packages/bind
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bind/backport-0024-Address-TSAN-error-between-dns_rbt_findnode-and-subt.patch
jiangheng ad37c37958 backport some patches from community 
(cherry picked from commit a9fd9ece9b9436b6103d084920c6897ef1adbae6)
2022-09-03 21:36:21 +08:00

164 lines
5.9 KiB
Diff
Raw Permalink Blame History

From 62158e18821aa4b3ff3faeb8c2d33eb8b1ebd27b Mon Sep 17 00:00:00 2001
From: Mark Andrews <marka@isc.org>
Date: Tue, 13 Oct 2020 13:00:36 +1100
Subject: [PATCH] Address TSAN error between dns_rbt_findnode() and
subtractrdataset().
Having dns_rbt_findnode() in previous_closest_nsec() check of
node->data is a optimisation that triggers a TSAN error with
subtractrdataset(). find_closest_nsec() still needs to check if
the NSEC record are active or not and look for a earlier NSEC records
if it isn't. Set DNS_RBTFIND_EMPTYDATA so node->data isn't referenced
without the node lock being held.
WARNING: ThreadSanitizer: data race
Read of size 8 at 0x000000000001 by thread T1 (mutexes: read M1, read M2):
#0 dns_rbt_findnode lib/dns/rbt.c:1708
#1 previous_closest_nsec lib/dns/rbtdb.c:3760
#2 find_closest_nsec lib/dns/rbtdb.c:3942
#3 zone_find lib/dns/rbtdb.c:4091
#4 dns_db_findext lib/dns/db.c:536
#5 query_lookup lib/ns/query.c:5582
#6 ns__query_start lib/ns/query.c:5505
#7 query_setup lib/ns/query.c:5229
#8 ns_query_start lib/ns/query.c:11380
#9 ns__client_request lib/ns/client.c:2166
#10 processbuffer netmgr/tcpdns.c:230
#11 dnslisten_readcb netmgr/tcpdns.c:309
#12 read_cb netmgr/tcp.c:832
#13 <null> <null>
#14 <null> <null>
Previous write of size 8 at 0x000000000001 by thread T2 (mutexes: write M3):
#0 subtractrdataset lib/dns/rbtdb.c:7133
#1 dns_db_subtractrdataset lib/dns/db.c:742
#2 diff_apply lib/dns/diff.c:368
#3 dns_diff_apply lib/dns/diff.c:459
#4 do_one_tuple lib/dns/update.c:247
#5 update_one_rr lib/dns/update.c:275
#6 delete_if_action lib/dns/update.c:689
#7 foreach_rr lib/dns/update.c:471
#8 delete_if lib/dns/update.c:716
#9 dns_update_signaturesinc lib/dns/update.c:1948
#10 receive_secure_serial lib/dns/zone.c:15637
#11 dispatch lib/isc/task.c:1152
#12 run lib/isc/task.c:1344
#13 <null> <null>
Location is heap block of size 130 at 0x000000000028 allocated by thread T3:
#0 malloc <null>
#1 default_memalloc lib/isc/mem.c:713
#2 mem_get lib/isc/mem.c:622
#3 mem_allocateunlocked lib/isc/mem.c:1268
#4 isc___mem_allocate lib/isc/mem.c:1288
#5 isc__mem_allocate lib/isc/mem.c:2453
#6 isc___mem_get lib/isc/mem.c:1037
#7 isc__mem_get lib/isc/mem.c:2432
#8 create_node lib/dns/rbt.c:2239
#9 dns_rbt_addnode lib/dns/rbt.c:1202
#10 dns_rbtdb_create lib/dns/rbtdb.c:8668
#11 dns_db_create lib/dns/db.c:118
#12 receive_secure_db lib/dns/zone.c:16154
#13 dispatch lib/isc/task.c:1152
#14 run lib/isc/task.c:1344
#15 <null> <null>
Mutex M1 (0x000000000040) created at:
#0 pthread_rwlock_init <null>
#1 isc_rwlock_init lib/isc/rwlock.c:39
