]>
git.ipfire.org Git - thirdparty/bind9.git/log
Mark Andrews [Tue, 22 Sep 2020 05:22:34 +0000 (15:22 +1000)]
Break lock order loop by sending TAT in an event
The dotat() function has been changed to send the TAT
query asynchronously, so there's no lock order loop
because we initialize the data first and then we schedule
the TAT send to happen asynchronously.
This breaks following lock-order loops:
zone->lock (dns_zone_setviewcommit) while holding view->lock
(dns_view_setviewcommit)
keytable->lock (dns_keytable_find) while holding zone->lock
(zone_asyncload)
view->lock (dns_view_findzonecut) while holding keytable->lock
(dns_keytable_forall)
(cherry picked from commit
3c4b68af7c0cd8213bcae92faee3bf2a7e9284d1 )
Mark Andrews [Tue, 22 Sep 2020 12:45:54 +0000 (12:45 +0000)]
Merge branch '2157-threadsanitizer-lock-order-inversion-potential-deadlock-in-pthread_rwlock_wrlock-v9_16' into 'v9_16'
Mark Andrews [Tue, 22 Sep 2020 06:24:06 +0000 (16:24 +1000)]
Address lock-order-inversion
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock)
Cycle in lock order graph: M1 (0x000000000001) => M2 (0x000000000002) => M1
Mutex M2 acquired here while holding mutex M1 in thread T1:
#0 pthread_rwlock_wrlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:52:4
#2 zone_postload lib/dns/zone.c:5101:2
#3 receive_secure_db lib/dns/zone.c:16206:11
#4 dispatch lib/isc/task.c:1152:7
#5 run lib/isc/task.c:1344:2
Mutex M1 previously acquired by the same thread here:
#0 pthread_mutex_lock <null>
#1 receive_secure_db lib/dns/zone.c:16204:2
#2 dispatch lib/isc/task.c:1152:7
#3 run lib/isc/task.c:1344:2
Mutex M1 acquired here while holding mutex M2 in thread T1:
#0 pthread_mutex_lock <null>
#1 get_raw_serial lib/dns/zone.c:2518:2
#2 zone_gotwritehandle lib/dns/zone.c:2559:4
#3 dispatch lib/isc/task.c:1152:7
#4 run lib/isc/task.c:1344:2
Mutex M2 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 zone_gotwritehandle lib/dns/zone.c:2552:2
#3 dispatch lib/isc/task.c:1152:7
#4 run lib/isc/task.c:1344:2
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) in pthread_rwlock_wrlock
(cherry picked from commit
1090876693470eedf69211d0fe71ba2c88160f45 )
Michał Kępień [Tue, 22 Sep 2020 09:43:42 +0000 (09:43 +0000)]
Merge branch 'mnowak/pairwise-configure-testing-v9_16' into 'v9_16'
Michal Nowak [Wed, 1 Jul 2020 08:29:36 +0000 (10:29 +0200)]
Add pairwise testing
Pairwise testing is a test case generation technique based on the
observation that most faults are caused by interactions of at most two
factors. For BIND, its configure options can be thought of as such
factors.
Process BIND configure options into a model that is subsequently
processed by the PICT tool in order to find an effective test vector.
That test vector is then used for configuring and building BIND using
various combinations of configure options.
(cherry picked from commit
420986bf187ed2a33321d5af362732184426f439 )
Matthijs Mekking [Tue, 22 Sep 2020 08:08:32 +0000 (08:08 +0000)]
Merge branch '2127-xml2rst-add-missing-updates-v9_16' into 'v9_16'
Matthijs Mekking [Mon, 21 Sep 2020 09:03:30 +0000 (11:03 +0200)]
Improve language in documentation
Various language specific improvements, from Suzanne Goldlust's
review.
(cherry picked from commit
49e76c15dd54c2710fe179e2821d9acbf45ba5be )
Matthijs Mekking [Thu, 10 Sep 2020 11:48:04 +0000 (13:48 +0200)]
Update DNSSEC documentation
This was originally done in commit
da0ae5299f51c0ffdd4edc3b880d105a64590cf6 but was lost when the
documentation was converted to RST files.
(cherry picked from commit
0b0320360fc652766739259f938a4bd6248ce676 )
Matthijs Mekking [Thu, 10 Sep 2020 10:37:29 +0000 (12:37 +0200)]
Add a note on DNSSEC sign metrics in the ARM
This was added previously in commit
3a3f40e3729e1e3ab32f6c18eeecfd4749812ffb but was lost when the
documentation was converted to RST files.
(cherry picked from commit
3a3ace0f412459c903190e08cad49e2cd5fff81c )
Matthijs Mekking [Thu, 10 Sep 2020 09:38:07 +0000 (11:38 +0200)]
Remove leftover 'dnssec-keys' references
The option 'dnssec-keys' was introduced in 9.15 and also renamed to
'trust-anchors'. Rename the leftover references to 'trust-anchors'.
(cherry picked from commit
e6b335c2ab6ae106718c18595afbe5945b1cc905 )
Mark Andrews [Mon, 21 Sep 2020 09:54:36 +0000 (09:54 +0000)]
Merge branch '2158-threadsanitizer-data-race-in-memmove-v9_16' into 'v9_16'
Mark Andrews [Mon, 21 Sep 2020 04:52:53 +0000 (14:52 +1000)]
Remove the memmove call on dns_rbtnode_t structure that contains atomics
Calling the plain memmove on the structure that contains atomic members
triggers following TSAN warning (even when we don't really use the
atomic members in the code):
WARNING: ThreadSanitizer: data race
Read of size 8 at 0x000000000001 by thread T1 (mutexes: write M1, write M2):
#0 memmove <null>
#1 memmove /usr/include/x86_64-linux-gnu/bits/string_fortified.h:40:10
#2 deletefromlevel lib/dns/rbt.c:2675:3
#3 dns_rbt_deletenode lib/dns/rbt.c:2143:2
#4 delete_node lib/dns/rbtdb.c
#5 decrement_reference lib/dns/rbtdb.c:2202:4
#6 prune_tree lib/dns/rbtdb.c:2259:3
#7 dispatch lib/isc/task.c:1152:7
#8 run lib/isc/task.c:1344:2
Previous atomic write of size 8 at 0x000000000001 by thread T2 (mutexes: read M3):
#0 __tsan_atomic64_fetch_sub <null>
#1 decrement_reference lib/dns/rbtdb.c:2103:7
#2 detachnode lib/dns/rbtdb.c:5440:6
#3 dns_db_detachnode lib/dns/db.c:588:2
#4 qctx_clean lib/ns/query.c:5104:3
#5 ns_query_done lib/ns/query.c:10868:2
#6 query_sign_nodata lib/ns/query.c
#7 query_nodata lib/ns/query.c:8438:11
#8 query_gotanswer lib/ns/query.c
#9 query_lookup lib/ns/query.c:5624:10
#10 ns__query_start lib/ns/query.c:5500:10
#11 query_setup lib/ns/query.c:5224:11
#12 ns_query_start lib/ns/query.c:11357:8
#13 ns__client_request lib/ns/client.c:2166:3
#14 udp_recv_cb lib/isc/netmgr/udp.c:414:2
#15 uv__udp_recvmsg /home/ondrej/Projects/tsan/libuv/src/unix/udp.c
#16 uv__udp_io /home/ondrej/Projects/tsan/libuv/src/unix/udp.c:180:5
#17 uv__io_poll /home/ondrej/Projects/tsan/libuv/src/unix/linux-core.c:461:11
#18 uv_run /home/ondrej/Projects/tsan/libuv/src/unix/core.c:385:5
#19 nm_thread lib/isc/netmgr/netmgr.c:500:11
Location is heap block of size 132 at 0x000000000030 allocated by thread T3:
#0 malloc <null>
#1 default_memalloc lib/isc/mem.c:713:8
#2 mem_get lib/isc/mem.c:622:8
#3 mem_allocateunlocked lib/isc/mem.c:1268:8
#4 isc___mem_allocate lib/isc/mem.c:1288:7
#5 isc__mem_allocate lib/isc/mem.c:2453:10
#6 isc___mem_get lib/isc/mem.c:1037:11
#7 isc__mem_get lib/isc/mem.c:2432:10
#8 create_node lib/dns/rbt.c:2239:9
#9 dns_rbt_addnode lib/dns/rbt.c:1435:12
#10 findnodeintree lib/dns/rbtdb.c:2895:12
#11 findnode lib/dns/rbtdb.c:2941:10
#12 dns_db_findnode lib/dns/db.c:439:11
#13 diff_apply lib/dns/diff.c:306:5
#14 dns_diff_apply lib/dns/diff.c:459:10
#15 do_one_tuple lib/ns/update.c:444:11
#16 update_one_rr lib/ns/update.c:495:10
#17 update_action lib/ns/update.c:3123:6
#18 dispatch lib/isc/task.c:1152:7
#19 run lib/isc/task.c:1344:2
Mutex M1 is already destroyed.
