Memory leak cause of Comcast DNS problems

Martin J. Levy mahtin at mahtin.com
Sun Apr 17 19:35:21 UTC 2005


Steve (and all),

>At least in my neighborhood, Comcast appears to be running BIND 9.2.4rc6

Ah... Then there are to possible paths...

1) There was a real memory-leak bug and this was an unfortunate operations event.  The CHANGES file for 9.3.1 and bind-9.2.5rc1 show various big fixes related to memory leak issues.  I leave it to someone else to comment on the potential of being tickled within a Comcast environment.

 -or- (And on a much more cynical note.)

2) Someone checked the latest CHANGES file for bind and realized that saying it was a memory leak was a good cover (see quick pseudo-grep of file below.  Note that not all the bug's affect the running bind name server code).

Whichever it was, I wonder how it could affect so many name servers at only one provider and all at the same time.  This is just plain strange.  I would have thought that best practices for a DNS service would recommend staggered upgrades, heck, even forced different s/w releases.  etc. etc.

Martin

---------------------------------------
 awk '
 /^      --- 9\.2\.[0123][^ ]* released ---/ { print; exit; }
 /^      --- [^ ]* released ---/ { print; next; }
 /^[     ]*$/ { if (memory) { print all; } all = ""; memory = 0; next; }
 /[mM]emory/ { memory = 1; }
  { all = all "\n" $0; next }
 ' < bind-9.3.1/CHANGES
---------------------------------------

        --- 9.3.1 released ---
        --- 9.3.1rc1 released ---
        --- 9.3.1beta2 released ---
        --- 9.3.1beta1 released ---
        --- 9.3.0 released ---
        --- 9.3.0rc4 released ---
        --- 9.3.0rc3 released ---
        --- 9.3.0rc2 released ---

1683.   [bug]           dig +sigchase could leak memory. [RT #11445]
        --- 9.3.0rc1 released ---

1643.   [bug]           dns_db_closeversion() could leak memory / node
                        references. [RT #11163]
        --- 9.3.0beta4 released ---

1635.   [bug]           Memory leak on error in query_addds().
        --- 9.3.0beta3 released ---

1599.   [bug]           Fix memory leak on error path when checking named.conf.
        --- 9.3.0beta2 released ---
        --- 9.3.0beta1 released ---

1562.   [bug]           isc_socket_create() and isc_socket_accept() could
                        leak memory under error conditions. [RT #10230]

1561.   [bug]           It was possible to release the same name twice if
                        named ran out of memory. [RT #10197]

1547.   [bug]           Named wasted memory recording duplicate lame zone
                        entries. [RT #9341]

1545.   [bug]           It was possible to leak memory if named was unable to
                        bind to the specified transfer source and TSIG was
                        being used. [RT #10120]

1364.   [func]          Log file name when unable to open memory statistics
                        and dump database files. [RT# 3437]

1235.   [func]          Report 'out of memory' errors from openssl.

1143.   [bug]           When a trusted-keys statement was present and named
                        was built without crypto support, it would leak memory.

 982.   [func]          If "memstatistics-file" is set in options the memory
                        statistics will be written to it.
        --- 9.2.3rc1 released ---




More information about the NANOG mailing list