GitLab

The custom builds (oot, asan, tsan) were mostly built using Debian sid
amd64 image.  The problem was that this image broke too easily, because
it's Debian "unstable" after all.

This commit introduces "base_image" that should be most stable with
extra bits on top (clang, coccinelle, cppcheck, ...).  Currently, that
would be Debian buster amd64.

Other changes introduced by this commit:

* Change the default clang version to 10
* Run both ASAN and TSAN with both gcc and clang compilers
* Remove Clang Debian stretch i386 job

Fix new warnings reported by scan-build from LLVM/Clang 10

See merge request !3285

These are mostly false positives, the clang-analyzer FAQ[1] specifies
why and how to fix it:

> The reason the analyzer often thinks that a pointer can be null is
> because the preceding code checked compared it against null. So if you
> are absolutely sure that it cannot be null, remove the preceding check
> and, preferably, add an assertion as well.

The 4 warnings reported are:

dnssec-cds.c:781:4: warning: Access to field 'base' results in a dereference of a null pointer (loaded from variable 'buf')
                        isc_buffer_availableregion(buf, &r);
                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:996:36: note: expanded from macro 'isc_buffer_availableregion'
                                   ^
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:821:16: note: expanded from macro 'ISC__BUFFER_AVAILABLEREGION'
                (_r)->base = isc_buffer_used(_b);              \
                             ^~~~~~~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/buffer.h:152:29: note: expanded from macro 'isc_buffer_used'
        ((void *)((unsigned char *)(b)->base + (b)->used)) /*d*/
                                   ^~~~~~~~~
1 warning generated.

--

byname_test.c:308:34: warning: Access to field 'fwdtable' results in a dereference of a null pointer (loaded from variable 'view')
                RUNTIME_CHECK(dns_fwdtable_add(view->fwdtable, dns_rootname,
                                               ^~~~~~~~~~~~~~
/builds/isc-projects/bind9/lib/isc/include/isc/util.h:318:52: note: expanded from macro 'RUNTIME_CHECK'
                                                   ^~~~
/builds/isc-projects/bind9/lib/isc/include/isc/error.h:50:21: note: expanded from macro 'ISC_ERROR_RUNTIMECHECK'
        ((void)(ISC_LIKELY(cond) ||  \
                           ^~~~
/builds/isc-projects/bind9/lib/isc/include/isc/likely.h:23:43: note: expanded from macro 'ISC_LIKELY'
                                            ^
1 warning generated.

--

./rndc.c:255:6: warning: Dereference of null pointer (loaded from variable 'host')
        if (*host == '/') {
            ^~~~~
1 warning generated.

--

./main.c:1254:9: warning: Access to field 'sctx' results in a dereference of a null pointer (loaded from variable 'named_g_server')
        sctx = named_g_server->sctx;
               ^~~~~~~~~~~~~~~~~~~~
1 warning generated.

References:
1. https://clang-analyzer.llvm.org/faq.html#null_pointer

The 3 warnings reported are:

os.c:872:7: warning: Although the value stored to 'ptr' is used in the enclosing expression, the value is never actually read from 'ptr'
        if ((ptr = strtok_r(command, " \t", &last)) == NULL) {
             ^     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

--

rpz.c:1117:10: warning: Although the value stored to 'zbits' is used in the enclosing expression, the value is never actually read from 'zbits'
        return (zbits &= x);
                ^        ~
1 warning generated.

--

openssleddsa_link.c:532:10: warning: Although the value stored to 'err' is used in the enclosing expression, the value is never actually read from 'err'
        while ((err = ERR_get_error()) != 0) {
                ^     ~~~~~~~~~~~~~~~
1 warning generated.

netmgr refactoring: use generic functions when operating on sockets.

See merge request !3269

tcpdns used transport-specific functions to operate on the outer socket.
Use generic ones instead, and select the proper call in netmgr.c.
Make the missing functions (e.g. isc_nm_read) generic and add type-specific
calls (isc__nm_tcp_read). This is the preparation for netmgr TLS layer.

Remove Debian 8 ("jessie") from the GitLab CI

See merge request !3281

There are several reason why remove Debian 8 from the CI:

* Debian 8 ("jessie") has been superseded by Debian 9 ("stretch").
* Regular security support updates have been discontinued as of
  June 17th, 2018.
* Jessie LTS is supported from 17th June 2018 to June 30, 2020.

In other words, it's no longer officially supported by Debian security
team, but by the volunteer/paid contributor composed LTS team.  And the
release will be discontinued in three months from now.  We can use the
freed CI resources to bring new platforms or just to make the jobs run a
bit faster.

