After two or more events have been registered for the same file
descriptor using EV_ET, if one of the events is deleted, then the
epoll_ctl() call issued by libevent drops the EPOLLET flag resulting in
level triggered notifications.
[ azat: use existing "et" in the evmap_io_del_() ]
And use it in places where event_debug() should be called (since it
requires access to "event_debug_logging_mask_" and in win32 it is
tricky).
One of this places that is covered by this patch is the test for
event_debug().
MinGW 32-bit 5.3.0 does not defines it and our appveyour [1] build
reports this instantly:
evutil.c: In function 'evutil_make_listen_socket_ipv6only':
evutil.c:392:40: error: 'IPV6_V6ONLY' undeclared (first use in this function)
return setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, (void*) &one,
[1]: https://www.appveyor.com/docs/windows-images-software/#mingw-msys-cygwin
Another solution will be to use mingw64 which has it, but I guess we do
want that #ifdef anyway.
As pointed by @yankeehacker in #590:
Signed to Unsigned Conversion Error - buffer.c:1623
Description: This assignment creates a type mismatch by populating an
unsigned variable with a signed value. The signed integer will be
implicitly cast to an unsigned integer, converting negative values into
positive ones. If an attacker can control the signed value, it may be
possible to trigger a buffer overflow if the value specifies the length
of a memory write.
Remediation: Do not rely on implicit casts between signed and unsigned
values because the result can take on an unexpected value and violate
weak assumptions made elsewhere in the program.
Fixes: #590
../buffer.c:2231:6: warning: Access to field 'flags' results in a dereference of a null pointer
if (CHAIN_SPACE_LEN(*firstchainp) == 0) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../buffer.c:130:30: note: expanded from macro 'CHAIN_SPACE_LEN'
#define CHAIN_SPACE_LEN(ch) ((ch)->flags & EVBUFFER_IMMUTABLE ? \
Since we want people to stop using -levent, have the pkg-config file
also stop linking against that. This makes it easier to delete the
libevent.so library entirely.
Closes: #141
One tricky bit is reply to the BIO_C_GET_FD command, since otherwise it
will try to close(0) and accepted bev in ssl/bufferevent_connect_sleep
will leak. Other seems more or less trivial.
This was done to make sure that for at least generic cases does not
leak (tricky cases was listed here nmathewson/Libevent#83).
And this will allow run ssl/.. with --no-fork
From nmathewson/Libevent#83 by @fancycode:
There are a few code paths where the passed SSL object is not released in error cases, even if BEV_OPT_CLOSE_ON_FREE is passed as option while for others it is released. That way it's impossible for the caller to know it he has to free it on errors himself or not.
Line numbers are from "bufferevent_openssl.c" in 911abf3:
L1414 ("underlying == NULL" passed)
L1416 (bio could not be created)
L1446 (different fd passed)
L1325 (both underlying and fd passed)
L1328 (out-of-memory)
L1333 ("bufferevent_init_common_" failed)
In all error cases after the "bufferevent_ops_openssl" has been assigned, the option is evaluated on "bufferevent_free" (L1399) and the SSL object released (L1226).
Fixes: nmathewson/Libevent#83
This is mostly to match autotools and reduce amount mixiing declarations
and code.
Added:
- -Wextra (the same as -W), -Wno-unused-parameter -Wstrict-aliasing
- -fno-strict-aliasing (gcc 2.9.5+)
- -Winit-self -Wmissing-field-initializers -Wdeclaration-after-statement (4.0+)
- -Waddress -Wno-unused-function -Wnormalized=id -Woverride-init (4.2+)
- -Wlogical-op (4.5+)
Removed:
- -Wformat (include in -Wall)
Plus use CMAKE_C_COMPILER_ID over CMAKE_COMPILER_IS_GNUCC, as
cmake-variables(7) suggesting, and add common GNUC/CLANG variables.
v2: drop checks for flags, since add_compiler_flags() will check if such
flags exists anyway (but just to note, gcc ignores non existing warning
flags by default).
According to RFC3493 and most Linux distributions, default value is to
work in IPv4-mapped mode. If there is a requirement to bind same port
on same ip addresses but different handlers for both IPv4 and IPv6,
it is required to set IPV6_V6ONLY socket option to be sure that the
code works as expected without affected by bindv6only sysctl setting
in system.
See an example working with this patch:
https://gist.github.com/demirten/023008a63cd966e48b0ebcf9af7fc113Closes: #640 (cherry-pick)
* evutil_found_ifaddr-dev:
Cover evutil_v4addr_is_local_()/evutil_v6addr_is_local_()
Split evutil_found_ifaddr() into helpers (evutil_v{4,6}addr_is_local())
Use INADDR_ANY over 0 in evutil_found_ifaddr()
Replace EVUTIL_V4ADDR_IS_*() macroses with static inline functions
Filter link-local IPv4 addresses in evutil_found_ifaddr()
* http-request-line-parsing:
Fix http https_basic/https_filter_basic under valgrind (increase timeout)
http: cover various non RFC3986 conformant URIs
http: allow non RFC3986 conformant during parsing request-line (http server)
http: do not try to parse request-line if we do not have enough bytes
http: allow trailing spaces (and only them) in request-line (like nginx)
http: cleanup of the request-line parsing
- http/basic_trailing_space -- covers cases when there is trailing space
after the request line (nginx handles this)
- http/simple_nonconformant -- covers non RFC3986 conformant URIs
As you can see right now linux workers has zero failed tests, while osx
workers has 18 failed tests:
[bufferevent_connect_hostname_emfile FAILED]
[bufferevent_pair_release_lock FAILED]
[bufferevent_timeout FAILED]
[bufferevent_timeout_filter FAILED]
[bufferevent_timeout_pair FAILED]
[common_timeout FAILED]
[del_wait FAILED]
[immediatesignal FAILED]
[loopexit FAILED]
[loopexit_multiple FAILED]
[monotonic_res FAILED]
[no_events FAILED]
[persistent_active_timeout FAILED]
[persistent_timeout_jump FAILED]
[signal_switchbase FAILED]
[signal_while_processing FAILED]
[simpletimeout FAILED]
[usleep FAILED]
And this patch should remove from this list time related failures
(though maybe not all of them).
