GitLab

Besides the issue with in-view and key file locking that leads to a deadlock at startup (#2783 (closed)) there is another possible deadlock scenario, although it is triggered less likely.

When BIND 9 is using dnssec-policy and views, a thread needs to hold a set of locks in order to do safe key file I/O operations. named will walk all the views the zone is in and obtain a mutex lock attached to that zone.

It is possible that one thread is working on a zone in one view, and another thread is working on the same zone in a different view. To do safe key file I/O operations, a thread needs to hold all zone locks, but if both threads already holds one lock, they will wait indefinitely on each other until the other mutex becomes unlocked.