nginx-devel June 2022

nginx-devel@nginx.org

18 participants
73 discussions

[PATCH 1 of 2] The "ipv4=" parameter of the "resolver" directive

by Sergey Kandaurov

# HG changeset patch # User Ruslan Ermilov <ru(a)nginx.com> # Date 1645589317 -10800 # Wed Feb 23 07:08:37 2022 +0300 # Node ID 04e314eb6b4d20a48c5d7bab0609e1b03b51b406 # Parent fecd73db563fb64108f7669eca419badb2aba633 The "ipv4=" parameter of the "resolver" directive. When set to "off", only IPv6 addresses will be resolved, and no A queries are ever sent (ticket #2196). diff -r fecd73db563f -r 04e314eb6b4d src/core/ngx_resolver.c --- a/src/core/ngx_resolver.c Tue Jun 21 17:25:37 2022 +0300 +++ b/src/core/ngx_resolver.c Wed Feb 23 07:08:37 2022 +0300 @@ -157,6 +157,8 @@ ngx_resolver_create(ngx_conf_t *cf, ngx_ cln->handler = ngx_resolver_cleanup; cln->data = r; + r->ipv4 = 1; + ngx_rbtree_init(&r->name_rbtree, &r->name_sentinel, ngx_resolver_rbtree_insert_value); @@ -225,6 +227,23 @@ ngx_resolver_create(ngx_conf_t *cf, ngx_ } #if (NGX_HAVE_INET6) + if (ngx_strncmp(names[i].data, "ipv4=", 5) == 0) { + + if (ngx_strcmp(&names[i].data[5], "on") == 0) { + r->ipv4 = 1; + + } else if (ngx_strcmp(&names[i].data[5], "off") == 0) { + r->ipv4 = 0; + + } else { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid parameter: %V", &names[i]); + return NULL; + } + + continue; + } + if (ngx_strncmp(names[i].data, "ipv6=", 5) == 0) { if (ngx_strcmp(&names[i].data[5], "on") == 0) { @@ -273,6 +292,14 @@ ngx_resolver_create(ngx_conf_t *cf, ngx_ } } +#if (NGX_HAVE_INET6) + if (r->ipv4 + r->ipv6 == 0) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "\"ipv4\" and \"ipv6\" cannot both be \"off\""); + return NULL; + } +#endif + if (n && r->connections.nelts == 0) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "no name servers defined"); return NULL; @@ -836,7 +863,7 @@ ngx_resolve_name_locked(ngx_resolver_t * r->last_connection = 0; } - rn->naddrs = (u_short) -1; + rn->naddrs = r->ipv4 ? (u_short) -1 : 0; rn->tcp = 0; #if (NGX_HAVE_INET6) rn->naddrs6 = r->ipv6 ? (u_short) -1 : 0; @@ -1263,7 +1290,7 @@ ngx_resolver_send_query(ngx_resolver_t * rec->log.action = "resolving"; } - if (rn->naddrs == (u_short) -1) { + if (rn->query && rn->naddrs == (u_short) -1) { rc = rn->tcp ? ngx_resolver_send_tcp_query(r, rec, rn->query, rn->qlen) : ngx_resolver_send_udp_query(r, rec, rn->query, rn->qlen); @@ -1765,10 +1792,13 @@ ngx_resolver_process_response(ngx_resolv q = ngx_queue_next(q)) { rn = ngx_queue_data(q, ngx_resolver_node_t, queue); - qident = (rn->query[0] << 8) + rn->query[1]; - - if (qident == ident) { - goto dns_error_name; + + if (rn->query) { + qident = (rn->query[0] << 8) + rn->query[1]; + + if (qident == ident) { + goto dns_error_name; + } } #if (NGX_HAVE_INET6) @@ -3645,7 +3675,7 @@ ngx_resolver_create_name_query(ngx_resol len = sizeof(ngx_resolver_hdr_t) + nlen + sizeof(ngx_resolver_qs_t); #if (NGX_HAVE_INET6) - p = ngx_resolver_alloc(r, r->ipv6 ? len * 2 : len); + p = ngx_resolver_alloc(r, len * (r->ipv4 + r->ipv6)); #else p = ngx_resolver_alloc(r, len); #endif @@ -3654,23 +3684,28 @@ ngx_resolver_create_name_query(ngx_resol } rn->qlen = (u_short) len; - rn->query = p; + + if (r->ipv4) { + rn->query = p; + } #if (NGX_HAVE_INET6) if (r->ipv6) { - rn->query6 = p + len; + rn->query6 = r->ipv4 ? (p + len) : p; } #endif query = (ngx_resolver_hdr_t *) p; - ident = ngx_random(); - - ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0, - "resolve: \"%V\" A %i", name, ident & 0xffff); - - query->ident_hi = (u_char) ((ident >> 8) & 0xff); - query->ident_lo = (u_char) (ident & 0xff); + if (r->ipv4) { + ident = ngx_random(); + + ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0, + "resolve: \"%V\" A %i", name, ident & 0xffff); + + query->ident_hi = (u_char) ((ident >> 8) & 0xff); + query->ident_lo = (u_char) (ident & 0xff); + } /* recursion query */ query->flags_hi = 1; query->flags_lo = 0; @@ -3731,7 +3766,9 @@ ngx_resolver_create_name_query(ngx_resol p = rn->query6; - ngx_memcpy(p, rn->query, rn->qlen); + if (r->ipv4) { + ngx_memcpy(p, rn->query, rn->qlen); + } query = (ngx_resolver_hdr_t *) p; diff -r fecd73db563f -r 04e314eb6b4d src/core/ngx_resolver.h --- a/src/core/ngx_resolver.h Tue Jun 21 17:25:37 2022 +0300 +++ b/src/core/ngx_resolver.h Wed Feb 23 07:08:37 2022 +0300 @@ -175,8 +175,10 @@ struct ngx_resolver_s { ngx_queue_t srv_expire_queue; ngx_queue_t addr_expire_queue; + unsigned ipv4:1; + #if (NGX_HAVE_INET6) - ngx_uint_t ipv6; /* unsigned ipv6:1; */ + unsigned ipv6:1; ngx_rbtree_t addr6_rbtree; ngx_rbtree_node_t addr6_sentinel; ngx_queue_t addr6_resend_queue;

