2006-06-26 00:48:02 +00:00
|
|
|
/*
|
2012-08-24 17:22:53 +00:00
|
|
|
* include/proto/channel.h
|
|
|
|
* Channel management definitions, macros and inline functions.
|
2009-12-13 14:53:05 +00:00
|
|
|
*
|
2014-11-27 21:10:04 +00:00
|
|
|
* Copyright (C) 2000-2014 Willy Tarreau - w@1wt.eu
|
2009-12-13 14:53:05 +00:00
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation, version 2.1
|
|
|
|
* exclusively.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
|
|
|
*/
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2012-08-24 17:22:53 +00:00
|
|
|
#ifndef _PROTO_CHANNEL_H
|
|
|
|
#define _PROTO_CHANNEL_H
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2018-06-06 13:09:28 +00:00
|
|
|
#include <stdint.h>
|
2007-05-13 17:56:02 +00:00
|
|
|
#include <stdio.h>
|
2006-12-23 19:51:41 +00:00
|
|
|
#include <stdlib.h>
|
2007-05-13 17:56:02 +00:00
|
|
|
#include <string.h>
|
2006-12-23 19:51:41 +00:00
|
|
|
|
2006-06-29 16:54:54 +00:00
|
|
|
#include <common/config.h>
|
2012-08-24 17:22:53 +00:00
|
|
|
#include <common/chunk.h>
|
2008-07-06 22:09:58 +00:00
|
|
|
#include <common/ticks.h>
|
2007-06-03 13:59:52 +00:00
|
|
|
#include <common/time.h>
|
|
|
|
|
2014-12-16 14:41:18 +00:00
|
|
|
#include <types/channel.h>
|
2009-12-13 14:53:05 +00:00
|
|
|
#include <types/global.h>
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
#include <types/stream.h>
|
2014-11-28 13:10:28 +00:00
|
|
|
#include <types/stream_interface.h>
|
2006-06-26 00:48:02 +00:00
|
|
|
|
BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
When an entity tries to get a buffer, if it cannot be allocted, for example
because the number of buffers which may be allocated per process is limited,
this entity is added in a list (called <buffer_wq>) and wait for an available
buffer.
Historically, the <buffer_wq> list was logically attached to streams because it
were the only entities likely to be added in it. Now, applets can also be
waiting for a free buffer. And with filters, we could imagine to have more other
entities waiting for a buffer. So it make sense to have a generic list.
Anyway, with the current design there is a bug. When an applet failed to get a
buffer, it will wait. But we add the stream attached to the applet in
<buffer_wq>, instead of the applet itself. So when a buffer is available, we
wake up the stream and not the waiting applet. So, it is possible to have
waiting applets and never awakened.
So, now, <buffer_wq> is independant from streams. And we really add the waiting
entity in <buffer_wq>. To be generic, the entity is responsible to define the
callback used to awaken it.
In addition, applets will still request an input buffer when they become
active. But they will not be sleeped anymore if no buffer are available. So this
is the responsibility to the applet I/O handler to check if this buffer is
allocated or not. This way, an applet can decide if this buffer is required or
not and can do additional processing if not.
[wt: backport to 1.7 and 1.6]
2016-12-09 16:30:18 +00:00
|
|
|
#include <proto/task.h>
|
|
|
|
|
2007-05-13 17:56:02 +00:00
|
|
|
/* perform minimal intializations, report 0 in case of error, 1 if OK. */
|
2012-08-27 22:06:31 +00:00
|
|
|
int init_channel();
|
2007-05-13 17:56:02 +00:00
|
|
|
|
2012-10-25 22:21:52 +00:00
|
|
|
unsigned long long __channel_forward(struct channel *chn, unsigned long long bytes);
|
2012-08-27 22:06:31 +00:00
|
|
|
|
|
|
|
/* SI-to-channel functions working with buffers */
|
REORG: channel: finally rename the last bi_* / bo_* functions
For HTTP/2 we'll need some buffer-only equivalent functions to some of
the ones applying to channels and still squatting the bi_* / bo_*
namespace. Since these names have kept being misleading for quite some
time now and are really getting annoying, it's time to rename them. This
commit will use "ci/co" as the prefix (for "channel in", "channel out")
instead of "bi/bo". The following ones were renamed :
bi_getblk_nc, bi_getline_nc, bi_putblk, bi_putchr,
bo_getblk, bo_getblk_nc, bo_getline, bo_getline_nc, bo_inject,
bi_putchk, bi_putstr, bo_getchr, bo_skip, bi_swpbuf
2017-10-19 12:32:15 +00:00
|
|
|
int ci_putblk(struct channel *chn, const char *str, int len);
|
|
|
|
int ci_putchr(struct channel *chn, char c);
|
2018-07-18 09:49:27 +00:00
|
|
|
int ci_getline_nc(const struct channel *chn, char **blk1, size_t *len1, char **blk2, size_t *len2);
|
|
|
|
int ci_getblk_nc(const struct channel *chn, char **blk1, size_t *len1, char **blk2, size_t *len2);
|
2018-07-12 13:43:32 +00:00
|
|
|
int ci_insert_line2(struct channel *c, int pos, const char *str, int len);
|
REORG: channel: finally rename the last bi_* / bo_* functions
For HTTP/2 we'll need some buffer-only equivalent functions to some of
the ones applying to channels and still squatting the bi_* / bo_*
namespace. Since these names have kept being misleading for quite some
time now and are really getting annoying, it's time to rename them. This
commit will use "ci/co" as the prefix (for "channel in", "channel out")
instead of "bi/bo". The following ones were renamed :
bi_getblk_nc, bi_getline_nc, bi_putblk, bi_putchr,
bo_getblk, bo_getblk_nc, bo_getline, bo_getline_nc, bo_inject,
bi_putchk, bi_putstr, bo_getchr, bo_skip, bi_swpbuf
2017-10-19 12:32:15 +00:00
|
|
|
int co_inject(struct channel *chn, const char *msg, int len);
|
2017-10-19 12:58:40 +00:00
|
|
|
int co_getline(const struct channel *chn, char *str, int len);
|
|
|
|
int co_getblk(const struct channel *chn, char *blk, int len, int offset);
|
2018-07-18 09:49:27 +00:00
|
|
|
int co_getline_nc(const struct channel *chn, const char **blk1, size_t *len1, const char **blk2, size_t *len2);
|
|
|
|
int co_getblk_nc(const struct channel *chn, const char **blk1, size_t *len1, const char **blk2, size_t *len2);
|
2015-02-16 18:26:48 +00:00
|
|
|
|
2010-09-08 15:04:31 +00:00
|
|
|
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
/* returns a pointer to the stream the channel belongs to */
|
2015-09-25 06:36:11 +00:00
|
|
|
static inline struct stream *chn_strm(const struct channel *chn)
|
2014-12-28 12:03:53 +00:00
|
|
|
{
|
|
|
|
if (chn->flags & CF_ISRESP)
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return LIST_ELEM(chn, struct stream *, res);
|
2014-12-28 12:03:53 +00:00
|
|
|
else
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return LIST_ELEM(chn, struct stream *, req);
|
2014-12-28 12:03:53 +00:00
|
|
|
}
|
|
|
|
|
2014-11-28 13:10:28 +00:00
|
|
|
/* returns a pointer to the stream interface feeding the channel (producer) */
|
|
|
|
static inline struct stream_interface *chn_prod(const struct channel *chn)
|
|
|
|
{
|
2014-11-28 13:22:12 +00:00
|
|
|
if (chn->flags & CF_ISRESP)
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return &LIST_ELEM(chn, struct stream *, res)->si[1];
|
2014-11-28 13:22:12 +00:00
|
|
|
else
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return &LIST_ELEM(chn, struct stream *, req)->si[0];
|
2014-11-28 13:10:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* returns a pointer to the stream interface consuming the channel (producer) */
|
|
|
|
static inline struct stream_interface *chn_cons(const struct channel *chn)
|
|
|
|
{
|
2014-11-28 13:22:12 +00:00
|
|
|
if (chn->flags & CF_ISRESP)
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return &LIST_ELEM(chn, struct stream *, res)->si[0];
|
2014-11-28 13:22:12 +00:00
|
|
|
else
|
REORG/MAJOR: session: rename the "session" entity to "stream"
With HTTP/2, we'll have to support multiplexed streams. A stream is in
fact the largest part of what we currently call a session, it has buffers,
logs, etc.
In order to catch any error, this commit removes any reference to the
struct session and tries to rename most "session" occurrences in function
names to "stream" and "sess" to "strm" when that's related to a session.
