weird 8.2.1 crash
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Mon Aug 9 21:03:31 UTC 1999
Fixed in the 8.2.2-T1A.
Mark
> One of our 8.2.1 name servers died with a weird SIGSEGV error when it
> was doing its nightly "ndc reload" to cycle all its log files. The
> core dump doesn't make a lot of sense to me.
>
> (gdb) where
> #0 0x805a06e in ns_init (conffile=0x80d0002 "/etc/named.conf")
> at ns_init.c:172
> #1 0x8060750 in ns_reconfig () at ns_maint.c:1576
> #2 0x805e0df in handle_need () at ns_main.c:2599
> #3 0x805b1fd in main (argc=1, argv=0x8047c98, envp=0x8047c9c) at ns_ma
> in.c:517
> #4 0xa0000479 in ?? ()
> (gdb) p nzones
> $8 = 135610368
> (gdb) p *zp
> $9 = {z_origin = 0x80dd3da "89.161.in-addr.arpa", z_time = 0,
> z_lastupdate = 0, z_refresh = 0, z_retry = 3600, z_expire = 604800,
> z_minimum = 86400, z_serial = 1999080600,
> .....
> z_fwdtab = 0x0, z_freelink = {prev = 0x0, next = 0x8121f30}, z_reloadl
> ink = {
> prev = 0x0, next = 0xffffffff}}
>
> Has anyone got an idea how nzones got to >> 135 million? There are
> only 784 zones in its named.conf.
>
> (gdb) p reloadingzones
> $10 = {head = 0x0, tail = 0x3500}
> (gdb) p freezones
> $11 = {head = 0x0, tail = 0x3780dc31}
>
> More worryingly, how come both reloadingzones and freezones ended up
> with null pointers at the head of their lists? => null pointer derefs
> => SIGSEGV? The addresses of the tail pointers in those lists look
> wacky too: as well as having suspicious alignment, they seem to be in
> the text segment of named's address space rather than the data
> segment.
>
> I see the same weirdness with nzones and these two lists when I gdb a
> gcore'd dump of the restarted name server. However when I take a copy
> of the operational server's named.conf to a test system, fire up named
> and gcore that, a cursory glance suggests the data structs look OK:
>
> # gdb named test-server-gcore.dump
> ...
> Core was generated by `named'.
> #0 0xa0025961 in ?? ()
> (gdb) p nzones
> $1 = 832
> (gdb) p freezones
> $2 = {head = 0x8194184, tail = 0x8197bbc}
> (gdb) p reloadingzones
> $3 = {head = 0x0, tail = 0x0}
>
> Any clues or constructive suggestions are welcome. :-)
>
> FWIW, my test and operational systems run the same OS (BSD/OS4.0) and
> 8.2.1 name server executables.
>
>
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-workers
mailing list