[njs] Maximum call stack size is limited by 16M.

2016-12-01 Thread Igor Sysoev
details:   http://hg.nginx.org/njs/rev/6d0d4a92fa02
branches:  
changeset: 269:6d0d4a92fa02
user:  Igor Sysoev 
date:  Thu Dec 01 18:56:35 2016 +0300
description:
Maximum call stack size is limited by 16M.

diffstat:

 njs/njs_function.c   |  20 +++-
 njs/njs_function.h   |  14 --
 njs/njs_vm.c |   6 --
 njs/njs_vm.h |   3 +++
 njs/njscript.c   |   2 +-
 njs/test/njs_unit_test.c |   3 +++
 6 files changed, 30 insertions(+), 18 deletions(-)

diffs (172 lines):

diff -r 86c35adbd3f9 -r 6d0d4a92fa02 njs/njs_function.c
--- a/njs/njs_function.cWed Nov 30 14:53:15 2016 +0300
+++ b/njs/njs_function.cThu Dec 01 18:56:35 2016 +0300
@@ -16,6 +16,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -199,35 +200,44 @@ njs_function_frame(njs_vm_t *vm, njs_fun
 }
 
 
+static const njs_value_t  njs_exception_stack_size_exceeded =
+njs_long_string("RangeError: Maximum call stack size exceeded");
+
+
 nxt_noinline njs_native_frame_t *
 njs_function_frame_alloc(njs_vm_t *vm, size_t size)
 {
-size_t  spare_size;
-uint8_t first;
+size_t  spare_size, chunk_size;
 njs_native_frame_t  *frame;
 
 spare_size = vm->frame->free_size;
 
 if (nxt_fast_path(size <= spare_size)) {
 frame = (njs_native_frame_t *) vm->frame->free;
-first = 0;
+chunk_size = 0;
 
 } else {
 spare_size = size + NJS_FRAME_SPARE_SIZE;
 spare_size = nxt_align_size(spare_size, NJS_FRAME_SPARE_SIZE);
 
+if (vm->stack_size + spare_size > NJS_MAX_STACK_SIZE) {
+vm->exception = &njs_exception_stack_size_exceeded;
+return NULL;
+}
+
 frame = nxt_mem_cache_align(vm->mem_cache_pool, sizeof(njs_value_t),
 spare_size);
 if (nxt_slow_path(frame == NULL)) {
 return NULL;
 }
 
-first = 1;
+chunk_size = spare_size;
+vm->stack_size += spare_size;
 }
 
 memset(frame, 0, sizeof(njs_native_frame_t));
 
-frame->first = first;
+frame->size = chunk_size;
 frame->free_size = spare_size - size;
 frame->free = (u_char *) frame + size;
 
diff -r 86c35adbd3f9 -r 6d0d4a92fa02 njs/njs_function.h
--- a/njs/njs_function.hWed Nov 30 14:53:15 2016 +0300
+++ b/njs/njs_function.hThu Dec 01 18:56:35 2016 +0300
@@ -89,30 +89,24 @@ struct njs_native_frame_s {
 
 njs_exception_texception;
 
+uint32_t   size;
 uint32_t   free_size;
 uint32_t   nargs;
 
 /* Function is called as constructor with "new" keyword. */
 uint8_tctor;  /* 1 bit  */
 
-/*
- * The first frame in chunk.
- * 7 bits are just to possibly initialize first and skip
- * fields with one operation.
- */
-uint8_tfirst:7;   /* 1 bit  */
-
 /* Skip the Function.call() and Function.apply() methods frames. */
-uint8_tskip:1;/* 1 bit  */
+uint8_tskip;  /* 1 bit  */
 
 /* A number of trap tries, it can be no more than three. */
-uint8_ttrap_tries:2;  /* 2 bits */
+uint8_ttrap_tries;/* 2 bits */
 
 /*
  * The first operand in trap is reference to original value,
  * it is used to increment or decrement this value.
  */
-uint8_ttrap_reference:1;  /* 1 bit */
+uint8_ttrap_reference;   /* 1 bit */
 };
 
 
diff -r 86c35adbd3f9 -r 6d0d4a92fa02 njs/njs_vm.c
--- a/njs/njs_vm.c  Wed Nov 30 14:53:15 2016 +0300
+++ b/njs/njs_vm.c  Thu Dec 01 18:56:35 2016 +0300
@@ -277,7 +277,8 @@ start:
 vm->scopes[NJS_SCOPE_LOCAL] = frame->prev_local;
 vm->scopes[NJS_SCOPE_ARGUMENTS] = frame->prev_arguments;
 