1 day, 3 hours

[PATCH] Add ipv4=off option in resolver like ipv6=off (ticket #1330)

by Lukas Lihotzki via nginx-devel

# HG changeset patch # User Lukas Lihotzki <lukas(a)lihotzki.de> # Date 1642618053 -3600 # Wed Jan 19 19:47:33 2022 +0100 # Node ID e9f06dc2d6a4a1aa61c15009b84ceedcaf5983b2 # Parent aeab41dfd2606dd36cabbf01f1472726e27e8aea Add ipv4=off option in resolver like ipv6=off (ticket #1330). IPv6-only hosts (ticket #1330) and upstreams with IPv6 bind address (ticket #1535) need to disable resolving to IPv4 addresses. Ticket #1330 mentions ipv4=off is the proper fix. diff -r aeab41dfd260 -r e9f06dc2d6a4 src/core/ngx_resolver.c --- a/src/core/ngx_resolver.c Mon Jan 17 17:05:12 2022 +0300 +++ b/src/core/ngx_resolver.c Wed Jan 19 19:47:33 2022 +0100 @@ -122,10 +122,13 @@ static ngx_int_t ngx_resolver_cmp_srvs(const void *one, const void *two); #if (NGX_HAVE_INET6) +#define ngx_ipv4_enabled(r) r->ipv4 static void ngx_resolver_rbtree_insert_addr6_value(ngx_rbtree_node_t *temp, ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); static ngx_resolver_node_t *ngx_resolver_lookup_addr6(ngx_resolver_t *r, struct in6_addr *addr, uint32_t hash); +#else +#define ngx_ipv4_enabled(r) 1 #endif @@ -175,6 +178,7 @@ ngx_queue_init(&r->addr_expire_queue); #if (NGX_HAVE_INET6) + r->ipv4 = 1; r->ipv6 = 1; ngx_rbtree_init(&r->addr6_rbtree, &r->addr6_sentinel, @@ -225,6 +229,23 @@ } #if (NGX_HAVE_INET6) + if (ngx_strncmp(names[i].data, "ipv4=", 5) == 0) { + + if (ngx_strcmp(&names[i].data[5], "on") == 0) { + r->ipv4 = 1; + + } else if (ngx_strcmp(&names[i].data[5], "off") == 0) { + r->ipv4 = 0; + + } else { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid parameter: %V", &names[i]); + return NULL; + } + + continue; + } + if (ngx_strncmp(names[i].data, "ipv6=", 5) == 0) { if (ngx_strcmp(&names[i].data[5], "on") == 0) { @@ -273,6 +294,13 @@ } } +#if (NGX_HAVE_INET6) + if (!r->ipv4 && !r->ipv6) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "both ipv4 and ipv6 disabled"); + return NULL; + } +#endif + if (n && r->connections.nelts == 0) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "no name servers defined"); return NULL; @@ -836,7 +864,7 @@ r->last_connection = 0; } - rn->naddrs = (u_short) -1; + rn->naddrs = ngx_ipv4_enabled(r) ? (u_short) -1 : 0; rn->tcp = 0; #if (NGX_HAVE_INET6) rn->naddrs6 = r->ipv6 ? (u_short) -1 : 0; @@ -3644,7 +3672,7 @@ len = sizeof(ngx_resolver_hdr_t) + nlen + sizeof(ngx_resolver_qs_t); #if (NGX_HAVE_INET6) - p = ngx_resolver_alloc(r, r->ipv6 ? len * 2 : len); + p = ngx_resolver_alloc(r, len * (r->ipv4 + r->ipv6)); #else p = ngx_resolver_alloc(r, len); #endif @@ -3657,19 +3685,21 @@ #if (NGX_HAVE_INET6) if (r->ipv6) { - rn->query6 = p + len; + rn->query6 = p + len * r->ipv4; } #endif query = (ngx_resolver_hdr_t *) p; - ident = ngx_random(); - - ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0, - "resolve: \"%V\" A %i", name, ident & 0xffff); - - query->ident_hi = (u_char) ((ident >> 8) & 0xff); - query->ident_lo = (u_char) (ident & 0xff); + if (ngx_ipv4_enabled(r)) { + ident = ngx_random(); + + ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0, + "resolve: \"%V\" A %i", name, ident & 0xffff); + + query->ident_hi = (u_char) ((ident >> 8) & 0xff); + query->ident_lo = (u_char) (ident & 0xff); + } /* recursion query */ query->flags_hi = 1; query->flags_lo = 0; diff -r aeab41dfd260 -r e9f06dc2d6a4 src/core/ngx_resolver.h --- a/src/core/ngx_resolver.h Mon Jan 17 17:05:12 2022 +0300 +++ b/src/core/ngx_resolver.h Wed Jan 19 19:47:33 2022 +0100 @@ -176,7 +176,8 @@ ngx_queue_t addr_expire_queue; #if (NGX_HAVE_INET6) - ngx_uint_t ipv6; /* unsigned ipv6:1; */ + unsigned ipv4:1; + unsigned ipv6:1; ngx_rbtree_t addr6_rbtree; ngx_rbtree_node_t addr6_sentinel; ngx_queue_t addr6_resend_queue; _______________________________________________ nginx-devel mailing list -- nginx-devel(a)nginx.org To unsubscribe send an email to nginx-devel-leave(a)nginx.org

6 days, 13 hours

[nginx] Upstream: optimized use of SSL contexts (ticket #1234).