The files stream.{c,h} were added and session.{c,h} removed.
The session will be reintroduced later and a few parts of the stream
will progressively be moved overthere. It will more or less contain
only what we need in an embryonic session.
Sample fetch functions and converters will have to change a bit so
that they'll use an L5 (session) instead of what's currently called
"L4" which is in fact L6 for now.
Once all changes are completed, we should see approximately this :
L7 - http_txn
L6 - stream
L5 - session
L4 - connection | applet
There will be at most one http_txn per stream, and a same session will
possibly be referenced by multiple streams. A connection will point to
a session and to a stream. The session will hold all the information
we need to keep even when we don't yet have a stream.
Some more cleanup is needed because some code was already far from
being clean. The server queue management still refers to sessions at
many places while comments talk about connections. This will have to
be cleaned up once we have a server-side connection pool manager.
Stream flags "SN_*" still need to be renamed, it doesn't seem like
any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
|
|
|
return &LIST_ELEM(chn, struct stream *, req)->si[1];
|
2014-11-28 13:10:28 +00:00
|
|
|
}
|
|
|
|
|
2018-06-06 13:09:28 +00:00
|
|
|
/* c_orig() : returns the pointer to the channel buffer's origin */
|
|
|
|
static inline char *c_orig(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_orig(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* c_size() : returns the size of the channel's buffer */
|
|
|
|
static inline size_t c_size(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_size(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* c_wrap() : returns the pointer to the channel buffer's wrapping point */
|
|
|
|
static inline char *c_wrap(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_wrap(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* c_data() : returns the amount of data in the channel's buffer */
|
|
|
|
static inline size_t c_data(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_data(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* c_room() : returns the room left in the channel's buffer */
|
|
|
|
static inline size_t c_room(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_size(&c->buf) - b_data(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* c_empty() : returns a boolean indicating if the channel's buffer is empty */
|
|
|
|
static inline size_t c_empty(const struct channel *c)
|
|
|
|
{
|
|
|
|
return !c_data(c);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* c_full() : returns a boolean indicating if the channel's buffer is full */
|
|
|
|
static inline size_t c_full(const struct channel *c)
|
|
|
|
{
|
|
|
|
return !c_room(c);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* co_data() : returns the amount of output data in the channel's buffer */
|
|
|
|
static inline size_t co_data(const struct channel *c)
|
|
|
|
{
|
2018-06-22 17:26:39 +00:00
|
|
|
return c->output;
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* ci_data() : returns the amount of input data in the channel's buffer */
|
|
|
|
static inline size_t ci_data(const struct channel *c)
|
|
|
|
{
|
2018-06-15 14:42:02 +00:00
|
|
|
return c_data(c) - co_data(c);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* ci_next() : for an absolute pointer <p> or a relative offset <o> pointing to
|
|
|
|
* a valid location within channel <c>'s buffer, returns either the absolute
|
|
|
|
* pointer or the relative offset pointing to the next byte, which usually is
|
|
|
|
* at (p + 1) unless p reaches the wrapping point and wrapping is needed.
|
|
|
|
*/
|
|
|
|
static inline size_t ci_next_ofs(const struct channel *c, size_t o)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_next_ofs(&c->buf, o);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *ci_next(const struct channel *c, const char *p)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_next(&c->buf, p);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* c_ptr() : returns a pointer to an offset relative to the beginning of the
|
|
|
|
* input data in the buffer. If instead the offset is negative, a pointer to
|
|
|
|
* existing output data is returned. The function only takes care of wrapping,
|
|
|
|
* it's up to the caller to ensure the offset is always within byte count
|
|
|
|
* bounds.
|
|
|
|
*/
|
|
|
|
static inline char *c_ptr(const struct channel *c, ssize_t ofs)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek(&c->buf, co_data(c) + ofs);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* c_adv() : advances the channel's buffer by <adv> bytes, which means that the
|
|
|
|
* buffer's pointer advances, and that as many bytes from in are transferred
|
|
|
|
* from in to out. The caller is responsible for ensuring that adv is always
|
|
|
|
* smaller than or equal to b->i.
|
|
|
|
*/
|
|
|
|
static inline void c_adv(struct channel *c, size_t adv)
|
|
|
|
{
|
2018-06-22 17:26:39 +00:00
|
|
|
c->output += adv;
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* c_rew() : rewinds the channel's buffer by <adv> bytes, which means that the
|
|
|
|
* buffer's pointer goes backwards, and that as many bytes from out are moved
|
|
|
|
* to in. The caller is responsible for ensuring that adv is always smaller
|
|
|
|
* than or equal to b->o.
|
|
|
|
*/
|
|
|
|
static inline void c_rew(struct channel *c, size_t adv)
|
|
|
|
{
|
2018-06-22 17:26:39 +00:00
|
|
|
c->output -= adv;
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* c_realign_if_empty() : realign the channel's buffer if it's empty */
|
|
|
|
static inline void c_realign_if_empty(struct channel *chn)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
b_realign_if_empty(&chn->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
2018-06-29 14:17:34 +00:00
|
|
|
/* Sets the amount of output for the channel */
|
|
|
|
static inline void co_set_data(struct channel *c, size_t output)
|
|
|
|
{
|
2018-06-22 17:26:39 +00:00
|
|
|
c->output = output;
|
2018-06-29 14:17:34 +00:00
|
|
|
}
|
|
|
|
|
2018-06-06 13:09:28 +00:00
|
|
|
|
|
|
|
/* co_head() : returns a pointer to the beginning of output data in the buffer.
|
|
|
|
* The "__" variants don't support wrapping, "ofs" are relative to
|
|
|
|
* the buffer's origin.
|
|
|
|
*/
|
|
|
|
static inline size_t __co_head_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_peek_ofs(&c->buf, 0);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *__co_head(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_peek(&c->buf, 0);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline size_t co_head_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek_ofs(&c->buf, 0);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *co_head(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek(&c->buf, 0);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* co_tail() : returns a pointer to the end of output data in the buffer.
|
|
|
|
* The "__" variants don't support wrapping, "ofs" are relative to
|
|
|
|
* the buffer's origin.
|
|
|
|
*/
|
|
|
|
static inline size_t __co_tail_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_peek_ofs(&c->buf, co_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *__co_tail(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_peek(&c->buf, co_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline size_t co_tail_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek_ofs(&c->buf, co_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *co_tail(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek(&c->buf, co_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* ci_head() : returns a pointer to the beginning of input data in the buffer.
|
|
|
|
* The "__" variants don't support wrapping, "ofs" are relative to
|
|
|
|
* the buffer's origin.
|
|
|
|
*/
|
|
|
|
static inline size_t __ci_head_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_peek_ofs(&c->buf, co_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *__ci_head(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_peek(&c->buf, co_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline size_t ci_head_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek_ofs(&c->buf, co_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *ci_head(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek(&c->buf, co_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* ci_tail() : returns a pointer to the end of input data in the buffer.
|
|
|
|
* The "__" variants don't support wrapping, "ofs" are relative to
|
|
|
|
* the buffer's origin.
|
|
|
|
*/
|
|
|
|
static inline size_t __ci_tail_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_peek_ofs(&c->buf, c_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *__ci_tail(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_peek(&c->buf, c_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline size_t ci_tail_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek_ofs(&c->buf, c_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline char *ci_tail(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_peek(&c->buf, c_data(c));
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* ci_stop() : returns the pointer to the byte following the end of input data
|
|
|
|
* in the channel buffer. It may be out of the buffer. It's used to
|
|
|
|
* compute lengths or stop pointers.
|
|
|
|
*/
|
|
|
|
static inline size_t __ci_stop_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_stop_ofs(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline const char *__ci_stop(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return __b_stop(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline size_t ci_stop_ofs(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_stop_ofs(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
static inline const char *ci_stop(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_stop(&c->buf);
|
2018-06-06 13:09:28 +00:00
|
|
|
}
|
|
|
|
|
2018-06-06 14:55:45 +00:00
|
|
|
|
|
|
|
/* Returns the amount of input data that can contiguously be read at once */
|
|
|
|
static inline size_t ci_contig_data(const struct channel *c)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_contig_data(&c->buf, co_data(c));
|
2018-06-06 14:55:45 +00:00
|
|
|
}
|
2018-06-06 13:09:28 +00:00
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Initialize all fields in the channel. */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_init(struct channel *chn)
|
2006-07-29 14:59:06 +00:00
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
chn->buf = BUF_NULL;
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->to_forward = 0;
|
2014-02-09 16:45:16 +00:00
|
|
|
chn->last_read = now_ms;
|
2014-02-09 07:31:49 +00:00
|
|
|
chn->xfer_small = chn->xfer_large = 0;
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->total = 0;
|
|
|
|
chn->pipe = NULL;
|
|
|
|
chn->analysers = 0;
|
|
|
|
chn->flags = 0;
|
2018-06-22 17:26:39 +00:00
|
|
|
chn->output = 0;
|
2009-12-13 14:53:05 +00:00
|
|
|
}
|
|
|
|
|
2012-10-25 22:21:52 +00:00
|
|
|
/* Schedule up to <bytes> more bytes to be forwarded via the channel without
|
|
|
|
* notifying the owner task. Any data pending in the buffer are scheduled to be
|
|
|
|
* sent as well, in the limit of the number of bytes to forward. This must be
|
|
|
|
* the only method to use to schedule bytes to be forwarded. If the requested
|
|
|
|
* number is too large, it is automatically adjusted. The number of bytes taken
|
|
|
|
* into account is returned. Directly touching ->to_forward will cause lockups
|
|
|
|
* when buf->o goes down to zero if nobody is ready to push the remaining data.