-if (frame->native.first) {
+if (frame->native.size != 0) {
+vm->stack_size -= frame->native.size;
 nxt_mem_cache_free(vm->mem_cache_pool, frame);
 }
 }
@@ -2673,7 +2674,8 @@ njs_function_frame_free(njs_vm_t *vm, nj
 
 /* GC: free frame->local, etc. */
 
-if (frame->first) {
+if (frame->size != 0) {
+vm->stack_size -= frame->size;
 nxt_mem_cache_free(vm->mem_cache_pool, frame);
 }
 
diff -r 86c35adbd3f9 -r 6d0d4a92fa02 njs/njs_vm.h
--- a/njs/njs_vm.h  Wed Nov 30 14:53:15 2016 +0300
+++ b/njs/njs_vm.h  Thu Dec 01 18:56:35 2016 +0300
@@ -12,6 +12,8 @@
 #include 
 
 
+#define NJS_MAX_STACK_SIZE   (16 * 1024 * 1024)
+
 /*
  * Negative return values handled by nJSVM interpreter as special events.
  * The values must be in range from -1 to -11, because -12 is minimal jump
@@ -829

[njs] Using short string values where they are enough.

2016-12-01 Thread Igor Sysoev
details:   http://hg.nginx.org/njs/rev/f8f20b27724e
branches:  
changeset: 270:f8f20b27724e
user:  Igor Sysoev 
date:  Thu Dec 01 19:45:19 2016 +0300
description:
Using short string values where they are enough.

diffstat:

 njs/njs_date.c   |  28 ++--
 njs/njs_object.c |   3 +--
 2 files changed, 15 insertions(+), 16 deletions(-)

diffs (136 lines):

diff -r 6d0d4a92fa02 -r f8f20b27724e njs/njs_date.c
--- a/njs/njs_date.cThu Dec 01 18:56:35 2016 +0300
+++ b/njs/njs_date.cThu Dec 01 19:45:19 2016 +0300
@@ -2097,7 +2097,7 @@ static const njs_object_prop_t  njs_date
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setTime"),
+.name = njs_string("setTime"),
 .value = njs_native_function(njs_date_prototype_set_time, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG),
 },
@@ -2118,21 +2118,21 @@ static const njs_object_prop_t  njs_date
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setSeconds"),
+.name = njs_string("setSeconds"),
 .value = njs_native_function(njs_date_prototype_set_seconds, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG),
 },
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setUTCSeconds"),
+.name = njs_string("setUTCSeconds"),
 .value = njs_native_function(njs_date_prototype_set_seconds, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG),
 },
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setMinutes"),
+.name = njs_string("setMinutes"),
 .value = njs_native_function(njs_date_prototype_set_minutes, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG,
  NJS_NUMBER_ARG),
@@ -2140,7 +2140,7 @@ static const njs_object_prop_t  njs_date
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setUTCMinutes"),
+.name = njs_string("setUTCMinutes"),
 .value = njs_native_function(njs_date_prototype_set_utc_minutes, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG,
  NJS_NUMBER_ARG),
@@ -2148,7 +2148,7 @@ static const njs_object_prop_t  njs_date
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setHours"),
+.name = njs_string("setHours"),
 .value = njs_native_function(njs_date_prototype_set_hours, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG,
  NJS_NUMBER_ARG, NJS_NUMBER_ARG),
@@ -2156,7 +2156,7 @@ static const njs_object_prop_t  njs_date
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setUTCHours"),
+.name = njs_string("setUTCHours"),
 .value = njs_native_function(njs_date_prototype_set_utc_hours, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG,
  NJS_NUMBER_ARG, NJS_NUMBER_ARG),
@@ -2164,35 +2164,35 @@ static const njs_object_prop_t  njs_date
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setDate"),
+.name = njs_string("setDate"),
 .value = njs_native_function(njs_date_prototype_set_date, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG),
 },
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setUTCDate"),
+.name = njs_string("setUTCDate"),
 .value = njs_native_function(njs_date_prototype_set_utc_date, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG),
 },
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setMonth"),
+.name = njs_string("setMonth"),
 .value = njs_native_function(njs_date_prototype_set_month, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG),
 },
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setUTCMonth"),
+.name = njs_string("setUTCMonth"),
 .value = njs_native_function(njs_date_prototype_set_utc_month, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG),
 },
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setFullYear"),
+.name = njs_string("setFullYear"),
 .value = njs_native_function(njs_date_prototype_set_full_year, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG,
  NJS_NUMBER_ARG),
@@ -2200,7 +2200,7 @@ static const njs_object_prop_t  njs_date
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("setUTCFullYear"),
+.name = njs_string("setUTCFullYear"),
 .value = njs_native_function(njs_date_prototype_set_utc_full_year, 0,
  NJS_DATE_ARG, NJS_NUMBER_ARG, NJS_NUMBER_ARG,
  NJS_NUMBER_ARG),
@@ -2208,7 +2208,7 @@ static const njs_object_prop_t  njs_date
 