Mutex M2 is already destroyed.
Mutex M3 is already destroyed.
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
Thread T2 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_nm_start lib/isc/netmgr/netmgr.c:223:3
#3 create_managers bin/named/main.c:909:15
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
Thread T3 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
SUMMARY: ThreadSanitizer: data race in memmove
(cherry picked from commit
48d54368d5fcd36c1d1408dd897774af08c2eb75 )
Ondřej Surý [Mon, 21 Sep 2020 09:11:10 +0000 (09:11 +0000)]
Merge branch '2166-bind-9-16-7-trap-divide-error-v9_16' into 'v9_16'
Ondřej Surý [Thu, 17 Sep 2020 12:47:16 +0000 (14:47 +0200)]
Add CHANGES and release note for GL #2166
(cherry picked from commit
2869ca1401a45d610354e81e6773d4666001a974 )
Ondřej Surý [Thu, 17 Sep 2020 12:37:24 +0000 (14:37 +0200)]
Handle the errors from sysconf() call in isc_meminfo_totalphys()
isc_meminfo_totalphys() would return invalid memory size when sysconf()
call would fail, because ((size_t)-1 * -1) is very large number.
(cherry picked from commit
79ca724d46918387fba6b2dc484d67390bcbbd56 )
Michał Kępień [Mon, 21 Sep 2020 08:15:32 +0000 (08:15 +0000)]
Merge branch 'mnowak/fix-make-doc' into 'v9_16'
Michal Nowak [Tue, 15 Sep 2020 08:51:17 +0000 (10:51 +0200)]
Remove documentation building toolchain
Michal Nowak [Wed, 9 Sep 2020 09:57:48 +0000 (11:57 +0200)]
Enforce synchronized documentation
Michal Nowak [Wed, 9 Sep 2020 09:55:16 +0000 (11:55 +0200)]
Build '$(MANPAGES_IN)' before 'ootsetup'
Michal Nowak [Wed, 9 Sep 2020 09:34:28 +0000 (11:34 +0200)]
Rebuild documentation
Michał Kępień [Mon, 21 Sep 2020 07:53:57 +0000 (07:53 +0000)]
Merge branch '2169-fix-updating-summary-rpz-db-for-mixed-case-rpzs-v9_16' into 'v9_16'
Michał Kępień [Mon, 21 Sep 2020 07:28:36 +0000 (09:28 +0200)]
Add CHANGES entry
(cherry picked from commit
e6e4922fe86656c2522db93290e866876ae546f3 )
Michał Kępień [Mon, 21 Sep 2020 07:28:36 +0000 (09:28 +0200)]
Add release note
(cherry picked from commit
853a51d4a97ad0fb5feff495755fd4db19504288 )
Michał Kępień [Mon, 21 Sep 2020 07:28:36 +0000 (09:28 +0200)]
Fix updating summary RPZ DB for mixed-case RPZs
Each dns_rpz_zone_t structure keeps a hash table of the names this RPZ
database contains. Here is what happens when an RPZ is updated:
- a new hash table is prepared for the new version of the RPZ by
iterating over it; each name found is added to the summary RPZ
database,
- every name added to the new hash table is searched for in the old
hash table; if found, it is removed from the old hash table,
- the old hash table is iterated over; all names found in it are
removed from the summary RPZ database (because at that point the old
hash table should only contain names which are not present in the
new version of the RPZ),
- the new hash table replaces the old hash table.
When the new version of the RPZ is iterated over, if a given name is
spelled using a different letter case than in the old version of the
RPZ, the new variant will hash to a different value than the old
variant, which means it will not be removed from the old hash table.
When the old hash table is subsequently iterated over to remove
seemingly deleted names, the old variant of the name will still be
there, causing the name to be deleted from the summary RPZ database
(which effectively causes a given rule to be ignored).
The issue can be triggered not just by altering the case of existing
names in an RPZ, but also by adding sibling names spelled with a
different letter case. This is because RBT code preserves case when
node splitting occurs. The end result is that when the RPZ is iterated
over, a given name may be using a different case than in the zone file
(or XFR contents).
Fix by downcasing all names found in the RPZ database before adding them
to the summary RPZ database.
(cherry picked from commit
dc8a7791bd27a7c264e901861875698ef343838c )
Ondřej Surý [Thu, 17 Sep 2020 16:46:04 +0000 (16:46 +0000)]
Merge branch '2163-threadsanitizer-data-race-lib-isc-mem-c-1119-19-in-isc___mem_put-v9_16' into 'v9_16'
Ondřej Surý [Thu, 17 Sep 2020 12:05:10 +0000 (14:05 +0200)]
Exclude isc_mem_isovermem from ThreadSanitizer
The .is_overmem member of isc_mem_t structure is intentionally accessed
unlocked as 100% accuracy isn't necessary here.
Without the attribute, following TSAN warning would show up:
WARNING: ThreadSanitizer: data race
Write of size 1 at 0x000000000001 by thread T1 (mutexes: write M1, write M2):
#0 isc___mem_put lib/isc/mem.c:1119:19
#1 isc__mem_put lib/isc/mem.c:2439:2
#2 dns_rdataslab_fromrdataset lib/dns/rdataslab.c:327:2
#3 addrdataset lib/dns/rbtdb.c:6761:11
#4 dns_db_addrdataset lib/dns/db.c:719:10
#5 cache_name lib/dns/resolver.c:6538:13
#6 cache_message lib/dns/resolver.c:6628:14
#7 resquery_response lib/dns/resolver.c:7883:13
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
Previous read of size 1 at 0x000000000001 by thread T2 (mutexes: write M3):
#0 isc_mem_isovermem lib/isc/mem.c:1553:15
#1 addrdataset lib/dns/rbtdb.c:6866:25
#2 dns_db_addrdataset lib/dns/db.c:719:10
#3 addoptout lib/dns/ncache.c:281:10
#4 dns_ncache_add lib/dns/ncache.c:101:10
#5 ncache_adderesult lib/dns/resolver.c:6668:12
#6 ncache_message lib/dns/resolver.c:6845:11
#7 rctx_ncache lib/dns/resolver.c:9174:11
#8 resquery_response lib/dns/resolver.c:7894:2
#9 dispatch lib/isc/task.c:1152:7
#10 run lib/isc/task.c:1344:2
Location is heap block of size 328 at 0x000000000020 allocated by thread T3:
#0 malloc <null>
#1 default_memalloc lib/isc/mem.c:713:8
#2 mem_create lib/isc/mem.c:763:8
#3 isc_mem_create lib/isc/mem.c:2425:2
#4 configure_view bin/named/server.c:4494:4
#5 load_configuration bin/named/server.c:9062:3
#6 run_server bin/named/server.c:9771:2
#7 dispatch lib/isc/task.c:1152:7
#8 run lib/isc/task.c:1344:2
[...]
