The clang 12 has a new warning that warns when using multi-line strings
in the string arrays, f.e.:
{ "aa",
"b"
"b",
"cc" }
would generate warning like this:
private_test.c:162:7: error: suspicious concatenation of string literals in an array initialization; did you mean to separate the elements with a comma? [-Werror,-Wstring-concatenation]
"33333/RSASHA1" };
^
private_test.c:161:7: note: place parentheses around the string literal to silence warning
"Done removing signatures for key "
^
private_test.c:197:7: error: suspicious concatenation of string literals in an array initialization; did you mean to separate the elements with a comma? [-Werror,-Wstring-concatenation]
"NSEC chain",
^
private_test.c:196:7: note: place parentheses around the string literal to silence warning
"Removing NSEC3 chain 1 0 30 DEAF / creating "
^
2 errors generated.
All unit tests define the UNIT_TESTING macro, which causes <cmocka.h> to
replace malloc(), calloc(), realloc(), and free() with its own functions
tracking memory allocations. In order for this not to break
compilation, the system header declaring the prototypes for these
standard functions must be included before <cmocka.h>.
Normally, these prototypes are only present in <stdlib.h>, so we make
sure it is included before <cmocka.h>. However, musl libc also defines
the prototypes for calloc() and free() in <sched.h>, which is included
by <pthread.h>, which is included e.g. by <isc/mutex.h>. Thus, unit
tests including "dnstest.h" (which includes <isc/mem.h>, which includes
<isc/mutex.h>) after <cmocka.h> will not compile with musl libc as for
these programs, <sched.h> will be included after <cmocka.h>.
Always including <cmocka.h> after all other header files is not a
feasible solution as that causes the mock assertion macros defined in
<isc/util.h> to mangle the contents of <cmocka.h>, thus breaking
compilation. We cannot really use the __noreturn__ or analyzer_noreturn
attributes with cmocka assertion functions because they do return if the
tested condition is true. The problem is that what BIND unit tests do
is incompatible with Clang Static Analyzer's assumptions: since we use
cmocka, our custom assertion handlers are present in a shared library
(i.e. it is the cmocka library that checks the assertion condition, not
a macro in unit test code). Redefining cmocka's assertion macros in
<isc/util.h> is an ugly hack to overcome that problem - unfortunately,
this is the only way we can think of to make Clang Static Analyzer
properly process unit test code. Giving up on Clang Static Analyzer
being able to properly process unit test code is not a satisfactory
solution.
Undefining _GNU_SOURCE for unit test code could work around the problem
(musl libc's <sched.h> only defines the prototypes for calloc() and
free() when _GNU_SOURCE is defined), but doing that could introduce
discrepancies for unit tests including entire *.c files, so it is also
not a good solution.
All in all, including <sched.h> before <cmocka.h> for all affected unit
tests seems to be the most benign way of working around this musl libc
quirk. While quite an ugly solution, it achieves our goals here, which
are to keep the benefit of proper static analysis of unit test code and
to fix compilation against musl libc.
Compiling with -O3 triggers the following warnings with GCC 9.1:
task.c: In function ‘isc_taskmgr_create’:
task.c:1384:43: warning: ‘%04u’ directive output may be truncated writing between 4 and 10 bytes into a region of size 6 [-Wformat-truncation=]
1384 | snprintf(name, sizeof(name), "isc-worker%04u", i);
| ^~~~
task.c:1384:32: note: directive argument in the range [0, 4294967294]
1384 | snprintf(name, sizeof(name), "isc-worker%04u", i);
| ^~~~~~~~~~~~~~~~
task.c:1384:3: note: ‘snprintf’ output between 15 and 21 bytes into a destination of size 16
1384 | snprintf(name, sizeof(name), "isc-worker%04u", i);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
private_test.c: In function ‘private_nsec3_totext_test’:
private_test.c:110:9: warning: array subscript 4 is outside array bounds of ‘uint32_t[1]’ {aka ‘unsigned int[1]’} [-Warray-bounds]
110 | while (*sp == '\0' && slen > 0) {
| ^~~
private_test.c:103:11: note: while referencing ‘salt’
103 | uint32_t salt;
| ^~~~
Prevent these warnings from being triggered by increasing the size of
the relevant array (task.c) and reordering conditions (private_test.c).
Squashed commit of the following:
commit bce2efe66d69d60b746b85df49974ca341723169
Author: Mark Andrews <marka@isc.org>
Date: Mon Oct 29 12:59:25 2012 +1100
use 'static dns_rdata_xxxx_t xxxx'
commit 704d3c29acbf2dd350a26f2df82a57cb077ba72e
Author: Mark Andrews <marka@isc.org>
Date: Mon Oct 29 12:35:16 2012 +1100
return ISC_R_NOTFOUND if private record length does not make sense
commit 7596610c12c5685336fc0909860173d2fae359af
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 21:41:17 2012 +1100
check private->length == 5
commit 3836365a3e3e83b057bd940350f032279e080296
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 21:40:50 2012 +1100
properly set private->length
commit a295778ac53109d39ef3a8b233751100edae678b
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 21:13:30 2012 +1100
check dns_rdata_tostruct result
commit e33c37ca9112159e0b2363615bb018d27fa7d1a5
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 21:10:43 2012 +1100
check remove/fopen/chmod return values
commit 3a675e0666aae25d1c51f51ec7bd3fbe25545aae
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 20:59:10 2012 +1100
check isc_socket_accept result
commit 696923344f4b07ce0dba4cf2675b1cbb6eba7e8e
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 20:55:40 2012 +1100
change variable scopes
commit b9e9d9ad58270271003e463f10744e0ceaf9ad97
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 20:53:19 2012 +1100
check inet_pton return value
commit 70698e9589da77e3745efb6ea24b8830addd6ae4
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 20:52:40 2012 +1100
break -> /* NOTREACHED */
commit 88de9de2e8e201ab2fef16a868f241e8206ea826
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 20:52:06 2012 +1100
strcpy -> strlcpy
commit 6ba79c7cec0e48014cdfa76e8a9406b7a921556e
Author: Mark Andrews <marka@isc.org>
Date: Sat Oct 27 20:51:26 2012 +1100
check dns_rdata_tostruct return values
- 'rndc signing -list' displays the current
state of signing operations
- 'rndc signing -clear' clears the signing state
records for keys that have fully signed the zone
- 'rndc signing -nsec3param' sets the NSEC3
parameters for the zone
The 'rndc keydone' syntax is removed. [RT #23729]
