Fix invalid stream processing #1887
Conversation
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
5 times, most recently
from
5aeebde to
c7f3e00
Compare
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
2 times, most recently
from
2f51a38 to
1021f5f
Compare
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
from
1021f5f to
6e9c512
Compare
| int | ||
| tfw_h2_stream_process(TfwH2Ctx *ctx, TfwStream *stream, unsigned char type) | ||
| TfwStreamFsmRes | ||
| tfw_h2_stream_process(TfwH2Ctx *ctx, TfwStream *stream, |
There was a problem hiding this comment.
Seems tfw_h2_stream_process() must be called only if stream->xmit.b_len == 0 or stream->xmit.h_len == 0 otherwise it looks dangerous. Now it's ok, but maybe add BUG?
fw/sock_clnt.c
Outdated
| #define H2_PROCESS_STREAM(h2, stream, type) \ | ||
| r = tfw_h2_stream_process(h2, stream, type); \ | ||
| if (unlikely(r != STREAM_FSM_RES_OK)) { \ | ||
| T_WARN("Failed tp process stream %d", (int)r); \ |
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
4 times, most recently
from
fa7df28 to
f62e4c2
Compare
| @@ -22,6 +22,7 @@ | |||
| #include <asm/fpu/api.h> | |||
There was a problem hiding this comment.
Please update the copyright year
| @@ -409,6 +471,14 @@ static struct ctl_table tfw_sysctl_tbl[] = { | |||
| .mode = 0644, | |||
| .proc_handler = tfw_ctlfn_state_io, | |||
| }, | |||
| #ifdef DBG_ERRINJ | |||
| { | |||
| .procname = "errinj", | |||
There was a problem hiding this comment.
In short, there is some runtime API and some C API and we do not have any examples of the usage at the moment. Could you please add an example and a short HowTo to the wiki? Maybe extend https://github.com/tempesta-tech/tempesta/wiki/Debugging-and-troubleshooting or create a new page under Contributing.
lib/errinj.c
Outdated
| * on top on native Linux socket buffers. The helpers provide common and | ||
| * convenient wrappers for skb processing. | ||
| * | ||
| * Copyright (C) 2015-2023 Tempesta Technologies, Inc. |
There was a problem hiding this comment.
Usually for new files we use only current year, so there should be just 2023. If you see 2015-2023, then it's quite an old file ;)
lib/errinj.c
Outdated
| * | ||
| * Application protocol handler layers must implement zero data copy logic | ||
| * on top on native Linux socket buffers. The helpers provide common and | ||
| * convenient wrappers for skb processing. |
There was a problem hiding this comment.
I didn't get the comment - why error injection file comments something about skb? A dirty copy & paste? BTW it'd be good to write some description about the error injection design, maybe some usage example
| ERRINJ_LIST(ERRINJ_MEMBER) | ||
| }; | ||
| EXPORT_SYMBOL(errinjs); | ||
|
|
lib/errinj.c
Outdated
|
|
||
| #include "errinj.h" | ||
|
|
||
| #define ERRINJ_MEMBER(n, t, s) { /* .name = */ #n, /* .type = */ t, /* .state = */ s }, |
| union { | ||
| /** bool parameter */ | ||
| bool bparam; | ||
| /** integer parameter */ |
There was a problem hiding this comment.
Usually we write a single comment on top of a structure describing all the members - it's not good or bad, but it'd be good to adjust for code consistency
lib/errinj.h
Outdated
| # define ERROR_INJECT(ID, CODE) \ | ||
| do { \ | ||
| if (errinj_get(ID, ERRINJ_BOOL)->bparam) \ | ||
| CODE; \ |
There was a problem hiding this comment.
Let's place all \ aligned as for ERROR_INJECT_COUNTDOWN and around the code
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
from
6bb718c to
f2ebd63
Compare
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
2 times, most recently
from
e2b9ec1 to
d097b03
Compare
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
3 times, most recently
from
f20dc6e to
1f866aa
Compare
Implement error injection to test difficult cases, which can't be simulated by usual python tests.
We should split stream processing into two parts: in first part we pass `HTTP2_HEADERS` type and `HTTP2_F_END_HEADERS` flag to `STREAM_SEND_PROCESS` and later in `xmit` callback we should pass `HTTP2_F_END_STREAM` flag and appropriate type when we finish send all data for corresponding stream. Also rename `tfw_h2_stream_id_unlink` to `tfw_h2_stream_unlink_from_req`
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
from
1f866aa to
09891fb
Compare
fw/http_frame.c
Outdated
| || (max_streams == ctx->streams_num | ||
| && closed_streams->num)) |
There was a problem hiding this comment.
IIUC this condition need to not delete streams if we have maximum streams and some streams in closed queue. These streams will be deleted on closing connection. Is there any reason to remove it?
There was a problem hiding this comment.
Yes, fixed during discussion. Add comment to #1346 to don't forget to change this condition later
fw/http_frame.h
Outdated
| @@ -228,6 +228,7 @@ int tfw_h2_context_init(TfwH2Ctx *ctx); | |||
| void tfw_h2_context_clear(TfwH2Ctx *ctx); | |||
| int tfw_h2_frame_process(TfwConn *c, struct sk_buff *skb); | |||
| void tfw_h2_conn_streams_cleanup(TfwH2Ctx *ctx); | |||
| TfwStream *tfw_h2_find_stream_if_not_closed(TfwH2Ctx *ctx, unsigned int id); | |||
There was a problem hiding this comment.
It's not mandatory, but I suggest to renaming tfw_h2_find_stream_if_not_closed to tfw_h2_find_stream_not_closed or to tfw_h2_find_not_closed_stream
Tempesta uses delayed streams deletion (closed streams add to special queue and remove later, when there count become greater than appropriate constant). We should not work with such streams except cases, when we process HTTP2_PRIORITY, HTTP2_WINDOW_UPDATE or HTTP2_RST_STREAM frames (according to RFC 9113), for this cases we should ignore such frames. Also remove strange condition from function `tfw_h2_closed_streams_shrink` (we can't delete streams from closed queue if there count in this queue is equal to zero). Closes #1800
EvgeniiMekhanik
force-pushed
the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
from
09891fb to
a88e643
Compare
EvgeniiMekhanik
deleted the
MekhanikEvgenii/Fix-incorrect-stream-processing
branch
We should split stream processing into two
parts: in first part we pass
HTTP2_HEADERStype and
HTTP2_F_END_HEADERSflag toSTREAM_SEND_PROCESSand later inxmitcallback we should pass
HTTP2_F_END_STREAMflag and appropriate type when we finish
send all data to corrsponding stream.