SUMMARY: ThreadSanitizer: data race lib/isc/mem.c:1119:19 in isc___mem_put
(cherry picked from commit
0110d1ab1750ec902ad4947d13c3ac0240a2260b )
Mark Andrews [Thu, 17 Sep 2020 09:59:48 +0000 (09:59 +0000)]
Merge branch '2131-tsan-data-race-in-accessing-controls-symtab-v9_16' into 'v9_16'
Mark Andrews [Tue, 8 Sep 2020 02:11:06 +0000 (12:11 +1000)]
Lock access to control->symtab to prevent data race
WARNING: ThreadSanitizer: data race
Read of size 8 at 0x000000000001 by thread T1:
#0 isccc_symtab_foreach lib/isccc/symtab.c:277:14
#1 isccc_cc_cleansymtab lib/isccc/cc.c:954:2
#2 control_recvmessage bin/named/controlconf.c:477:2
#3 recv_data lib/isccc/ccmsg.c:110:2
#4 read_cb lib/isc/netmgr/tcp.c:769:4
#5 <null> <null>
Previous write of size 8 at 0x000000000001 by thread T2:
#0 isccc_symtab_define lib/isccc/symtab.c:242:2
#1 isccc_cc_checkdup lib/isccc/cc.c:1026:11
#2 control_recvmessage bin/named/controlconf.c:478:11
#3 recv_data lib/isccc/ccmsg.c:110:2
#4 read_cb lib/isc/netmgr/tcp.c:769:4
#5 <null> <null>
Location is heap block of size 190352 at 0x000000000011 allocated by main thread:
#0 malloc <null>
#1 isccc_symtab_create lib/isccc/symtab.c:76:18
#2 isccc_cc_createsymtab lib/isccc/cc.c:948:10
#3 named_controls_create bin/named/controlconf.c:1483:11
#4 named_server_create bin/named/server.c:10057:2
#5 setup bin/named/main.c:1256:2
#6 main bin/named/main.c:1523:2
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_nm_start lib/isc/netmgr/netmgr.c:215:3
#3 create_managers bin/named/main.c:909:15
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
Thread T2 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_nm_start lib/isc/netmgr/netmgr.c:215:3
#3 create_managers bin/named/main.c:909:15
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
SUMMARY: ThreadSanitizer: data race lib/isccc/symtab.c:277:14 in isccc_symtab_foreach
(cherry picked from commit
0450acc1b65442a0e904c895cf2875eacf409598 )
Mark Andrews [Thu, 17 Sep 2020 08:42:44 +0000 (08:42 +0000)]
Merge branch '2123-lock-order-inversions-in-main-v9_16' into 'v9_16'
Mark Andrews [Tue, 8 Sep 2020 03:42:07 +0000 (13:42 +1000)]
Pause dbiterator ealier to prevent lock-order-inversion
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock)
Cycle in lock order graph: M1 (0x000000000000) => M2 (0x000000000000) => M1
Mutex M2 acquired here while holding mutex M1 in thread T1:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 findnodeintree lib/dns/rbtdb.c:2877:2
#3 findnode lib/dns/rbtdb.c:2941:10
#4 dns_db_findnode lib/dns/db.c:439:11
#5 resume_addnsec3chain lib/dns/zone.c:3776:11
#6 rss_post lib/dns/zone.c:20659:3
#7 setnsec3param lib/dns/zone.c:20471:3
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
Mutex M1 previously acquired by the same thread here:
#0 pthread_mutex_lock <null>
#1 rss_post lib/dns/zone.c:20658:3
#2 setnsec3param lib/dns/zone.c:20471:3
#3 dispatch lib/isc/task.c:1152:7
#4 run lib/isc/task.c:1344:2
Mutex M1 acquired here while holding mutex M2 in thread T2:
#0 pthread_mutex_lock <null>
#1 zone_nsec3chain lib/dns/zone.c:8666:5
#2 zone_maintenance lib/dns/zone.c:11063:4
#3 zone_timer lib/dns/zone.c:14098:2
#4 dispatch lib/isc/task.c:1152:7
#5 run lib/isc/task.c:1344:2
Mutex M2 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 resume_iteration lib/dns/rbtdb.c:9357:2
#3 dbiterator_next lib/dns/rbtdb.c:9647:3
#4 dns_dbiterator_next lib/dns/dbiterator.c:87:10
#5 zone_nsec3chain lib/dns/zone.c:8656:13
#6 zone_maintenance lib/dns/zone.c:11063:4
#7 zone_timer lib/dns/zone.c:14098:2
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
(cherry picked from commit
9e584a45114849637c0ab04e9410ba5fc00b054d )
Mark Andrews [Tue, 8 Sep 2020 03:16:28 +0000 (13:16 +1000)]
Pause the database iterator to release rwlock
(cherry picked from commit
2e63de94aa902fd923abfde3461e6a03532afbe5 )
Mark Andrews [Fri, 4 Sep 2020 06:40:51 +0000 (16:40 +1000)]
Pause dbiterator to release rwlock to prevent lock-order-inversion.
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock)
Cycle in lock order graph: M1 (0x000000000000) => M2 (0x000000000001) => M1
Mutex M2 acquired here while holding mutex M1 in thread T1:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 getsigningtime lib/dns/rbtdb.c:8198:2
#3 dns_db_getsigningtime lib/dns/db.c:979:11
#4 set_resigntime lib/dns/zone.c:3887:11
#5 dns_zone_markdirty lib/dns/zone.c:11119:4
#6 update_action lib/ns/update.c:3376:3
#7 dispatch lib/isc/task.c:1152:7
#8 run lib/isc/task.c:1344:2
Mutex M1 previously acquired by the same thread here:
#0 pthread_mutex_lock <null>
#1 dns_zone_markdirty lib/dns/zone.c:11089:2
#2 update_action lib/ns/update.c:3376:3
#3 dispatch lib/isc/task.c:1152:7
#4 run lib/isc/task.c:1344:2
Mutex M1 acquired here while holding mutex M2 in thread T1:
#0 pthread_mutex_lock <null>
#1 zone_nsec3chain lib/dns/zone.c:8502:3
#2 zone_maintenance lib/dns/zone.c:11056:4
#3 zone_timer lib/dns/zone.c:14091:2
#4 dispatch lib/isc/task.c:1152:7
#5 run lib/isc/task.c:1344:2
Mutex M2 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 resume_iteration lib/dns/rbtdb.c:9357:2
#3 dbiterator_current lib/dns/rbtdb.c:9695:3
#4 dns_dbiterator_current lib/dns/dbiterator.c:101:10
#5 zone_nsec3chain lib/dns/zone.c:8539:3
#6 zone_maintenance lib/dns/zone.c:11056:4
#7 zone_timer lib/dns/zone.c:14091:2
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) in pthread_rwlock_rdlock
(cherry picked from commit
fbed96220486a063aafdd0a6ada8adce972fd48f )
Mark Andrews [Fri, 4 Sep 2020 06:07:57 +0000 (16:07 +1000)]
Pause dbiterator to release rwlock to prevent lock-order-inversion.
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock)
Cycle in lock order graph: M1 (0x000000000001) => M2 (0x000000000000) => M1
Mutex M2 acquired here while holding mutex M1 in thread T1:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 zone_sign lib/dns/zone.c:9247:3
#3 zone_maintenance lib/dns/zone.c:11047:4
#4 zone_timer lib/dns/zone.c:14090:2
#5 dispatch lib/isc/task.c:1152:7
#6 run lib/isc/task.c:1344:2
Mutex M1 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 resume_iteration lib/dns/rbtdb.c:9357:2
#3 dbiterator_next lib/dns/rbtdb.c:9647:3
#4 dns_dbiterator_next lib/dns/dbiterator.c:87:10
#5 zone_sign lib/dns/zone.c:9488:13
#6 zone_maintenance lib/dns/zone.c:11047:4
#7 zone_timer lib/dns/zone.c:14090:2
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
Mutex M1 acquired here while holding mutex M2 in thread T2:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 findnodeintree lib/dns/rbtdb.c:2877:2
#3 findnode lib/dns/rbtdb.c:2941:10
#4 dns_db_findnode lib/dns/db.c:439:11
#5 dns_db_getsoaserial lib/dns/db.c:780:11
#6 dump_done lib/dns/zone.c:11428:15
#7 dump_quantum lib/dns/masterdump.c:1487:2
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
Mutex M2 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 dump_done lib/dns/zone.c:11426:4
#3 dump_quantum lib/dns/masterdump.c:1487:2
#4 dispatch lib/isc/task.c:1152:7
#5 run lib/isc/task.c:1344:2
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
Thread T2 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) in pthread_rwlock_rdlock
(cherry picked from commit
c9dbad97b2f96fcfba3290fe52f6b044af64d780 )
Mark Andrews [Fri, 4 Sep 2020 05:23:13 +0000 (15:23 +1000)]
Pause dbiterator to release rwlock to prevent lock-order-inversion.
