Experiment: brutally remove locking in isc_result

- bind resolver tasks to queues, hashed by bucket

lib/dns/acl.c

@@ -130,7 +130,7 @@ dns_acl_none(isc_mem_t *mctx, dns_acl_t **target) {
  * If pos is false, test whether acl is set to "{ none; }"
  */
 static bool
-dns_acl_isanyornone(dns_acl_t *acl, bool pos)
+dns_acl_isanyornone(const dns_acl_t *acl, bool pos)
 {
 	/* Should never happen but let's be safe */
 	if (acl == NULL ||
@@ -157,7 +157,7 @@ dns_acl_isanyornone(dns_acl_t *acl, bool pos)
  * Test whether acl is set to "{ any; }"
  */
 bool
-dns_acl_isany(dns_acl_t *acl)
+dns_acl_isany(const dns_acl_t *acl)
 {
 	return (dns_acl_isanyornone(acl, true));
 }
@@ -166,7 +166,7 @@ dns_acl_isany(dns_acl_t *acl)
  * Test whether acl is set to "{ none; }"
  */
 bool
-dns_acl_isnone(dns_acl_t *acl)
+dns_acl_isnone(const dns_acl_t *acl)
 {
 	return (dns_acl_isanyornone(acl, false));
 }
@@ -198,6 +198,20 @@ dns_acl_match(const isc_netaddr_t *reqaddr,
 	REQUIRE(reqaddr != NULL);
 	REQUIRE(matchelt == NULL || *matchelt == NULL);
 
+	/*
+	 * We don't care about matchelt, see if maybe that's 'any' or 'none'
+	 * ACL to speed things up.
+	 */
+	if (matchelt == NULL) {
+		if (dns_acl_isany(acl)) {
+			*match = 1;
+			return (ISC_R_SUCCESS);
+		} else if (dns_acl_isnone(acl)) {
+			*match = -1;
+			return (ISC_R_SUCCESS);
+		}
+	}
+
 	if (env != NULL && env->match_mapped &&
 	    addr->family == AF_INET6 &&
 	    IN6_IS_ADDR_V4MAPPED(&addr->type.in6))

lib/dns/client.c

@@ -462,7 +462,7 @@ dns_client_createx(isc_mem_t *mctx, isc_appctx_t *actx,
 	client->timermgr = timermgr;
 
 	client->task = NULL;
-	result = isc_task_create(client->taskmgr, 50, &client->task);
+	result = isc_task_create(client->taskmgr, 0, &client->task);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup;
 

lib/dns/dispatch.c

@@ -2959,7 +2959,7 @@ dispatch_createudp(dns_dispatchmgr_t *mgr, isc_socketmgr_t *sockmgr,
 	}
 	for (i = 0; i < disp->ntasks; i++) {
 		disp->task[i] = NULL;
-		result = isc_task_create(taskmgr, 50, &disp->task[i]);
+		result = isc_task_create(taskmgr, 0, &disp->task[i]);
 		if (result != ISC_R_SUCCESS) {
 			while (--i >= 0) {
 				isc_task_shutdown(disp->task[i]);

lib/dns/include/dns/acl.h

@@ -130,13 +130,13 @@ dns_acl_none(isc_mem_t *mctx, dns_acl_t **target);
  */
 
 bool
-dns_acl_isany(dns_acl_t *acl);
+dns_acl_isany(const dns_acl_t *acl);
 /*%<
  * Test whether ACL is set to "{ any; }"
  */
 
 bool
-dns_acl_isnone(dns_acl_t *acl);
+dns_acl_isnone(const dns_acl_t *acl);
 /*%<
  * Test whether ACL is set to "{ none; }"
  */

lib/dns/include/dns/name.h

@@ -75,6 +75,7 @@
 #include <dns/types.h>
 
 ISC_LANG_BEGINDECLS
+#define DNS_NAME_USEINLINE 1
 
 /*****
  ***** Labels
@@ -205,7 +206,7 @@ typedef isc_result_t (*dns_name_totextfilter_t)(isc_buffer_t *target,
  ***/
 
 void
-dns_name_init(dns_name_t *name, unsigned char *offsets);
+dns__name_init(dns_name_t *name, unsigned char *offsets);
 /*%<
  * Initialize 'name'.
  *
@@ -226,7 +227,7 @@ dns_name_init(dns_name_t *name, unsigned char *offsets);
  */
 
 void
-dns_name_reset(dns_name_t *name);
+dns__name_reset(dns_name_t *name);
 /*%<
  * Reinitialize 'name'.
  *
@@ -276,7 +277,7 @@ dns_name_isvalid(const dns_name_t *name);
  ***/
 
