[pve-devel] [PATCH http-server v3 0/4] improve error handling in accept_connections

Stoiko Ivanov s.ivanov at proxmox.com
Thu Dec 10 15:02:47 CET 2020 

v2->v3:
* incorporated Thomas patient and excellent feedback (Thanks!!):
* replaced the two error-flags by a single handle_creation flag,  based
  on the observation that the code after AnyEvent::Handle->new() does not die
  (and that we'd probably still shutdown the socket if it did)
* replaced the calls to shutdown($fh, SHUT_RD) with calls to close - in case
  accept() fails, we don't want to sent anything + it sents one tcp-packet less
  (only rst+ack, instead of fin+ack,rst+ack)
* replaced syslog+dprint by a single warn (in our AnyEvent daemons that results
  in the line being printed to STDERR+to syslog with level warning)
* squashed 1/5 (introduce dprint sub) and 5/5 (use it)

tested on my workstation (the cleanup by having an deny-acl in
/etc/default/pveproxy and connecting 1000 times with openssl s_client)

original cover-letter for v2:
v1->v2:
* increment of connection count now happens right before the AnyEvent::Handle
  is created
* the handle-creation is guarded by an error-flag, and if it fails the
  connection count is decremented (bounded to 0) again
* as suggested by Thomas - added a debug print sub which includes the
  package name, linenumber and function name where the printing happens
* refactored all active debug-prints to use it.

original cover-letter for v1:
This patchset is the result of investigating a report in our community forum:
https://forum.proxmox.com/threads/pveproxy-eats-available-ram.79617/

The first patch fixes an issue where pveproxy worker processes would never
exit (and eat quite a bit of ram+cpu) when 'getpeername' returned an error.

The second seemed to me like a sensible further cleanup, and the third patch
will hopefully provide the needed information when debugging such things in
the future.

Huge thanks to Dominik, who analyzed this issue with me!


Stoiko Ivanov (4):
  add debug print helper
  accept-phase: fix conn_count "leak"
  accept-phase: shutdown socket on early error
  add debug log for problems during accept

 PVE/APIServer/AnyEvent.pm | 68 ++++++++++++++++++++++++++++++---------
 1 file changed, 53 insertions(+), 15 deletions(-)

-- 
2.20.1

More information about the pve-devel mailing list