upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-02-28 12:20:55 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
haproxy/src/buffer.c

288 lines
8 KiB
C
Raw Normal View History

REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
/*
* Buffer management functions.
*
* Copyright 2000-2012 Willy Tarreau <w@1wt.eu>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
*/
MINOR: buffer_dump with ASCII Improve the buffer_dump function with ASCII output.
2012-11-22 12:01:40 -05:00
#include <ctype.h>
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
#include <stdio.h>
#include <string.h>
#include <common/config.h>
#include <common/buffer.h>
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
#include <common/memory.h>
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
#include <types/global.h>
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
struct pool_head *pool2_buffer;
MEDIUM: buffer: add a new buf_wanted dummy buffer to report failed allocations Doing so ensures that even when no memory is available, we leave the channel in a sane condition. There's a special case in proto_http.c regarding the compression, we simply pre-allocate the tmpbuf to point to the dummy buffer. Not reusing &buf_empty for this allows the rest of the code to differenciate an empty buffer that's not used from an empty buffer that results from a failed allocation which has the same semantics as a buffer full.
2014-11-24 05:55:08 -05:00
/* These buffers are used to always have a valid pointer to an empty buffer in
* channels. The first buffer is set once a buffer is empty. The second one is
* set when a buffer is desired but no more are available. It helps knowing
* what channel wants a buffer. They can reliably be exchanged, the split
* between the two is only an optimization.
MEDIUM: buffer: always assign a dummy empty buffer to channels Channels are now created with a valid pointer to a buffer before the buffer is allocated. This buffer is a global one called "buf_empty" and of size zero. Thus it prevents any activity from being performed on the buffer and still ensures that chn->buf may always be dereferenced. b_free() also resets the buffer to &buf_empty, and was split into b_drop() which does not reset the buffer.
2014-11-24 05:39:34 -05:00
*/
struct buffer buf_empty = { .p = buf_empty.data };
MEDIUM: buffer: add a new buf_wanted dummy buffer to report failed allocations Doing so ensures that even when no memory is available, we leave the channel in a sane condition. There's a special case in proto_http.c regarding the compression, we simply pre-allocate the tmpbuf to point to the dummy buffer. Not reusing &buf_empty for this allows the rest of the code to differenciate an empty buffer that's not used from an empty buffer that results from a failed allocation which has the same semantics as a buffer full.
2014-11-24 05:55:08 -05:00
struct buffer buf_wanted = { .p = buf_wanted.data };
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
/* perform minimal intializations, report 0 in case of error, 1 if OK. */
int init_buffer()
{
MAJOR: session: only wake up as many sessions as available buffers permit We've already experimented with three wake up algorithms when releasing buffers : the first naive one used to wake up far too many sessions, causing many of them not to get any buffer. The second approach which was still in use prior to this patch consisted in waking up either 1 or 2 sessions depending on the number of FDs we had released. And this was still inaccurate. The third one tried to cover the accuracy issues of the second and took into consideration the number of FDs the sessions would be willing to use, but most of the time we ended up waking up too many of them for nothing, or deadlocking by lack of buffers. This patch completely removes the need to allocate two buffers at once. Instead it splits allocations into critical and non-critical ones and implements a reserve in the pool for this. The deadlock situation happens when all buffers are be allocated for requests pending in a maxconn-limited server queue, because then there's no more way to allocate buffers for responses, and these responses are critical to release the servers's connection in order to release the pending requests. In fact maxconn on a server creates a dependence between sessions and particularly between oldest session's responses and latest session's requests. Thus, it is mandatory to get a free buffer for a response in order to release a server connection which will permit to release a request buffer. Since we definitely have non-symmetrical buffers, we need to implement this logic in the buffer allocation mechanism. What this commit does is implement a reserve of buffers which can only be allocated for responses and that will never be allocated for requests. This is made possible by the requester indicating how much margin it wants to leave after the allocation succeeds. Thus it is a cooperative allocation mechanism : the requester (process_session() in general) prefers not to get a buffer in order to respect other's need for response buffers. The session management code always knows if a buffer will be used for requests or responses, so that is not difficult : - either there's an applet on the initiator side and we really need the request buffer (since currently the applet is called in the context of the session) - or we have a connection and we really need the response buffer (in order to support building and sending an error message back) This reserve ensures that we don't take all allocatable buffers for requests waiting in a queue. The downside is that all the extra buffers are really allocated to ensure they can be allocated. But with small values it is not an issue. With this change, we don't observe any more deadlocks