 void
-dns_name_setbuffer(dns_name_t *name, isc_buffer_t *buffer);
+dns__name_setbuffer(dns_name_t *name, isc_buffer_t *buffer);
 /*%<
  * Dedicate a buffer for use with 'name'.
  *
@@ -318,7 +319,7 @@ dns_name_hasbuffer(const dns_name_t *name);
  ***/
 
 bool
-dns_name_isabsolute(const dns_name_t *name);
+dns__name_isabsolute(const dns_name_t *name);
 /*%<
  * Does 'name' end in the root label?
  *
@@ -567,7 +568,7 @@ dns_name_matcheswildcard(const dns_name_t *name, const dns_name_t *wname);
  ***/
 
 unsigned int
-dns_name_countlabels(const dns_name_t *name);
+dns__name_countlabels(const dns_name_t *name);
 /*%<
  * How many labels does 'name' have?
  *
@@ -675,7 +676,7 @@ dns_name_fromregion(dns_name_t *name, const isc_region_t *r);
  */
 
 void
-dns_name_toregion(const dns_name_t *name, isc_region_t *r);
+dns__name_toregion(const dns_name_t *name, isc_region_t *r);
 /*%<
  * Make 'r' refer to 'name'.
  *
@@ -985,7 +986,7 @@ dns_name_concatenate(const dns_name_t *prefix, const dns_name_t *suffix,
  */
 
 void
-dns_name_split(const dns_name_t *name, unsigned int suffixlabels,
+dns__name_split(const dns_name_t *name, unsigned int suffixlabels,
 	       dns_name_t *prefix, dns_name_t *suffix);
 /*%<
  *
@@ -1385,7 +1386,7 @@ do { \
 
 #define DNS_NAME_SPLIT(n, l, p, s) \
 do { \
-	dns_name_t *_n = (n); \
+	const dns_name_t *_n = (n); \
 	dns_name_t *_p = (p); \
 	dns_name_t *_s = (s); \
 	unsigned int _l = (l); \
@@ -1405,6 +1406,16 @@ do { \
 #define dns_name_toregion(n, r)		DNS_NAME_TOREGION(n, r)
 #define dns_name_split(n, l, p, s)	DNS_NAME_SPLIT(n, l, p, s)
 
+#else
+
+#define dns_name_init(n, o)		dns__name_init(n, o)
+#define dns_name_reset(n)		dns__name_reset(n)
+#define dns_name_setbuffer(n, b)	dns__name_setbuffer(n, b)
+#define dns_name_countlabels(n)		dns__name_countlabels(n)
+#define dns_name_isabsolute(n)		dns__name_isabsolute(n)
+#define dns_name_toregion(n, r)		dns__name_toregion(n, r)
+#define dns_name_split(n, l, p, s)	dns__name_split(n, l, p, s)
+
 #endif /* DNS_NAME_USEINLINE */
 
 #endif /* DNS_NAME_H */

lib/dns/name.c

@@ -176,7 +176,7 @@ set_offsets(const dns_name_t *name, unsigned char *offsets,
 	    dns_name_t *set_name);
 
 void
-dns_name_init(dns_name_t *name, unsigned char *offsets) {
+dns__name_init(dns_name_t *name, unsigned char *offsets) {
 	/*
 	 * Initialize 'name'.
 	 */
@@ -184,7 +184,7 @@ dns_name_init(dns_name_t *name, unsigned char *offsets) {
 }
 
 void
-dns_name_reset(dns_name_t *name) {
+dns__name_reset(dns_name_t *name) {
 	REQUIRE(VALID_NAME(name));
 	REQUIRE(BINDABLE(name));
 
@@ -250,7 +250,7 @@ dns_name_isvalid(const dns_name_t *name) {
 }
 
 void
-dns_name_setbuffer(dns_name_t *name, isc_buffer_t *buffer) {
+dns__name_setbuffer(dns_name_t *name, isc_buffer_t *buffer) {
 	/*
 	 * Dedicate a buffer for use with 'name'.
 	 */
@@ -277,7 +277,7 @@ dns_name_hasbuffer(const dns_name_t *name) {
 }
 
 bool
-dns_name_isabsolute(const dns_name_t *name) {
+dns__name_isabsolute(const dns_name_t *name) {
 
 	/*
 	 * Does 'name' end in the root label?
@@ -849,7 +849,7 @@ dns_name_matcheswildcard(const dns_name_t *name, const dns_name_t *wname) {
 }
 
 unsigned int
-dns_name_countlabels(const dns_name_t *name) {
+dns__name_countlabels(const dns_name_t *name) {
 	/*
 	 * How many labels does 'name' have?
 	 */
@@ -1017,7 +1017,7 @@ dns_name_fromregion(dns_name_t *name, const isc_region_t *r) {
 }
 
 void
-dns_name_toregion(const dns_name_t *name, isc_region_t *r) {
+dns__name_toregion(const dns_name_t *name, isc_region_t *r) {
 	/*
 	 * Make 'r' refer to 'name'.
 	 */
@@ -2130,7 +2130,7 @@ dns_name_concatenate(const dns_name_t *prefix, const dns_name_t *suffix,
 }
 
 void
-dns_name_split(const dns_name_t *name, unsigned int suffixlabels,
+dns__name_split(const dns_name_t *name, unsigned int suffixlabels,
 	       dns_name_t *prefix, dns_name_t *suffix)
 
