From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 00E696B09E for ; Thu, 10 Dec 2020 15:03:13 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id EFC3C16244 for ; Thu, 10 Dec 2020 15:03:12 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id 5C2231622E for ; Thu, 10 Dec 2020 15:03:11 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 1F16A44F71 for ; Thu, 10 Dec 2020 15:03:11 +0100 (CET) From: Stoiko Ivanov To: pve-devel@lists.proxmox.com Date: Thu, 10 Dec 2020 15:02:47 +0100 Message-Id: <20201210140251.6127-1-s.ivanov@proxmox.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.078 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH http-server v3 0/4] improve error handling in accept_connections X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2020 14:03:13 -0000 v2->v3: * incorporated Thomas patient and excellent feedback (Thanks!!): * replaced the two error-flags by a single handle_creation flag, based on the observation that the code after AnyEvent::Handle->new() does not die (and that we'd probably still shutdown the socket if it did) * replaced the calls to shutdown($fh, SHUT_RD) with calls to close - in case accept() fails, we don't want to sent anything + it sents one tcp-packet less (only rst+ack, instead of fin+ack,rst+ack) * replaced syslog+dprint by a single warn (in our AnyEvent daemons that results in the line being printed to STDERR+to syslog with level warning) * squashed 1/5 (introduce dprint sub) and 5/5 (use it) tested on my workstation (the cleanup by having an deny-acl in /etc/default/pveproxy and connecting 1000 times with openssl s_client) original cover-letter for v2: v1->v2: * increment of connection count now happens right before the AnyEvent::Handle is created * the handle-creation is guarded by an error-flag, and if it fails the connection count is decremented (bounded to 0) again * as suggested by Thomas - added a debug print sub which includes the package name, linenumber and function name where the printing happens * refactored all active debug-prints to use it. original cover-letter for v1: This patchset is the result of investigating a report in our community forum: https://forum.proxmox.com/threads/pveproxy-eats-available-ram.79617/ The first patch fixes an issue where pveproxy worker processes would never exit (and eat quite a bit of ram+cpu) when 'getpeername' returned an error. The second seemed to me like a sensible further cleanup, and the third patch will hopefully provide the needed information when debugging such things in the future. Huge thanks to Dominik, who analyzed this issue with me! Stoiko Ivanov (4): add debug print helper accept-phase: fix conn_count "leak" accept-phase: shutdown socket on early error add debug log for problems during accept PVE/APIServer/AnyEvent.pm | 68 ++++++++++++++++++++++++++++++--------- 1 file changed, 53 insertions(+), 15 deletions(-) -- 2.20.1