The RAD/agent domain is a functionality from RFC 9567 that provides
a suffix for reporting error messages. On every query context reset,
we need to check if a RAD is configured and, if so, copy it.
Since we allow the RAD to be changed by reconfiguring the zone,
this access is currently protected by a mutex, which causes contention.
This commit replaces the mutex with RCU to reduce contention. The
change results in a 3% performance improvement in the 1M delegation
test.
Merge branch 'alessio/rcu-rad' into 'main'
See merge request isc-projects/bind9!10616
The RAD/agent domain is a functionality from RFC 9567 that provides
a suffix for reporting error messages. On every query context reset,
we need to check if a RAD is configured and, if so, copy it.
Since we allow the RAD to be changed by reconfiguring the zone,
this access is currently protected by a mutex, which causes contention.
This commit replaces the mutex with RCU to reduce contention. The
change results in a 3% performance improvement in the 1M delegation
test.
We need disable clang-format here to preserve the brackets around
the string concatenation to prevent -Wstring-concatenation -Werror
breaking the build.
We need to turn off clang-format to preserve the brackets as
'attribute' can be an expression and we need it to be evaluated
first.
Similarly we need the entire result to be evaluated independent of
the adjoining code.
In case the changelog file doesn't have an empty line at the end of the
file, the job may fail with the following error:
WARNING: Bullet list ends without a blank line; unexpected unindent.
This typically happens in MRs targeting the -S edition, as those
changelogs usually don't have an empty newline. This change ensures the
changelog job can pass and verify the title/desc contents even in those
cases.
Merge branch 'nicki/ci-changelog-add-missing-newline' into 'main'
See merge request isc-projects/bind9!10628
In case the changelog file doesn't have an empty line at the end of the
file, the job may fail with the following error:
WARNING: Bullet list ends without a blank line; unexpected unindent.
This typically happens in MRs targeting the -S edition, as those
changelogs usually don't have an empty newline. This change ensures the
changelog job can pass and verify the title/desc contents even in those
cases.
There is an ongoing debate about the usefulness of the extra artifacts
check. While it might be useful to detect unexpected behaviour in some
tests, it feels extraneous in many cases. This change provides a middle
ground by making the artifact checking optional. This might be
especially useful for writing new tests, since the author gets to decide
whether the check is useful -- and can utilize it, or can skip it for
sake of brevity.
Merge branch 'nicki/make-extra-artifacts-check-optional' into 'main'
See merge request isc-projects/bind9!10622
There is an ongoing debate about the usefulness of the extra artifacts
check. While it might be useful to detect unexpected behaviour in some
tests, it feels extraneous in many cases. This change provides a middle
ground by making the artifact checking optional. This might be
especially useful for writing new tests, since the author gets to decide
whether the check is useful -- and can utilize it, or can skip it for
sake of brevity.
Previously, `named.conf` was parsed while the server was in exclusive (i.e., single-threaded) mode and unable to answer queries. This could cause an unnecessary delay in query processing when the file was large. We now delay entry into exclusive mode until after the configuration has been parsed, but before it is applied.
Merge branch 'colin/configparse-before-exclusive' into 'main'
See merge request isc-projects/bind9!10418
The emptyzones system test ran two consecutive "rndc reload" commands
without waiting for the first one to complete. It used to work because
the commands were serialized, but now an rndc reconfig/reload command is
ignored if another one is already running, so the emptyzones test is
more likely to fail.
Fix this problem by waiting for the log message indicating that all the
zones are loaded before attempting the next reload.
Add a new system test which checks named output when starting,
reconfiguring and reloading the server. It checks that the steps where
configuration is loaded, when named enters exclusive mode, and when the
configuration is applied are all logged, and that they occur in the
correct order. This adds a guard/warning to keep the parsing of the
named.conf outside of the exclusive mode.
The configuration file was parsed when named was in exclusive
(i.e. single-threaded) mode and unable to answer queries. Because
the parsing is a self-contained operation, it is now done before
named enters exclusive mode.
This reduces the amount of time named can't answer queries when
reloading the configuration when the configuration file is large.
Note that exclusive mode is still used for applying the
configuration changes to the server.
Also, simplify the configuration logic by parsing the built-in
configuration only once at server start time.
After f10f5572ac7e0520eed4516be52df625ad56c860 spatch started reporting
the following warnings:
Impossible: How can diff be null and have not Correct in compare_c? Tag1 ("diff token: ( VS (\nFile \"./lib/dns/include/dns/rdatasetiter.h\", line 109, column 32, charpos = 3103\n around = '(',\n whole content = #define DNS_RDATASETITER_FOREACH(rds) \\\nFile \"/tmp/cocci-output-110376-c54da3-rdatasetiter.h\", line 109, column 32, charpos = 3103\n around = '(',\n whole content = #define DNS_RDATASETITER_FOREACH(rds) \\\n")
Impossible: How can diff be null and have not Correct in compare_c? Tag1 ("diff token: ( VS (\nFile \"./lib/dns/include/dns/dbiterator.h\", line 114, column 30, charpos = 3413\n around = '(',\n whole content = #define DNS_DBITERATOR_FOREACH(rds) \\\nFile \"/tmp/cocci-output-110387-883f2f-dbiterator.h\", line 114, column 30, charpos = 3413\n around = '(',\n whole content = #define DNS_DBITERATOR_FOREACH(rds) \\\n")
See https://github.com/coccinelle/coccinelle/issues/398.