 {

lib/dns/resolver.c

@@ -4382,8 +4382,8 @@ fctx_shutdown(fetchctx_t *fctx) {
 	 */
 	if (fctx->state != fetchstate_init) {
 		cevent = &fctx->control_event;
-		isc_task_send(fctx->res->buckets[fctx->bucketnum].task,
-			      &cevent);
+		isc_task_sendto(fctx->res->buckets[fctx->bucketnum].task,
+			        &cevent, fctx->bucketnum);
 	}
 }
 
@@ -9925,7 +9925,7 @@ dns_resolver_create(dns_view_t *view,
 		if (result != ISC_R_SUCCESS)
 			goto cleanup_buckets;
 		res->buckets[i].task = NULL;
-		result = isc_task_create(taskmgr, 0, &res->buckets[i].task);
+		result = isc_task_create_bound(taskmgr, 0, &res->buckets[i].task, i);
 		if (result != ISC_R_SUCCESS) {
 			DESTROYLOCK(&res->buckets[i].lock);
 			goto cleanup_buckets;

lib/dns/zoneverify.c

@@ -45,13 +45,11 @@
 #include <isc/base32.h>
 #include <isc/buffer.h>
 #include <isc/heap.h>
-#include <isc/hex.h>
 #include <isc/iterated_hash.h>
 #include <isc/log.h>
 #include <isc/mem.h>
 #include <isc/region.h>
 #include <isc/result.h>
-#include <isc/string.h>
 #include <isc/types.h>
 #include <isc/util.h>
 
@@ -62,8 +60,8 @@ typedef struct vctx {
 	dns_dbversion_t *	ver;
 	dns_name_t *		origin;
 	dns_keytable_t *	secroots;
-	bool			goodksk;
-	bool			goodzsk;
+	bool		goodksk;
+	bool		goodzsk;
 	dns_rdataset_t		keyset;
 	dns_rdataset_t		keysigs;
 	dns_rdataset_t		soaset;
@@ -85,9 +83,9 @@ typedef struct vctx {
 } vctx_t;
 
 struct nsec3_chain_fixed {
-	uint8_t			hash;
-	uint8_t			salt_length;
-	uint8_t			next_length;
+	uint8_t		hash;
+	uint8_t		salt_length;
+	uint8_t		next_length;
 	uint16_t		iterations;
 	/*
 	 * The following non-fixed-length data is stored in memory after the
@@ -99,14 +97,6 @@ struct nsec3_chain_fixed {
 	 */
 };
 
-static unsigned char the_ndata[] = "\0400FEH552TRKV2I9QUNQ8KQ23MFH2IJGAK\002be";
-static unsigned char the_offsets[] = { 0, 33, 36 };
-static dns_name_t the_name = DNS_NAME_INITABSOLUTE(the_ndata, the_offsets);
-
-static unsigned char other_ndata[] = "\0400FEH552TRKV2I9QUNQ8KQ23MFH2IJGAK\002be";
-static unsigned char other_offsets[] = { 0, 33, 36 };
-static dns_name_t other_name = DNS_NAME_INITABSOLUTE(other_ndata, other_offsets);
-
 /*%
  * Log a zone verification error described by 'fmt' and the variable arguments
  * following it.  Either use dns_zone_logv() or print to stderr, depending on
@@ -491,10 +481,6 @@ match_nsec3(const vctx_t *vctx, const dns_name_t *name,
 	isc_result_t result;
 	unsigned int len;
 
-	if (dns_name_equal(&the_name, name)) {
-		fprintf(stderr, "match_nsec3\n");
-		fflush(stderr);
-	}
 	/*
 	 * Find matching NSEC3 record.
 	 */
@@ -632,7 +618,6 @@ record_found(const vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node,
 	result = dns_db_findrdataset(vctx->db, node, vctx->ver,
 				     dns_rdatatype_nsec3, 0, 0, &rdataset,
 				     NULL);
-	if (dns_name_equal(&the_name, name)) fprintf(stderr, "dns_db_findrdataset->%s\n", dns_result_totext(result));
 	if (result != ISC_R_SUCCESS) {
 		return (ISC_R_SUCCESS);
 	}
@@ -641,7 +626,6 @@ record_found(const vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node,
 	isc_region_consume(&hashlabel, 1);
 	isc_buffer_init(&b, owner, sizeof(owner));
 	result = isc_base32hex_decoderegion(&hashlabel, &b);
-	if (dns_name_equal(&the_name, name)) fprintf(stderr, "isc_base32hex_decoderegion->%s\n", dns_result_totext(result));
 	if (result != ISC_R_SUCCESS) {
 		result = ISC_R_SUCCESS;
 		goto cleanup;
@@ -663,7 +647,6 @@ record_found(const vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node,
 		 * record.
 		 */
 		if (!innsec3params(&nsec3, nsec3paramset)) {
-			if (dns_name_equal(&the_name, name)) fprintf(stderr, "!innsec3params\n");
 			continue;
 		}
 
