as the update triggers by the rndc command to clear the signing records
may not have completed by the time the subsequent rndc command to test
that the records have been removed is commenced. Loop several times to
prevent false negative.
(cherry picked from commit 353018c0e5)
cppcheck 2.0 reports false positives about uninitialized variables in a
lot of places throughout BIND source code, e.g.:
bin/dnssec/dnssec-cds.c:282:6: error: Uninitialized variable: length [uninitvar]
if (isc_buffer_availablelength(&buf) <= len) {
^
Apparently cppcheck 2.0 has issues with processing (&var)->field syntax,
which is what the macros from lib/isc/include/isc/buffer.h are evaluated
to. This issue was reported upstream [1] and will hopefully be
addressed in a future cppcheck release.
In the meantime, to avoid modifying BIND source code in multiple places
just because of a static checker false positive, work around the issue
by adding intermediate variables to buffer macro definitions using a sed
invocation in the cppcheck job script.
[1] https://sourceforge.net/p/cppcheck/discussion/general/thread/122153e3c1/
(cherry picked from commit 481fa34e50)
Add whitespace to the regular expression used for extracting the GCC
version from "gcc --version" output so that it works properly with
multi-digit major version numbers.
(cherry picked from commit 3b48eec79f)
Commit 691c8f6828 broke the cppcheck job
in GitLab CI: when cppcheck fails, the script is immediately
interrupted, preventing cppcheck-htmlreport from being run. To ensure
the HTML report is generated when cppcheck fails, revert to invoking
cppcheck-htmlreport in the "after_script" part of the job.
(cherry picked from commit cb2037ee9d)
There a race between when the delta is logged and when the
server returns signed record. Retry the queries if the
lookups fail to meet expectations.
(cherry picked from commit 46c4e5d96f)
Although in util/api-checker.sh we create textual reports, we don't
preserve them in job artifacts, but we should.
We don't want to keep all HTML pages present in the project root, but
just those produced by ABI checker.
(cherry picked from commit b5ccf95b0a)
The `statschannel/ns2/` was missing `manykeys.db.in`, but the test
succeeded even when `setup.sh` (or `clean.sh`) failed to execute. This
commit makes run.sh to run in stricter mode and fail the test
immediately when `clean.sh` or `setup.sh` fails.
(cherry picked from commit 8b357a35d2)
Originally, every library and binaries got linked to everything, which
creates unnecessary overlinking. This wasn't as straightforward as it
should be as we still support configuration without libtool for 9.16.
Couple of smaller issues related to include headers and an issue where
sanitizer overload dlopen and dlclose symbols, so we were getting false
negatives in the autoconf test.
Underlinking states for the situation when a binary uses a symbol not provided
by libraries it is directly linked to. The libns was not linked to libisc and
libdns, and libirs was not linked to libisc, libdns and libisccfg) while using
symbols from these libraries directly.
