Memory leak cause of Comcast DNS problems
Martin J. Levy
mahtin at mahtin.com
Sun Apr 17 19:35:21 UTC 2005
Steve (and all),
>At least in my neighborhood, Comcast appears to be running BIND 9.2.4rc6
Ah... Then there are to possible paths...
1) There was a real memory-leak bug and this was an unfortunate operations event. The CHANGES file for 9.3.1 and bind-9.2.5rc1 show various big fixes related to memory leak issues. I leave it to someone else to comment on the potential of being tickled within a Comcast environment.
-or- (And on a much more cynical note.)
2) Someone checked the latest CHANGES file for bind and realized that saying it was a memory leak was a good cover (see quick pseudo-grep of file below. Note that not all the bug's affect the running bind name server code).
Whichever it was, I wonder how it could affect so many name servers at only one provider and all at the same time. This is just plain strange. I would have thought that best practices for a DNS service would recommend staggered upgrades, heck, even forced different s/w releases. etc. etc.
Martin
---------------------------------------
awk '
/^ --- 9\.2\.[0123][^ ]* released ---/ { print; exit; }
/^ --- [^ ]* released ---/ { print; next; }
/^[ ]*$/ { if (memory) { print all; } all = ""; memory = 0; next; }
/[mM]emory/ { memory = 1; }
{ all = all "\n" $0; next }
' < bind-9.3.1/CHANGES
---------------------------------------
--- 9.3.1 released ---
--- 9.3.1rc1 released ---
--- 9.3.1beta2 released ---
--- 9.3.1beta1 released ---
--- 9.3.0 released ---
--- 9.3.0rc4 released ---
--- 9.3.0rc3 released ---
--- 9.3.0rc2 released ---
1683. [bug] dig +sigchase could leak memory. [RT #11445]
--- 9.3.0rc1 released ---
1643. [bug] dns_db_closeversion() could leak memory / node
references. [RT #11163]
--- 9.3.0beta4 released ---
1635. [bug] Memory leak on error in query_addds().
--- 9.3.0beta3 released ---
1599. [bug] Fix memory leak on error path when checking named.conf.
--- 9.3.0beta2 released ---
--- 9.3.0beta1 released ---
1562. [bug] isc_socket_create() and isc_socket_accept() could
leak memory under error conditions. [RT #10230]
1561. [bug] It was possible to release the same name twice if
named ran out of memory. [RT #10197]
1547. [bug] Named wasted memory recording duplicate lame zone
entries. [RT #9341]
1545. [bug] It was possible to leak memory if named was unable to
bind to the specified transfer source and TSIG was
being used. [RT #10120]
1364. [func] Log file name when unable to open memory statistics
and dump database files. [RT# 3437]
1235. [func] Report 'out of memory' errors from openssl.
1143. [bug] When a trusted-keys statement was present and named
was built without crypto support, it would leak memory.
982. [func] If "memstatistics-file" is set in options the memory
statistics will be written to it.
--- 9.2.3rc1 released ---
More information about the NANOG
mailing list