even when running with maxconn 1 on a server under severely constrained memory conditions. The code becomes a bit tricky, it relies on the scheduler's run queue to estimate how many sessions are already expected to run so that it doesn't wake up everyone with too few resources. A better solution would probably consist in having two queues, one for urgent requests and one for normal requests. A failed allocation for a session dealing with an error, a connection event, or the need for a response (or request when there's an applet on the left) would go to the urgent request queue, while other requests would go to the other queue. Urgent requests would be served from 1 entry in the pool, while the regular ones would be served only according to the reserve. Despite not yet having this, it works remarkably well. This mechanism is quite efficient, we don't perform too many wake up calls anymore. For 1 million sessions elapsed during massive memory contention, we observe about 4.5M calls to process_session() compared to 4.0M without memory constraints. Previously we used to observe up to 16M calls, which rougly means 12M failures. During a test run under high memory constraints (limit enforced to 27 MB instead of the 58 MB normally needed), performance used to drop by 53% prior to this patch. Now with this patch instead it *increases* by about 1.5%. The best effect of this change is that by limiting the memory usage to about 2/3 to 3/4 of what is needed by default, it's possible to increase performance by up to about 18% mainly due to the fact that pools are reused more often and remain hot in the CPU cache (observed on regular HTTP traffic with 20k objects, buffers.limit = maxconn/10, buffers.reserve = limit/2). Below is an example of scenario which used to cause a deadlock previously : - connection is received - two buffers are allocated in process_session() then released - one is allocated when receiving an HTTP request - the second buffer is allocated then released in process_session() for request parsing then connection establishment. - poll() says we can send, so the request buffer is sent and released - process session gets notified that the connection is now established and allocates two buffers then releases them - all other sessions do the same till one cannot get the request buffer without hitting the margin - and now the server responds. stream_interface allocates the response buffer and manages to get it since it's higher priority being for a response. - but process_session() cannot allocate the request buffer anymore => We could end up with all buffers used by responses so that none may be allocated for a request in process_session(). When the applet processing leaves the session context, the test will have to be changed so that we always allocate a response buffer regardless of the left side (eg: H2->H1 gateway). A final improvement would consists in being able to only retry the failed I/O operation without waking up a task, but to date all experiments to achieve this have proven not to be reliable enough.
2014-11-26 19:11:56 -05:00
void *buffer;
BUG/MEDIUM: buffers: do not round up buffer size during allocation When users request 16384 bytes for a buffer, they get 16392 after rounding up. This is problematic for SSL as it systematically causes a small 8-bytes message to be appended after the first 16kB message and costs about 15% of performance. Let's add MEM_F_EXACT to use exactly the size we need. This requires previous patch (MEDIUM: pools: add a new flag to avoid rounding pool size up). This issue was introduced in 1.6 and causes trouble there, so this fix must be backported. This is issue was reported by Gary Barrueto and diagnosed by Cyril Bont.
2016-01-24 20:23:25 -05:00
pool2_buffer = create_pool("buffer", sizeof (struct buffer) + global.tune.bufsize, MEM_F_SHARED|MEM_F_EXACT);
MAJOR: session: only wake up as many sessions as available buffers permit We've already experimented with three wake up algorithms when releasing buffers : the first naive one used to wake up far too many sessions, causing many of them not to get any buffer. The second approach which was still in use prior to this patch consisted in waking up either 1 or 2 sessions depending on the number of FDs we had released. And this was still inaccurate. The third one tried to cover the accuracy issues of the second and took into consideration the number of FDs the sessions would be willing to use, but most of the time we ended up waking up too many of them for nothing, or deadlocking by lack of buffers. This patch completely removes the need to allocate two buffers at once. Instead it splits allocations into critical and non-critical ones and implements a reserve in the pool for this. The deadlock situation happens when all buffers are be allocated for requests pending in a maxconn-limited server queue, because then there's no more way to allocate buffers for responses, and these responses are critical to release the servers's connection in order to release the pending requests. In fact maxconn on a server creates a dependence between sessions and particularly between oldest session's responses and latest session's requests. Thus, it is mandatory to get a free buffer for a response in order to release a server connection which will permit to release a request buffer. Since we definitely have non-symmetrical buffers, we need to implement this logic in the buffer allocation mechanism. What this commit does is implement a reserve of buffers which can only be allocated for responses and that will never be allocated for requests. This is made possible by the requester indicating how much margin it wants to leave after the allocation succeeds. Thus it is a cooperative allocation mechanism : the requester (process_session() in