Merge branch 'mnowak/coccinelle-fix-impossible-warning' into 'main'
See merge request isc-projects/bind9!10557
After f10f5572ac7e0520eed4516be52df625ad56c860 spatch started reporting
the following warnings:
Impossible: How can diff be null and have not Correct in compare_c? Tag1 ("diff token: ( VS (\nFile \"./lib/dns/include/dns/rdatasetiter.h\", line 109, column 32, charpos = 3103\n around = '(',\n whole content = #define DNS_RDATASETITER_FOREACH(rds) \\\nFile \"/tmp/cocci-output-110376-c54da3-rdatasetiter.h\", line 109, column 32, charpos = 3103\n around = '(',\n whole content = #define DNS_RDATASETITER_FOREACH(rds) \\\n")
Impossible: How can diff be null and have not Correct in compare_c? Tag1 ("diff token: ( VS (\nFile \"./lib/dns/include/dns/dbiterator.h\", line 114, column 30, charpos = 3413\n around = '(',\n whole content = #define DNS_DBITERATOR_FOREACH(rds) \\\nFile \"/tmp/cocci-output-110387-883f2f-dbiterator.h\", line 114, column 30, charpos = 3413\n around = '(',\n whole content = #define DNS_DBITERATOR_FOREACH(rds) \\\n")
See https://github.com/coccinelle/coccinelle/issues/398.
Meson generated 'dnssec-validation yes' into the built-in config, but
this config without an explicit trust anchor does not enable validation.
Change default to 'dnssec-validation auto' to use built-in key, as in
the autotools days.
Fix some leftover artifacts and information while transitioning BIND to Meson.
Add CI job to verify that pre-generated config grammar files are up-to-date with code.
Merge branch 'aydin/meson-doc-fix' into 'main'
See merge request isc-projects/bind9!10584
The meson build switched to generating the file grammars and using meson
to build the manpages/ARM. This is because meson doesn't work well when
writing files outside the build directory.
However, this has been suboptimal when someone only wants to build the
documentation (like RTD). Sphinx can now be used outside meson like it
was with autoconf.
Grammars are now updated by the developer with CI checking if one is
needed or not, like clang-format.
Use the links() method instead of compiles() for checking whether
-latomic needs to be added to linker invocations as compiles() does not
perform the linking step and is therefore not appropriate for carrying
out this kind of checks.
See #5379
Merge branch '5379-use-links-for-checking-if-latomic-is-necessary' into 'main'
See merge request isc-projects/bind9!10592
The add_project_dependencies() method was only added in Meson 0.63.
Replace its only use in meson.build with a corresponding call to the
add_project_link_arguments() method to avoid bumping the minimum
required Meson version beyond the one available in stock Ubuntu 22.04
LTS repositories.
Use the links() method instead of compiles() for checking whether
-latomic needs to be added to linker invocations as compiles() does not
perform the linking step and is therefore not appropriate for carrying
out this kind of checks.
Move the util/generate-stress-test-configs.py script from the BIND 9
source repository to the BIND 9 QA repository. This simplifies the
maintenance of that script by eliminating the need to backport every
change applied to it to multiple branches.
Merge branch 'michal/move-stress-test-generation-script-to-qa-repo' into 'main'
See merge request isc-projects/bind9!10585
Move the util/generate-stress-test-configs.py script from the BIND 9
source repository to the BIND 9 QA repository. This simplifies the
maintenance of that script by eliminating the need to backport every
change applied to it to multiple branches.
named-compilezone is an alias for named-checkzone: the two tools are
built from the same set of source files, but they behave differently
depending on which executable gets invoked. With Automake,
named-compilezone was installed as a hard link to named-checkzone using
a custom installation hook; try to keep things simple with Meson by
using the install_symlink() method, which makes named-compilezone a
symbolic link to named-checkzone and is the same thing that is already
used for ddns-confgen/tsig-keygen.
See #5379
Merge branch '5379-install-named-compilezone' into 'main'
See merge request isc-projects/bind9!10595
named-compilezone is an alias for named-checkzone: the two tools are
built from the same set of source files, but they behave differently
depending on which executable gets invoked. With Automake,
named-compilezone was installed as a hard link to named-checkzone using
a custom installation hook; try to keep things simple with Meson by
using the install_symlink() method, which makes named-compilezone a
symbolic link to named-checkzone and is the same thing that is already
used for ddns-confgen/tsig-keygen.
Add a 1 second wait before updating verify-axfr.db so that the
modification time of the file changes.
Closes#5376
Merge branch '5376-verify-axfr-db-gets-updated-too-fast-in-mirror-test' into 'main'
See merge request isc-projects/bind9!10586
In some rare cases, the softhsm2 utility reports failure to delete the
token directory, despite the token being found. Subsequent attempts to
delete the token again indicate that the token was deleted.
Ignore this cleanup error, as it doesn't prevent our tests from working
properly. There is also an attempt to delete the token before the test
starts which ensures a clean state before the test is executed, in case
there's actually a leftover token.
Closes#5244
Merge branch '5244-ignore-softhsm2util-delete-token-error' into 'main'
See merge request isc-projects/bind9!10607
In some rare cases, the softhsm2 utility reports failure to delete the
token directory, despite the token being found. Subsequent attempts to
delete the token again indicate that the token was deleted.
Ignore this cleanup error, as it doesn't prevent our tests from working
properly. There is also an attempt to delete the token before the test
starts which ensures a clean state before the test is executed, in case
there's actually a leftover token.