by Sergey Kandaurov

details: https://hg.nginx.org/nginx/rev/9d98d524bd02 branches: changeset: 8053:9d98d524bd02 user: Maxim Dounin <mdounin(a)mdounin.ru> date: Wed Jun 29 02:47:45 2022 +0300 description: Upstream: optimized use of SSL contexts (ticket #1234). To ensure optimal use of memory, SSL contexts for proxying are now inherited from previous levels as long as relevant proxy_ssl_* directives are not redefined. Further, when no proxy_ssl_* directives are redefined in a server block, we now preserve plcf->upstream.ssl in the "http" section configuration to inherit it to all servers. Similar changes made in uwsgi, grpc, and stream proxy. diffstat: src/http/modules/ngx_http_grpc_module.c | 66 +++++++++++++++++++++++++++--- src/http/modules/ngx_http_proxy_module.c | 68 ++++++++++++++++++++++++++++--- src/http/modules/ngx_http_uwsgi_module.c | 66 +++++++++++++++++++++++++++--- src/stream/ngx_stream_proxy_module.c | 64 +++++++++++++++++++++++++++-- 4 files changed, 236 insertions(+), 28 deletions(-) diffs (431 lines): diff -r e210c8942a54 -r 9d98d524bd02 src/http/modules/ngx_http_grpc_module.c --- a/src/http/modules/ngx_http_grpc_module.c Wed Jun 29 02:47:38 2022 +0300 +++ b/src/http/modules/ngx_http_grpc_module.c Wed Jun 29 02:47:45 2022 +0300 @@ -209,6 +209,8 @@ static char *ngx_http_grpc_ssl_password_ ngx_command_t *cmd, void *conf); static char *ngx_http_grpc_ssl_conf_command_check(ngx_conf_t *cf, void *post, void *data); +static ngx_int_t ngx_http_grpc_merge_ssl(ngx_conf_t *cf, + ngx_http_grpc_loc_conf_t *conf, ngx_http_grpc_loc_conf_t *prev); static ngx_int_t ngx_http_grpc_set_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *glcf); #endif @@ -562,7 +564,7 @@ ngx_http_grpc_handler(ngx_http_request_t ctx->host = glcf->host; #if (NGX_HTTP_SSL) - u->ssl = (glcf->upstream.ssl != NULL); + u->ssl = glcf->ssl; if (u->ssl) { ngx_str_set(&u->schema, "grpcs://"); @@ -4463,6 +4465,10 @@ ngx_http_grpc_merge_loc_conf(ngx_conf_t #if (NGX_HTTP_SSL) + if (ngx_http_grpc_merge_ssl(cf, conf, prev) != NGX_OK) { + return NGX_CONF_ERROR; + } + ngx_conf_merge_value(conf->upstream.ssl_session_reuse, prev->upstream.ssl_session_reuse, 1); @@ -4524,7 +4530,7 @@ ngx_http_grpc_merge_loc_conf(ngx_conf_t conf->grpc_values = prev->grpc_values; #if (NGX_HTTP_SSL) - conf->upstream.ssl = prev->upstream.ssl; + conf->ssl = prev->ssl; #endif } @@ -4874,17 +4880,63 @@ ngx_http_grpc_ssl_conf_command_check(ngx static ngx_int_t +ngx_http_grpc_merge_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *conf, + ngx_http_grpc_loc_conf_t *prev) +{ + ngx_uint_t preserve; + + if (conf->ssl_protocols == 0 + && conf->ssl_ciphers.data == NULL + && conf->upstream.ssl_certificate == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_certificate_key == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_passwords == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_verify == NGX_CONF_UNSET + && conf->ssl_verify_depth == NGX_CONF_UNSET_UINT + && conf->ssl_trusted_certificate.data == NULL + && conf->ssl_crl.data == NULL + && conf->upstream.ssl_session_reuse == NGX_CONF_UNSET + && conf->ssl_conf_commands == NGX_CONF_UNSET_PTR) + { + if (prev->upstream.ssl) { + conf->upstream.ssl = prev->upstream.ssl; + return NGX_OK; + } + + preserve = 