general) prefers not to get a buffer in order to respect other's need for response buffers. The session management code always knows if a buffer will be used for requests or responses, so that is not difficult : - either there's an applet on the initiator side and we really need the request buffer (since currently the applet is called in the context of the session) - or we have a connection and we really need the response buffer (in order to support building and sending an error message back) This reserve ensures that we don't take all allocatable buffers for requests waiting in a queue. The downside is that all the extra buffers are really allocated to ensure they can be allocated. But with small values it is not an issue. With this change, we don't observe any more deadlocks even when running with maxconn 1 on a server under severely constrained memory conditions. The code becomes a bit tricky, it relies on the scheduler's run queue to estimate how many sessions are already expected to run so that it doesn't wake up everyone with too few resources. A better solution would probably consist in having two queues, one for urgent requests and one for normal requests. A failed allocation for a session dealing with an error, a connection event, or the need for a response (or request when there's an applet on the left) would go to the urgent request queue, while other requests would go to the other queue. Urgent requests would be served from 1 entry in the pool, while the regular ones would be served only according to the reserve. Despite not yet having this, it works remarkably well. This mechanism is quite efficient, we don't perform too many wake up calls anymore. For 1 million sessions elapsed during massive memory contention, we observe about 4.5M calls to process_session() compared to 4.0M without memory constraints. Previously we used to observe up to 16M calls, which rougly means 12M failures. During a test run under high memory constraints (limit enforced to 27 MB instead of the 58 MB normally needed), performance used to drop by 53% prior to this patch. Now with this patch instead it *increases* by about 1.5%. The best effect of this change is that by limiting the memory usage to about 2/3 to 3/4 of what is needed by default, it's possible to increase performance by up to about 18% mainly due to the fact that pools are reused more often and remain hot in the CPU cache (observed on regular HTTP traffic with 20k objects, buffers.limit = maxconn/10, buffers.reserve = limit/2). Below is an example of scenario which used to cause a deadlock previously : - connection is received - two buffers are allocated in process_session() then released - one is allocated when receiving an HTTP request - the second buffer is allocated then released in process_session() for request parsing then connection establishment. - poll() says we can send, so the request buffer is sent and released - process session gets notified that the connection is now established and allocates two buffers then releases them - all other sessions do the same till one cannot get the request buffer without hitting the margin - and now the server responds. stream_interface allocates the response buffer and manages to get it since it's higher priority being for a response. - but process_session() cannot allocate the request buffer anymore => We could end up with all buffers used by responses so that none may be allocated for a request in process_session(). When the applet processing leaves the session context, the test will have to be changed so that we always allocate a response buffer regardless of the left side (eg: H2->H1 gateway). A final improvement would consists in being able to only retry the failed I/O operation without waking up a task, but to date all experiments to achieve this have proven not to be reliable enough.
2014-11-26 19:11:56 -05:00
if (!pool2_buffer)
return 0;
/* The reserved buffer is what we leave behind us. Thus we always need
* at least one extra buffer in minavail otherwise we'll end up waking
* up tasks with no memory available, causing a lot of useless wakeups.
* That means that we always want to have at least 3 buffers available
* (2 for current session, one for next session that might be needed to
* release a server connection).
*/
pool2_buffer->minavail = MAX(global.tune.reserved_bufs, 3);
MINOR: config: implement global setting tune.buffers.limit This setting is used to limit memory usage without causing the alloc failures caused by "-m". Unexpectedly, tests have shown a performance boost of up to about 18% on HTTP traffic when limiting the number of buffers to about 10% of the amount of concurrent connections. tune.buffers.limit <number> Sets a hard limit on the number of buffers which may be allocated per process. The default value is zero which means unlimited. The minimum non-zero value will always be greater than "tune.buffers.reserve" and should ideally always be about twice as large. Forcing this value can be particularly useful to limit the amount of memory a process may take, while retaining a sane behaviour. When this limit is reached, sessions which need a buffer wait for another one to be released by another session. Since buffers are dynamically allocated and released, the waiting time is very short and not perceptible provided that limits remain reasonable. In fact sometimes reducing the limit may even increase performance by increasing the CPU cache's efficiency. Tests have shown good results on average HTTP traffic with a limit to 1/10 of the expected global maxconn setting, which also significantly reduces memory usage. The memory savings come from the fact that a number of connections will not allocate 2*tune.bufsize. It is best not to touch this value unless advised to do so by an haproxy core developer.
