Ondřej Surý [Tue, 14 Dec 2021 09:44:04 +0000 (10:44 +0100)]
Disable the internal memory allocator by default
For small sized allocations, the internal allocator gets the memory in
bigger blobs that gets splits into right-sized chunks. This increases
speed of small allocations and reduced the fragmentation, but such
memory is never released back to the operating system.
Disable the internal allocator by default, and add new `-M internal`
command line option to `named`.
Ondřej Surý [Tue, 14 Dec 2021 09:40:47 +0000 (10:40 +0100)]
Don't use mem freelists for isc_mempools
Previously, with BIND 9 internal allocator, when isc_mempool_put() would
return memory to the allocator, it would not be freed, but it would be
returned to the "freelists" and the memory would not be released to the
operating system.
Change the isc_mempool_get() and isc_mempool_put() to avoid the internal
allocator (mem_getunlocked() and mem_putunlocked()).
Ondřej Surý [Sun, 23 May 2021 13:36:06 +0000 (15:36 +0200)]
Adjust the fillcount and freemax for dns_message mempools
According to the measurements (recorded on GL!5085), the fillcount of 2
for namepool and fillcount of 4 for rdspool can fit 99.99% of request
for tested scenarios.
This was discovered by perf recording the single second recursive test
using flamethrower where the initial malloc lit up like a flare.
Michal Nowak [Tue, 30 Nov 2021 12:52:49 +0000 (13:52 +0100)]
Drop cppcheck CI job
Every cppcheck update brings the cost of addressing new false positives
in the BIND 9 source code while not reaping any benefits in case of
identified issues with the code.
Michal Nowak [Wed, 1 Dec 2021 15:01:22 +0000 (16:01 +0100)]
Drop Debian SoftHSM v2.4 CI jobs
The base image is in the process of being upgraded from Debian Buster to
Debian Bullseye, which has SoftHSM v2.6, the same SoftHSM version we
already test PKCS#11 with on Fedora. We don't need to test with two
SoftHSM 2.6 versions, drop CI jobs running on the base image.
Ondřej Surý [Mon, 6 Dec 2021 10:10:17 +0000 (11:10 +0100)]
Stop leaking mutex in nmworker and cond in nm socket
On FreeBSD, the pthread primitives are not solely allocated on stack,
but part of the object lives on the heap. Missing pthread_*_destroy
causes the heap memory to grow and in case of fast lived object it's
possible to run out-of-memory.
Properly destroy the leaking mutex (worker->lock) and
the leaking condition (sock->cond).
Ondřej Surý [Wed, 1 Dec 2021 16:41:20 +0000 (17:41 +0100)]
Improve the logging on failed TCP accept
Previously, when TCP accept failed, we have logged a message with
ISC_LOG_ERROR level. One common case, how this could happen is that the
client hits TCP client quota and is put on hold and when resumed, the
client has already given up and closed the TCP connection. In such
case, the named would log:
TCP connection failed: socket is not connected
This message was quite confusing because it actually doesn't say that
it's related to the accepting the TCP connection and also it logs
everything on the ISC_LOG_ERROR level.
Change the log message to "Accepting TCP connection failed" and for
specific error states lower the severity of the log message to
ISC_LOG_INFO.
Aram Sargsyan [Mon, 11 Oct 2021 18:13:39 +0000 (18:13 +0000)]
Fix catalog zone reconfiguration crash
The following scenario triggers a "named" crash:
1. Configure a catalog zone.
2. Start "named".
3. Comment out the "catalog-zone" clause.
4. Run `rndc reconfig`.
5. Uncomment the "catalog-zone" clause.
6. Run `rndc reconfig` again.
Implement the required cleanup of the in-memory catalog zone during
the first `rndc reconfig`, so that the second `rndc reconfig` could
find it in an expected state.
Mark Andrews [Tue, 9 Nov 2021 00:39:52 +0000 (11:39 +1100)]
Suppress OpenSSL deprecated warnings from OpensSSL 3.0.0
We are not back porting OpenSSL 3.0.0 fixes to this branch so there
is no point in emitting warnings about using deprecated code.
Additionally this impacts --enable-developer and --enable-warn-error.
Mark Andrews [Thu, 25 Nov 2021 02:16:56 +0000 (13:16 +1100)]
Exercise ISC_R_NOSPACE path in dns_sdlz_putrr
Use relative names when adding SOA record and a long domain
name to create SOA RR where the wire format is longer than
the initial buffer allocation in dns_sdlz_putrr.