1; + + } else { + preserve = 0; + } + + conf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); + if (conf->upstream.ssl == NULL) { + return NGX_ERROR; + } + + conf->upstream.ssl->log = cf->log; + + /* + * special handling to preserve conf->upstream.ssl + * in the "http" section to inherit it to all servers + */ + + if (preserve) { + prev->upstream.ssl = conf->upstream.ssl; + } + + return NGX_OK; +} + + +static ngx_int_t ngx_http_grpc_set_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *glcf) { ngx_pool_cleanup_t *cln; - glcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); - if (glcf->upstream.ssl == NULL) { - return NGX_ERROR; + if (glcf->upstream.ssl->ctx) { + return NGX_OK; } - glcf->upstream.ssl->log = cf->log; - if (ngx_ssl_create(glcf->upstream.ssl, glcf->ssl_protocols, NULL) != NGX_OK) { diff -r e210c8942a54 -r 9d98d524bd02 src/http/modules/ngx_http_proxy_module.c --- a/src/http/modules/ngx_http_proxy_module.c Wed Jun 29 02:47:38 2022 +0300 +++ b/src/http/modules/ngx_http_proxy_module.c Wed Jun 29 02:47:45 2022 +0300 @@ -236,6 +236,8 @@ static ngx_int_t ngx_http_proxy_rewrite_ ngx_http_proxy_rewrite_t *pr, ngx_str_t *regex, ngx_uint_t caseless); #if (NGX_HTTP_SSL) +static ngx_int_t ngx_http_proxy_merge_ssl(ngx_conf_t *cf, + ngx_http_proxy_loc_conf_t *conf, ngx_http_proxy_loc_conf_t *prev); static ngx_int_t ngx_http_proxy_set_ssl(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *plcf); #endif @@ -959,7 +961,7 @@ ngx_http_proxy_handler(ngx_http_request_ ctx->vars = plcf->vars; u->schema = plcf->vars.schema; #if (NGX_HTTP_SSL) - u->ssl = (plcf->upstream.ssl != NULL); + u->ssl = plcf->ssl; #endif } else { @@ -3724,6 +3726,10 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t #if (NGX_HTTP_SSL) + if (ngx_http_proxy_merge_ssl(cf, conf, prev) != NGX_OK) { + return NGX_CONF_ERROR; + } + ngx_conf_merge_value(conf->upstream.ssl_session_reuse, prev->upstream.ssl_session_reuse, 1); @@ -3857,7 +3863,7 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t conf->proxy_values = prev->proxy_values; #if (NGX_HTTP_SSL) - conf->upstream.ssl = prev->upstream.ssl; + conf->ssl = prev->ssl; #endif } @@ -4923,16 +4929,62 @@ ngx_http_proxy_ssl_conf_command_check(ng static ngx_int_t +ngx_http_proxy_merge_ssl(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *conf, + ngx_http_proxy_loc_conf_t *prev) +{ + ngx_uint_t preserve; + + if (conf->ssl_protocols == 0 + && conf->ssl_ciphers.data == NULL + && conf->upstream.ssl_certificate == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_certificate_key == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_passwords == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_verify == NGX_CONF_UNSET + && conf->ssl_verify_depth == NGX_CONF_UNSET_UINT + && conf->ssl_trusted_certificate.data == NULL + && conf->ssl_crl.data == NULL + && conf->upstream.ssl_session_reuse == NGX_CONF_UNSET + && conf->ssl_conf_commands == NGX_CONF_UNSET_PTR) + { + if (prev->upstream.ssl) { + conf->upstream.ssl = prev->upstream.ssl; + return NGX_OK; + } + + preserve = 1; + + } else { + preserve = 0; + } + + conf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); + if (conf->upstream.ssl == NULL) { + return NGX_ERROR; + } + + conf->upstream.ssl->log = cf->log; + + /* + * special