[823] forwarder setting with NetBSD/sparc
Jun-ichiro itojun Hagino
itojun at iijlab.net
Mon Feb 5 05:57:56 UTC 2001
with BIND823 on on NetBSD/sparc, there are problem reports like this:
http://www.NetBSD.org/cgi-bin/query-pr-single.pl?number=12128
to sumamrize, if we set multiple forwarders into named.conf, named
will coredump. (there's some report that it does not happen on i386).
i looked at the code briefly, and found a possible source of problem.
it would be good if you can check if my reasoning is correct.
global variable fwddata[] keeps the all list forwarder data,
created in find_forwarder(). fwddata->ref_count (in struct fwddata)
does not count the pointer from fwddata.
when ftp->fwddata->ref_count reaches 0, we free ftp->fwddata
(ns_config.c near line 2400). we do not cleanup pointers from
fwddata[] for this particular item, therefore, we leave a dangling
pointer in fwddata[].
next time we visit find_forwarder(), we have possibility to touch
dangling pointer in fwddata[]. the pointer would be returned to
the caller of find_forwarder if we are (un)lucky, and the pointer
will be kept into ftp->fwddata. when the region gets reused, we will
see coredump.
solution would be to cleanup pointer from fwddata[], when a fwddata
item goes away.
itojun
More information about the bind-workers
mailing list