcpdump on host machine
# tcpdump -ilo0 port 53
12:49:22.192933 IP 10.108.1.12.27080 > 10.108.1.12.domain: 38718+ A? ya.ru.
(23)
12:49:22.193004 IP 10.108.1.12.domain > 10.108.1.12.27080: 38718 1/0/0 A
87.250.250.242 (39)


This is a truss tracing of execution of drill

0.006090504 mmap(0x0,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0)=
 =3D
34371297280 (0x800b06000)
0.006128069 socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP) =3D 3 (0x3)
0.006180969 sendto(3,"I\M-J\^A\0\0\^A\0\0\0\0\0\0\^Bya"...,23,0,{ AF_INET
127.0.0.1:53 },16) =3D 23 (0x17)
0.027699108 poll({ 3/POLLIN|POLLERR },1,5000)    =3D 1 (0x1)
0.027728641 fcntl(3,F_GETFL,)                    =3D 2 (0x2)
0.027752929 fcntl(3,F_SETFL,O_RDWR|O_NONBLOCK)   =3D 0 (0x0)
0.027778431 mmap(0x0,69632,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0=
) =3D
34371301376 (0x800b07000)
0.027809207 recvfrom(3,"I\M-J\M^A\M^@\0\^A\0\^A\0\0\0\0"...,65535,0,NULL,0x=
0) =3D
39 (0x27)
0.027876694 close(3)                             =3D 0 (0x0)
0.027948126 mmap(0x0,69632,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0=
) =3D
34371371008 (0x800b18000)
0.027995761 access("/etc/localtime",R_OK)        =3D 0 (0x0)
0.028025320 open("/etc/localtime",O_RDONLY,011022134) =3D 3 (0x3)
0.028046004 fstat(3,{ mode=3D-r--r--r-- ,inode=3D3690184,size=3D1518,blksiz=
e=3D4096 })
=3D 0 (0x0)
0.028088605 read(3,"TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0"...,41448) =3D 1518 (0x=
5ee)
0.028133640 close(3)                             =3D 0 (0x0)
0.028163254 mmap(0x0,24576,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0=
) =3D
34371440640 (0x800b29000)
0.028186528 issetugid()                          =3D 0 (0x0)
0.028212318 open("/usr/share/zoneinfo/posixrules",O_RDONLY,00) =3D 3 (0x3)
0.028232102 fstat(3,{ mode=3D-r--r--r-- ,inode=3D3699347,size=3D3519,blksiz=
e=3D4096 })
=3D 0 (0x0)
0.028255601 mmap(0x0,53248,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0=
) =3D
34371465216 (0x800b2f000)
0.028306604 read(3,"TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0"...,41448) =3D 3519 (0x=
dbf)
0.028352460 close(3)                             =3D 0 (0x0)


It does not work sending and connecting outside from jail neither by name n=
or
by ip address. The rest functionality works perfectly.
I can't imagine what is wrong. Perhaps SOCK_CLOEXEC used incorrectly in soc=
ket
function.

--=20
You are receiving this mail because:
You are the assignee for the bug.=