@@ -671,7 +654,6 @@ record_found(const vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node,
 		 * Record chain.
 		 */
 		result = record_nsec3(vctx, owner, &nsec3, vctx->found_chains);
-	if (dns_name_equal(&the_name, name)) fprintf(stderr, "record_nsec3->%s\n", dns_result_totext(result));
 		if (result != ISC_R_SUCCESS) {
 			zoneverify_log_error(vctx, "record_nsec3(): %s",
 					     isc_result_totext(result));
@@ -716,12 +698,6 @@ isoptout(const vctx_t *vctx, const dns_rdata_t *nsec3rdata,
 
 	dns_rdataset_init(&rdataset);
 	hashname = dns_fixedname_name(&fixed);
-	if (dns_name_equal(&other_name, hashname)) {
-		char nb[DNS_NAME_FORMATSIZE];
-		dns_name_format(vctx->origin, nb, sizeof(nb));
-		fprintf(stderr, "othername from %s\n", nb);
-		fflush(stderr);
-	}
 	result = dns_db_findnsec3node(vctx->db, hashname, false, &node);
 	if (result == ISC_R_SUCCESS) {
 		result = dns_db_findrdataset(vctx->db, node, vctx->ver,
@@ -787,13 +763,16 @@ verifynsec3(const vctx_t *vctx, const dns_name_t *name,
 		return (ISC_R_SUCCESS);
 	}
 
+	result = isoptout(vctx, rdata, &optout);
+	if (result != ISC_R_SUCCESS) {
+		return (result);
+	}
 
 	dns_fixedname_init(&fixed);
 	result = dns_nsec3_hashname(&fixed, rawhash, &rhsize, name,
 				    vctx->origin, nsec3param.hash,
 				    nsec3param.iterations, nsec3param.salt,
 				    nsec3param.salt_length);
-	if (dns_name_equal(&the_name, name)) fprintf(stderr, "dns_nsec3_hashname->%s\n", dns_result_totext(result));
 	if (result != ISC_R_SUCCESS) {
 		zoneverify_log_error(vctx, "dns_nsec3_hashname(): %s",
 				     isc_result_totext(result));
@@ -808,22 +787,6 @@ verifynsec3(const vctx_t *vctx, const dns_name_t *name,
 	 */
 	dns_rdataset_init(&rdataset);
 	hashname = dns_fixedname_name(&fixed);
-	if (dns_name_equal(&other_name, hashname)) {
-		char nb[DNS_NAME_FORMATSIZE];
-		dns_name_format(name, nb, sizeof(nb));
-		fprintf(stderr, "othername from %s\n", nb);
-		fflush(stderr);
-	}
-	if (dns_name_equal(&the_name, hashname)) {
-		fprintf(stderr, "verifynsec3\n");
-		fflush(stderr);
-	}
-
-	result = isoptout(vctx, rdata, &optout);
-	if (result != ISC_R_SUCCESS) {
-		return (result);
-	}
-
 	result = dns_db_findnsec3node(vctx->db, hashname, false, &node);
 	if (result == ISC_R_SUCCESS) {
 		result = dns_db_findrdataset(vctx->db, node, vctx->ver,
@@ -1016,11 +979,6 @@ verifynode(vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node,
 
 	REQUIRE(vresult != NULL || (nsecset == NULL && nsec3paramset == NULL));
 
-	if (dns_name_equal(&the_name, name)) {
-		fprintf(stderr, "verifynode\n");
-		fflush(stderr);
-	}
-
 	memset(types, 0, sizeof(types));
 	result = dns_db_allrdatasets(vctx->db, node, vctx->ver, 0, &rdsiter);
 	if (result != ISC_R_SUCCESS) {
@@ -1099,7 +1057,6 @@ verifynode(vctx_t *vctx, const dns_name_t *name, dns_dbnode_t *node,
 	{
 		result = verifynsec3s(vctx, name, nsec3paramset, delegation,
 				      false, types, maxtype, &tvresult);
-		if (dns_name_equal(&the_name, name)) fprintf(stderr, "verifynsec3s->%s\n", dns_result_totext(result));
 		if (result != ISC_R_SUCCESS) {
 			return (result);
 		}
@@ -1190,7 +1147,7 @@ static bool
 checknext(const vctx_t *vctx, const struct nsec3_chain_fixed *first,
 	  const struct nsec3_chain_fixed *e)
 {
-	char buf[512], salt[512 + 1];
+	char buf[512];
 	const unsigned char *d1 = (const unsigned char *)(first + 1);
 	const unsigned char *d2 = (const unsigned char *)(e + 1);
 	isc_buffer_t b;
@@ -1203,21 +1160,11 @@ checknext(const vctx_t *vctx, const struct nsec3_chain_fixed *first,
 		return (true);
 	}
 