2014-12-23 16:52:37 -05:00
if (global.tune.buf_limit)
pool2_buffer->limit = global.tune.buf_limit;
MAJOR: session: only wake up as many sessions as available buffers permit We've already experimented with three wake up algorithms when releasing buffers : the first naive one used to wake up far too many sessions, causing many of them not to get any buffer. The second approach which was still in use prior to this patch consisted in waking up either 1 or 2 sessions depending on the number of FDs we had released. And this was still inaccurate. The third one tried to cover the accuracy issues of the second and took into consideration the number of FDs the sessions would be willing to use, but most of the time we ended up waking up too many of them for nothing, or deadlocking by lack of buffers. This patch completely removes the need to allocate two buffers at once. Instead it splits allocations into critical and non-critical ones and implements a reserve in the pool for this. The deadlock situation happens when all buffers are be allocated for requests pending in a maxconn-limited server queue, because then there's no more way to allocate buffers for responses, and these responses are critical to release the servers's connection in order to release the pending requests. In fact maxconn on a server creates a dependence between sessions and particularly between oldest session's responses and latest session's requests. Thus, it is mandatory to get a free buffer for a response in order to release a server connection which will permit to release a request buffer. Since we definitely have non-symmetrical buffers, we need to implement this logic in the buffer allocation mechanism. What this commit does is implement a reserve of buffers which can only be allocated for responses and that will never be allocated for requests. This is made possible by the requester indicating how much margin it wants to leave after the allocation succeeds. Thus it is a cooperative allocation mechanism : the requester (process_session() in general) prefers not to get a buffer in order to respect other's need for response buffers. The session management code always knows if a buffer will be used for requests or responses, so that is not difficult : - either there's an applet on the initiator side and we really need the request buffer (since currently the applet is called in the context of the session) - or we have a connection and we really need the response buffer (in order to support building and sending an error message back) This reserve ensures that we don't take all allocatable buffers for requests waiting in a queue. The downside is that all the extra buffers are really allocated to ensure they can be allocated. But with small values it is not an issue. With this change, we don't observe any more deadlocks even when running with maxconn 1 on a server under severely constrained memory conditions. The code becomes a bit tricky, it relies on the scheduler's run queue to estimate how many sessions are already expected to run so that it doesn't wake up everyone with too few resources. A better solution would probably consist in having two queues, one for urgent requests and one for normal requests. A failed allocation for a session dealing with an error, a connection event, or the need for a response (or request when there's an applet on the left) would go to the urgent request queue, while other requests would go to the other queue. Urgent requests would be served from 1 entry in the pool, while the regular ones would be served only according to the reserve. Despite not yet having this, it works remarkably well. This mechanism is quite efficient, we don't perform too many wake up calls anymore. For 1 million sessions elapsed during massive memory contention, we observe about 4.5M calls to process_session() compared to 4.0M without memory constraints. Previously we used to observe up to 16M calls, which rougly means 12M failures. During a test run under high memory constraints (limit enforced to 27 MB instead of the 58 MB normally needed), performance used to drop by 53% prior to this patch. Now with this patch instead it *increases* by about 1.5%. The best effect of this change is that by limiting the memory usage to about 2/3 to 3/4 of what is needed by default, it's possible to increase performance by up to about 18% mainly due to the fact that pools are reused more often and remain hot in the CPU cache (observed on regular HTTP traffic with 20k objects, buffers.limit = maxconn/10, buffers.reserve = limit/2). Below is an example of scenario which used to cause a deadlock previously : - connection is received - two buffers are allocated in process_session() then released - one is allocated when receiving an HTTP request - the second buffer is allocated then released in process_session() for request parsing then connection establishment. - poll() says we can send, so the request buffer is sent and released - process session gets notified that the connection is now established and allocates two buffers then releases them - all other sessions do the same till one cannot get the request buffer without hitting the margin - and now the server responds. stream_interface allocates the response buffer and manages to get it since it's higher priority being for a response. - but process_session() cannot allocate the request buffer anymore => We could end up with all buffers used by responses so that none may be allocated for a request in process_session(). When the applet processing leaves the session context, the test will have to be changed so that we always allocate a response buffer regardless of the left side (eg: H2->H1 gateway). A final improvement would consists in being able to only retry the failed I/O operation without waking up a task, but to date all experiments to achieve this have proven not to be reliable enough.
2014-11-26 19:11:56 -05:00
buffer = pool_refill_alloc(pool2_buffer, pool2_buffer->minavail - 1);
if (!buffer)
return 0;
pool_free2(pool2_buffer, buffer);
return 1;
MAJOR: channel: replace the struct buffer with a pointer to a buffer With this commit, we now separate the channel from the buffer. This will allow us to replace buffers on the fly without touching the channel. Since nobody is supposed to keep a reference to a buffer anymore, doing so is not a problem and will also permit some copy-less data manipulation. Interestingly, these changes have shown a 2% performance increase on some workloads, probably due to a better cache placement of data.
2012-10-12 17:49:43 -04:00
}
REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h} These functions do not depend on the channel flags anymore thus they're much better suited to be used on plain buffers. Move them from channel to buffer.
2012-08-27 16:08:00 -04:00
/* This function writes the string <str> at position <pos> which must be in
* buffer <b>, and moves <end> just after the end of <str>. <b>'s parameters
* <l> and <r> are updated to be valid after the shift. The shift value
* (positive or negative) is returned. If there's no space left, the move is
* not done. The function does not adjust ->o because it does not make sense to
* use it on data scheduled to be sent. For the same reason, it does not make
* sense to call this function on unparsed data, so <orig> is not updated. The
* string length is taken from parameter <len>. If <len> is null, the <str>
* pointer is allowed to be null.
*/
int buffer_replace2(struct buffer *b, char *pos, char *end, const char *str, int len)
{
int delta;
delta = len - (end - pos);
BUG/MEDIUM: buffer: one byte miss in buffer free space check Space is not avalaible only if the end of the data inserted is strictly greater than the end of buffer. If these two value are equal, the space is avamaible.
2015-03-09 20:55:01 -04:00
if (bi_end(b) + delta > b->data + b->size)
REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h} These functions do not depend on the channel flags anymore thus they're much better suited to be used on plain buffers. Move them from channel to buffer.