 {
 .type = NJS_METHOD,
-.name = njs_long_string("toJSON"),
+.name = njs_string("toJSON"),
 .value = njs_native_funct

Re: Why not remove UNIX domain socket before bind

2016-12-01 Thread Maxim Dounin
Hello!

On Thu, Dec 01, 2016 at 01:20:43AM -0800, Alexey Ivanov wrote:

> Why not just use `flock(2)` there?

It won't work if the socket is used by a different server.

-- 
Maxim Dounin
http://nginx.org/

___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel


[nginx] Events: improved error event handling for UDP sockets.

2016-12-01 Thread Dmitry Volyntsev
details:   http://hg.nginx.org/nginx/rev/75dbab4ea930
branches:  
changeset: 6806:75dbab4ea930
user:  Dmitry Volyntsev 
date:  Mon Nov 21 16:03:42 2016 +0300
description:
Events: improved error event handling for UDP sockets.

Normally, the epoll module calls the read and write handlers depending
on whether EPOLLIN and EPOLLOUT are reported by epoll_wait().  No error
processing is done in the module, the handlers are expected to get an
error when doing I/O.

If an error event is reported without EPOLLIN and EPOLLOUT, the module
set both EPOLLIN and EPOLLOUT to ensure the error event is handled at
least in one active handler.

This works well unless the error is delivered along with only one of
EPOLLIN or EPOLLOUT, and the corresponding handler does not do any I/O.
For example, it happened when getting EPOLLERR|EPOLLOUT from
epoll_wait() upon receiving "ICMP port unreachable" while proxying UDP.
As the write handler had nothing to send it was not able to detect and
log an error, and did not switch to the next upstream.

The fix is to unconditionally set EPOLLIN and EPOLLOUT in case of an
error event.  In the aforementioned case, this causes the read handler
to be called which does recv() and detects an error.

In addition to the epoll module, analogous changes were made in
devpoll/eventport/poll.

diffstat:

 src/event/modules/ngx_devpoll_module.c   |  10 --
 src/event/modules/ngx_epoll_module.c |  19 +++
 src/event/modules/ngx_eventport_module.c |  10 --
 src/event/modules/ngx_poll_module.c  |  10 --
 4 files changed, 19 insertions(+), 30 deletions(-)

diffs (99 lines):

diff -r 52bd8cc17f34 -r 75dbab4ea930 src/event/modules/ngx_devpoll_module.c
--- a/src/event/modules/ngx_devpoll_module.cMon Nov 28 19:19:21 2016 +0300
+++ b/src/event/modules/ngx_devpoll_module.cMon Nov 21 16:03:42 2016 +0300
@@ -481,13 +481,11 @@ ngx_devpoll_process_events(ngx_cycle_t *
   fd, event_list[i].events, revents);
 }
 
-if ((revents & (POLLERR|POLLHUP|POLLNVAL))
- && (revents & (POLLIN|POLLOUT)) == 0)
-{
+if (revents & (POLLERR|POLLHUP|POLLNVAL)) {
+
 /*
- * if the error events were returned without POLLIN or POLLOUT,
- * then add these flags to handle the events at least in one
- * active handler
+ * if the error events were returned, add POLLIN and POLLOUT
+ * to handle the events at least in one active handler
  */
 
 revents |= POLLIN|POLLOUT;
diff -r 52bd8cc17f34 -r 75dbab4ea930 src/event/modules/ngx_epoll_module.c
--- a/src/event/modules/ngx_epoll_module.c  Mon Nov 28 19:19:21 2016 +0300
+++ b/src/event/modules/ngx_epoll_module.c  Mon Nov 21 16:03:42 2016 +0300
@@ -863,6 +863,13 @@ ngx_epoll_process_events(ngx_cycle_t *cy
 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
"epoll_wait() error on fd:%d ev:%04XD",
c->fd, revents);
+
+/*
+ * if the error events were returned, add EPOLLIN and EPOLLOUT
+ * to handle the events at least in one active handler
+ */
+
+revents |= EPOLLIN|EPOLLOUT;
 }
 