-	if (first->salt_length == 0) {
-		strlcpy(salt, "-", sizeof(salt));
-	} else {
-		DE_CONST((const unsigned char *)(first + 1), sr.base);
-		sr.length = first->salt_length;
-		isc_buffer_init(&b, salt, sizeof(salt));
-		isc_hex_totext(&sr, 1, "", &b);
-		salt[isc_buffer_usedlength(&b)] = 0;
-	}
 	DE_CONST(d1 - first->next_length, sr.base);
 	sr.length = first->next_length;
 	isc_buffer_init(&b, buf, sizeof(buf));
 	isc_base32hex_totext(&sr, 1, "", &b);
-	zoneverify_log_error(vctx, "Break in NSEC3 chain (%u %u %s) at: %.*s",
-			     first->hash, first->iterations, salt,
+	zoneverify_log_error(vctx, "Break in NSEC3 chain at: %.*s",
 			     (int)isc_buffer_usedlength(&b), buf);
 
 	DE_CONST(d1, sr.base);
@@ -1227,69 +1174,21 @@ checknext(const vctx_t *vctx, const struct nsec3_chain_fixed *first,
 	zoneverify_log_error(vctx, "Expected: %.*s",
 			     (int)isc_buffer_usedlength(&b), buf);
 
-	if (e->salt_length == 0) {
-		strlcpy(salt, "-", sizeof(salt));
-	} else {
-		DE_CONST((const unsigned char *)(e + 1);, sr.base);
-		sr.length = e->salt_length;
-		isc_buffer_init(&b, salt, sizeof(salt));
-		isc_hex_totext(&sr, 1, "", &b);
-		salt[isc_buffer_usedlength(&b)] = 0;
-	}
 	DE_CONST(d2, sr.base);
 	sr.length = first->next_length;
 	isc_buffer_init(&b, buf, sizeof(buf));
 	isc_base32hex_totext(&sr, 1, "", &b);
-	zoneverify_log_error(vctx, "Found (%u %u %s): %.*s",
-			     e->hash, e->iterations, salt,
+	zoneverify_log_error(vctx, "Found: %.*s",
 			     (int)isc_buffer_usedlength(&b), buf);
 
 	return (false);
 }
 
-static void
-report(const vctx_t *vctx, const char *str,
-       const struct nsec3_chain_fixed *e)
-{
-	char this[512+1], next[512+1], salt[512 + 1];
-	const unsigned char *cp = (const unsigned char *)(e + 1);
-	isc_buffer_t b;
-	isc_region_t sr;
-
-	if (e->salt_length == 0) {
-		strlcpy(salt, "-", sizeof(salt));
-	} else {
-		DE_CONST(cp, sr.base);
-		sr.length = e->salt_length;
-		isc_buffer_init(&b, salt, sizeof(salt) - 1);
-		isc_hex_totext(&sr, 1, "", &b);
-		salt[isc_buffer_usedlength(&b)] = 0;
-	}
-
-	cp += e->salt_length;
-	DE_CONST(cp, sr.base);
-	sr.length = e->next_length;
-	isc_buffer_init(&b, this, sizeof(this) - 1);
-	isc_base32hex_totext(&sr, 1, "", &b);
-	this[isc_buffer_usedlength(&b)] = 0;
-
-	cp += e->next_length;
-	DE_CONST(cp, sr.base);
-	sr.length = e->next_length;
-	isc_buffer_init(&b, next, sizeof(next) - 1);
-	isc_base32hex_totext(&sr, 1, "", &b);
-	next[isc_buffer_usedlength(&b)] = 0;
-
-	zoneverify_log_error(vctx, "%s %s NSEC3 %u ? %u %s %s", str,
-			     this, e->hash, e->iterations, salt, next);
-}
-
 static isc_result_t
 verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 	isc_result_t result = ISC_R_SUCCESS;
 	struct nsec3_chain_fixed *e, *f = NULL;
 	struct nsec3_chain_fixed *first = NULL, *prev = NULL;
-	unsigned int i = 0;
 
 	while ((e = isc_heap_element(vctx->expected_chains, 1)) != NULL) {
 		isc_heap_delete(vctx->expected_chains, 1);
@@ -1299,8 +1198,6 @@ verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 		if (f != NULL) {
 			isc_heap_delete(vctx->found_chains, 1);
 
