Flush the node when NTA expires

When NTA expires the name's node should be flushed from the view's
cache as it's done when the NTA is manually removed using a rndc
command.

diff --git a/lib/dns/nta.c b/lib/dns/nta.c
index aba39e95c6a3029b3e7e93f7b849433b43a27ef4..a159f4a4003dd482d7d9f712edae9e6be4d9b576 100644 (file)
--- a/lib/dns/nta.c
+++ b/lib/dns/nta.c
@@ -361,6 +361,7 @@ delete_expired(void *arg) {
        isc_result_t result;
        dns_qp_t *qp = NULL;
        void *pval = NULL;
+       dns_view_t *view = NULL;
 
        REQUIRE(VALID_NTATABLE(ntatable));
 
@@ -375,6 +376,17 @@ delete_expired(void *arg) {
                dns_name_format(&nta->name, nb, sizeof(nb));
                isc_log_write(DNS_LOGCATEGORY_DNSSEC, DNS_LOGMODULE_NTA,
                              ISC_LOG_INFO, "deleting expired NTA at %s", nb);
+
+               /*
+                * Delay the flushing to avoid lock-order-inversion, as
+                * dns_view_flushnode()->dns_adb_flushnames() locks 'adbname',
+                * and it can cause a problem e.g. in dns_ntatable_covered() in
+                * another thread called by the resolver (also involving 'fctx'
+                * lock), or in dns_ntatable_shutdown() (also involving 'view'
+                * lock).
+                */
+               dns_view_weakattach(ntatable->view, &view);
+
                dns_qp_deletename(qp, &nta->name, DNS_DBNAMESPACE_NORMAL, NULL,
                                  NULL);
                dns__nta_shutdown(nta);
@@ -383,6 +395,10 @@ delete_expired(void *arg) {
        dns_qp_compact(qp, DNS_QPGC_MAYBE);
        dns_qpmulti_commit(ntatable->table, &qp);
        RWUNLOCK(&ntatable->rwlock, isc_rwlocktype_write);
+       if (view != NULL) {
+               dns_view_flushnode(view, &nta->name, true);
+               dns_view_weakdetach(&view);
+       }
        dns__nta_detach(&nta);
        dns_ntatable_detach(&ntatable);
 }