AFAIR there is shortage of osx workers on travis-ci, IOW builds that
requires them can wait fair amount of time in the queue by just waiting.
Plus linux workers AFAICS can run multiple jobs in parallel (4-5), while
osx does not.
Hence if we do allow failures for osx (and right now they have a lot of
failed tests) let's mark build result based on tests under linux only.
So in a nut shell this will reduce build time from 5 hours to 20-30
minutes.
Between start (setting "started_at") and comparing the time when
timeouts triggered with the start (test_timeval_diff_eq), there is too
much various things that can introduce extra delays and eventually could
fail the test on machine with shortage of CPU.
And this is exactly what happend on:
- travis-ci
- #262
Here is a simple reproducer that I came up with for this issue:
docker run --cpus=0.01 -e LD_LIBRARY_PATH=$PWD/lib -e PATH=/usr/bin:/bin:$PWD/bin -v $PWD:$PWD --rm -it debian:testing regress --no-fork --verbose bufferevent/bufferevent_timeout
Under limited CPU (see reproducer) the test almost always has problems
with that "write_timeout_at" exceed default timeval diff tolerance
(test_timeval_diff_eq() has 50 tolerance), i.e.:
FAIL ../test/regress_bufferevent.c:1040: assert(labs(timeval_msec_diff(((&started_at)), ((&res1.write_timeout_at))) - (100)) <= 50): 101 vs 50
But under some setup write timeout can even not triggered, and the
reason for this is that we write to the bufferevent 1024*1024 bytes, and
hence if evbuffer_write_iovec() will has some delay after writev() and
not send more then one vector at a time [1], it is pretty simple to
trigger, i.e.:
FAIL ../test/regress_bufferevent.c:1040: assert(labs(timeval_msec_diff(((&started_at)), ((&res1.write_timeout_at))) - (100)) <= 50): 1540155888478 vs 50
[1]: https://gist.github.com/azat/b72773dfe7549fed865d439e03de05c1
So this patch just send static small payload for all cases (plus a few
more asserts added).
The outcome of this patch is that all regression tests passed on
travis-ci for linux box [2]. While before it fails almost always [3].
Also reproducer with CPU limiting via docker also survive some
iterations (and strictly speaking it should has less CPU then travis-ci
workers I guess).
[2]: https://travis-ci.org/azat/libevent/builds/444391481
[3]: https://travis-ci.org/libevent/libevent/builds/444336505
Otherwise we will try to open NULL filename and got EFAULT and anyway
will got the same return code from evdns_base_resolv_conf_parse_impl()
Closes: #680 (cherry-picked)
That was a bad idea, because all this patch did is just uses extra CPU
time on travis-ci workers and eventually fail the build anyway.
It also increases time of executing one matrix entry (x3).
This reverts commit 7004ee8e869faabe3a284fb3d7eb859fb50ef90c.
* regress-dns-fixes:
Do not rely on getservbyname() for most of the dns regression tests
Turn off dns/getaddrinfo_race_gotresolve by default
Fix an error for debug locking in dns/getaddrinfo_race_gotresolve
There is only one test that uses service name getaddrinfo_async, which
manually check whether it works or not, other should not assume that it
is available and works.
There was already an attempt to overcome some possible limitations, like
lack of "http" in /etc/services in
d6bafbbeb27ff3943d6f3b6783bcded76384c31e ("test/dns: replace servname
since solaris does not have "http"")
When there is no /etc/services file evdns_getaddrinfo() will fail (with
service="ssh") and hence it will go to then "end" label with locked
rp.lock which in case of debug locking checks will bail with:
[err] ../evthread.c:220: Assertion lock->count == 0 failed in debug_lock_free
So add rp.locked flag, and unlock the lock before freeing it if it is in
locked state.
And here is how you can reproduce the issue:
$ docker run -e LD_LIBRARY_PATH=$PWD/lib -e PATH=/usr/bin:/bin:$PWD/bin -v $PWD:$PWD --rm -it debian:testing regress dns/getaddrinfo_race_gotresolve
(since debian:testing does not have /etc/services)
Despite the presence of 'sys/queue.h' in some stdlib implementations
(i.e. uclibc) 'LIST_HEAD' macro can be missing. This fix defines this
macro in the same manner as was done previously for 'TAILQ_'.
Fixes: #539Closes: #639 (cherry-picked)
Backport: 2.1.9
* be-wm-overrun-v2:
Fix hangs due to watermarks overruns in bufferevents implementations
test: cover watermarks (with some corner cases) in ssl bufferevent
Fixes: #690
Some implementations of bufferevents (for example openssl) can overrun
read high watermark.
And after this if user callback will not drain enough data it will be
suspended (i.e. it will not be runned again anymore).
This is not the expecting behaviour as one may guess, since in this case
the data will never be read. Hence once we detected that the watermark
exceeded (even after calling user callback) we will schedule the
callback again.
This also can be fixed in bufferevent openssl implementation (by
strictly limiting how much data is added to the read buffer according to
read high watermark), but since this data is already available (and in
memory) there is no point in doing so.