Mark Andrews [Wed, 24 Nov 2021 00:03:19 +0000 (11:03 +1100)]
Do not convert ISC_R_NOSPACE to DNS_R_SERVFAIL too early
The parsing loop needs to process ISC_R_NOSPACE to properly
size the buffer. If result is still ISC_R_NOSPACE at the end
of the parsing loop set result to DNS_R_SERVFAIL.
Michal Nowak [Wed, 24 Nov 2021 15:50:57 +0000 (16:50 +0100)]
Fix "array subscript is of type 'char'" on NetBSD 9
In file included from rdata.c:602:
In file included from ./code.h:88:
./rdata/in_1/svcb_64.c:259:9: warning: array subscript is of type 'char' [-Wchar-subscripts]
if (!isdigit(*region->base)) {
^~~~~~~~~~~~~~~~~~~~~~
/usr/include/sys/ctype_inline.h:51:44: note: expanded from macro 'isdigit'
#define isdigit(c) ((int)((_ctype_tab_ + 1)[(c)] & _CTYPE_D))
^~~~
Petr Špaček [Mon, 8 Nov 2021 15:43:05 +0000 (16:43 +0100)]
Add missing PYTHONPATH variable export to pylint job in CI
The old .gitlab-ci.yaml accidentally worked because pylint
was importing modules internally, probably as a side-effect
of testing other code.
This pylint invocation errors out when PYTHONPATH is not set:
$ pylint --rcfile $CI_PROJECT_DIR/.pylintrc bin/tests/system/keymgr/testpolicy.py
************* Module testpolicy
bin/tests/system/keymgr/testpolicy.py:13:0: E0401: Unable to import 'isc' (import-error)
And this invocation works even without PYTHONPATH:
$ pylint --rcfile $CI_PROJECT_DIR/.pylintrc bin/python/setup.py bin/tests/system/keymgr/testpolicy.py
Petr Špaček [Mon, 21 Jun 2021 12:51:43 +0000 (14:51 +0200)]
Add new system test for wildcard expansion
This is almost minimal prototype to show how to use python-hypothesis
library in a system test. It does not fully replace existing shell-based
system test for wildcards.
Petr Špaček [Fri, 5 Nov 2021 10:39:07 +0000 (11:39 +0100)]
Automatically cancel CI jobs on outdated branches
Gitlab feature
https://docs.gitlab.com/ee/ci/pipelines/settings.html#auto-cancel-redundant-pipelines
can automatically cancel jobs which operate on an outdated code, i.e. on
branches which received new commits while jobs with an older set of
commits are still running. For this feature to work jobs have to be
configured with boolean interruptible: true.
I think practically all of our current CI jobs can be cancelled,
so the option is now on by default for all jobs.
Petr Špaček [Thu, 28 Oct 2021 14:39:20 +0000 (16:39 +0200)]
retain diff output if clang-format changes something
It's major PITA trying to guess what exactly clang-format has changed,
so how CI stores patch file with changes which can be applied locally if
needed.
Aram Sargsyan [Wed, 27 Oct 2021 19:52:05 +0000 (19:52 +0000)]
Add dst_key_pubcompare and dst_key_compare unit test
The dst_key_pubcompare() and dst_key_compare() didn't have a unit test,
add the unit tests which test comparing the same keys, different keys,
and, where possible, similar keys with a manually altered parameter.
dst_key_pubcompare() internally uses the *_todns() functions of the
lib/dns/openssl*_link.c modules.
dst_key_compare() internally uses the *_compare() functions of the
lib/dns/openssl*_link.c modules.
Michał Kępień [Thu, 28 Oct 2021 12:03:04 +0000 (14:03 +0200)]
Disable PyLint warning C0209
PyLint 2.11 reports a new warning, C0209 (consider-using-f-string).
Since f-strings are only available in Python 3.6+, existing scripts
cannot be updated to use this feature just yet because they would stop
working with older Python versions. Instead, disable PyLint warning
C0209 for the time being. Sort all disabled warnings in .pylintrc.
Michał Kępień [Thu, 28 Oct 2021 10:22:33 +0000 (12:22 +0200)]
Move CHANGES entry for GL #2308
GL #2308 was originally referenced by CHANGES entry 5727. However, the
corresponding code change turned out to be flawed and had to be reverted
in BIND 9.16.22, causing CHANGES entry 5727 to be removed on the release
branch.
Commit d329d47bae68c1cc90374397b4756a8f2487895e subsequently addressed
the flaw, so the fix for GL #2308 will be included in BIND 9.16.23.
Move the relevant CHANGES entry to reflect that.
projects / thirdparty / bind9.git / log