-			i++;
-
 			/*
 			 * Check that they match.
 			 */
@@ -1313,8 +1210,6 @@ verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 						vctx,
 						"Expected and found NSEC3 "
 						"chains not equal");
-					report(vctx, "Expected:", e);
-					report(vctx, "Found:   ", f);
 				}
 				result = ISC_R_FAILURE;
 				/*
@@ -1342,7 +1237,6 @@ verify_nsec3_chains(const vctx_t *vctx, isc_mem_t *mctx) {
 			result = ISC_R_FAILURE;
 		}
 		if (first == NULL || newchain(first, e)) {
-fprintf(stderr, "record new chain\n");
 			if (prev != NULL) {
 				if (!checknext(vctx, prev, first)) {
 					result = ISC_R_FAILURE;
@@ -1366,7 +1260,6 @@ fprintf(stderr, "record new chain\n");
 		prev = e;
 	}
 	if (prev != NULL) {
-fprintf(stderr, "final %u\n", i);
 		if (!checknext(vctx, prev, first)) {
 			result = ISC_R_FAILURE;
 		}
@@ -1839,52 +1732,6 @@ determine_active_algorithms(vctx_t *vctx, bool ignore_kskflag,
 		vctx->bad_algorithms[i] = 1;
 	}
 }
-static void
-xxxx(vctx_t *vctx, dns_name_t *name) {
-	unsigned char rawhash[NSEC3_MAX_HASH_LENGTH];
-	size_t rhsize = sizeof(rawhash);
-	dns_fixedname_t fixed;
-	dns_name_t *hashname;
-	isc_result_t result;
-	dns_rdata_nsec3param_t nsec3param;
-	dns_rdataset_t rdataset;
-
-	if (!dns_rdataset_isassociated(&vctx->nsec3paramset))
-		return;
-
-	dns_fixedname_init(&fixed);
-	hashname = dns_fixedname_name(&fixed);
-	dns_rdataset_init(&rdataset);
-	dns_rdataset_clone(&vctx->nsec3paramset, &rdataset);
-
-	for (result = dns_rdataset_first(&rdataset);
-	     result == ISC_R_SUCCESS;
-	     result = dns_rdataset_next(&rdataset))
-	{
-		dns_rdata_t rdata = DNS_RDATA_INIT;
-
-		dns_rdataset_current(&rdataset, &rdata);
-		result = dns_rdata_tostruct(&rdata, &nsec3param, NULL);
-		RUNTIME_CHECK(result == ISC_R_SUCCESS);
-		result = dns_nsec3_hashname(&fixed, rawhash, &rhsize, name,
-					    vctx->origin, nsec3param.hash,
-					    nsec3param.iterations, nsec3param.salt,
-					    nsec3param.salt_length);
-		if (result != ISC_R_SUCCESS) {
-			zoneverify_log_error(vctx, "dns_nsec3_hashname(): %s",
-						     isc_result_totext(result));
-			continue;
-		}
-
-		if (dns_name_equal(&other_name, hashname)) {
-			char nb[DNS_NAME_FORMATSIZE];
-			dns_name_format(name, nb, sizeof(nb));
-			fprintf(stderr, "\n\nothername from %s\n\n\n", nb);
-			fflush(stderr);
-		}
-	}
-	dns_rdataset_disassociate(&rdataset);
-}
 
 /*%
  * Check that all the records not yet verified were signed by keys that are
@@ -1931,7 +1778,6 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) {
 					     isc_result_totext(result));
 			goto done;
 		}
-		xxxx(vctx, name);
 		if (!dns_name_issubdomain(name, vctx->origin)) {
 			result = check_no_nsec(vctx, name, node);
 			if (result != ISC_R_SUCCESS) {
@@ -1975,7 +1821,6 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) {
 				dns_db_detachnode(vctx->db, &node);
 				goto done;
 			}
-			xxxx(vctx, nextname);
 			if (!dns_name_issubdomain(nextname, vctx->origin) ||
 			    (zonecut != NULL &&
 			     dns_name_issubdomain(nextname, zonecut)))
@@ -2017,7 +1862,6 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) {
 		result = verifynode(vctx, name, node, isdelegation,
 				    &vctx->keyset, &vctx->nsecset,
 				    &vctx->nsec3paramset, nextname, &tvresult);
-		if (dns_name_equal(&the_name, name)) fprintf(stderr, "verifynode->%s\n", dns_result_totext(result));
 		if (result != ISC_R_SUCCESS) {
 			dns_db_detachnode(vctx->db, &node);
 			goto done;
@@ -2033,7 +1877,6 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) {
 						  isdelegation,
 						  &vctx->nsec3paramset,
 						  &tvresult);
-			if (dns_name_equal(&the_name, name)) fprintf(stderr, "verifyemptynodes->%s\n", dns_result_totext(result));
 			if (result != ISC_R_SUCCESS) {
 				dns_db_detachnode(vctx->db, &node);
 				goto done;
@@ -2068,7 +1911,6 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) {
 					     isc_result_totext(result));
 			goto done;
 		}
-		xxxx(vctx, name);
 		result = verifynode(vctx, name, node, false, &vctx->keyset,
 				    NULL, NULL, NULL, NULL);
 		if (result != ISC_R_SUCCESS) {
@@ -2078,7 +1920,6 @@ verify_nodes(vctx_t *vctx, isc_result_t *vresult) {
 			goto done;
 		}
 		result = record_found(vctx, name, node, &vctx->nsec3paramset);
-		if (dns_name_equal(&the_name, name)) fprintf(stderr, "record_found->%s\n", dns_result_totext(result));
 		dns_db_detachnode(vctx->db, &node);
 		if (result != ISC_R_SUCCESS) {
 			goto done;