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock)
Cycle in lock order graph: M1 (0x000000000000) => M2 (0x000000000000) => M1
Mutex M2 acquired here while holding mutex M1 in thread T1:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 getsigningtime lib/dns/rbtdb.c:8198:2
#3 dns_db_getsigningtime lib/dns/db.c:979:11
#4 set_resigntime lib/dns/zone.c:3887:11
#5 dns_zone_markdirty lib/dns/zone.c:11115:4
#6 update_action lib/ns/update.c:3376:3
#7 dispatch lib/isc/task.c:1152:7
#8 run lib/isc/task.c:1344:2
Mutex M1 previously acquired by the same thread here:
#0 pthread_mutex_lock <null>
#1 dns_zone_markdirty lib/dns/zone.c:11085:2
#2 update_action lib/ns/update.c:3376:3
#3 dispatch lib/isc/task.c:1152:7
#4 run lib/isc/task.c:1344:2
Mutex M1 acquired here while holding mutex M2 in thread T2:
#0 pthread_mutex_lock <null>
#1 zone_nsec3chain lib/dns/zone.c:8274:3
#2 zone_maintenance lib/dns/zone.c:11052:4
#3 zone_timer lib/dns/zone.c:14087:2
#4 dispatch lib/isc/task.c:1152:7
#5 run lib/isc/task.c:1344:2
Mutex M2 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 resume_iteration lib/dns/rbtdb.c:9357:2
#3 dbiterator_next lib/dns/rbtdb.c:9647:3
#4 dns_dbiterator_next lib/dns/dbiterator.c:87:10
#5 zone_nsec3chain lib/dns/zone.c:8412:13
#6 zone_maintenance lib/dns/zone.c:11052:4
#7 zone_timer lib/dns/zone.c:14087:2
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
Thread T2 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) in pthread_rwlock_rdlock
(cherry picked from commit
98025e15d0ea05bdac55fb4aa8e342bdf6febe1a )
Mark Andrews [Fri, 4 Sep 2020 04:18:17 +0000 (14:18 +1000)]
Pause dbiterator to release rwlock to prevent lock-order-inversion.
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock)
Cycle in lock order graph: M1 (0x000000000001) => M2 (0x000000000002) => M3 (0x000000000000) => M1
Mutex M2 acquired here while holding mutex M1 in thread T1:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 findnodeintree lib/dns/rbtdb.c:2877:2
#3 findnode lib/dns/rbtdb.c:2941:10
#4 dns_db_findnode lib/dns/db.c:439:11
#5 copy_non_dnssec_records lib/dns/zone.c:16031:11
#6 receive_secure_db lib/dns/zone.c:16163:12
#7 dispatch lib/isc/task.c:1152:7
#8 run lib/isc/task.c:1344:2
Mutex M1 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 resume_iteration lib/dns/rbtdb.c:9357:2
#3 dbiterator_first lib/dns/rbtdb.c:9407:3
#4 dns_dbiterator_first lib/dns/dbiterator.c:43:10
#5 receive_secure_db lib/dns/zone.c:16160:16
#6 dispatch lib/isc/task.c:1152:7
#7 run lib/isc/task.c:1344:2
Mutex M3 acquired here while holding mutex M2 in thread T2:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 zone_sign lib/dns/zone.c:9244:3
#3 zone_maintenance lib/dns/zone.c:11044:4
#4 zone_timer lib/dns/zone.c:14087:2
#5 dispatch lib/isc/task.c:1152:7
#6 run lib/isc/task.c:1344:2
Mutex M2 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 resume_iteration lib/dns/rbtdb.c:9357:2
#3 dbiterator_next lib/dns/rbtdb.c:9647:3
#4 dns_dbiterator_next lib/dns/dbiterator.c:87:10
#5 zone_sign lib/dns/zone.c:9485:13
#6 zone_maintenance lib/dns/zone.c:11044:4
#7 zone_timer lib/dns/zone.c:14087:2
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
Mutex M1 acquired here while holding mutex M3 in thread T3:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 findnodeintree lib/dns/rbtdb.c:2877:2
#3 findnode lib/dns/rbtdb.c:2941:10
#4 dns_db_findnode lib/dns/db.c:439:11
#5 zone_get_from_db lib/dns/zone.c:5602:11
#6 get_raw_serial lib/dns/zone.c:2520:12
#7 zone_gotwritehandle lib/dns/zone.c:2559:4
#8 dispatch lib/isc/task.c:1152:7
#9 run lib/isc/task.c:1344:2
Mutex M3 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 zone_gotwritehandle lib/dns/zone.c:2552:2
#3 dispatch lib/isc/task.c:1152:7
#4 run lib/isc/task.c:1344:2
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
Thread T2 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
Thread T3 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) in pthread_rwlock_rdlock
(cherry picked from commit
e185e37137729c6e377e65d8744c49aef843046f )
Mark Andrews [Fri, 4 Sep 2020 02:50:42 +0000 (12:50 +1000)]
Address lock-order-inversion between the keytable and the db locks.
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock)
Cycle in lock order graph: M1 (0x000000000000) => M2 (0x000000000000) => M1
Mutex M2 acquired here while holding mutex M1 in thread T1:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 dns_keytable_find lib/dns/keytable.c:522:2
#3 sync_keyzone lib/dns/zone.c:4560:12
#4 dns_zone_synckeyzone lib/dns/zone.c:4635:11
#5 mkey_refresh bin/named/server.c:15423:2
#6 named_server_mkeys bin/named/server.c:15727:4
#7 named_control_docommand bin/named/control.c:236:12
#8 control_command bin/named/controlconf.c:365:17
#9 dispatch lib/isc/task.c:1152:7
#10 run lib/isc/task.c:1344:2
Mutex M1 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 resume_iteration lib/dns/rbtdb.c:9357:2
#3 dbiterator_first lib/dns/rbtdb.c:9407:3
#4 dns_dbiterator_first lib/dns/dbiterator.c:43:10
#5 dns_rriterator_first lib/dns/rriterator.c:71:15
#6 sync_keyzone lib/dns/zone.c:4543:16
#7 dns_zone_synckeyzone lib/dns/zone.c:4635:11
#8 mkey_refresh bin/named/server.c:15423:2
#9 named_server_mkeys bin/named/server.c:15727:4
#10 named_control_docommand bin/named/control.c:236:12
#11 control_command bin/named/controlconf.c:365:17
#12 dispatch lib/isc/task.c:1152:7
#13 run lib/isc/task.c:1344:2
Mutex M1 acquired here while holding mutex M2 in thread T1:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 zone_find lib/dns/rbtdb.c:4029:2