2012-08-27 16:08:00 -04:00
return 0; /* no space left */
if (buffer_not_empty(b) &&
bi_end(b) + delta > bo_ptr(b) &&
bo_ptr(b) >= bi_end(b))
return 0; /* no space left before wrapping data */
/* first, protect the end of the buffer */
memmove(end + delta, end, bi_end(b) - end);
/* now, copy str over pos */
if (len)
memcpy(pos, str, len);
b->i += delta;
CLEANUP: buffer: use buffer_empty() instead of buffer_len()==0 A few places still made use of buffer_len()==0 to detect an empty buffer. Use the cleaner and more efficient buffer_empty() instead.
2012-12-16 13:39:09 -05:00
if (buffer_empty(b))
REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h} These functions do not depend on the channel flags anymore thus they're much better suited to be used on plain buffers. Move them from channel to buffer.
2012-08-27 16:08:00 -04:00
b->p = b->data;
return delta;
}
/*
* Inserts <str> followed by "\r\n" at position <pos> in buffer <b>. The <len>
* argument informs about the length of string <str> so that we don't have to
* measure it. It does not include the "\r\n". If <str> is NULL, then the buffer
* is only opened for len+2 bytes but nothing is copied in. It may be useful in
* some circumstances. The send limit is *not* adjusted. Same comments as above
* for the valid use cases.
*
* The number of bytes added is returned on success. 0 is returned on failure.
*/
int buffer_insert_line2(struct buffer *b, char *pos, const char *str, int len)
{
int delta;
delta = len + 2;
if (bi_end(b) + delta >= b->data + b->size)
return 0; /* no space left */
BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped HAProxy will crash with the following configuration: global ... tune.bufsize 1024 tune.maxrewrite 0 frontend xxx ... backend yyy ... cookie cookie insert maxidle 300s If client sends a request of which object size is more than tune.bufsize (1024 bytes), HAProxy will crash. After doing some debugging, the crash was caused by http_header_add_tail2() -> buffer_insert_line2() while inserting cookie at the end of response header. Part codes of buffer_insert_line2() are as below: int buffer_insert_line2(struct buffer *b, char *pos, const char *str, int len) { int delta; delta = len + 2; if (bi_end(b) + delta >= b->data + b->size) return 0; /* no space left */ /* first, protect the end of the buffer */ memmove(pos + delta, pos, bi_end(b) - pos); ... } Since tune.maxrewrite is 0, HAProxy can receive 1024 bytes once which is equals to full buffer size. Under such condition, the buffer is full and bi_end(b) will be wrapped to the start of buffer which pointed to b->data. As a result, though there is no space left in buffer, the check condition if (bi_end(b) + delta >= b->data + b->size) will be true, then memmove() is called, and (pos + delta) will exceed the end of buffer (b->data + b->size), HAProxy crashes Just take buffer_replace2() as a reference, the other check when input data in a buffer is wrapped should be also added into buffer_insert_line2(). This fix must be backported to 1.5. Signed-off-by: Godbach <nylzhaowei@gmail.com>
2014-10-31 01:16:37 -04:00
if (buffer_not_empty(b) &&
bi_end(b) + delta > bo_ptr(b) &&
bo_ptr(b) >= bi_end(b))
return 0; /* no space left before wrapping data */
REORG: channel: move buffer_{replace,insert_line}* to buffer.{c,h} These functions do not depend on the channel flags anymore thus they're much better suited to be used on plain buffers. Move them from channel to buffer.
2012-08-27 16:08:00 -04:00
/* first, protect the end of the buffer */
memmove(pos + delta, pos, bi_end(b) - pos);
/* now, copy str over pos */
if (len && str) {
memcpy(pos, str, len);
pos[len] = '\r';
pos[len + 1] = '\n';
}
b->i += delta;
return delta;
}
BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data The function buffer_slow_realign() was initially designed for requests only and did not consider pending outgoing data. This causes a problem when called on responses where data remain in the buffer, which may happen with pipelined requests when the client is slow to read data. The user-visible effect is that if less than <maxrewrite> bytes are present in the buffer from a previous response and these bytes cross the <maxrewrite> boundary close to the end of the buffer, then a new response will cause a realign and will destroy these pending data and move the pointer to what's believed to contain pending output data. Thus the client receives the crap that lies in the buffer instead of the original output bytes. This new implementation now properly realigns everything including the outgoing data which are moved to the end of the buffer while the input data are moved to the beginning. This implementation still uses a buffer-to-buffer copy which is not optimal in terms of performance and which should be replaced by a buffer switch later. Prior to this patch, the following script would return different hashes on each round when run from a 100 Mbps-connected machine : i=0 while usleep 100000; do echo round $((i++)) set -- $(nc6 0 8001 < 1kreq5k.txt | grep -v '^[0-9A-Z]' | md5sum) if [ "$1" != "3861afbb6566cd48740ce01edc426020" ]; then echo $1;break;fi done The file contains 1000 times this request with "Connection: close" on the last one : GET /?s=5k&R=1 HTTP/1.1 The config is very simple : global tune.bufsize 16384 tune.maxrewrite 8192 defaults mode http timeout client 10s timeout server 5s timeout connect 3s listen px bind :8001 option http-server-close server s1 127.0.0.1:8000 And httpterm-1.7.2 is used as the server on port 8000. After the fix, 1 million requests were sent and all returned the same contents. Many thanks to Charlie Smurthwaite of atechmedia.com for his precious help on this issue, which would not have been diagnosed without his very detailed traces and numerous tests. The patch must be backported to 1.5 which is where the bug was introduced.
