bind-8.4.4

First, I wanted to send this to bind-workers (seems that would be the
developer list?) but that appears to be a private list. So I'll do
my best here.

On a recent upgrade to 8.4.4, I started getting these:

default: critical: db_freedata: DB_F_FREE set

They were preceded by named-xfer dying with signal 13 for a bunch of zones.
Well, not immediately preceding but 30-45 seconds prior. That was almost
certainly a configuration problem somewhere, that I now can't reproduce.

I'm still trying to reproduce the conditions that caused this, but in
the meantime I looked at the code and the only place I can find that
even sets DB_F_FREE is db_glue.c:db_freedata() which only sets it
immediately before it frees 'dp'. And db_freedata() is only called
by db_detach() (if d_rcnt goes to 0), which sets '*dpp' to NULL after
the free, so ISTM that this condition can never arise.

I also did my best to see if databuf's are ever explicitly initialized
with DB_F_FREE set, and I can't find that.

What am I missing?

I wrote a replace named-xfer which simply dies with SIGPIPE but this
doesn't help to reproduce the same problem. I did though, after 25 minutes,
get this:

db: critical: d_rcnt-- == 0

Unfortunately I didn't have debugging cranked up high enough and core
files were disabled (drat!). And after a few hours (with those issues
fixed) I can't reproduce it. Maybe tomorrow I'll have better luck.

/fc