|
|
|
|
*/
|
|
|
|
static inline unsigned long long channel_forward(struct channel *chn, unsigned long long bytes)
|
|
|
|
{
|
|
|
|
/* hint: avoid comparisons on long long for the fast case, since if the
|
|
|
|
* length does not fit in an unsigned it, it will never be forwarded at
|
|
|
|
* once anyway.
|
|
|
|
*/
|
|
|
|
if (bytes <= ~0U) {
|
|
|
|
unsigned int bytes32 = bytes;
|
|
|
|
|
2018-06-15 14:42:02 +00:00
|
|
|
if (bytes32 <= ci_data(chn)) {
|
2012-10-25 22:21:52 +00:00
|
|
|
/* OK this amount of bytes might be forwarded at once */
|
2018-06-06 05:13:22 +00:00
|
|
|
c_adv(chn, bytes32);
|
2012-10-25 22:21:52 +00:00
|
|
|
return bytes;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return __channel_forward(chn, bytes);
|
|
|
|
}
|
|
|
|
|
2016-05-04 12:05:58 +00:00
|
|
|
/* Forwards any input data and marks the channel for permanent forwarding */
|
|
|
|
static inline void channel_forward_forever(struct channel *chn)
|
|
|
|
{
|
2018-06-15 14:42:02 +00:00
|
|
|
c_adv(chn, ci_data(chn));
|
2016-05-04 12:05:58 +00:00
|
|
|
chn->to_forward = CHN_INFINITE_FORWARD;
|
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/*********************************************************************/
|
|
|
|
/* These functions are used to compute various channel content sizes */
|
|
|
|
/*********************************************************************/
|
2011-11-25 19:33:58 +00:00
|
|
|
|
2012-08-24 20:40:29 +00:00
|
|
|
/* Reports non-zero if the channel is empty, which means both its
|
|
|
|
* buffer and pipe are empty. The construct looks strange but is
|
|
|
|
* jump-less and much more efficient on both 32 and 64-bit than
|
|
|
|
* the boolean test.
|
|
|
|
*/
|
2017-10-19 12:58:40 +00:00
|
|
|
static inline unsigned int channel_is_empty(const struct channel *c)
|
2012-08-24 20:40:29 +00:00
|
|
|
{
|
2018-06-15 14:42:02 +00:00
|
|
|
return !(co_data(c) | (long)c->pipe);
|
2012-08-24 20:40:29 +00:00
|
|
|
}
|
|
|
|
|
2015-01-13 13:39:16 +00:00
|
|
|
/* Returns non-zero if the channel is rewritable, which means that the buffer
|
|
|
|
* it is attached to has at least <maxrewrite> bytes immediately available.
|
|
|
|
* This is used to decide when a request or response may be parsed when some
|
|
|
|
* data from a previous exchange might still be present.
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
*/
|
2015-01-13 13:39:16 +00:00
|
|
|
static inline int channel_is_rewritable(const struct channel *chn)
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
int rem = chn->buf.size;
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
|
2018-07-10 15:43:27 +00:00
|
|
|
rem -= b_data(&chn->buf);
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
rem -= global.tune.maxrewrite;
|
|
|
|
return rem >= 0;
|
|
|
|
}
|
|
|
|
|
2015-01-14 15:08:45 +00:00
|
|
|
/* Tells whether data are likely to leave the buffer. This is used to know when
|
|
|
|
* we can safely ignore the reserve since we know we cannot retry a connection.
|
|
|
|
* It returns zero if data are blocked, non-zero otherwise.
|
|
|
|
*/
|
|
|
|
static inline int channel_may_send(const struct channel *chn)
|
|
|
|
{
|
2014-11-28 13:10:28 +00:00
|
|
|
return chn_cons(chn)->state == SI_ST_EST;
|
2015-01-14 15:08:45 +00:00
|
|
|
}
|
|
|
|
|
2015-01-13 19:20:10 +00:00
|
|
|
/* Returns non-zero if the channel can still receive data. This is used to
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
* decide when to stop reading into a buffer when we want to ensure that we
|
|
|
|
* leave the reserve untouched after all pending outgoing data are forwarded.
|
|
|
|
* The reserved space is taken into account if ->to_forward indicates that an
|
2018-07-10 15:43:27 +00:00
|
|
|
* end of transfer is close to happen. Note that both ->buf.o and ->to_forward
|
BUG/MAJOR: http: always ensure response buffer has some room for a response
Since 1.5-dev12 and commit 3bf1b2b8 (MAJOR: channel: stop relying on
BF_FULL to take action), the HTTP parser switched to channel_full()
instead of BF_FULL to decide whether a buffer had enough room to start
parsing a request or response. The problem is that channel_full()
intentionally ignores outgoing data, so a corner case exists where a
large response might still be left in a response buffer with just a
few bytes left (much less than the reserve), enough to accept a second
response past the last data, but not enough to permit the HTTP processor
to add some headers. Since all the processing relies on this space being
available, we can get some random crashes when clients pipeline requests.
The analysis of a core from haproxy configured with 20480 bytes buffers
shows this : with enough "luck", when sending back the response for the
first request, the client is slow, the TCP window is congested, the socket
buffers are full, and haproxy's buffer fills up. We still have 20230 bytes
of response data in a 20480 response buffer. The second request is sent to
the server which returns 214 bytes which fit in the small 250 bytes left
in this buffer. And the buffer arrangement makes it possible to escape all
the controls in http_wait_for_response() :
|<------ response buffer = 20480 bytes ------>|
[ 2/2 | 3 | 4 | 1/2 ]
^ start of circular buffer
1/2 = beginning of previous response (18240)
2/2 = end of previous response (1990)
3 = current response (214)
4 = free space (36)
- channel_full() returns false (20230 bytes are going to leave)
- the response headers does not wrap at the end of the buffer
- the remaining linear room after the headers is larger than the
reserve, because it's the previous response which wraps :
=> response is processed
Header rewriting causes it to reach 260 bytes, 10 bytes larger than what
the buffer could hold. So all computations during header addition are
wrong and lead to the corruption we've observed.
All the conditions are very hard to meet (which explains why it took
almost one year for this bug to show up) and are almost impossible to
reproduce on purpose on a test platform. But the bug is clearly there.
This issue was reported by Dinko Korunic who kindly devoted a lot of
time to provide countless traces and cores, and to experiment with
troubleshooting patches to knock the bug down. Thanks Dinko!
No backport is needed, but all 1.5-dev versions between dev12 and dev18
included must be upgraded. A workaround consists in setting option
forceclose to prevent pipelined requests from being processed.
2013-06-08 10:55:46 +00:00
|
|
|
* are considered as available since they're supposed to leave the buffer. The
|
|
|
|
* test is optimized to avoid as many operations as possible for the fast case
|
2016-04-20 18:09:22 +00:00
|
|
|
* and to be used as an "if" condition. Just like channel_recv_limit(), we
|
|
|
|
* never allow to overwrite the reserve until the output stream interface is
|
|
|
|
* connected, otherwise we could spin on a POST with http-send-name-header.
|
2011-11-25 19:33:58 +00:00
|
|
|
*/
|
2015-01-13 19:20:10 +00:00
|
|
|
static inline int channel_may_recv(const struct channel *chn)
|
2011-11-25 19:33:58 +00:00
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
int rem = chn->buf.size;
|
2012-05-07 09:56:55 +00:00
|
|
|
|
2018-07-10 15:43:27 +00:00
|
|
|
if (b_is_null(&chn->buf))
|
2015-01-13 19:20:10 +00:00
|
|
|
return 1;
|
2014-11-28 19:54:13 +00:00
|
|
|
|
2018-07-10 15:43:27 +00:00
|
|
|
rem -= b_data(&chn->buf);
|
2012-05-07 09:56:55 +00:00
|
|
|
if (!rem)
|
2015-01-13 19:20:10 +00:00
|
|
|
return 0; /* buffer already full */
|
2012-05-07 09:56:55 +00:00
|
|
|
|
2016-04-21 10:12:45 +00:00
|
|
|
if (rem > global.tune.maxrewrite)
|
|
|
|
return 1; /* reserve not yet reached */
|
|
|
|
|
|
|
|
if (!channel_may_send(chn))
|
|
|
|
return 0; /* don't touch reserve until we can send */
|
|
|
|
|
|
|
|
/* Now we know there's some room left in the reserve and we may
|
|
|
|
* forward. As long as i-to_fwd < size-maxrw, we may still
|
|
|
|
* receive. This is equivalent to i+maxrw-size < to_fwd,
|
|
|
|
* which is logical since i+maxrw-size is what overlaps with
|
|
|
|
* the reserve, and we want to ensure they're covered by scheduled
|
|
|
|
* forwards.
|
2015-01-13 18:07:23 +00:00
|
|
|
*/
|
2018-07-10 15:43:27 +00:00
|
|
|
rem = ci_data(chn) + global.tune.maxrewrite - chn->buf.size;
|
2016-04-21 10:12:45 +00:00
|
|
|
return rem < 0 || (unsigned int)rem < chn->to_forward;
|
2012-05-07 09:56:55 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Returns true if the channel's input is already closed */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline int channel_input_closed(struct channel *chn)
|
2010-09-08 15:04:31 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
return ((chn->flags & CF_SHUTR) != 0);
|
2010-09-08 15:04:31 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Returns true if the channel's output is already closed */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline int channel_output_closed(struct channel *chn)
|
2010-09-08 15:04:31 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
return ((chn->flags & CF_SHUTW) != 0);
|
2010-09-08 15:04:31 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Check channel timeouts, and set the corresponding flags. The likely/unlikely
|
|
|
|
* have been optimized for fastest normal path. The read/write timeouts are not
|
|
|
|
* set if there was activity on the channel. That way, we don't have to update
|
|
|
|
* the timeout on every I/O. Note that the analyser timeout is always checked.
|
2008-09-04 07:14:08 +00:00
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_check_timeouts(struct channel *chn)
|
2008-09-04 07:14:08 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
if (likely(!(chn->flags & (CF_SHUTR|CF_READ_TIMEOUT|CF_READ_ACTIVITY|CF_READ_NOEXP))) &&
|
|
|
|
unlikely(tick_is_expired(chn->rex, now_ms)))
|
|
|
|
chn->flags |= CF_READ_TIMEOUT;
|
2008-09-04 07:14:08 +00:00
|
|
|
|
2018-10-24 15:17:56 +00:00
|
|
|
if (likely(!(chn->flags & (CF_SHUTW|CF_WRITE_TIMEOUT|CF_WRITE_ACTIVITY))) &&
|
2012-10-12 21:11:02 +00:00
|
|
|
unlikely(tick_is_expired(chn->wex, now_ms)))
|
|
|
|
chn->flags |= CF_WRITE_TIMEOUT;
|
2008-09-04 07:14:08 +00:00
|
|
|
|
2012-10-12 21:11:02 +00:00
|
|
|
if (likely(!(chn->flags & CF_ANA_TIMEOUT)) &&
|
|
|
|
unlikely(tick_is_expired(chn->analyse_exp, now_ms)))
|
|
|
|
chn->flags |= CF_ANA_TIMEOUT;
|
2008-09-04 07:14:08 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Erase any content from channel <buf> and adjusts flags accordingly. Note
|
[MEDIUM] i/o: rework ->to_forward and ->send_max
The way the buffers and stream interfaces handled ->to_forward was
really not handy for multiple reasons. Now we've moved its control
to the receive-side of the buffer, which is also responsible for
keeping send_max up to date. This makes more sense as it now becomes
possible to send some pre-formatted data followed by forwarded data.
The following explanation has also been added to buffer.h to clarify
the situation. Right now, tests show that the I/O is behaving extremely
well. Some work will have to be done to adapt existing splice code
though.
/* Note about the buffer structure
The buffer contains two length indicators, one to_forward counter and one
send_max limit. First, it must be understood that the buffer is in fact
split in two parts :
- the visible data (->data, for ->l bytes)
- the invisible data, typically in kernel buffers forwarded directly from
the source stream sock to the destination stream sock (->splice_len
bytes). Those are used only during forward.
In order not to mix data streams, the producer may only feed the invisible
data with data to forward, and only when the visible buffer is empty. The
consumer may not always be able to feed the invisible buffer due to platform
limitations (lack of kernel support).
Conversely, the consumer must always take data from the invisible data first
before ever considering visible data. There is no limit to the size of data
to consume from the invisible buffer, as platform-specific implementations
will rarely leave enough control on this. So any byte fed into the invisible
buffer is expected to reach the destination file descriptor, by any means.
However, it's the consumer's responsibility to ensure that the invisible
data has been entirely consumed before consuming visible data. This must be
reflected by ->splice_len. This is very important as this and only this can
ensure strict ordering of data between buffers.
The producer is responsible for decreasing ->to_forward and increasing
->send_max. The ->to_forward parameter indicates how many bytes may be fed
into either data buffer without waking the parent up. The ->send_max
parameter says how many bytes may be read from the visible buffer. Thus it
may never exceed ->l. This parameter is updated by any buffer_write() as
well as any data forwarded through the visible buffer.
The consumer is responsible for decreasing ->send_max when it sends data
from the visible buffer, and ->splice_len when it sends data from the
invisible buffer.
A real-world example consists in part in an HTTP response waiting in a
buffer to be forwarded. We know the header length (300) and the amount of
data to forward (content-length=9000). The buffer already contains 1000
bytes of data after the 300 bytes of headers. Thus the caller will set
->send_max to 300 indicating that it explicitly wants to send those data,
and set ->to_forward to 9000 (content-length). This value must be normalised
immediately after updating ->to_forward : since there are already 1300 bytes
in the buffer, 300 of which are already counted in ->send_max, and that size
is smaller than ->to_forward, we must update ->send_max to 1300 to flush the
whole buffer, and reduce ->to_forward to 8000. After that, the producer may
try to feed the additional data through the invisible buffer using a
platform-specific method such as splice().
*/
2009-01-07 23:09:41 +00:00
|
|
|
* that any spliced data is not affected since we may not have any access to
|
|
|
|
* it.
|
2008-08-16 20:18:07 +00:00
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_erase(struct channel *chn)
|
2006-06-26 00:48:02 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->to_forward = 0;
|
2018-07-10 15:43:27 +00:00
|
|
|
b_reset(&chn->buf);
|
2006-06-26 00:48:02 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* marks the channel as "shutdown" ASAP for reads */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_shutr_now(struct channel *chn)
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_SHUTR_NOW;
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* marks the channel as "shutdown" ASAP for writes */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_shutw_now(struct channel *chn)
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_SHUTW_NOW;
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* marks the channel as "shutdown" ASAP in both directions */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_abort(struct channel *chn)
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_SHUTR_NOW | CF_SHUTW_NOW;
|
|
|
|
chn->flags &= ~CF_AUTO_CONNECT;
|
[MAJOR] rework of the server FSM
srv_state has been removed from HTTP state machines, and states
have been split in either TCP states or analyzers. For instance,
the TARPIT state has just become a simple analyzer.
New flags have been added to the struct buffer to compensate this.
The high-level stream processors sometimes need to force a disconnection
without touching a file-descriptor (eg: report an error). But if
they touched BF_SHUTW or BF_SHUTR, the file descriptor would not
be closed. Thus, the two SHUT?_NOW flags have been added so that
an application can request a forced close which the stream interface
will be forced to obey.
During this change, a new BF_HIJACK flag was added. It will
be used for data generation, eg during a stats dump. It
prevents the producer on a buffer from sending data into it.
BF_SHUTR_NOW /* the producer must shut down for reads ASAP */
BF_SHUTW_NOW /* the consumer must shut down for writes ASAP */
BF_HIJACK /* the producer is temporarily replaced */
BF_SHUTW_NOW has precedence over BF_HIJACK. BF_HIJACK has
precedence over BF_MAY_FORWARD (so that it does not need it).
New functions buffer_shutr_now(), buffer_shutw_now(), buffer_abort()
are provided to manipulate BF_SHUT* flags.