#3 dns_db_find lib/dns/db.c:500:11
#4 addifmissing lib/dns/zone.c:4481:11
#5 dns_keytable_forall lib/dns/keytable.c:786:4
#6 sync_keyzone lib/dns/zone.c:4586:2
#7 dns_zone_synckeyzone lib/dns/zone.c:4635:11
#8 mkey_refresh bin/named/server.c:15423:2
#9 named_server_mkeys bin/named/server.c:15727:4
#10 named_control_docommand bin/named/control.c:236:12
#11 control_command bin/named/controlconf.c:365:17
#12 dispatch lib/isc/task.c:1152:7
#13 run lib/isc/task.c:1344:2
Mutex M2 previously acquired by the same thread here:
#0 pthread_rwlock_rdlock <null>
#1 isc_rwlock_lock lib/isc/rwlock.c:48:3
#2 dns_keytable_forall lib/dns/keytable.c:770:2
#3 sync_keyzone lib/dns/zone.c:4586:2
#4 dns_zone_synckeyzone lib/dns/zone.c:4635:11
#5 mkey_refresh bin/named/server.c:15423:2
#6 named_server_mkeys bin/named/server.c:15727:4
#7 named_control_docommand bin/named/control.c:236:12
#8 control_command bin/named/controlconf.c:365:17
#9 dispatch lib/isc/task.c:1152:7
#10 run lib/isc/task.c:1344:2
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create lib/isc/pthreads/thread.c:73:8
#2 isc_taskmgr_create lib/isc/task.c:1434:3
#3 create_managers bin/named/main.c:915:11
#4 setup bin/named/main.c:1223:11
#5 main bin/named/main.c:1523:2
SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) in pthread_rwlock_rdlock
(cherry picked from commit
9e5f83c4993310f9841a4eba90d4a84dba882727 )
Michał Kępień [Wed, 16 Sep 2020 20:56:50 +0000 (20:56 +0000)]
Merge branch 'v9_16_7-release' into 'v9_16'
Michał Kępień [Wed, 16 Sep 2020 20:55:35 +0000 (22:55 +0200)]
Set up release notes for BIND 9.16.8
Michał Kępień [Wed, 16 Sep 2020 20:55:35 +0000 (22:55 +0200)]
Bump BIND_BASELINE_VERSION for ABI checks
Tinderbox User [Fri, 4 Sep 2020 10:44:49 +0000 (10:44 +0000)]
Merge branch 'prep-release' into v9_16_7-release
Michał Kępień [Fri, 4 Sep 2020 10:18:49 +0000 (10:18 +0000)]
Merge branch 'michal/prepare-release-notes-for-bind-9.16.7' into 'v9_16_7-release'
Tinderbox User [Fri, 4 Sep 2020 10:31:08 +0000 (10:31 +0000)]
prep 9.16.7
Michał Kępień [Fri, 4 Sep 2020 10:09:31 +0000 (12:09 +0200)]
Prepare release notes for BIND 9.16.7
Michał Kępień [Fri, 4 Sep 2020 10:09:31 +0000 (12:09 +0200)]
Add release note for OSS-Fuzz fixes
Michał Kępień [Fri, 4 Sep 2020 10:09:31 +0000 (12:09 +0200)]
Add release note for GL #2074
Michał Kępień [Fri, 4 Sep 2020 10:09:31 +0000 (12:09 +0200)]
Tweak and reword release notes
Michał Kępień [Fri, 4 Sep 2020 10:09:31 +0000 (12:09 +0200)]
Tweak and reword recent CHANGES entries
Michal Nowak [Fri, 4 Sep 2020 10:09:31 +0000 (12:09 +0200)]
Miscellaneous formatting and wording tweaks
Mark Andrews [Wed, 16 Sep 2020 03:50:13 +0000 (03:50 +0000)]
Merge branch 'marka-tsan-unit-no-ignore-error-v9_16' into 'v9_16'
Mark Andrews [Wed, 16 Sep 2020 03:28:15 +0000 (13:28 +1000)]
remove 'allow_failure: true' from unit tsan tests
Evan Hunt [Tue, 15 Sep 2020 00:03:13 +0000 (00:03 +0000)]
Merge branch 'each-copyright-header-v9_16' into 'v9_16'
Evan Hunt [Mon, 14 Sep 2020 23:50:58 +0000 (16:50 -0700)]
update all copyright headers to eliminate the typo
Evan Hunt [Mon, 14 Sep 2020 23:19:37 +0000 (16:19 -0700)]
fix a typo in copyright headers, and change "http" to "https"
(cherry picked from commit
481a7aae44c95e07628df17e2a222ffa51a698b8 )
Mark Andrews [Thu, 10 Sep 2020 10:42:12 +0000 (10:42 +0000)]
Merge branch '2119-the-runtime-system-tests-interfered-with-each-other-v9_16' into 'v9_16'
Mark Andrews [Mon, 31 Aug 2020 03:54:12 +0000 (13:54 +1000)]
Wait for test instance of named to exit before completing subtest.
(cherry picked from commit
dda5b7b0b86ca3250bcc3e6a4e3f931fdd253561 )
Mark Andrews [Mon, 31 Aug 2020 03:51:47 +0000 (13:51 +1000)]
Don't use production address (127.0.0.1) in runtime system test.
(cherry picked from commit
1f147059386aa3f60206af715abc4fc278b68049 )
Mark Andrews [Thu, 10 Sep 2020 09:55:01 +0000 (09:55 +0000)]
Merge branch '2116-views-system-test-was-not-waiting-for-example-to-finish-loading-v9_16' into 'v9_16'
Mark Andrews [Mon, 31 Aug 2020 11:09:25 +0000 (21:09 +1000)]
Also wait for 'zone_dump: zone example/IN: enter'
use nextpartpeek as we don't want to reset the starting point
(cherry picked from commit
7b65bea6d2563b3e5dca569d280d10ad63276dc7 )
Mark Andrews [Wed, 9 Sep 2020 22:12:16 +0000 (22:12 +0000)]
Merge branch '2114-cid-306652-null-pointer-dereferences-reverse_inull-v9_16' into 'v9_16'
Mark Andrews [Wed, 9 Sep 2020 00:40:14 +0000 (10:40 +1000)]
Silence REVERSE_INULL warning (CID 306652)
(cherry picked from commit
584dbffab1fb855f3b41df32cc258cc5c7969369 )
Evan Hunt [Wed, 9 Sep 2020 19:30:25 +0000 (19:30 +0000)]
Merge branch 'each-fix-packet-v9_16' into 'v9_16'
Evan Hunt [Sat, 5 Sep 2020 07:21:42 +0000 (00:21 -0700)]
work around perl error
some versions of perl failed to run packet.pl because the 'last'
keyword can't be used outside of a loop block. this commit changes
the packet dumping code to a function so we can use 'return' instead.
(cherry picked from commit
bf9aee1b884ad7d9775a1eacfa7d0fbc8c65081c )
Mark Andrews [Wed, 9 Sep 2020 06:45:37 +0000 (06:45 +0000)]
Merge branch '2090-main-dig-tsan-error-v9_16' into 'v9_16'
Mark Andrews [Mon, 31 Aug 2020 12:41:46 +0000 (22:41 +1000)]
Turn off TSAN for isc_log_wouldlog
(cherry picked from commit
7b3c7f52c26e0666aadc2aa71b970b2518455efc )
Mark Andrews [Mon, 31 Aug 2020 02:37:24 +0000 (12:37 +1000)]
make all artifacts visible
(cherry picked from commit
93dd7b1b93627bc72f6cdc42ec8256fbdb949b7f )
Mark Andrews [Wed, 26 Aug 2020 06:24:13 +0000 (16:24 +1000)]
Only test node->data if we care about whether data is present or not.