 #if 0
@@ -873,18 +880,6 @@ ngx_epoll_process_events(ngx_cycle_t *cy
 }
 #endif
 
-if ((revents & (EPOLLERR|EPOLLHUP))
- && (revents & (EPOLLIN|EPOLLOUT)) == 0)
-{
-/*
- * if the error events were returned without EPOLLIN or EPOLLOUT,
- * then add these flags to handle the events at least in one
- * active handler
- */
-
-revents |= EPOLLIN|EPOLLOUT;
-}
-
 if ((revents & EPOLLIN) && rev->active) {
 
 #if (NGX_HAVE_EPOLLRDHUP)
diff -r 52bd8cc17f34 -r 75dbab4ea930 src/event/modules/ngx_eventport_module.c
--- a/src/event/modules/ngx_eventport_module.c  Mon Nov 28 19:19:21 2016 +0300
+++ b/src/event/modules/ngx_eventport_module.c  Mon Nov 21 16:03:42 2016 +0300
@@ -540,13 +540,11 @@ ngx_eventport_process_events(ngx_cycle_t
   (int) event_list[i].portev_object, revents);
 }
 
-if ((revents & (POLLERR|POLLHUP|POLLNVAL))
- && (revents & (POLLIN|POLLOUT)) == 0)
-{
+if (revents & (POLLERR|POLLHUP|POLLNVAL)) {
+
 /*
- * if the error events were returned without POLLIN or POLLOUT,
- * then add these flags to handle the events at least in one
- * active handler
+ * if the error events were returned, add POLLIN and POLLOUT
+ * to handle the events at least in one active handler
  */
 
 revents |= POLLIN|POLLOUT;
diff -r 52bd8cc17f34 -r 75dbab4ea930 src/event/modules/ngx_poll_module.c
--- a/src/event/modules/ngx_poll_module.c   Mon Nov 28 1

Re: Why not remove UNIX domain socket before bind

2016-12-01 Thread Alexey Ivanov
Why not just use `flock(2)` there?

> On Nov 30, 2016, at 6:57 AM, Maxim Dounin  wrote:
> 
> Hello!
> 
> On Tue, Nov 29, 2016 at 01:30:25PM -0800, Shuxin Yang wrote:
> 
>> Is there any reason not to delete UNIX domain socket before bind?
> 
> To name a few, deleting a socket implies that:
> 
> a) any file can be accidentally deleted due to a typo in the
>   listen directive;
> 
> b) attempts to do duplicate listen are not detected and silently
>   break service, e.g., if you start duplicate instance of nginx.
> 
> Instead we delete the socket after closing it.
> 
> --
> Maxim Dounin
> http://nginx.org/
> 
> ___
> nginx-devel mailing list
> nginx-devel@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: Why not remove UNIX domain socket before bind

2016-12-01 Thread Datong Sun via nginx-devel
Hi Maxim,

Thanks for the explanation. Regarding a), what about checking and making
sure the type of file is actually a socket before removing? Obviously it
does not prevent NGINX from deleting sockets created by other processes but
it's a much smaller issue compared to deleting arbitrary file.

Thanks,

On Wed, Nov 30, 2016 at 6:57 AM, Maxim Dounin  wrote:

> Hello!
>
> On Tue, Nov 29, 2016 at 01:30:25PM -0800, Shuxin Yang wrote:
>
> >  Is there any reason not to delete UNIX domain socket before bind?
>
> To name a few, deleting a socket implies that:
>
> a) any file can be accidentally deleted due to a typo in the
>listen directive;
>
> b) attempts to do duplicate listen are not detected and silently
>break service, e.g., if you start duplicate instance of nginx.
>
> Instead we delete the socket after closing it.
>
> --
> Maxim Dounin
> http://nginx.org/
>
> ___
> nginx-devel mailing list
> nginx-devel@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>



-- 

*Datong Sun*  |  Systems Engineer
dat...@cloudflare.com


1 888 99 FLARE  |  www.cloudflare.com
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel