Tianyin Xu [Fri, 25 Jan 2013 01:26:21 +0000 (18:26 -0700)]
Polish squid.conf parsing validation
* Updates ato*() functiosn to safer xato*() alternatives provided by
the Squid compat library. Along with error messages on invalid
configuration values detected by these.
* Add protection against integer overflow on most options
* Add parse deprecation messages on enable/disable for boolean and
and trilean options.
* Add 'wrong-value' error messages on most options.
Alex Rousskov [Thu, 24 Jan 2013 16:22:45 +0000 (09:22 -0700)]
Bug 3111: Mid-term fix for the forward.cc "err" assertion.
The assert is triggered when a close handler for the server connection
destroys FwdState before we have received anything from the origin server.
Instead of asserting, we now respond with a 502 (Bad Gateway) ERR_READ_ERROR.
That error seems the most appropriate single choice among available ones, but
it may be misleading (in access.log) when the close handler was called due to
client problems. Hopefully, another error will be logged in most of those
cases.
Propagate pinned connection persistency and closures to the client.
Squid was trying hard to forward a request after pinned connection failures
because some of those failures were benign pconn races. That meant re-pinning
failed connections. After a few iterations to correctly handle non-idempotent
requests, the code appeared to work, but the final design, with all the added
complexity and related dangers was deemed inferior to the approach we use now.
Squid now simply propagates connection closures (including pconn races) to the
client. It is now the client responsibility not to send non-idempotent requests
on idle persistent connections and to recover from pconn races.
Squid also propagates HTTP connection persistency indicators from client to
server and back, to make client job feasible. Squid will send Connection:close
and will close the client connection if the pinned server says so, even if
Squid could still maintain a persistent connection with the client.
These changes are not mean to affect regular (not pinned) transactions.
In access.log, one can detect requests that were not responded to (due to race
conditions on pinned connections) by searching for ERR_ZERO_SIZE_OBJECT
%err_code with TCP_MISS/000 status and zero response bytes.
Amos Jeffries [Tue, 22 Jan 2013 11:33:57 +0000 (00:33 +1300)]
Bug 3676: Fix Shadowed variables
This resolves a number more shadowed variables found by the more strict
compilers in the layer-02-maximus optional components.
There should be no logic changes in this patch.
Alex Rousskov [Mon, 21 Jan 2013 23:04:45 +0000 (16:04 -0700)]
Report more detail about disk errors, especially the disker ID and db path.
On partial writes, try to write the leftovers a few times before giving up.
The caller is unlikely to employ a different strategy, and we can do that
faster. Current callers simply give up and declare an error. Partial disk
writes seem to be typical on overflowing disks, but there may be other
conditions we have not observed in the lab yet.
Alex Rousskov [Sun, 20 Jan 2013 17:31:50 +0000 (10:31 -0700)]
Do not allow broken IpcIo-based cache_dir to be selected for swap out.
I/O code refuses to read or write when file error is set, but canRead()
and canWrite() ignored that fact, allowing broken files to be selected for
writing (at least). SwapDir::createStoreIO() would then return nil, leading
to missed swapout opportunities (if other cache_dirs could write) and wasted
CPU cycles.
Alex Rousskov [Sun, 20 Jan 2013 02:07:24 +0000 (19:07 -0700)]
Mem-cache entries exceeding one shared memory page in size, using
Ipc::StoreMap that now supports multi-slice entries. For the memory cache,
each slice corresponds to a shared memory page. Added a shared memory stack of
free slices. Many aspects of the implementation are similar to Rock Store.
Do not mem-cache entries that are already mem-cached at the time of keep()
call. This change is unrelated to multi-slice caching, but may provide a
noticeable performance boost.
Alex Rousskov [Sun, 20 Jan 2013 01:58:16 +0000 (18:58 -0700)]
Initialize freeSlots before the map in case we decide to free something
during initialization (e.g., after reading something from the db file
in sync mode).
Alex Rousskov [Sun, 20 Jan 2013 01:53:24 +0000 (18:53 -0700)]
Polished entry freeing.
Clean Writeable entries in addition to Readables ones. Otherwise, there is no
way for the caller to completely get rid of a [large] entry the caller has
been writing! We hold the lock so this should be safe as long as slice.next
(and slice extras) are valid even in a half-baked Writeable entry.
Reset slice.next [before giving it to the caller]. As a consequence, we must
free individual slices even if cleaner is not set.
Alex Rousskov [Sun, 20 Jan 2013 01:50:52 +0000 (18:50 -0700)]
Use signed type for StoreMapSliceId because we use -1 as an "unset" value.
Initialize slice.next to be "unset". This should not be necessary in most
cases, but reduces the probability that a half-made writeable entry cannot be
freed properly because it contains an invalid slice.next value.
Losing the bit to store ID sign is not a big deal: Since slices always contain
non-trivial number of bytes for metadata, it is unlikely that all 32 (but less
than 33) bits would be required to store slice IDs in the future.
Amos Jeffries [Wed, 16 Jan 2013 11:49:51 +0000 (00:49 +1300)]
squidpurge: Polish details of what filename is generated from
* change strlen(url) to strlen(ptrt) since the string under ptr is being
added to filename, not the whole URL.
* also add a few extra magic bytes to make it clear that there is space
for delimiters and termination bytes. These were previously hidden as
extra bytes in the URL prefix length.
Should resolve Coverity Scan false positive issue 740414
Amos Jeffries [Wed, 16 Jan 2013 11:22:25 +0000 (00:22 +1300)]
squidpurge: display friendly errors on missing command line options
Currently the tool will crash with a segmentation fault if any one of
several command switches which are expected to have a mandatory argument
are in fact followed by nothing.
Detect these cases and display a message about what is missing.
Amos Jeffries [Wed, 16 Jan 2013 07:30:47 +0000 (20:30 +1300)]
Fix ConnOpener IPv6 awareness
When updating IPv6 support for split-stack one USE_IPV6 wrapper was
omitted conversion to the EnabledIpv6 stack auto-detect mechanism.
This resulted in IPv6 addresses being mis-converted on split-stack
systems or with IPv6 disabled in the kernel and --enable-ipv6 built.
The visible symptom is "assert(FALSE)" in Ip::Address::GetAddrInfo().
Amos Jeffries [Tue, 15 Jan 2013 01:01:30 +0000 (18:01 -0700)]
Initialize mem_node fully
Experience in squid-2.7 shows that with MemPools use of malloc instead
of calloc mem_node requires full initialization in order to get accurate
memory accounting.
Amos Jeffries [Mon, 14 Jan 2013 05:01:04 +0000 (22:01 -0700)]
MemPools: remove zero on allocate (calloc) from some pool types
As we are closing defects identified by Coverity and improving
constructors everywhere we are creating a minor anti-pattern in
MemPool'ed objects with calloc() in the pool initializing the memory
then constructors re-initializing it in a better way for that object.
MemPools contains a doZeroOnPush flag to optimize performance by removing
use of memset() as chunks are added back into the pool. However, on
closer inspection it is clear that the following pop() process to re-use
those chunks is never performing memset() anyway. As such I believe that
there is no special need to use calloc() on these particular object types
in the first place.
Update MemPools to use malloc() instead of calloc() on all types with
doZeroOnPush set. This should increase performance a little, and allows
us to remove the anti-pattern by setting doZeroOnPush for more objects
as we can verify they are correctly initialized by their constructors.
Alex Rousskov [Sat, 12 Jan 2013 18:34:10 +0000 (11:34 -0700)]
Fix "address.GetPort() != 0" assertion for helpers on FreeBSD (at least).
The order (or set of?) #include files used by src/ssl/helper.cc (and
probably by other helper source files) has changed recently, exposing a
defines.h dependency on sys/socket.h where that system header is
required to define AF_UNIX. With AF_UNIX incorrectly undefined,
IPC_STREAM was set to IPC_TCP_SOCKET instead of IPC_UNIX_STREAM, and
helpers that do not have a notion of a listening port, were trying to
create communication sockets using TCP streams, triggering a "must have
a port" assertion in comm_connect_addr() called from ipcCreate().
TODO: Moving IPC_* defines into an IPC-specific header file may be a
better solution then exposing all defines.h users to sys/socket.h.
Amos Jeffries [Fri, 11 Jan 2013 05:05:52 +0000 (22:05 -0700)]
WCCP: Fix memory leak in mask assignment, improve debuggsing.
* Release temporary weight array allocated on each HERE_I_AM packet sent
by Squid. For mask assignment these were not released properly and may
build up to a significant size of memory over time.
* Add debug traces to send() events to report failures sending packets
* Also, on HERE_I_AM event send() failure, reduce the timeout to 2sec
for the retry in a crude attempt to prevent router state flapping.
* Silence compiler warnings on use of connect() to disconnect a socket.
Inconsistent OS behaviour makes the result useless in this case.
Amos Jeffries [Tue, 8 Jan 2013 23:51:02 +0000 (16:51 -0700)]
Bug 3731: use 'int' on all systems settign TOS value.
FreeBSD is confirmed erroring out on 8-bit variable size. Other BSD are
documented in a way that implies they do as well, although not at this
stage confirmed to be failing.
Linux seems to be the only confirmed system workign with 8-bit size sent
to setsockopt(). So we revert this to 'int' (32-bit or 64-bit) as was
working in Squid 3.1.
Alex Rousskov [Mon, 7 Jan 2013 17:54:27 +0000 (10:54 -0700)]
Adjusted StoreIOState::write() API to allow callers detect write errors.
The errors are reported without these changes, but only via callbacks, some of
which may be asynchronous. Callers such as doPages() would keep calling
write() after the failure. It is probably best to quit early instead of
ignoring "post-error" state in StoreIOState::write().
Alex Rousskov [Mon, 7 Jan 2013 17:18:10 +0000 (10:18 -0700)]
Split lock() into "just lock" and "update entry reference time" interfaces.
Improved entry lock/unlock debugging.
Several modern store entry users need to lock the entry for storage rather
then to update entry's reference time. There is an old XXX describing the
corresponding API bug that merges the two distinct operations. This change
does not modify existing code, but allows new code to use new/fixed API
instead of changing an essentially private entry lock counter.
Alex Rousskov [Wed, 2 Jan 2013 18:50:24 +0000 (11:50 -0700)]
Fixed SMP cache mgr request handling.
Coordinator could not successfully parse any SMP cache manager request since
r12410 "Polish: Http::MethodType upgrade" because the parsing code assumed the
presence of the request method ID field that was no longer added by the
request packing code.
Amos Jeffries [Tue, 1 Jan 2013 03:20:47 +0000 (20:20 -0700)]
Fix memory leaks in ICMP
InitAddrInfo() and GetAddrInfo() both allocate addrinfo structs which
must be freed by FreeAddrInfo(). Several places in ICMP were not doing
that free step.
Detected by Coverity Scan. Issues 740434, 740435, 740436, 740437.
Amos Jeffries [Mon, 31 Dec 2012 07:42:32 +0000 (20:42 +1300)]
squidpurge: fix META TLV parsing issues
* current Squid may stoe objects with up to 64KB URLs and 64KB headers
in the disk cache. Increas the tool buffer to 128KB to prevent
truncating the loaded meta data.
* check for and report when meta data overruns the end of loaded buffer
content. Ignore the truncated TLV entry and produce a WARNING.
* validate the TLV size field loaded from disk to prevent buffer overrun
errors from corrupted files on disk.
Fix some issues revealed by Coverty Scan, improve documentation of parseHttpRequest
Address issues for the defect classes:
- Array compared against 0
- Copy into fixed size buffer
- Dereference after null check
- Dereference before null check
Amos Jeffries [Thu, 27 Dec 2012 10:17:04 +0000 (03:17 -0700)]
Fix various issues in unit tests
* Define MemObject stub constructor to initialize teh stub object properly
apparently store unit tests needs one defined. Best to make it work and
set base values than leave garbage in the object fields.
* Buffer overrun on config parser if test is ever given a too-long
string input.
* Memory leak in HttpRequest testing. One instance of a short array.
* Range: header testing may thor exceptions which were not caught by the
test binary. Could lead to difficulty debugging exception errors.
Detected by Coverity Scan. Issues 740523, 740482, 740440, 740498
Amos Jeffries [Thu, 27 Dec 2012 01:42:48 +0000 (14:42 +1300)]
kqueue: update status from experimental to fully available net I/O method
kqueue has been in use on FreeBSD and maybe others for some time now and
has less bugs than epoll. So the issues on record should not be held
against it.
The attached patch adds auto-detection for the kqueue dependencies and
enables it by default when it can build. Unfortunately due to the
dependencies we cannot add it to maximus layer for force-enable, but the
default layer will test it on FreeBSD at least. It is still less
preferred than epoll(), but more than select() and poll().
projects / thirdparty / squid.git / log