handling to preserve conf->upstream.ssl + * in the "http" section to inherit it to all servers + */ + + if (preserve) { + prev->upstream.ssl = conf->upstream.ssl; + } + + return NGX_OK; +} + + +static ngx_int_t ngx_http_proxy_set_ssl(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *plcf) { ngx_pool_cleanup_t *cln; - plcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); - if (plcf->upstream.ssl == NULL) { - return NGX_ERROR; - } - - plcf->upstream.ssl->log = cf->log; + if (plcf->upstream.ssl->ctx) { + return NGX_OK; + } if (ngx_ssl_create(plcf->upstream.ssl, plcf->ssl_protocols, NULL) != NGX_OK) diff -r e210c8942a54 -r 9d98d524bd02 src/http/modules/ngx_http_uwsgi_module.c --- a/src/http/modules/ngx_http_uwsgi_module.c Wed Jun 29 02:47:38 2022 +0300 +++ b/src/http/modules/ngx_http_uwsgi_module.c Wed Jun 29 02:47:45 2022 +0300 @@ -96,6 +96,8 @@ static char *ngx_http_uwsgi_ssl_password ngx_command_t *cmd, void *conf); static char *ngx_http_uwsgi_ssl_conf_command_check(ngx_conf_t *cf, void *post, void *data); +static ngx_int_t ngx_http_uwsgi_merge_ssl(ngx_conf_t *cf, + ngx_http_uwsgi_loc_conf_t *conf, ngx_http_uwsgi_loc_conf_t *prev); static ngx_int_t ngx_http_uwsgi_set_ssl(ngx_conf_t *cf, ngx_http_uwsgi_loc_conf_t *uwcf); #endif @@ -668,7 +670,7 @@ ngx_http_uwsgi_handler(ngx_http_request_ if (uwcf->uwsgi_lengths == NULL) { #if (NGX_HTTP_SSL) - u->ssl = (uwcf->upstream.ssl != NULL); + u->ssl = uwcf->ssl; if (u->ssl) { ngx_str_set(&u->schema, "suwsgi://"); @@ -1865,6 +1867,10 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t #if (NGX_HTTP_SSL) + if (ngx_http_uwsgi_merge_ssl(cf, conf, prev) != NGX_OK) { + return NGX_CONF_ERROR; + } + ngx_conf_merge_value(conf->upstream.ssl_session_reuse, prev->upstream.ssl_session_reuse, 1); @@ -1927,7 +1933,7 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t conf->uwsgi_values = prev->uwsgi_values; #if (NGX_HTTP_SSL) - conf->upstream.ssl = prev->upstream.ssl; + conf->ssl = prev->ssl; #endif } @@ -2455,17 +2461,63 @@ ngx_http_uwsgi_ssl_conf_command_check(ng static ngx_int_t +ngx_http_uwsgi_merge_ssl(ngx_conf_t *cf, ngx_http_uwsgi_loc_conf_t *conf, + ngx_http_uwsgi_loc_conf_t *prev) +{ + ngx_uint_t preserve; + + if (conf->ssl_protocols == 0 + && conf->ssl_ciphers.data == NULL + && conf->upstream.ssl_certificate == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_certificate_key == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_passwords == NGX_CONF_UNSET_PTR + && conf->upstream.ssl_verify == NGX_CONF_UNSET + && conf->ssl_verify_depth == NGX_CONF_UNSET_UINT + && conf->ssl_trusted_certificate.data == NULL + && conf->ssl_crl.data == NULL + && conf->upstream.ssl_session_reuse == NGX_CONF_UNSET + && conf->ssl_conf_commands == NGX_CONF_UNSET_PTR) + { + if (prev->upstream.ssl) { + conf->upstream.ssl = prev->upstream.ssl; + return NGX_OK; + } + + preserve = 1; + + } else { + preserve = 0; + } + + conf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); + if (conf->upstream.ssl == NULL) { + return NGX_ERROR; + } + + conf->upstream.ssl->log = cf->log; + + /* + * special handling to preserve conf->upstream.ssl + * in the "http" section to inherit it to all servers + */ + + if (preserve) { + prev->upstream.ssl = conf->upstream.ssl; + } + + return NGX_OK; +} + + +static