2015-07-02 06:50:23 -04:00
/* This function realigns a possibly wrapping buffer so that the input part is
* contiguous and starts at the beginning of the buffer and the output part
* ends at the end of the buffer. This provides the best conditions since it
* allows the largest inputs to be processed at once and ensures that once the
* output data leaves, the whole buffer is available at once.
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
*/
void buffer_slow_realign(struct buffer *buf)
{
BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data The function buffer_slow_realign() was initially designed for requests only and did not consider pending outgoing data. This causes a problem when called on responses where data remain in the buffer, which may happen with pipelined requests when the client is slow to read data. The user-visible effect is that if less than <maxrewrite> bytes are present in the buffer from a previous response and these bytes cross the <maxrewrite> boundary close to the end of the buffer, then a new response will cause a realign and will destroy these pending data and move the pointer to what's believed to contain pending output data. Thus the client receives the crap that lies in the buffer instead of the original output bytes. This new implementation now properly realigns everything including the outgoing data which are moved to the end of the buffer while the input data are moved to the beginning. This implementation still uses a buffer-to-buffer copy which is not optimal in terms of performance and which should be replaced by a buffer switch later. Prior to this patch, the following script would return different hashes on each round when run from a 100 Mbps-connected machine : i=0 while usleep 100000; do echo round $((i++)) set -- $(nc6 0 8001 < 1kreq5k.txt | grep -v '^[0-9A-Z]' | md5sum) if [ "$1" != "3861afbb6566cd48740ce01edc426020" ]; then echo $1;break;fi done The file contains 1000 times this request with "Connection: close" on the last one : GET /?s=5k&R=1 HTTP/1.1 The config is very simple : global tune.bufsize 16384 tune.maxrewrite 8192 defaults mode http timeout client 10s timeout server 5s timeout connect 3s listen px bind :8001 option http-server-close server s1 127.0.0.1:8000 And httpterm-1.7.2 is used as the server on port 8000. After the fix, 1 million requests were sent and all returned the same contents. Many thanks to Charlie Smurthwaite of atechmedia.com for his precious help on this issue, which would not have been diagnosed without his very detailed traces and numerous tests. The patch must be backported to 1.5 which is where the bug was introduced.
2015-07-02 06:50:23 -04:00
int block1 = buf->o;
int block2 = 0;
/* process output data in two steps to cover wrapping */
if (block1 > buf->p - buf->data) {
block2 = buf->p - buf->data;
block1 -= block2;
}
memcpy(swap_buffer + buf->size - buf->o, bo_ptr(buf), block1);
memcpy(swap_buffer + buf->size - block2, buf->data, block2);
/* process input data in two steps to cover wrapping */
block1 = buf->i;
block2 = 0;
if (block1 > buf->data + buf->size - buf->p) {
block1 = buf->data + buf->size - buf->p;
block2 = buf->i - block1;
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
}
BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data The function buffer_slow_realign() was initially designed for requests only and did not consider pending outgoing data. This causes a problem when called on responses where data remain in the buffer, which may happen with pipelined requests when the client is slow to read data. The user-visible effect is that if less than <maxrewrite> bytes are present in the buffer from a previous response and these bytes cross the <maxrewrite> boundary close to the end of the buffer, then a new response will cause a realign and will destroy these pending data and move the pointer to what's believed to contain pending output data. Thus the client receives the crap that lies in the buffer instead of the original output bytes. This new implementation now properly realigns everything including the outgoing data which are moved to the end of the buffer while the input data are moved to the beginning. This implementation still uses a buffer-to-buffer copy which is not optimal in terms of performance and which should be replaced by a buffer switch later. Prior to this patch, the following script would return different hashes on each round when run from a 100 Mbps-connected machine : i=0 while usleep 100000; do echo round $((i++)) set -- $(nc6 0 8001 < 1kreq5k.txt | grep -v '^[0-9A-Z]' | md5sum) if [ "$1" != "3861afbb6566cd48740ce01edc426020" ]; then echo $1;break;fi done The file contains 1000 times this request with "Connection: close" on the last one : GET /?s=5k&R=1 HTTP/1.1 The config is very simple : global tune.bufsize 16384 tune.maxrewrite 8192 defaults mode http timeout client 10s timeout server 5s timeout connect 3s listen px bind :8001 option http-server-close server s1 127.0.0.1:8000 And httpterm-1.7.2 is used as the server on port 8000. After the fix, 1 million requests were sent and all returned the same contents. Many thanks to Charlie Smurthwaite of atechmedia.com for his precious help on this issue, which would not have been diagnosed without his very detailed traces and numerous tests. The patch must be backported to 1.5 which is where the bug was introduced.
2015-07-02 06:50:23 -04:00
memcpy(swap_buffer, bi_ptr(buf), block1);
memcpy(swap_buffer + block1, buf->data, block2);
/* reinject changes into the buffer */
memcpy(buf->data, swap_buffer, buf->i);
memcpy(buf->data + buf->size - buf->o, swap_buffer + buf->size - buf->o, buf->o);
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
buf->p = buf->data;
}
/* Realigns a possibly non-contiguous buffer by bouncing bytes from source to
* destination. It does not use any intermediate buffer and does the move in
* place, though it will be slower than a simple memmove() on contiguous data,
* so it's desirable to use it only on non-contiguous buffers. No pointers are
* changed, the caller is responsible for that.
*/
void buffer_bounce_realign(struct buffer *buf)
{
int advance, to_move;
char *from, *to;
from = bo_ptr(buf);
advance = buf->data + buf->size - from;
if (!advance)
return;
to_move = buffer_len(buf);
while (to_move) {
char last, save;
last = *from;
to = from + advance;
if (to >= buf->data + buf->size)
to -= buf->size;
while (1) {
save = *to;
*to = last;
last = save;
to_move--;
if (!to_move)
break;
/* check if we went back home after rotating a number of bytes */
if (to == from)
break;
/* if we ended up in the empty area, let's walk to next place. The
* empty area is either between buf->r and from or before from or
* after buf->r.
*/
if (from > bi_end(buf)) {
if (to >= bi_end(buf) && to < from)
break;
} else if (from < bi_end(buf)) {
if (to < from || to >= bi_end(buf))
break;
}
/* we have overwritten a byte of the original set, let's move it */
to += advance;
if (to >= buf->data + buf->size)
to -= buf->size;
}
from++;
if (from >= buf->data + buf->size)
from -= buf->size;
}
}
/*
* Dumps part or all of a buffer.
*/
void buffer_dump(FILE *o, struct buffer *b, int from, int to)
{
fprintf(o, "Dumping buffer %p\n", b);
MINOR: buffer_dump with ASCII Improve the buffer_dump function with ASCII output.
2012-11-22 12:01:40 -05:00
fprintf(o, " data=%p o=%d i=%d p=%p\n"
" relative: p=0x%04x\n",
b->data, b->o, b->i, b->p, (unsigned int)(b->p - b->data));
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
fprintf(o, "Dumping contents from byte %d to byte %d\n", from, to);
MINOR: buffer_dump with ASCII Improve the buffer_dump function with ASCII output.
2012-11-22 12:01:40 -05:00
fprintf(o, " 0 1 2 3 4 5 6 7 8 9 a b c d e f\n");
/* dump hexa */
while (from < to) {
int i;
fprintf(o, " %04x: ", from);
for (i = 0; ((from + i) < to) && (i < 16) ; i++) {
fprintf(o, "%02x ", (unsigned char)b->data[from + i]);
if (((from + i) & 15) == 7)
fprintf(o, "- ");
}
MINOR: buffer: align the last output line of buffer_dump() If the dumped length of buffer is not multiple of 16, the last output line can be seen as below: Dumping contents from byte 0 to byte 125 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 30 0d 0a 43 6f 6e 6e 65 - 63 74 69 6f 6e 3a 20 4b 0..Connection: K 0070: 65 65 70 2d 41 6c 69 76 - 65 0d 0a 0d 0a eep-Alive.... Yes, the hex column will be overlapped by the text column. Both the hex and text column should be aligned at their own area as below: Dumping contents from byte 0 to byte 125 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 30 0d 0a 43 6f 6e 6e 65 - 63 74 69 6f 6e 3a 20 4b 0..Connection: K 0070: 65 65 70 2d 41 6c 69 76 - 65 0d 0a 0d 0a eep-Alive.... Signed-off-by: Godbach <nylzhaowei@gmail.com>
2013-11-13 21:15:20 -05:00
if (to - from < 16) {
MINOR: buffer: align the last output line if there are less than 8 characters left Commit c08057c does the align job for buffer_dump(), but it has not fixed the issue that less than 8 characters are left in the last line as below: Dumping contents from byte 0 to byte 119 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 6e 65 63 74 69 6f 6e 3a - 20 4b 65 65 70 2d 41 6c nection: Keep-Al 0070: 69 76 65 0d 0a 0d 0a ive.... The last line of the hex column is still overlapped by the text column. Since there will be additional "- " for the output line which has no less than 8 characters, two additional spaces should be present when there is less than 8 characters in order to do alignment. The result after being fixed is as below: Dumping contents from byte 0 to byte 119 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 6e 65 63 74 69 6f 6e 3a - 20 4b 65 65 70 2d 41 6c nection: Keep-Al 0070: 69 76 65 0d 0a 0d 0a ive.... Signed-off-by: Godbach <nylzhaowei@gmail.com>