A new type "stream_interface" has been added to describe both
sides of a buffer. A stream interface has states and error
reporting. The session now has two stream interfaces (one per
side). Each buffer has stream_interface pointers to both
consumer and producer sides.
The server-side file descriptor has moved to its stream interface,
so that even the buffer has access to it.
process_srv() has been split into three parts :
- tcp_get_connection() obtains a connection to the server
- tcp_connection_failed() tests if a previously attempted
connection has succeeded or not.
- process_srv_data() only manages the data phase, and in
this sense should be roughly equivalent to process_cli.
Little code has been removed, and a lot of old code has been
left in comments for now.
2008-10-19 05:30:41 +00:00
|
|
|
}
|
|
|
|
|
2009-09-19 19:04:57 +00:00
|
|
|
/* allow the consumer to try to establish a new connection. */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_auto_connect(struct channel *chn)
|
2008-08-29 07:58:42 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_AUTO_CONNECT;
|
2008-08-29 07:58:42 +00:00
|
|
|
}
|
|
|
|
|
2009-09-19 19:04:57 +00:00
|
|
|
/* prevent the consumer from trying to establish a new connection, and also
|
|
|
|
* disable auto shutdown forwarding.
|
|
|
|
*/
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_dont_connect(struct channel *chn)
|
2008-08-29 07:58:42 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags &= ~(CF_AUTO_CONNECT|CF_AUTO_CLOSE);
|
2008-08-29 07:58:42 +00:00
|
|
|
}
|
|
|
|
|
2009-09-19 19:04:57 +00:00
|
|
|
/* allow the producer to forward shutdown requests */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_auto_close(struct channel *chn)
|
2008-11-23 18:31:35 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_AUTO_CLOSE;
|
2008-11-23 18:31:35 +00:00
|
|
|
}
|
|
|
|
|
2009-09-19 19:04:57 +00:00
|
|
|
/* prevent the producer from forwarding shutdown requests */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_dont_close(struct channel *chn)
|
2008-11-23 18:31:35 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags &= ~CF_AUTO_CLOSE;
|
2008-11-23 18:31:35 +00:00
|
|
|
}
|
|
|
|
|
2010-01-06 23:20:41 +00:00
|
|
|
/* allow the producer to read / poll the input */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_auto_read(struct channel *chn)
|
2010-01-06 23:20:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags &= ~CF_DONT_READ;
|
2010-01-06 23:20:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* prevent the producer from read / poll the input */
|
2012-10-12 21:11:02 +00:00
|
|
|
static inline void channel_dont_read(struct channel *chn)
|
2010-01-06 23:20:41 +00:00
|
|
|
{
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->flags |= CF_DONT_READ;
|
2010-01-06 23:20:41 +00:00
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
|
|
|
|
/*************************************************/
|
|
|
|
/* Buffer operations in the context of a channel */
|
|
|
|
/*************************************************/
|
|
|
|
|
|
|
|
|
|
|
|
/* Return the max number of bytes the buffer can contain so that once all the
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
* pending bytes are forwarded, the buffer still has global.tune.maxrewrite
|
2012-10-12 21:11:02 +00:00
|
|
|
* bytes free. The result sits between chn->size - maxrewrite and chn->size.
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
* It is important to mention that if buf->i is already larger than size-maxrw
|
|
|
|
* the condition above cannot be satisfied and the lowest size will be returned
|
|
|
|
* anyway. The principles are the following :
|
|
|
|
* 0) the empty buffer has a limit of zero
|
|
|
|
* 1) a non-connected buffer cannot touch the reserve
|
|
|
|
* 2) infinite forward can always fill the buffer since all data will leave
|
|
|
|
* 3) all output bytes are considered in transit since they're leaving
|
|
|
|
* 4) all input bytes covered by to_forward are considered in transit since
|
|
|
|
* they'll be converted to output bytes.
|
|
|
|
* 5) all input bytes not covered by to_forward as considered remaining
|
|
|
|
* 6) all bytes scheduled to be forwarded minus what is already in the input
|
|
|
|
* buffer will be in transit during future rounds.
|
|
|
|
* 7) 4+5+6 imply that the amount of input bytes (i) is irrelevant to the max
|
|
|
|
* usable length, only to_forward and output count. The difference is
|
|
|
|
* visible when to_forward > i.
|
|
|
|
* 8) the reserve may be covered up to the amount of bytes in transit since
|
|
|
|
* these bytes will only take temporary space.
|
2016-01-25 00:09:11 +00:00
|
|
|
*
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
* A typical buffer looks like this :
|
2016-01-25 00:09:11 +00:00
|
|
|
*
|
BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
Latest fix 8a32106 ("BUG/MEDIUM: channel: fix miscalculation of available
buffer space (2nd try)") did happen to fix some observable issues but not
all of them in fact, some corner cases still remained and at least one user
reported a busy loop that appeared possible, though not easily reproducible
under experimental conditions.
The remaining issue is that we still consider min(i, to_fwd) as the number
of bytes in transit, but in fact <i> is not relevant here. Indeed, what
matters is that we can read everything we want at once provided that at
the end, <i> cannot be larger than <size-maxrw> (if it was not already).
This is visible in two cases :
- let's have i=o=max/2 and to_fwd=0. Then i+o >= max indicates that the
buffer is already full, while it is not since once <o> is forwarded,
some space remains.
- when to_fwd is much larger than i, it's obvious that we can fill the
buffer.
The only relevant part in fact is o + to_fwd. to_fwd will ensure that at
least this many bytes will be moved from <i> to <o> hence will leave the
buffer, whatever the number of rounds it takes.
Interestingly, the fix applied here ensures that channel_recv_max() will
now equal (size - maxrw - i + to_fwd), which is indeed what remains
available below maxrw after to_fwd bytes are forwarded from i to o and
leave the buffer.
Additionally, the latest fix made it possible to meet an integer overflow
that was not caught by the range test when forwarding in TCP or tunnel
mode due to to_forward being added to an existing value, causing the
buffer size to be limited when it should not have been, resulting in 2
to 3 recv() calls when a single one was enough. The first one was limited
to the unreserved buffer size, the second one to the size of the reserve
minus 1, and the last one to the last byte. Eg with a 2kB buffer :
recvfrom(22, "HTTP/1.1 200\r\nConnection: close\r"..., 1024, 0, NULL, NULL) = 1024
recvfrom(22, "23456789.123456789.123456789.123"..., 1023, 0, NULL, NULL) = 1023
recvfrom(22, "5", 1, 0, NULL, NULL) = 1
This bug is still present in 1.6 and 1.5 so the fix should be backported
there.
2016-04-20 16:05:17 +00:00
|
|
|
* <-------------- max_len ----------->
|
|
|
|
* <---- o ----><----- i -----> <--- 0..maxrewrite --->
|
|
|
|
* +------------+--------------+-------+----------------------+
|
|
|
|
* |////////////|\\\\\\\\\\\\\\|xxxxxxx| reserve |
|
|
|
|
* +------------+--------+-----+-------+----------------------+
|
|
|
|
* <- fwd -> <-avail->
|
|
|
|
*
|
|
|
|
* Or when to_forward > i :
|
|
|
|
*
|
|
|
|
* <-------------- max_len ----------->
|
|
|
|
* <---- o ----><----- i -----> <--- 0..maxrewrite --->
|
|
|
|
* +------------+--------------+-------+----------------------+
|
|
|
|
* |////////////|\\\\\\\\\\\\\\|xxxxxxx| reserve |
|
|
|
|
* +------------+--------+-----+-------+----------------------+
|
|
|
|
* <-avail->
|
|
|
|
* <------------------ fwd ---------------->
|
|
|
|
*
|
|
|
|
* - the amount of buffer bytes in transit is : min(i, fwd) + o
|
|
|
|
* - some scheduled bytes may be in transit (up to fwd - i)
|
|
|
|
* - the reserve is max(0, maxrewrite - transit)
|
|
|
|
* - the maximum usable buffer length is size - reserve.
|
|
|
|
* - the available space is max_len - i - o
|
|
|
|
*
|
|
|
|
* So the formula to compute the buffer's maximum length to protect the reserve
|
|
|
|
* when reading new data is :
|
|
|
|
*
|
|
|
|
* max = size - maxrewrite + min(maxrewrite, transit)
|
|
|
|
* = size - max(maxrewrite - transit, 0)
|
|
|
|
*
|
|
|
|
* But WARNING! The conditions might change during the transfer and it could
|
|
|
|
* very well happen that a buffer would contain more bytes than max_len due to
|
|
|
|
* i+o already walking over the reserve (eg: after a header rewrite), including
|
|
|
|
* i or o alone hitting the limit. So it is critical to always consider that
|
|
|
|
* bounds may have already been crossed and that available space may be negative
|
|
|
|
* for example. Due to this it is perfectly possible for this function to return
|
|
|
|
* a value that is lower than current i+o.
|
2012-08-27 22:06:31 +00:00
|
|
|
*/
|
2015-01-14 19:21:43 +00:00
|
|
|
static inline int channel_recv_limit(const struct channel *chn)
|
2012-08-27 22:06:31 +00:00
|
|
|
{
|
2016-05-03 15:46:24 +00:00
|
|
|
unsigned int transit;
|
2016-01-25 00:09:11 +00:00
|
|
|
int reserve;
|
|
|
|
|
|
|
|
/* return zero if empty */
|
2018-07-10 15:43:27 +00:00
|
|
|
reserve = chn->buf.size;
|
|
|
|
if (b_is_null(&chn->buf))
|
2016-01-25 00:09:11 +00:00
|
|
|
goto end;
|
|
|
|
|
|
|
|
/* return size - maxrewrite if we can't send */
|
|
|
|
reserve = global.tune.maxrewrite;
|
|
|
|
if (unlikely(!channel_may_send(chn)))
|
|
|
|
goto end;
|
|
|
|
|
2016-05-03 15:46:24 +00:00
|
|
|
/* We need to check what remains of the reserve after o and to_forward
|
|
|
|
* have been transmitted, but they can overflow together and they can
|
|
|
|
* cause an integer underflow in the comparison since both are unsigned
|
|
|
|
* while maxrewrite is signed.
|
|
|
|
* The code below has been verified for being a valid check for this :
|
|
|
|
* - if (o + to_forward) overflow => return size [ large enough ]
|
|
|
|
* - if o + to_forward >= maxrw => return size [ large enough ]
|
|
|
|
* - otherwise return size - (maxrw - (o + to_forward))
|
2016-01-25 00:09:11 +00:00
|
|
|
*/
|
2018-06-15 14:42:02 +00:00
|
|
|
transit = co_data(chn) + chn->to_forward;
|
2016-05-03 15:46:24 +00:00
|
|
|
reserve -= transit;
|
|
|
|
if (transit < chn->to_forward || // addition overflow
|
|
|
|
transit >= (unsigned)global.tune.maxrewrite) // enough transit data
|
2018-07-10 15:43:27 +00:00
|
|
|
return chn->buf.size;
|
2016-01-25 00:09:11 +00:00
|
|
|
end:
|
2018-07-10 15:43:27 +00:00
|
|
|
return chn->buf.size - reserve;
|
2012-08-27 22:06:31 +00:00
|
|
|
}
|
|
|
|
|
2018-06-15 12:54:53 +00:00
|
|
|
/* Returns non-zero if the channel's INPUT buffer's is considered full, which
|
|
|
|
* means that it holds at least as much INPUT data as (size - reserve). This
|
|
|
|
* also means that data that are scheduled for output are considered as potential
|
|
|
|
* free space, and that the reserved space is always considered as not usable.
|
|
|
|
* This information alone cannot be used as a general purpose free space indicator.
|
|
|
|
* However it accurately indicates that too many data were fed in the buffer
|
|
|
|
* for an analyzer for instance. See the channel_may_recv() function for a more
|
|
|
|
* generic function taking everything into account.
|
|
|
|
*/
|
|
|
|
static inline int channel_full(const struct channel *c, unsigned int reserve)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
if (b_is_null(&c->buf))
|
2018-06-15 12:54:53 +00:00
|
|
|
return 0;
|
|
|
|
|
2018-06-15 14:42:02 +00:00
|
|
|
return (ci_data(c) + reserve >= c_size(c));
|
2018-06-15 12:54:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Returns the amount of space available at the input of the buffer, taking the
|
|
|
|
* reserved space into account if ->to_forward indicates that an end of transfer
|
|
|
|
* is close to happen. The test is optimized to avoid as many operations as
|
|
|
|
* possible for the fast case.
|
|
|
|
*/
|
2015-01-14 19:25:34 +00:00
|
|
|
static inline int channel_recv_max(const struct channel *chn)
|
2012-08-27 22:06:31 +00:00
|
|
|
{
|
2015-01-14 14:56:50 +00:00
|
|
|
int ret;
|
2012-08-27 22:06:31 +00:00
|
|
|
|
2018-07-10 15:43:27 +00:00
|
|
|
ret = channel_recv_limit(chn) - b_data(&chn->buf);
|
2015-01-14 14:56:50 +00:00
|
|
|
if (ret < 0)
|
|
|
|
ret = 0;
|
|
|
|
return ret;
|
2012-08-27 22:06:31 +00:00
|
|
|
}
|
|
|
|
|
2018-06-15 13:06:42 +00:00
|
|
|
/* Returns the amount of bytes that can be written over the input data at once,
|
|
|
|
* including reserved space which may be overwritten. This is used by Lua to
|
|
|
|
* insert data in the input side just before the other data using buffer_replace().
|
|
|
|
* The goal is to transfer these new data in the output buffer.
|
|
|
|
*/
|
|
|
|
static inline int ci_space_for_replace(const struct channel *chn)
|
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
const struct buffer *buf = &chn->buf;
|
2018-06-15 13:06:42 +00:00
|
|
|
const char *end;
|
|
|
|
|
|
|
|
/* If the input side data overflows, we cannot insert data contiguously. */
|
|
|
|
if (b_head(buf) + b_data(buf) >= b_wrap(buf))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
/* Check the last byte used in the buffer, it may be a byte of the output
|
|
|
|
* side if the buffer wraps, or its the end of the buffer.
|
|
|
|
*/
|
|
|
|
end = b_head(buf);
|
|
|
|
if (end <= ci_head(chn))
|
|
|
|
end = b_wrap(buf);
|
|
|
|
|
|
|
|
/* Compute the amount of bytes which can be written. */
|
|
|
|
return end - ci_tail(chn);
|
|
|
|
}
|
|
|
|
|
BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
When an entity tries to get a buffer, if it cannot be allocted, for example
because the number of buffers which may be allocated per process is limited,
this entity is added in a list (called <buffer_wq>) and wait for an available
buffer.
Historically, the <buffer_wq> list was logically attached to streams because it
were the only entities likely to be added in it. Now, applets can also be
waiting for a free buffer. And with filters, we could imagine to have more other
entities waiting for a buffer. So it make sense to have a generic list.
Anyway, with the current design there is a bug. When an applet failed to get a
buffer, it will wait. But we add the stream attached to the applet in
<buffer_wq>, instead of the applet itself. So when a buffer is available, we
wake up the stream and not the waiting applet. So, it is possible to have
waiting applets and never awakened.
So, now, <buffer_wq> is independant from streams. And we really add the waiting
entity in <buffer_wq>. To be generic, the entity is responsible to define the
callback used to awaken it.
In addition, applets will still request an input buffer when they become
active. But they will not be sleeped anymore if no buffer are available. So this
is the responsibility to the applet I/O handler to check if this buffer is
allocated or not. This way, an applet can decide if this buffer is required or
not and can do additional processing if not.
[wt: backport to 1.7 and 1.6]
2016-12-09 16:30:18 +00:00
|
|
|
/* Allocates a buffer for channel <chn>, but only if it's guaranteed that it's
|
|
|
|
* not the last available buffer or it's the response buffer. Unless the buffer
|
|
|
|
* is the response buffer, an extra control is made so that we always keep
|
|
|
|
* <tune.buffers.reserved> buffers available after this allocation. Returns 0 in
|
|
|
|
* case of failure, non-zero otherwise.
|
|
|
|
*
|
|
|
|
* If no buffer are available, the requester, represented by <wait> pointer,
|
|
|
|
* will be added in the list of objects waiting for an available buffer.
|
|
|
|
*/
|
|
|
|
static inline int channel_alloc_buffer(struct channel *chn, struct buffer_wait *wait)
|
|
|
|
{
|
|
|
|
int margin = 0;
|
|
|
|
|
|
|
|
if (!(chn->flags & CF_ISRESP))
|
|
|
|
margin = global.tune.reserved_bufs;
|
|
|
|
|
|
|
|
if (b_alloc_margin(&chn->buf, margin) != NULL)
|
|
|
|
return 1;
|
|
|
|
|
2017-06-21 13:42:52 +00:00
|
|
|
if (LIST_ISEMPTY(&wait->list)) {
|
2017-11-07 09:42:54 +00:00
|
|
|
HA_SPIN_LOCK(BUF_WQ_LOCK, &buffer_wq_lock);
|
BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
When an entity tries to get a buffer, if it cannot be allocted, for example
because the number of buffers which may be allocated per process is limited,
this entity is added in a list (called <buffer_wq>) and wait for an available
buffer.
Historically, the <buffer_wq> list was logically attached to streams because it
were the only entities likely to be added in it. Now, applets can also be
waiting for a free buffer. And with filters, we could imagine to have more other
entities waiting for a buffer. So it make sense to have a generic list.
Anyway, with the current design there is a bug. When an applet failed to get a
buffer, it will wait. But we add the stream attached to the applet in
<buffer_wq>, instead of the applet itself. So when a buffer is available, we
wake up the stream and not the waiting applet. So, it is possible to have
waiting applets and never awakened.
So, now, <buffer_wq> is independant from streams. And we really add the waiting
entity in <buffer_wq>. To be generic, the entity is responsible to define the
callback used to awaken it.
In addition, applets will still request an input buffer when they become
active. But they will not be sleeped anymore if no buffer are available. So this
is the responsibility to the applet I/O handler to check if this buffer is
allocated or not. This way, an applet can decide if this buffer is required or
not and can do additional processing if not.
[wt: backport to 1.7 and 1.6]
2016-12-09 16:30:18 +00:00
|
|
|
LIST_ADDQ(&buffer_wq, &wait->list);
|
2017-11-07 09:42:54 +00:00
|
|
|
HA_SPIN_UNLOCK(BUF_WQ_LOCK, &buffer_wq_lock);
|
2017-06-21 13:42:52 +00:00
|
|
|
}
|
|
|
|
|
BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
When an entity tries to get a buffer, if it cannot be allocted, for example
because the number of buffers which may be allocated per process is limited,
this entity is added in a list (called <buffer_wq>) and wait for an available
buffer.
Historically, the <buffer_wq> list was logically attached to streams because it
were the only entities likely to be added in it. Now, applets can also be
waiting for a free buffer. And with filters, we could imagine to have more other
entities waiting for a buffer. So it make sense to have a generic list.
Anyway, with the current design there is a bug. When an applet failed to get a
buffer, it will wait. But we add the stream attached to the applet in
<buffer_wq>, instead of the applet itself. So when a buffer is available, we
wake up the stream and not the waiting applet. So, it is possible to have
waiting applets and never awakened.
So, now, <buffer_wq> is independant from streams. And we really add the waiting
entity in <buffer_wq>. To be generic, the entity is responsible to define the
callback used to awaken it.
In addition, applets will still request an input buffer when they become
active. But they will not be sleeped anymore if no buffer are available. So this
is the responsibility to the applet I/O handler to check if this buffer is
allocated or not. This way, an applet can decide if this buffer is required or
not and can do additional processing if not.
[wt: backport to 1.7 and 1.6]
2016-12-09 16:30:18 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Releases a possibly allocated buffer for channel <chn>. If it was not
|
|
|
|
* allocated, this function does nothing. Else the buffer is released and we try
|
|
|
|
* to wake up as many streams/applets as possible. */
|
|
|
|
static inline void channel_release_buffer(struct channel *chn, struct buffer_wait *wait)
|
|
|
|
{
|
2018-07-10 07:53:31 +00:00
|
|
|
if (c_size(chn) && c_empty(chn)) {
|
BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
When an entity tries to get a buffer, if it cannot be allocted, for example
because the number of buffers which may be allocated per process is limited,
this entity is added in a list (called <buffer_wq>) and wait for an available
buffer.
Historically, the <buffer_wq> list was logically attached to streams because it
were the only entities likely to be added in it. Now, applets can also be
waiting for a free buffer. And with filters, we could imagine to have more other
entities waiting for a buffer. So it make sense to have a generic list.
Anyway, with the current design there is a bug. When an applet failed to get a
buffer, it will wait. But we add the stream attached to the applet in
<buffer_wq>, instead of the applet itself. So when a buffer is available, we
wake up the stream and not the waiting applet. So, it is possible to have
waiting applets and never awakened.
So, now, <buffer_wq> is independant from streams. And we really add the waiting
entity in <buffer_wq>. To be generic, the entity is responsible to define the
callback used to awaken it.
In addition, applets will still request an input buffer when they become
active. But they will not be sleeped anymore if no buffer are available. So this
is the responsibility to the applet I/O handler to check if this buffer is
allocated or not. This way, an applet can decide if this buffer is required or
not and can do additional processing if not.
[wt: backport to 1.7 and 1.6]
2016-12-09 16:30:18 +00:00
|
|
|
b_free(&chn->buf);
|
2018-05-25 14:58:52 +00:00
|
|
|
offer_buffers(wait->target, tasks_run_queue);
|
BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
When an entity tries to get a buffer, if it cannot be allocted, for example
because the number of buffers which may be allocated per process is limited,
this entity is added in a list (called <buffer_wq>) and wait for an available
buffer.
Historically, the <buffer_wq> list was logically attached to streams because it
were the only entities likely to be added in it. Now, applets can also be
waiting for a free buffer. And with filters, we could imagine to have more other
entities waiting for a buffer. So it make sense to have a generic list.
Anyway, with the current design there is a bug. When an applet failed to get a
buffer, it will wait. But we add the stream attached to the applet in
<buffer_wq>, instead of the applet itself. So when a buffer is available, we
wake up the stream and not the waiting applet. So, it is possible to have
waiting applets and never awakened.
So, now, <buffer_wq> is independant from streams. And we really add the waiting
entity in <buffer_wq>. To be generic, the entity is responsible to define the
callback used to awaken it.
In addition, applets will still request an input buffer when they become
active. But they will not be sleeped anymore if no buffer are available. So this
is the responsibility to the applet I/O handler to check if this buffer is
allocated or not. This way, an applet can decide if this buffer is required or
not and can do additional processing if not.
[wt: backport to 1.7 and 1.6]
2016-12-09 16:30:18 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-01-14 19:32:59 +00:00
|
|
|
/* Truncate any unread data in the channel's buffer, and disable forwarding.
|
|
|
|
* Outgoing data are left intact. This is mainly to be used to send error
|
|
|
|
* messages after existing data.
|
2012-08-27 22:06:31 +00:00
|
|
|
*/
|
2015-01-14 19:32:59 +00:00
|
|
|
static inline void channel_truncate(struct channel *chn)
|
2012-08-27 22:06:31 +00:00
|
|
|
{
|
2018-06-15 14:42:02 +00:00
|
|
|
if (!co_data(chn))
|
2012-10-12 21:11:02 +00:00
|
|
|
return channel_erase(chn);
|
2012-08-27 22:06:31 +00:00
|
|
|
|
2012-10-12 21:11:02 +00:00
|
|
|
chn->to_forward = 0;
|
2018-06-15 14:42:02 +00:00
|
|
|
if (!ci_data(chn))
|
2012-08-27 22:06:31 +00:00
|
|
|
return;
|
|
|
|
|
2018-07-10 15:43:27 +00:00
|
|
|
chn->buf.data = co_data(chn);
|
2012-08-27 22:06:31 +00:00
|
|
|
}
|
|
|
|
|
2018-06-06 04:53:15 +00:00
|
|
|
/* This function realigns a possibly wrapping channel buffer so that the input
|
|
|
|
* part is contiguous and starts at the beginning of the buffer and the output
|
|
|
|
* part ends at the end of the buffer. This provides the best conditions since
|
|
|
|
* it allows the largest inputs to be processed at once and ensures that once
|
|
|
|
* the output data leaves, the whole buffer is available at once.
|
|
|
|
*/
|
2018-07-12 08:57:15 +00:00
|
|
|
static inline void channel_slow_realign(struct channel *chn, char *swap)
|
2018-06-06 04:53:15 +00:00
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
return b_slow_realign(&chn->buf, swap, co_data(chn));
|
2018-06-06 04:53:15 +00:00
|
|
|
}
|
|
|
|
|
2009-08-31 05:37:22 +00:00
|
|
|
/*
|
2012-08-27 22:06:31 +00:00
|
|
|
* Advance the channel buffer's read pointer by <len> bytes. This is useful
|
|
|
|
* when data have been read directly from the buffer. It is illegal to call
|
|
|
|
* this function with <len> causing a wrapping at the end of the buffer. It's
|
|
|
|
* the caller's responsibility to ensure that <len> is never larger than
|
2012-10-12 21:11:02 +00:00
|
|
|
* chn->o. Channel flag WRITE_PARTIAL is set.
|
2009-08-31 05:37:22 +00:00
|
|
|
*/
|
REORG: channel: finally rename the last bi_* / bo_* functions
For HTTP/2 we'll need some buffer-only equivalent functions to some of
the ones applying to channels and still squatting the bi_* / bo_*
namespace. Since these names have kept being misleading for quite some
time now and are really getting annoying, it's time to rename them. This
commit will use "ci/co" as the prefix (for "channel in", "channel out")
instead of "bi/bo". The following ones were renamed :
bi_getblk_nc, bi_getline_nc, bi_putblk, bi_putchr,
bo_getblk, bo_getblk_nc, bo_getline, bo_getline_nc, bo_inject,
bi_putchk, bi_putstr, bo_getchr, bo_skip, bi_swpbuf
2017-10-19 12:32:15 +00:00
|
|
|
static inline void co_skip(struct channel *chn, int len)
|
2009-08-31 05:37:22 +00:00
|
|
|
{
|
2018-07-10 15:43:27 +00:00
|
|
|
b_del(&chn->buf, len);
|
2018-06-22 17:26:39 +00:00
|
|
|
chn->output -= len;
|
2018-07-10 07:53:31 +00:00
|
|
|
c_realign_if_empty(chn);
|
2009-08-31 05:37:22 +00:00
|
|
|
|
2009-09-23 21:47:55 +00:00
|
|
|
/* notify that some data was written to the SI from the buffer */
|
2018-10-24 15:17:56 +00:00
|
|
|
chn->flags |= CF_WRITE_PARTIAL;
|
2009-08-31 05:37:22 +00:00
|
|
|
}
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Tries to copy chunk <chunk> into the channel's buffer after length controls.
|
2012-10-12 21:11:02 +00:00
|
|
|
* The chn->o and to_forward pointers are updated. If the channel's input is
|
2010-09-08 15:04:31 +00:00
|
|
|
* closed, -2 is returned. If the block is too large for this buffer, -3 is
|
|
|
|
* returned. If there is not enough room left in the buffer, -1 is returned.
|
|
|
|
* Otherwise the number of bytes copied is returned (0 being a valid number).
|
2012-08-27 22:06:31 +00:00
|
|
|
* Channel flag READ_PARTIAL is updated if some data can be transferred. The
|
2012-08-27 18:53:34 +00:00
|
|
|
* chunk's length is updated with the number of bytes sent.
|
2009-08-31 06:09:57 +00:00
|
|
|
*/
|
2018-07-13 09:56:34 +00:00
|
|
|
static inline int ci_putchk(struct channel *chn, struct buffer *chunk)
|
2009-08-31 06:09:57 +00:00
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
2018-07-13 08:54:26 +00:00
|
|
|
ret = ci_putblk(chn, chunk->area, chunk->data);
|
2010-09-08 15:04:31 +00:00
|
|
|
if (ret > 0)
|
2018-07-13 08:54:26 +00:00
|
|
|
chunk->data -= ret;
|
2009-08-31 06:09:57 +00:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2012-08-27 22:06:31 +00:00
|
|
|
/* Tries to copy string <str> at once into the channel's buffer after length
|
2012-10-12 21:11:02 +00:00
|
|
|
* controls. The chn->o and to_forward pointers are updated. If the channel's
|
2012-08-27 22:06:31 +00:00
|
|
|
* input is closed, -2 is returned. If the block is too large for this buffer,
|
|
|
|
* -3 is returned. If there is not enough room left in the buffer, -1 is
|
|
|
|
* returned. Otherwise the number of bytes copied is returned (0 being a valid
|
|
|
|
* number). Channel flag READ_PARTIAL is updated if some data can be
|
|
|
|
* transferred.
|
2010-09-08 15:04:31 +00:00
|
|
|
*/
|
REORG: channel: finally rename the last bi_* / bo_* functions
For HTTP/2 we'll need some buffer-only equivalent functions to some of
the ones applying to channels and still squatting the bi_* / bo_*
namespace. Since these names have kept being misleading for quite some
time now and are really getting annoying, it's time to rename them. This
commit will use "ci/co" as the prefix (for "channel in", "channel out")
instead of "bi/bo". The following ones were renamed :
bi_getblk_nc, bi_getline_nc, bi_putblk, bi_putchr,
bo_getblk, bo_getblk_nc, bo_getline, bo_getline_nc, bo_inject,
bi_putchk, bi_putstr, bo_getchr, bo_skip, bi_swpbuf
2017-10-19 12:32:15 +00:00
|
|
|
static inline int ci_putstr(struct channel *chn, const char *str)
|
2010-09-08 15:04:31 +00:00
|
|
|
{
|
REORG: channel: finally rename the last bi_* / bo_* functions
For HTTP/2 we'll need some buffer-only equivalent functions to some of
the ones applying to channels and still squatting the bi_* / bo_*
namespace. Since these names have kept being misleading for quite some
time now and are really getting annoying, it's time to rename them. This
commit will use "ci/co" as the prefix (for "channel in", "channel out")
instead of "bi/bo". The following ones were renamed :
bi_getblk_nc, bi_getline_nc, bi_putblk, bi_putchr,
bo_getblk, bo_getblk_nc, bo_getline, bo_getline_nc, bo_inject,
bi_putchk, bi_putstr, bo_getchr, bo_skip, bi_swpbuf
2017-10-19 12:32:15 +00:00
|
|
|
return ci_putblk(chn, str, strlen(str));
|
2010-09-08 15:04:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2012-08-27 22:06:31 +00:00
|
|
|
* Return one char from the channel's buffer. If the buffer is empty and the
|
|
|
|
* channel is closed, return -2. If the buffer is just empty, return -1. The
|
REORG: channel: finally rename the last bi_* / bo_* functions
For HTTP/2 we'll need some buffer-only equivalent functions to some of
the ones applying to channels and still squatting the bi_* / bo_*
namespace. Since these names have kept being misleading for quite some
time now and are really getting annoying, it's time to rename them. This
commit will use "ci/co" as the prefix (for "channel in", "channel out")
instead of "bi/bo". The following ones were renamed :
bi_getblk_nc, bi_getline_nc, bi_putblk, bi_putchr,
bo_getblk, bo_getblk_nc, bo_getline, bo_getline_nc, bo_inject,
bi_putchk, bi_putstr, bo_getchr, bo_skip, bi_swpbuf
2017-10-19 12:32:15 +00:00
|
|
|
* buffer's pointer is not advanced, it's up to the caller to call co_skip(buf,
|
2012-08-27 22:06:31 +00:00
|
|
|
* 1) when it has consumed the char. Also note that this function respects the
|
2012-10-12 21:11:02 +00:00
|
|
|
* chn->o limit.
|
2010-09-08 15:04:31 +00:00
|
|
|
*/
|
REORG: channel: finally rename the last bi_* / bo_* functions
For HTTP/2 we'll need some buffer-only equivalent functions to some of
the ones applying to channels and still squatting the bi_* / bo_*
namespace. Since these names have kept being misleading for quite some
time now and are really getting annoying, it's time to rename them. This
commit will use "ci/co" as the prefix (for "channel in", "channel out")
instead of "bi/bo". The following ones were renamed :
bi_getblk_nc, bi_getline_nc, bi_putblk, bi_putchr,
bo_getblk, bo_getblk_nc, bo_getline, bo_getline_nc, bo_inject,
bi_putchk, bi_putstr, bo_getchr, bo_skip, bi_swpbuf
2017-10-19 12:32:15 +00:00
|
|
|
static inline int co_getchr(struct channel *chn)
|
2010-09-08 15:04:31 +00:00
|
|
|
{
|
|
|
|
/* closed or empty + imminent close = -2; empty = -1 */
|
2012-10-12 21:11:02 +00:00
|
|
|
if (unlikely((chn->flags & CF_SHUTW) || channel_is_empty(chn))) {
|
|
|
|
if (chn->flags & (CF_SHUTW|CF_SHUTW_NOW))
|
2010-09-08 15:04:31 +00:00
|
|
|
return -2;
|
|
|
|
return -1;
|
|
|
|
}
|
2018-06-15 13:18:17 +00:00
|
|
|
return *co_head(chn);
|
2010-09-08 15:04:31 +00:00
|
|
|
}
|
|
|
|
|
2006-06-26 00:48:02 +00:00
|
|
|
|
2012-08-24 17:22:53 +00:00
|
|
|
#endif /* _PROTO_CHANNEL_H */
|
2006-06-26 00:48:02 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Local variables:
|
|
|
|
* c-indent-level: 8
|
|
|
|
* c-basic-offset: 8
|
|
|
|
* End:
|
|
|
|
*/
|