Update release checklist (BIND_BASELINE_VERSION)

See merge request !3278

The reference BIND version used in the ABI check CI job is not
determined automatically - it needs to be updated after each BIND
release.  Reflect that fact in the release checklist to make sure the
ABI check CI job is always comparing current code with the latest BIND
release on a given branch.

Resolve "Converting isc_log to RWLOCK broke Windows"

Closes #1698

See merge request !3276

Bump BIND baseline version for abi-check

See merge request !3202

Apply 9.17.0 release branch

See merge request !3262

The files configure.ac and version are already up to date.

Updated CHANGES with 9.17.0 release line.

Fixed CHANGES by adding GitLab reference to entry 5357 and fix
grammar mistakes.

Add missing /util/check-make-install.in to .gitattributes.

The lib/*/api are already updated to match the new ranges.

I listed two new features under BIND 9.17 features that to me
seemed noteworthy.

The release notes look good to me.

Enhance unit test debugging

See merge request !2990

When unit test fails, core file is created. Kyua's 'debug' command can
run GDB on it and provide backtrace. Unfortunately Kyua is picky about
location of these core files we opt to use custom Kyua fork and copy
core files from Kyua working directory to source tree and make it
available in GitLab.

Convert the last three system tests (ecdsa, eddsa and tkey) to use dynamic ports

See merge request !3257

The tkey test was not adapted to dynamic ports, so we had to run it in
sequence.  This commit adds support for dynamic ports, and also makes
all the scripts shellcheck clean.

The eddsa test was not adapted to dynamic ports, so we had to run it in
sequence.  This commit adds support for dynamic ports, and also makes
all the scripts shellcheck clean.

The ecdsa test was not adapted to dynamic ports, so we had to run it in
sequence.  This commit adds support for dynamic ports, and also makes
all the scripts shellcheck clean.

Merge branch '1679-remove-workaround-for-systems-with-broken-gettimeofday-system-calls' into 'master'

Remove Solaris 2.8 broken gettimeofday() workaround

Closes #1679

See merge request !3238

This also removes Solaris 2.8 broken gettimeofday() workaround

Improve GitLab CI configuration

See merge request !3254

The environment variable MAKE has been replaced with MAKE_COMMAND,
because overriding MAKE variable also changed the definition of the MAKE
inside the Makefiles, and we want only a single wrapper around the whole
build process.

Previously, setting `MAKE` to `bear make` meant that `bear make` would
be run at every nested make invocation, which messed up the upcoming
automake transition as compile_commands.json would be generated in every
subdirectory instead of just having one central file at the top of the
build tree.

All *:sid:amd64 jobs were errorneously copied to *:sid:arm64 including
the extra cppcheck run.  Remove the extra definitions from arm64 jobs.

All jobs now use solely the newer needs configuration to declare
dependencies between jobs:

    needs:
      - job: <foo>
        artifacts: true

instead of combination of dependencies and needs which is deprecated.
This change completely unbundles the stages (alas the stages still needs
to stay because the job graph has to stay acyclic between the stages).

Use isc_rwlock to lock .logconfig member of isc_log_t

Closes #1675

See merge request !3229

In isc_log_woudlog() the .logconfig member of isc_log_t structure was
accessed unlocked on the merit that there could be just a race when
.logconfig would be NULL, so the message would not be logged.  This
turned not to be true, as there's also data race deeper.  The accessed
isc_logconfig_t object could be in the middle of destruction, so the
pointer would be still non-NULL, but the structure members could point
to a chunk of memory no longer belonging to the object.  Since we are
only accessing integer types (the log level), this would never lead to
a crash, it leads to memory access to memory area no longer belonging to
the object and this a) wrong, b) raises a red flag in thread-safety tools.

Cleanup logging API now that isc_mem_get cannot fail.

See merge request !3252

The isc_mem API now crashes on memory allocation failure, and this is
the next commit in series to cleanup the code that could fail before,
but cannot fail now, e.g. isc_result_t return type has been changed to
void for the isc_log API functions that could only return ISC_R_SUCCESS.

fix LGTM warnings

See merge request !3200

On Windows, C11 localtime_r() and gmtime_r() functions are not
available.  While localtime() and gmtime() functions are already thread
safe because they use Thread Local Storage, it's quite ugly to #ifdef
around every localtime_r() and gmtime_r() usage to make the usage also
thread-safe on POSIX platforms.

The commit adds wrappers around Windows localtime_s() and gmtime_s()
functions.

NOTE: The implementation of localtime_s and gmtime_s in Microsoft CRT
are incompatible with the C standard since it has reversed parameter
order and errno_t return type.