2013-11-20 21:21:22 -05:00
int j = 0;
MINOR: buffer: align the last output line of buffer_dump() If the dumped length of buffer is not multiple of 16, the last output line can be seen as below: Dumping contents from byte 0 to byte 125 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 30 0d 0a 43 6f 6e 6e 65 - 63 74 69 6f 6e 3a 20 4b 0..Connection: K 0070: 65 65 70 2d 41 6c 69 76 - 65 0d 0a 0d 0a eep-Alive.... Yes, the hex column will be overlapped by the text column. Both the hex and text column should be aligned at their own area as below: Dumping contents from byte 0 to byte 125 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 30 0d 0a 43 6f 6e 6e 65 - 63 74 69 6f 6e 3a 20 4b 0..Connection: K 0070: 65 65 70 2d 41 6c 69 76 - 65 0d 0a 0d 0a eep-Alive.... Signed-off-by: Godbach <nylzhaowei@gmail.com>
2013-11-13 21:15:20 -05:00
for (j = 0; j < from + 16 - to; j++)
fprintf(o, " ");
MINOR: buffer: align the last output line if there are less than 8 characters left Commit c08057c does the align job for buffer_dump(), but it has not fixed the issue that less than 8 characters are left in the last line as below: Dumping contents from byte 0 to byte 119 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 6e 65 63 74 69 6f 6e 3a - 20 4b 65 65 70 2d 41 6c nection: Keep-Al 0070: 69 76 65 0d 0a 0d 0a ive.... The last line of the hex column is still overlapped by the text column. Since there will be additional "- " for the output line which has no less than 8 characters, two additional spaces should be present when there is less than 8 characters in order to do alignment. The result after being fixed is as below: Dumping contents from byte 0 to byte 119 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 6e 65 63 74 69 6f 6e 3a - 20 4b 65 65 70 2d 41 6c nection: Keep-Al 0070: 69 76 65 0d 0a 0d 0a ive.... Signed-off-by: Godbach <nylzhaowei@gmail.com>
2013-11-20 21:21:22 -05:00
if (j > 8)
fprintf(o, " ");
MINOR: buffer: align the last output line of buffer_dump() If the dumped length of buffer is not multiple of 16, the last output line can be seen as below: Dumping contents from byte 0 to byte 125 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 30 0d 0a 43 6f 6e 6e 65 - 63 74 69 6f 6e 3a 20 4b 0..Connection: K 0070: 65 65 70 2d 41 6c 69 76 - 65 0d 0a 0d 0a eep-Alive.... Yes, the hex column will be overlapped by the text column. Both the hex and text column should be aligned at their own area as below: Dumping contents from byte 0 to byte 125 0 1 2 3 4 5 6 7 8 9 a b c d e f 0000: 47 45 54 20 2f 69 6e 64 - 65 78 2e 68 74 6d 20 48 GET /index.htm H 0010: 54 54 50 2f 31 2e 30 0d - 0a 55 73 65 72 2d 41 67 TTP/1.0..User-Ag ... 0060: 30 0d 0a 43 6f 6e 6e 65 - 63 74 69 6f 6e 3a 20 4b 0..Connection: K 0070: 65 65 70 2d 41 6c 69 76 - 65 0d 0a 0d 0a eep-Alive.... Signed-off-by: Godbach <nylzhaowei@gmail.com>
2013-11-13 21:15:20 -05:00
}
MINOR: buffer_dump with ASCII Improve the buffer_dump function with ASCII output.
2012-11-22 12:01:40 -05:00
fprintf(o, " ");
for (i = 0; (from + i < to) && (i < 16) ; i++) {
BUILD: buffer: fix another isprint() warning on solaris This one came with commit recent be0efd8. Solaris wants ints, not chars.
2012-11-25 18:57:40 -05:00
fprintf(o, "%c", isprint((int)b->data[from + i]) ? b->data[from + i] : '.') ;
MINOR: buffer_dump with ASCII Improve the buffer_dump function with ASCII output.
2012-11-22 12:01:40 -05:00
if ((((from + i) & 15) == 15) && ((from + i) != to-1))
fprintf(o, "\n");
}
from += i;
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
}
fprintf(o, "\n--\n");
MINOR: buffer_dump with ASCII Improve the buffer_dump function with ASCII output.
2012-11-22 12:01:40 -05:00
fflush(o);
REORG: buffers: split buffers into chunk,buffer,channel Many parts of the channel definition still make use of the "buffer" word.
2012-08-24 13:22:53 -04:00
}
/*
* Local variables:
* c-indent-level: 8
* c-basic-offset: 8
* End:
*/
Reference in a new issue Copy permalink