WARNING: ThreadSanitizer: data race (pid=28788)
Write of size 8 at 0x7b200002e060 by thread T1 (mutexes: write M2947):
#0 add32 /builds/isc-projects/bind9/lib/dns/rbtdb.c:6638:18 (libdns.so.1110+0xe7843)
#1 addrdataset /builds/isc-projects/bind9/lib/dns/rbtdb.c:6975:12 (libdns.so.1110+0xe4185)
#2 dns_db_addrdataset /builds/isc-projects/bind9/lib/dns/db.c:783:10 (libdns.so.1110+0x650ee)
#3 validated /builds/isc-projects/bind9/lib/dns/resolver.c:5140:11 (libdns.so.1110+0x1909f7)
#4 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507f5)
#5 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d749)
Previous read of size 8 at 0x7b200002e060 by thread T5 (mutexes: write M521146194917735760):
#0 dns_rbt_findnode /builds/isc-projects/bind9/lib/dns/rbt.c:1708:9 (libdns.so.1110+0xd910d)
#1 cache_find /builds/isc-projects/bind9/lib/dns/rbtdb.c:5098:11 (libdns.so.1110+0xe188e)
#2 dns_db_find /builds/isc-projects/bind9/lib/dns/db.c:554:11 (libdns.so.1110+0x642bb)
#3 dns_view_find2 /builds/isc-projects/bind9/lib/dns/view.c:1068:11 (libdns.so.1110+0x1cc2c4)
#4 dbfind_name /builds/isc-projects/bind9/lib/dns/adb.c:3714:11 (libdns.so.1110+0x46a4b)
#5 dns_adb_createfind2 /builds/isc-projects/bind9/lib/dns/adb.c:3133:12 (libdns.so.1110+0x45278)
#6 findname /builds/isc-projects/bind9/lib/dns/resolver.c:3166:11 (libdns.so.1110+0x1827f0)
#7 fctx_getaddresses /builds/isc-projects/bind9/lib/dns/resolver.c:3462:3 (libdns.so.1110+0x18032d)
#8 fctx_try /builds/isc-projects/bind9/lib/dns/resolver.c:3819:12 (libdns.so.1110+0x17e174)
#9 fctx_start /builds/isc-projects/bind9/lib/dns/resolver.c:4219:4 (libdns.so.1110+0x1787a3)
#10 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507f5)
#11 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d749)
(cherry picked from commit
71ef3a8038718063d0e0deb17834c71daaa9f29b )
Mark Andrews [Mon, 24 Aug 2020 03:35:41 +0000 (13:35 +1000)]
Address lock-order-inversion
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock) (pid=12714)
Cycle in lock order graph: M100252 (0x7b7c00010a08) => M1171 (0x7b7400000dc8) => M100252
Mutex M1171 acquired here while holding mutex M100252 in thread T1:
#0 pthread_mutex_lock <null> (delv+0x4483a6)
#1 dns_resolver_createfetch3 /builds/isc-projects/bind9/lib/dns/resolver.c:9585:2 (libdns.so.1110+0x1769fd)
#2 dns_resolver_createfetch /builds/isc-projects/bind9/lib/dns/resolver.c:9504:10 (libdns.so.1110+0x174e17)
#3 create_fetch /builds/isc-projects/bind9/lib/dns/validator.c:1156:10 (libdns.so.1110+0x1c1e5f)
#4 validatezonekey /builds/isc-projects/bind9/lib/dns/validator.c:2124:13 (libdns.so.1110+0x1c3b6d)
#5 start_positive_validation /builds/isc-projects/bind9/lib/dns/validator.c:2301:10 (libdns.so.1110+0x1bfde9)
#6 validator_start /builds/isc-projects/bind9/lib/dns/validator.c:3647:12 (libdns.so.1110+0x1bef62)
#7 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507d5)
#8 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d729)
Mutex M100252 previously acquired by the same thread here:
#0 pthread_mutex_lock <null> (delv+0x4483a6)
#1 validator_start /builds/isc-projects/bind9/lib/dns/validator.c:3628:2 (libdns.so.1110+0x1bee31)
#2 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507d5)
#3 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d729)
Mutex M100252 acquired here while holding mutex M1171 in thread T1:
#0 pthread_mutex_lock <null> (delv+0x4483a6)
#1 dns_validator_destroy /builds/isc-projects/bind9/lib/dns/validator.c:3912:2 (libdns.so.1110+0x1bf788)
#2 validated /builds/isc-projects/bind9/lib/dns/resolver.c:4916:2 (libdns.so.1110+0x18fdfd)
#3 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507d5)
#4 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d729)
Mutex M1171 previously acquired by the same thread here:
#0 pthread_mutex_lock <null> (delv+0x4483a6)
#1 validated /builds/isc-projects/bind9/lib/dns/resolver.c:4907:2 (libdns.so.1110+0x18fc3d)
#2 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507d5)
#3 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d729)
Thread T1 'isc-worker0000' (tid=12729, running) created by main thread at:
#0 pthread_create <null> (delv+0x42afdb)
#1 isc_thread_create /builds/isc-projects/bind9/lib/isc/pthreads/thread.c:60:8 (libisc.so.1107+0x726d8)
#2 isc__taskmgr_create /builds/isc-projects/bind9/lib/isc/task.c:1468:7 (libisc.so.1107+0x4d635)
#3 isc_taskmgr_createinctx /builds/isc-projects/bind9/lib/isc/task.c:2091:11 (libisc.so.1107+0x4f4ac)
#4 main /builds/isc-projects/bind9/bin/delv/delv.c:1639:2 (delv+0x4b7f96)
SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) (/builds/isc-projects/bind9/bin/delv/.libs/delv+0x4483a6) in pthread_mutex_lock
(cherry picked from commit
992a79a14bd773611ed1162cc5cb0477d02001f7 )
Mark Andrews [Mon, 24 Aug 2020 01:44:09 +0000 (11:44 +1000)]
Address lock-order-inversion
Obtain references to view->redirect and view->managed_keys then
release view->lock so dns_zone_setviewcommit and dns_zone_setviewrevert
can obtain the view->lock while holding zone->lock.
WARNING: ThreadSanitizer: lock-order-inversion (potential deadlock) (pid=9132)
Cycle in lock order graph: M987831431424375936 (0x000000000000) => M1012319771577875480 (0x000000000000) => M987831431424375936
Mutex M1012319771577875480 acquired here while holding mutex M987831431424375936 in thread T2:
#0 pthread_mutex_lock <null> (named+0x4642a6)
#1 dns_zone_setviewcommit /builds/isc-projects/bind9/lib/dns/zone.c:1571:2 (libdns.so.1110+0x1d74eb)
#2 dns_view_setviewcommit /builds/isc-projects/bind9/lib/dns/view.c:2388:3 (libdns.so.1110+0x1cfe29)
#3 load_configuration /builds/isc-projects/bind9/bin/named/./server.c:8188:3 (named+0x51eadd)
#4 loadconfig /builds/isc-projects/bind9/bin/named/./server.c:9438:11 (named+0x510c66)
#5 ns_server_reconfigcommand /builds/isc-projects/bind9/bin/named/./server.c:9773:2 (named+0x510b41)
#6 ns_control_docommand /builds/isc-projects/bind9/bin/named/control.c:243:12 (named+0x4e451a)
#7 control_recvmessage /builds/isc-projects/bind9/bin/named/controlconf.c:465:13 (named+0x4e9056)
#8 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507d5)
#9 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d729)
Mutex M987831431424375936 previously acquired by the same thread here:
#0 pthread_mutex_lock <null> (named+0x4642a6)
#1 dns_view_setviewcommit /builds/isc-projects/bind9/lib/dns/view.c:2382:2 (libdns.so.1110+0x1cfde7)
#2 load_configuration /builds/isc-projects/bind9/bin/named/./server.c:8188:3 (named+0x51eadd)
#3 loadconfig /builds/isc-projects/bind9/bin/named/./server.c:9438:11 (named+0x510c66)
#4 ns_server_reconfigcommand /builds/isc-projects/bind9/bin/named/./server.c:9773:2 (named+0x510b41)
#5 ns_control_docommand /builds/isc-projects/bind9/bin/named/control.c:243:12 (named+0x4e451a)
#6 control_recvmessage /builds/isc-projects/bind9/bin/named/controlconf.c:465:13 (named+0x4e9056)
#7 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507d5)
#8 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d729)
Mutex M987831431424375936 acquired here while holding mutex M1012319771577875480 in thread T7:
#0 pthread_mutex_lock <null> (named+0x4642a6)
#1 dns_view_findzonecut2 /builds/isc-projects/bind9/lib/dns/view.c:1300:2 (libdns.so.1110+0x1cc93a)
#2 dns_view_findzonecut /builds/isc-projects/bind9/lib/dns/view.c:1261:9 (libdns.so.1110+0x1cc864)
#3 fctx_create /builds/isc-projects/bind9/lib/dns/resolver.c:4459:13 (libdns.so.1110+0x1779d3)
#4 dns_resolver_createfetch3 /builds/isc-projects/bind9/lib/dns/resolver.c:9628:12 (libdns.so.1110+0x176cb6)
#5 dns_resolver_createfetch /builds/isc-projects/bind9/lib/dns/resolver.c:9504:10 (libdns.so.1110+0x174e17)
#6 zone_refreshkeys /builds/isc-projects/bind9/lib/dns/zone.c:10061:12 (libdns.so.1110+0x2055a5)
#7 zone_maintenance /builds/isc-projects/bind9/lib/dns/zone.c:10274:5 (libdns.so.1110+0x203a78)
#8 zone_timer /builds/isc-projects/bind9/lib/dns/zone.c:13106:2 (libdns.so.1110+0x1e815a)
#9 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507d5)
#10 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d729)
Mutex M1012319771577875480 previously acquired by the same thread here:
#0 pthread_mutex_lock <null> (named+0x4642a6)
#1 zone_refreshkeys /builds/isc-projects/bind9/lib/dns/zone.c:9951:2 (libdns.so.1110+0x204dc3)
#2 zone_maintenance /builds/isc-projects/bind9/lib/dns/zone.c:10274:5 (libdns.so.1110+0x203a78)
#3 zone_timer /builds/isc-projects/bind9/lib/dns/zone.c:13106:2 (libdns.so.1110+0x1e815a)
#4 dispatch /builds/isc-projects/bind9/lib/isc/task.c:1157:7 (libisc.so.1107+0x507d5)
#5 run /builds/isc-projects/bind9/lib/isc/task.c:1331:2 (libisc.so.1107+0x4d729)
Thread T2 'isc-worker0001' (tid=9163, running) created by main thread at:
#0 pthread_create <null> (named+0x446edb)
#1 isc_thread_create /builds/isc-projects/bind9/lib/isc/pthreads/thread.c:60:8 (libisc.so.1107+0x726d8)
#2 isc__taskmgr_create /builds/isc-projects/bind9/lib/isc/task.c:1468:7 (libisc.so.1107+0x4d635)
#3 isc_taskmgr_create /builds/isc-projects/bind9/lib/isc/task.c:2109:11 (libisc.so.1107+0x4f587)
#4 create_managers /builds/isc-projects/bind9/bin/named/./main.c:886:11 (named+0x4f1a97)
#5 setup /builds/isc-projects/bind9/bin/named/./main.c:1305:11 (named+0x4f05ee)
#6 main /builds/isc-projects/bind9/bin/named/./main.c:1556:2 (named+0x4ef12d)
Thread T7 'isc-worker0006' (tid=9168, running) created by main thread at:
#0 pthread_create <null> (named+0x446edb)
#1 isc_thread_create /builds/isc-projects/bind9/lib/isc/pthreads/thread.c:60:8 (libisc.so.1107+0x726d8)
#2 isc__taskmgr_create /builds/isc-projects/bind9/lib/isc/task.c:1468:7 (libisc.so.1107+0x4d635)
#3 isc_taskmgr_create /builds/isc-projects/bind9/lib/isc/task.c:2109:11 (libisc.so.1107+0x4f587)
#4 create_managers /builds/isc-projects/bind9/bin/named/./main.c:886:11 (named+0x4f1a97)
#5 setup /builds/isc-projects/bind9/bin/named/./main.c:1305:11 (named+0x4f05ee)
#6 main /builds/isc-projects/bind9/bin/named/./main.c:1556:2 (named+0x4ef12d)
SUMMARY: ThreadSanitizer: lock-order-inversion (potential deadlock) (/builds/isc-projects/bind9/bin/named/.libs/named+0x4642a6) in pthread_mutex_lock
(cherry picked from commit
cdcfde9e656b7a730f210de33d798131330022aa )
Mark Andrews [Sat, 22 Aug 2020 00:22:47 +0000 (10:22 +1000)]
isc_mutex_init_errcheck prototype should not be under ISC_MUTEX_PROFILE
(cherry picked from commit
552e0b852e3eb7b860e530fa59ee87f6c3e033e5 )
Mark Andrews [Fri, 21 Aug 2020 09:51:59 +0000 (19:51 +1000)]
Defer read of zl->server and zl->reconfig until
the reference counter has gone to zero and there is
no longer a possibility of changes in other threads.
(cherry picked from commit
9b445f33e27c704941e9fbc3a6af5f44922785bd )
Mark Andrews [Mon, 7 Sep 2020 22:58:10 +0000 (22:58 +0000)]
Merge branch '2120-the-dynamic-load-flags-are-inconsistent-with-thread-analysis-v9_16' into 'v9_16'
Mark Andrews [Fri, 28 Aug 2020 06:31:35 +0000 (16:31 +1000)]
Don't run dyndb and dlzexternal if running TSAN as
the dlopen flags being used are incompatible with TSAN.
(cherry picked from commit
86316ed29d1203dd582bfbc320b01afbf4526c84 )
Mark Andrews [Thu, 3 Sep 2020 04:09:38 +0000 (14:09 +1000)]
alphabetize tests/usage
(cherry picked from commit
bbece7389eae3350c5be1bfa4cad1ad39bb131b2 )
Evan Hunt [Fri, 4 Sep 2020 21:36:01 +0000 (21:36 +0000)]
Merge branch 'each-faster-tcp-test-v9_16' into 'v9_16'
Evan Hunt [Fri, 4 Sep 2020 17:58:47 +0000 (10:58 -0700)]
shorten the tcp system test
the tcp system test uses the 'packet.pl' test tool to send a packet
thousands of times. this took a long time because the tool was waiting
for replies and parsing them; however, for that particular test the
replies aren't relevant.
this commit uses non-blocking sockets and moves the reply parsing
outside the send loop, which speeds the system test up substantially.
(cherry picked from commit
1ceea908b618f1637f8dc2d159c1e62d100081bd )
Michał Kępień [Thu, 3 Sep 2020 10:11:07 +0000 (10:11 +0000)]
Merge branch '1919-include-bind-documentation-in-windows-zips-v9_16' into 'v9_16'
Michał Kępień [Thu, 3 Sep 2020 08:35:37 +0000 (10:35 +0200)]
Include BIND documentation in Windows zips
As generated documentation files are no longer stored in the BIND Git
repository, put a copy of the PDF version of the BIND ARM generated by
the "docs" GitLab CI job into the Windows zips to make it easily
available to the end users on that platform.
Make sure Windows zips also contain certain documentation files included
in source tarballs to make the contents of each release more consistent
across different platforms.
(cherry picked from commit
549ddca2562de81bb363212b791cbc5f853a321a )
Mark Andrews [Thu, 3 Sep 2020 06:41:46 +0000 (06:41 +0000)]
Merge branch 'marka-check-deny-name-with-grant-subdomain-v9_16' into 'v9_16'
Mark Andrews [Wed, 6 Mar 2019 06:45:03 +0000 (17:45 +1100)]
Check 'deny name' + 'grant subdomain' for the same name
(cherry picked from commit
a402ffbced528549cf784c520539d4e001e9f1b3 )
Mark Andrews [Wed, 2 Sep 2020 22:00:12 +0000 (22:00 +0000)]
Merge branch '2115-the-load-of-huge-zone-can-take-over-100-secs-when-running-under-a-sanitiser-v9_16' into 'v9_16'
Mark Andrews [Mon, 31 Aug 2020 12:09:38 +0000 (22:09 +1000)]
Increase zone load timeout in the "rndc" test
The "huge.zone" zone can take longer than 100 seconds to load when
running under a sanitizer. Increase the relevant zone load timeout to
prevent intermittent failures of the "rndc" system test.
(cherry picked from commit
fd08918df599d66086dc00cf7f2f9e3105399df3 )
Mark Andrews [Wed, 2 Sep 2020 21:33:58 +0000 (21:33 +0000)]
Merge branch '2084-9-11-data-race-in-dispatch_test-2-v9_16' into 'v9_16'
Mark Andrews [Wed, 2 Sep 2020 04:42:47 +0000 (14:42 +1000)]
watch_fd also requires thread->fdlock[lockid] to be held
(cherry picked from commit
22f499cdc4f0f683b79d17a6b375df4f1ee4c7cc )
Mark Andrews [Wed, 2 Sep 2020 03:26:21 +0000 (13:26 +1000)]
remove dead code
(cherry picked from commit
e923e62f6ceb06ef811fd983967a7b7e8b994069 )
Ondřej Surý [Wed, 2 Sep 2020 20:21:19 +0000 (20:21 +0000)]
Merge branch '2091-print-out-more-diagnostics-on-dns_name_issubdomain-v9_16' into 'v9_16'
Ondřej Surý [Mon, 24 Aug 2020 08:15:07 +0000 (10:15 +0200)]
Print diagnostics on dns_name_issubdomain() failure in fctx_create()
Log diagnostic message when dns_name_issubdomain() in the fctx_create()
when the resolver is qname minimizing and forwarding at the same time.
(cherry picked from commit
0a22024c270a38a54f0d51621a046b726df158c0 )
Ondřej Surý [Wed, 2 Sep 2020 14:54:00 +0000 (14:54 +0000)]
Merge branch '1847-recursor-has-issues-recursing-ip6-arpa-v9_16' into 'v9_16'
Diego Fronza [Mon, 31 Aug 2020 16:26:56 +0000 (13:26 -0300)]
Add CHANGES and release note for GL #1847
(cherry picked from commit
044a72cca9912f0b0937588b83f2c9d00fe5a355 )
Diego Fronza [Fri, 28 Aug 2020 21:49:26 +0000 (18:49 -0300)]
Added test for the proposed fix
The test works as follows:
1. Client wants to resolve unusual ip6.arpa. name:
test1.test2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.9.0.9.4.1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa. IN TXT
2. Query is sent to ns7, a qmin enabled resolver.
3. ns7 do the first stage in query minimization for the name and send a new
query to root (ns1):
_.1.0.0.2.ip6.arpa. IN A
4. ns1 delegates ip6.arpa. to ns2.good.:
;; AUTHORITY SECTION:
;ip6.arpa. 20 IN NS ns2.good.
;; ADDITIONAL SECTION:
;ns2.good. 20 IN A 10.53.0.2
5. ns7 do a second round in minimizing the name and send a new query
to ns2.good. (10.53.0.2):
_.8.2.6.0.1.0.0.2.ip6.arpa. IN A
6. ans2 delegates 8.2.6.0.1.0.0.2.ip6.arpa. to ns3.good.:
;; AUTHORITY SECTION:
;8.2.6.0.1.0.0.2.ip6.arpa. 60 IN NS ns3.good.
;; ADDITIONAL SECTION:
;ns3.good. 60 IN A 10.53.0.3
7. ns7 do a third round in minimizing the name and send a new query to
ns3.good.:
_.1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa. IN A
8. ans3 delegates 1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa. to ns4.good.:
;; AUTHORITY SECTION:
;1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa. 60 IN NS ns4.good.
;; ADDITIONAL SECTION:
;ns4.good. 60 IN A 10.53.0.4
9. ns7 do fourth round in minimizing the name and send a new query to
ns4.good.:
_.9.4.1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa. IN A
10. ns4.good. doesn't know such name, but answers stating it is authoritative for
the domai:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53815
...
;; AUTHORITY SECTION:
1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa. 60 IN SOA ns4.good. ...
11. ns7 do another minimization on name:
_.9.0.9.4.1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa
sends to ns4.good. and gets the same SOA response stated in item #10
12. ns7 do another minimization on name:
_.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.9.0.9.4.1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa
sends to ns4.good. and gets the same SOA response stated in item #10.
13. ns7 do the last query minimization name for the ip6.arpa. QNAME.
After all IPv6 labels are exausted the algorithm falls back to the
original QNAME:
test1.test2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.9.0.9.4.1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa
ns7 sends a new query with the original QNAME to ans4.
14. Finally ans4 answers with the expected response:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40969
;; flags: qr aa; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 8192
;; QUESTION SECTION:
;test1.test2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.9.0.9.4.1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa. IN TXT
;; ANSWER SECTION:
;test1.test2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.9.0.9.4.1.1.1.1.8.2.6.0.1.0.0.2.ip6.arpa. 1 IN TXT "long_ip6_name"
(cherry picked from commit
11add6919855012fb8b41bb0ae6c15d6a6855f6d )
Diego Fronza [Wed, 26 Aug 2020 17:36:14 +0000 (14:36 -0300)]
Fix resolution of unusual ip6.arpa names
Before this commit, BIND was unable to resolve ip6.arpa names like
the one reported in issue #1847 when using query minimization.
As reported in the issue, an attempt to resolve a name like
'rec-test-dom-
158937817846788 .test123.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.3.4.3.5.4.0.8.2.6.0.1.0.0.2.ip6.arpa'
using default settings would fail.
The reason was that query minimization algorithm in 'fctx_minimize_qname'
would divide any ip6.arpa names in increasing number of labels,
7,11, ... up to 35, thus limiting the destination name (minimized) to a number
of 35 labels.
In case the last query minimization attempt (with 35 labels) would fail with
NXDOMAIN, BIND would attempt the query mininimization again with the exact
same QNAME, limited on the 35 labels, and that in turn would fail again.
This fix avoids this fail loop by considering the extra labels that may appear
in the leftmost part of an ip6.arpa name, those after the IPv6 part.
(cherry picked from commit
230d79c1911c2520be24e08eb1b40366a2f6e05a )
Matthijs Mekking [Wed, 2 Sep 2020 13:01:03 +0000 (13:01 +0000)]
Merge branch '1748-log-cds-cdnskey-publication-v9_16' into 'v9_16'
Matthijs Mekking [Thu, 27 Aug 2020 12:36:12 +0000 (14:36 +0200)]
Add change entry and release note for #1748
(cherry picked from commit
ff006a1730b47e9d53d652b64c1a11c687729783 )
Matthijs Mekking [Thu, 27 Aug 2020 12:32:52 +0000 (14:32 +0200)]
Log when CDS/CDNSKEY is published in zone.
Log when named decides to add a CDS/CDNSKEY record to the zone. Now
you understand how the bug was found that was fixed in the previous
commits.
(cherry picked from commit
f9ef5120c1428b7696756c08ebe2f4ab3ff618fd )
Matthijs Mekking [Thu, 27 Aug 2020 12:24:50 +0000 (14:24 +0200)]
Fix CDS (non-)publication
The CDS/CDNSKEY record will be published when the DS is in the
rumoured state. However, with the introduction of the rndc '-checkds'
command, the logic in the keymgr was changed to prevent the DS
state to go in RUMOURED unless the specific command was given. Hence,
the CDS was never published before it was seen in the parent.
Initially I thought this was a policy approval rule, however it is
actually a DNSSEC timing rule. Remove the restriction from
'keymgr_policy_approval' and update the 'keymgr_transition_time'
function. When looking to move the DS state to OMNIPRESENT it will
no longer calculate the state from its last change, but from when
the DS was seen in the parent, "DS Publish". If the time was not set,
default to next key event of an hour.
Similarly for moving the DS state to HIDDEN, the time to wait will
be derived from the "DS Delete" time, not from when the DS state
last changed.
(cherry picked from commit
c8205bfa0e838c7dae35a24d526e4ccd00614f85 )
Matthijs Mekking [Thu, 27 Aug 2020 12:14:57 +0000 (14:14 +0200)]
Silence two grep calls
(cherry picked from commit
2d2b8e7c0258089c7f8f24368f6027bc410edaae )
Matthijs Mekking [Thu, 27 Aug 2020 12:11:23 +0000 (14:11 +0200)]
Update rndc_checkds test util
The 'rndc_checkds' utility now allows "now" as the time when the DS
has been seen in/seen removed from the parent.
Also it uses "KEYX" as the key argument, rather than key id.
The 'rndc_checkds' will retrieve the key from the "KEYX" string. This
makes the call a bit more readable.
(cherry picked from commit
dd754a974c4ffb6985af8268d634dd289d9c659a )
Matthijs Mekking [Thu, 27 Aug 2020 11:18:10 +0000 (13:18 +0200)]
Improve kasp test readability
This commit has a lot of updates on comments, mainly to make the
system test more readable.
Also remove some redundant signing policy checks (check_keys,
check_dnssecstatus, check_keytimes).
Finally, move key time checks and expected key time settings above
'rndc_checkds' calls (with the new way of testing next key event
times there is no need to do them after 'rndc_checkds', and moving
them above 'rndc_checkds' makes the flow of testing easier to follow.
(cherry picked from commit
8cb394e0472da74b66ecc5f695ecb77b3b4dc750 )
Matthijs Mekking [Thu, 27 Aug 2020 10:38:51 +0000 (12:38 +0200)]
Add dnssec-settime [-P ds|-D ds] to kasp test
Add the new '-P ds' and '-D ds' calls to the kasp test setup so that
next key event times can reliably be tested.
(cherry picked from commit
4a67cdabfea21d8ccffa507623c50e207288e1af )
Matthijs Mekking [Thu, 27 Aug 2020 10:32:41 +0000 (12:32 +0200)]
Add '-P ds' and '-D ds' to dnssec-settime
Add two more arguments to the dnssec-settime tool. '-P ds' sets the
time that the DS was published in the parent, '-D ds' sets the time
that the DS was removed from the parent (these times are not accurate,
but rely on the user to use them appropriately, and as long as the
time is not before actual publication/withdrawal, it is fine).
These new arguments are needed for the kasp system test. We want to
test when the next key event is once a DS is published, and now
that 'parent-registration-delay' is obsoleted, we need a different
approach to reliable test the timings.
(cherry picked from commit
d4c4f6a669aa3fc38d00c2b4ebe58407b86e417b )
Ondřej Surý [Wed, 2 Sep 2020 12:16:10 +0000 (12:16 +0000)]
Merge branch '2037-deferred-system-test-fix-v9_16' into 'v9_16'
projects / thirdparty / bind9.git / log