lib/isc/include/isc/task.h

@@ -136,6 +136,10 @@ struct isc_task {
 isc_result_t
 isc_task_create(isc_taskmgr_t *manager, unsigned int quantum,
 		isc_task_t **taskp);
+
+isc_result_t
+isc_task_create_bound(isc_taskmgr_t *manager, unsigned int quantum,
+		      isc_task_t **taskp, int threadid);
 /*%<
  * Create a task.
  *

lib/isc/result.c

@@ -257,8 +257,6 @@ isc_result_tomany_helper(resulttable_list_t *tables, isc_result_t result) {
 
 	initialize();
 
-	LOCK(&lock);
-
 	text = NULL;
 	for (table = ISC_LIST_HEAD(*tables);
 	     table != NULL;
@@ -280,8 +278,6 @@ isc_result_tomany_helper(resulttable_list_t *tables, isc_result_t result) {
 		text = isc_msgcat_get(isc_msgcat, ISC_RESULT_UNAVAILABLESET,
 				      1, "(result code text not available)");
 
-	UNLOCK(&lock);
-
 	return (text);
 }
 

lib/isc/rwlock.c

@@ -236,6 +236,7 @@ isc_rwlock_destroy(isc_rwlock_t *rwl) {
 
 static isc_result_t
 isc__rwlock_lock(isc_rwlock_t *rwl, isc_rwlocktype_t type) {
+	return (ISC_R_SUCCESS);
 	int32_t cntflag;
 
 	REQUIRE(VALID_RWLOCK(rwl));
@@ -357,6 +358,7 @@ isc__rwlock_lock(isc_rwlock_t *rwl, isc_rwlocktype_t type) {
 
 isc_result_t
 isc_rwlock_lock(isc_rwlock_t *rwl, isc_rwlocktype_t type) {
+	return (ISC_R_SUCCESS);
 	int32_t cnt = 0;
 	int32_t max_cnt = rwl->spins * 2 + 10;
 	isc_result_t result = ISC_R_SUCCESS;
@@ -379,6 +381,7 @@ isc_rwlock_lock(isc_rwlock_t *rwl, isc_rwlocktype_t type) {
 
 isc_result_t
 isc_rwlock_trylock(isc_rwlock_t *rwl, isc_rwlocktype_t type) {
+	return (ISC_R_SUCCESS);
 	int32_t cntflag;
 
 	REQUIRE(VALID_RWLOCK(rwl));
@@ -450,6 +453,7 @@ isc_rwlock_trylock(isc_rwlock_t *rwl, isc_rwlocktype_t type) {
 
 isc_result_t
 isc_rwlock_tryupgrade(isc_rwlock_t *rwl) {
+	return (ISC_R_SUCCESS);
 	REQUIRE(VALID_RWLOCK(rwl));
 
 	{
@@ -483,6 +487,7 @@ isc_rwlock_tryupgrade(isc_rwlock_t *rwl) {
 
 void
 isc_rwlock_downgrade(isc_rwlock_t *rwl) {
+	return;
 	int32_t prev_readers;
 
 	REQUIRE(VALID_RWLOCK(rwl));
@@ -511,6 +516,7 @@ isc_rwlock_downgrade(isc_rwlock_t *rwl) {
 
 isc_result_t
 isc_rwlock_unlock(isc_rwlock_t *rwl, isc_rwlocktype_t type) {
+	return (ISC_R_SUCCESS);
 	int32_t prev_cnt;
 
 	REQUIRE(VALID_RWLOCK(rwl));

lib/isc/stats.c

@@ -165,6 +165,7 @@ isc_stats_create(isc_mem_t *mctx, isc_stats_t **statsp, int ncounters) {
 
 void
 isc_stats_increment(isc_stats_t *stats, isc_statscounter_t counter) {
+	return;
 	REQUIRE(ISC_STATS_VALID(stats));
 	REQUIRE(counter < stats->ncounters);
 
@@ -174,6 +175,7 @@ isc_stats_increment(isc_stats_t *stats, isc_statscounter_t counter) {
 
 void
 isc_stats_decrement(isc_stats_t *stats, isc_statscounter_t counter) {
+	return;
 	REQUIRE(ISC_STATS_VALID(stats));
 	REQUIRE(counter < stats->ncounters);
 

lib/isc/task.c

@@ -104,6 +104,7 @@ struct isc__task {
 	char				name[16];
 	void *				tag;
 	unsigned int			threadid;
+	bool				bound;
 	/* Locked by task manager lock. */
 	LINK(isc__task_t)		link;
 	LINK(isc__task_t)		ready_link;
@@ -171,8 +172,7 @@ void
 isc__taskmgr_resume(isc_taskmgr_t *manager0);
 
 
-#define DEFAULT_TASKMGR_QUANTUM		10
-#define DEFAULT_DEFAULT_QUANTUM		5
+#define DEFAULT_DEFAULT_QUANTUM		25
 #define FINISHED(m)			((m)->exiting && EMPTY((m)->tasks))
 
 /*%
@@ -243,7 +243,14 @@ task_finished(isc__task_t *task) {
 
 isc_result_t
 isc_task_create(isc_taskmgr_t *manager0, unsigned int quantum,
-		 isc_task_t **taskp)
+		isc_task_t **taskp)
+{
+	return (isc_task_create_bound(manager0, quantum, taskp, -1));
+}
+
+isc_result_t
+isc_task_create_bound(isc_taskmgr_t *manager0, unsigned int quantum,
+		      isc_task_t **taskp, int threadid)
 {
 	isc__taskmgr_t *manager = (isc__taskmgr_t *)manager0;
 	isc__task_t *task;
@@ -258,9 +265,15 @@ isc_task_create(isc_taskmgr_t *manager0, unsigned int quantum,
 		return (ISC_R_NOMEMORY);
 	XTRACE("isc_task_create");
 	task->manager = manager;
-	task->threadid = atomic_fetch_add_explicit(&manager->curq, 1,
-						   memory_order_relaxed)
-						   % manager->workers;
+	if (threadid == -1) {
+		task->bound = false;
+		task->threadid = atomic_fetch_add_explicit(&manager->curq, 1,
+							   memory_order_relaxed)
+							   % manager->workers;
+	} else {
+		task->bound = true;
+		task->threadid = threadid % manager->workers;
+	}
 	result = isc_mutex_init(&task->lock);
 	if (result != ISC_R_SUCCESS) {
 		isc_mem_put(manager->mctx, task, sizeof(*task));
@@ -494,7 +507,9 @@ isc_task_sendto(isc_task_t *task0, isc_event_t **eventp, int c) {
 	REQUIRE(VALID_TASK(task));
 	XTRACE("isc_task_send");
 
-	if (c < 0) {
+	if (task->bound) {
+		c = task->threadid;
+	} else if (c < 0) {
 		c = atomic_fetch_add_explicit(&task->manager->curq, 1,
 					      memory_order_relaxed);
 	}
@@ -544,7 +559,9 @@ isc_task_sendtoanddetach(isc_task_t **taskp, isc_event_t **eventp, int c) {
 	REQUIRE(VALID_TASK(task));
 	XTRACE("isc_task_sendanddetach");
 
-	if (c < 0) {
+	if (task->bound) {
+		c = task->threadid;
+	} else if (c < 0) {
 		c = atomic_fetch_add_explicit(&task->manager->curq, 1,
 					      memory_order_relaxed);
 	}

lib/ns/client.c

@@ -2964,7 +2964,7 @@ client_create(ns_clientmgr_t *manager, ns_client_t **clientp) {
 	ns_server_attach(manager->sctx, &client->sctx);
 
 	client->task = NULL;
-	result = isc_task_create(manager->taskmgr, 50, &client->task);
+	result = isc_task_create(manager->taskmgr, 0, &client->task);
 	if (result != ISC_R_SUCCESS)
 		goto cleanup_client;
 	isc_task_setname(client->task, "client", client);

util/models.c

@@ -94,3 +94,16 @@ void isc__mempool_put(void *mem, void *ptr FLARG) {
 	if (!mem) __coverity_panic__();
 	__coverity_free__(ptr);
 }
+
+/*
+ * Cmocka models.
+ */
+
+#define LargestIntegralType unsigned long int
+
+void _assert_true(const LargestIntegralType result,
+		  const char * const expression,
+		  const char * const file, const int line)
+{
+	if (!result) __coverity_panic__();
+}