ngx_int_t ngx_http_uwsgi_set_ssl(ngx_conf_t *cf, ngx_http_uwsgi_loc_conf_t *uwcf) { ngx_pool_cleanup_t *cln; - uwcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); - if (uwcf->upstream.ssl == NULL) { - return NGX_ERROR; + if (uwcf->upstream.ssl->ctx) { + return NGX_OK; } - uwcf->upstream.ssl->log = cf->log; - if (ngx_ssl_create(uwcf->upstream.ssl, uwcf->ssl_protocols, NULL) != NGX_OK) { diff -r e210c8942a54 -r 9d98d524bd02 src/stream/ngx_stream_proxy_module.c --- a/src/stream/ngx_stream_proxy_module.c Wed Jun 29 02:47:38 2022 +0300 +++ b/src/stream/ngx_stream_proxy_module.c Wed Jun 29 02:47:45 2022 +0300 @@ -103,6 +103,8 @@ static void ngx_stream_proxy_ssl_handsha static void ngx_stream_proxy_ssl_save_session(ngx_connection_t *c); static ngx_int_t ngx_stream_proxy_ssl_name(ngx_stream_session_t *s); static ngx_int_t ngx_stream_proxy_ssl_certificate(ngx_stream_session_t *s); +static ngx_int_t ngx_stream_proxy_merge_ssl(ngx_conf_t *cf, + ngx_stream_proxy_srv_conf_t *conf, ngx_stream_proxy_srv_conf_t *prev); static ngx_int_t ngx_stream_proxy_set_ssl(ngx_conf_t *cf, ngx_stream_proxy_srv_conf_t *pscf); @@ -801,7 +803,7 @@ ngx_stream_proxy_init_upstream(ngx_strea #if (NGX_STREAM_SSL) - if (pc->type == SOCK_STREAM && pscf->ssl) { + if (pc->type == SOCK_STREAM && pscf->ssl_enable) { if (u->proxy_protocol) { if (ngx_stream_proxy_send_proxy_protocol(s) != NGX_OK) { @@ -2150,6 +2152,10 @@ ngx_stream_proxy_merge_srv_conf(ngx_conf #if (NGX_STREAM_SSL) + if (ngx_stream_proxy_merge_ssl(cf, conf, prev) != NGX_OK) { + return NGX_CONF_ERROR; + } + ngx_conf_merge_value(conf->ssl_enable, prev->ssl_enable, 0); ngx_conf_merge_value(conf->ssl_session_reuse, @@ -2199,17 +2205,63 @@ ngx_stream_proxy_merge_srv_conf(ngx_conf #if (NGX_STREAM_SSL) static ngx_int_t +ngx_stream_proxy_merge_ssl(ngx_conf_t *cf, ngx_stream_proxy_srv_conf_t *conf, + ngx_stream_proxy_srv_conf_t *prev) +{ + ngx_uint_t preserve; + + if (conf->ssl_protocols == 0 + && conf->ssl_ciphers.data == NULL + && conf->ssl_certificate == NGX_CONF_UNSET_PTR + && conf->ssl_certificate_key == NGX_CONF_UNSET_PTR + && conf->ssl_passwords == NGX_CONF_UNSET_PTR + && conf->ssl_verify == NGX_CONF_UNSET + && conf->ssl_verify_depth == NGX_CONF_UNSET_UINT + && conf->ssl_trusted_certificate.data == NULL + && conf->ssl_crl.data == NULL + && conf->ssl_session_reuse == NGX_CONF_UNSET + && conf->ssl_conf_commands == NGX_CONF_UNSET_PTR) + { + if (prev->ssl) { + conf->ssl = prev->ssl; + return NGX_OK; + } + + preserve = 1; + + } else { + preserve = 0; + } + + conf->ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); + if (conf->ssl == NULL) { + return NGX_ERROR; + } + + conf->ssl->log = cf->log; + + /* + * special handling to preserve conf->ssl + * in the "stream" section to inherit it to all servers + */ + + if (preserve) { + prev->ssl = conf->ssl; + } + + return NGX_OK; +} + + +static ngx_int_t ngx_stream_proxy_set_ssl(ngx_conf_t *cf, ngx_stream_proxy_srv_conf_t *pscf) { ngx_pool_cleanup_t *cln; - pscf->ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); - if (pscf->ssl == NULL) { - return NGX_ERROR; + if (pscf->ssl->ctx) { + return NGX_OK; } - pscf->ssl->log = cf->log; - if (ngx_ssl_create(pscf->ssl, pscf->ssl_protocols, NULL) != NGX_OK) { return NGX_ERROR; }