#2 dns_rbtdb_create lib/dns/rbtdb.c:8527
#3 dns_db_create lib/dns/db.c:118
#4 receive_secure_db lib/dns/zone.c:16154
#5 dispatch lib/isc/task.c:1152
#6 run lib/isc/task.c:1344
#7 <null> <null>
Mutex M2 (0x000000000044) created at:
#0 pthread_rwlock_init <null>
#1 isc_rwlock_init lib/isc/rwlock.c:39
#2 dns_rbtdb_create lib/dns/rbtdb.c:8600
#3 dns_db_create lib/dns/db.c:118
#4 receive_secure_db lib/dns/zone.c:16154
#5 dispatch lib/isc/task.c:1152
#6 run lib/isc/task.c:1344
#7 <null> <null>
Mutex M3 (0x000000000046) created at:
#0 pthread_rwlock_init <null>
#1 isc_rwlock_init lib/isc/rwlock.c:39
#2 dns_rbtdb_create lib/dns/rbtdb.c:8600
#3 dns_db_create lib/dns/db.c:118
#4 receive_secure_db lib/dns/zone.c:16154
#5 dispatch lib/isc/task.c:1152
#6 run lib/isc/task.c:1344
#7 <null> <null>
Thread T1 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create pthreads/thread.c:73
#2 isc_nm_start netmgr/netmgr.c:232
#3 create_managers bin/named/main.c:909
#4 setup bin/named/main.c:1223
#5 main bin/named/main.c:1523
Thread T2 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create pthreads/thread.c:73
#2 isc_taskmgr_create lib/isc/task.c:1434
#3 create_managers bin/named/main.c:915
#4 setup bin/named/main.c:1223
#5 main bin/named/main.c:1523
Thread T3 (running) created by main thread at:
#0 pthread_create <null>
#1 isc_thread_create pthreads/thread.c:73
#2 isc_taskmgr_create lib/isc/task.c:1434
#3 create_managers bin/named/main.c:915
#4 setup bin/named/main.c:1223
#5 main bin/named/main.c:1523
SUMMARY: ThreadSanitizer: data race lib/dns/rbt.c:1708 in dns_rbt_findnode
(cherry picked from commit 244f84a84ba7e9551edb374911438e0c36d375cc)
Conflict: NA
Reference: https://gitlab.isc.org/isc-projects/bind9/-/commit/62158e18821aa4b3ff3faeb8c2d33eb8b1ebd27b
---
lib/dns/rbtdb.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c
index 3b75cadcf1..3a60bcf811 100644
--- a/lib/dns/rbtdb.c
+++ b/lib/dns/rbtdb.c
@@ -3887,11 +3887,9 @@ previous_closest_nsec(dns_rdatatype_t type, rbtdb_search_t *search,
if (result != ISC_R_SUCCESS)
return (result);
nsecnode = NULL;
- result = dns_rbt_findnode(search->rbtdb->nsec,
- target, NULL,
- &nsecnode, nsecchain,
- DNS_RBTFIND_NOOPTIONS,
- NULL, NULL);
+ result = dns_rbt_findnode(
+ search->rbtdb->nsec, target, NULL, &nsecnode,
+ nsecchain, DNS_RBTFIND_EMPTYDATA, NULL, NULL);
if (result == ISC_R_SUCCESS) {
/*
* Since this was the first loop, finding the
@@ -3936,9 +3934,10 @@ previous_closest_nsec(dns_rdatatype_t type, rbtdb_search_t *search,
*nodep = NULL;
result = dns_rbt_findnode(search->rbtdb->tree, target, NULL,
nodep, &search->chain,
- DNS_RBTFIND_NOOPTIONS, NULL, NULL);
- if (result == ISC_R_SUCCESS)
+ DNS_RBTFIND_EMPTYDATA, NULL, NULL);
+ if (result == ISC_R_SUCCESS) {
return (result);
+ }
/*
* There should always be a node in the main tree with the
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink