-
Notifications
You must be signed in to change notification settings - Fork 734
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Robust ServerSocket not throw (EOL) on recoverable accept failure #10386
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the connection counting code is now looking good.
Getting it in is blocked by a) CI - and b) now fixing up the ServerSocket change here to make it much smaller and more helpful I think.
Thanks.
974b9a9
to
44f01da
Compare
This is the ServerSocket fix vanilla branch w/o merged max-connection This is the ServerSocket fix branch w/ merged max-connection (this reviewed one) I applied all review remarks .. but not fully removed the 'swizzle around' lines |
44f01da
to
641a07d
Compare
a8f061b
to
b8f548b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd like to see unit tests for this - possibly we need a fault injection hook in UnitBase to throw during SSL socket creation or something - and of course for when we run out of sockets too.
Thanks!
b8f548b
to
0a29005
Compare
Revised pull request including unit tests injection
Classification of recoverable ::accept errors has been revised and documented. |
Unit test logs w/ error injections |
0a29005
to
98ae285
Compare
ENONET doesn't appear to exist on IOS, presumably an easy fix for that build error |
98ae285
to
a6a1ab5
Compare
thx, checked on FreeBSD's accept(2) as well as on their errno.h + Apple's. So it was just this one missing on BSD + Apple. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needs some more work; thanks.
36dad03
to
30a8c40
Compare
30a8c40
to
7fcb554
Compare
commit 94f2825 removed WebSocketHandler's WS Ping timeout functionality and disabled the unit test. Signed-off-by: Sven Göthel <[email protected]> Change-Id: I6c8a805437f66346ea3feac421b3a15707e7417f
7fcb554
to
1b5ebe3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nearly there.
1b5ebe3
to
99142ee
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry missed a couple more here; hopefully next round we'll get it in!
Otherwise - much better of course. |
99142ee
to
82409cc
Compare
…ify accept. Have `ServerSocket::accept` determine whether to `Util::forcedExit(EX_SOFTWARE)` on unrecoverable errors: - Exit application if `::accept` returns an unrecoverable `errno` (see below) - tolerate `Socket` ctor exceptions - tolerate `::accept` recoverable errors (see below) - Note, the following are `no throw` - `::close` - `::inet_ntop` Also reject exceeding external connections right within `ServerSocket::accept`, avoiding creation of `Socket` objects - hence saving resources. Recoverable `::accept` `errno` values following [accept(2)](https://www.man7.org/linux/man-pages/man2/accept.2.html) are - EAGAIN // == EWOULDBLOCK - ENETDOWN // man accept(2): to be treated like EAGAIN - EPROTO // man accept(2): to be treated like EAGAIN - ENOPROTOOPT // man accept(2): to be treated like EAGAIN - EHOSTDOWN // man accept(2): to be treated like EAGAIN - ENONET // man accept(2): to be treated like EAGAIN (undef on BSD, Apple, ..) - EHOSTUNREACH // man accept(2): to be treated like EAGAIN - EOPNOTSUPP // man accept(2): to be treated like EAGAIN - ENETUNREACH // man accept(2): to be treated like EAGAIN - ECONNABORTED // OK - ETIMEDOUT // OK, should not happen due ppoll We also allow retrying on temporary EMFILE, ENFILE, ENOBUFS and ENOMEM errors, which may also be candidates for later fine grained control in case of resource degradation. Unit testing hooks for failure injection is provided via - UnitWSD::simulateExternalAcceptError() - UnitWSD::simulateExternalSocketCtorException() and utilized in - test/UnitServerSocketAcceptFailure1.cpp - test/UnitStreamSocketCtorFailure1.cpp Signed-off-by: Sven Göthel <[email protected]> Change-Id: I939df8e8462d2c29d19214a9b5fb70ad37dc7500
82409cc
to
4dbee2e
Compare
missed one `amend' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Lovely thank you - didn't read the unit tests much; but really glad to see them =)
Summary
Have
ServerSocket::accept
determine whether toUtil::forcedExit(EX_SOFTWARE)
on unrecoverable errors:
::accept
returns an unrecoverableerrno
(see below)Socket
ctor exceptions::accept
recoverable errors (see below)no throw
::close
::inet_ntop
Also reject exceeding external connections right within
ServerSocket::accept
,avoiding creation of
Socket
objects - hence saving resources.Recoverable
::accept
errno
valuesfollowing accept(2) are
May consider handling temporary EMFILE, ENFILE, ENOBUFS and ENOMEM errors?
Unit Testing
Unit testing hooks for failure injection is provided via
and utilized in
Checklist
make prettier-write
and formatted the code.make check
make run
and manually verified that everything looks okay