mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2025-01-13 09:11:06 +00:00
haproxy public development tree
fed93d367c
Listeners might be disabled by other threads while running in listener_accept() due to a stopping condition or possibly a rebinding error after a failed stop/start. When this happens, the listener's FD is -1 and accesses made by the lower layers to fdtab[-1] do not end up well. This can occasionally be noticed if running at high connection rates in master-worker mode when compiled with ASAN and hammered with 10 reloads per second. From time to time an out-of-bounds error will be reported. One approach could consist in keeping a copy of critical information such as the FD before proceeding but that's not correct since in case of close() the FD might be reassigned to another connection for example. In fact what is needed is to read-lock the listener during this operation so that it cannot change while we're touching it. Tests have shown that using a spinlock only does generally work well but it doesn't scale much with threads and we can see listener_accept() eat 10-15% CPU on a 24 thread machine at 300k conn/s. For this reason the lock was turned to an rwlock by previous commit and this patch only takes the read lock to make sure other operations do not change the listener's state while threads are accepting connections. With this approach, no performance loss was noticed at all and listener_accept() doesn't appear in perf top. This ought to be backported to about all branches that make use of the unlocked listeners, but in practice it seems to mostly concern 2.3 and above, since 2.2 and older will take the FD in the argument (and the race exists there, this FD could end up being reassigned in parallel but there's not much that can be done there to prevent that race; at least a permanent error will be reported). For backports, the current approach is preferred, with a preliminary backport of previous commit "MINOR: listener: replace the listener's spinlock with an rwlock". However if for any reason this commit cannot be backported, the current patch can be modified to simply take a spinlock (tested and works), it will just impact high performance workloads (like DDoS protection). |
||
|---|---|---|
| .github | ||
| addons | ||
| admin | ||
| dev | ||
| doc | ||
| examples | ||
| include | ||
| reg-tests | ||
| scripts | ||
| src | ||
| tests | ||
| .cirrus.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .travis.yml | ||
| BRANCHES | ||
| CHANGELOG | ||
| CONTRIBUTING | ||
| INSTALL | ||
| LICENSE | ||
| MAINTAINERS | ||
| Makefile | ||
| README | ||
| ROADMAP | ||
| SUBVERS | ||
| VERDATE | ||
| VERSION | ||
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)