1 week

[nginx] Version bump.

by Sergey Kandaurov

details: https://hg.nginx.org/nginx/rev/e210c8942a54 branches: changeset: 8052:e210c8942a54 user: Maxim Dounin <mdounin(a)mdounin.ru> date: Wed Jun 29 02:47:38 2022 +0300 description: Version bump. diffstat: src/core/nginx.h | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diffs (14 lines): diff -r fecd73db563f -r e210c8942a54 src/core/nginx.h --- a/src/core/nginx.h Tue Jun 21 17:25:37 2022 +0300 +++ b/src/core/nginx.h Wed Jun 29 02:47:38 2022 +0300 @@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1023000 -#define NGINX_VERSION "1.23.0" +#define nginx_version 1023001 +#define NGINX_VERSION "1.23.1" #define NGINX_VER "nginx/" NGINX_VERSION #ifdef NGX_BUILD

1 week

[njs] Fixed break instruction in a try-catch block.

by Dmitry Volyntsev

details: https://hg.nginx.org/njs/rev/b7c4e0f714a9 branches: changeset: 1902:b7c4e0f714a9 user: Dmitry Volyntsev <xeioex(a)nginx.com> date: Tue Jun 28 23:04:00 2022 -0700 description: Fixed break instruction in a try-catch block. Previously, JUMP offset for a break instruction inside a try-catch block was not set to a correct offset during code generation when a return instruction was present in inner try-catch block. The fix is to update the JUMP offset appropriately. This closes #553 issue on Github. diffstat: src/njs_generator.c | 41 +++++++++++++++++++++++++++++++++- src/test/njs_unit_test.c | 56 +++++++++++++++++++++++++++++++++++++---------- 2 files changed, 83 insertions(+), 14 deletions(-) diffs (140 lines): diff -r 116b09a57817 -r b7c4e0f714a9 src/njs_generator.c --- a/src/njs_generator.c Tue Jun 28 22:36:38 2022 -0700 +++ b/src/njs_generator.c Tue Jun 28 23:04:00 2022 -0700 @@ -4495,6 +4495,11 @@ njs_generate_try_catch(njs_vm_t *vm, njs NJS_GENERATOR_ALL, &ctx->try_exit_label); + /* + * block can be NULL when &ctx->try_exit_label is "@return" + * for outermost try-catch block. + */ + if (block != NULL) { patch = njs_generate_make_exit_patch(vm, block, &ctx->try_exit_label, @@ -4503,6 +4508,26 @@ njs_generate_try_catch(njs_vm_t *vm, njs if (njs_slow_path(patch == NULL)) { return NJS_ERROR; } + + } else { + + /* + * when block == NULL, we still want to patch the "finally" + * instruction break_offset. + */ + + block = njs_generate_find_block(vm, generator->block, + NJS_GENERATOR_ALL, + &no_label); + + if (block != NULL) { + patch = njs_generate_make_exit_patch(vm, block, &no_label, + njs_code_offset(generator, finally) + + offsetof(njs_vmcode_finally_t, break_offset)); + if (njs_slow_path(patch == NULL)) { + return NJS_ERROR; + } + } } } } @@ -4669,8 +4694,7 @@ njs_generate_try_end(njs_vm_t *vm, njs_g * outermost try-catch block. */ block = njs_generate_find_block(vm, generator->block, - NJS_GENERATOR_ALL - | NJS_GENERATOR_TRY, dest_label); + NJS_GENERATOR_ALL, dest_label); if (block != NULL) { patch = njs_generate_make_exit_patch(vm, block, dest_label, njs_code_offset(generator, finally) @@ -4678,6 +4702,19 @@ njs_generate_try_end(njs_vm_t *vm, njs_g if (njs_slow_path(patch == NULL)) { return NJS_ERROR; } + + } else { + + block = njs_generate_find_block(vm, generator->block, + NJS_GENERATOR_ALL, &no_label); + if (block != NULL) { + patch = njs_generate_make_exit_patch(vm, block, &no_label, + njs_code_offset(generator, finally) + + offsetof(njs_vmcode_finally_t, break_offset)); + if (njs_slow_path(patch == NULL)) { + return NJS_ERROR; + } + } } } diff -r 116b09a57817 -r b7c4e0f714a9 src/test/njs_unit_test.c --- a/src/test/njs_unit_test.c Tue Jun 28 22:36:38 2022 -0700 +++ b/src/test/njs_unit_test.c Tue Jun 28 23:04:00 2022 -0700 @@ -3411,20 +3411,52 @@ static njs_unit_test_t njs_test[] = njs_str("a,2") }, { njs_str("function f(n) { " - " var r1 = 0, r2 = 0, r3 = 0;" - " a:{ try { try { " - " if (n == 0) { break a; } " - " if (n == 1) { throw 'a'; } " - " } " - " catch (e) { break a; } finally { r1++; } } " - " catch (e) {} " - " finally { r2++; } " - " r3++; " - " }; " - "return [r1, r2, r3]" - "}; njs.dump([f(0), f(1), f(3)])"), + " var r1 = 0, r2 = 0, r3 = 0;" + " a:{ try { try { " + " if (n == 0) { break a; } " + " if (n == 1) { throw 'a'; } " + " } " + " catch (e) { break a; } finally { r1++; } } " + " catch (e) {} " + " finally { r2++; } " + " r3++; " + " }; " + "return [r1, r2, r3]" + "}; njs.dump([f(0), f(1), f(3)])"), njs_str("[[1,1,0],[1,1,0],[1,1,1]]") }, + + { njs_str("function f(n) {" + " while (1)" + " try {" + " if (n == 0) { break; }" + " if (n == 1) { throw 'a'; }" + "" + " try { return 42; }" + " catch (a) {}" + "" + " } catch (b) { return b; }" + "};" + "njs.dump([f(0), f(1), f(2)])"), + njs_str("[undefined,'a',42]") }, + + { njs_str("function f(n, r) {" + " while (1)" + " try {" + " if (n == 0) { break; }" + " if (n == 1) { throw 'a'; }" + "" + " try { return 42; }" + " catch (a) {}" + " finally { r.push('in');}" + "" + " } catch (b) { return b; }" + " finally { r.push('out'); }" + "};" + "function g(n) { var r = []; return [f(n, r), r]}" + "njs.dump([g(0), g(1), g(2)])"), + njs_str("[[undefined,['out']],['a',['out']],[42,['in','out']]]") }, + /**/ { njs_str("function f() { Object.prototype.toString = 1; };"

1 week

[njs] Catching in runtime invalid JUMP offsets at FINALLY instruction.

by Dmitry Volyntsev

details: https://hg.nginx.org/njs/rev/116b09a57817 branches: changeset: 1901:116b09a57817 user: Dmitry Volyntsev <xeioex(a)nginx.com> date: Tue Jun 28 22:36:38 2022 -0700 description: Catching in runtime invalid JUMP offsets at FINALLY instruction. diffstat: src/njs_vmcode.c | 17 ++++++++++++++--- 1 files changed, 14 insertions(+), 3 deletions(-) diffs (34 lines): diff -r 0cdbc3d35a2a -r 116b09a57817 src/njs_vmcode.c --- a/src/njs_vmcode.c Tue Jun 28 22:36:37 2022 -0700 +++ b/src/njs_vmcode.c Tue Jun 28 22:36:38 2022 -0700 @@ -2122,6 +2122,7 @@ njs_vmcode_finally(njs_vm_t *vm, njs_val u_char *pc) { njs_value_t *exception_value, *exit_value; + njs_jump_off_t offset; njs_vmcode_finally_t *finally; exception_value = njs_scope_value(vm, (njs_index_t) retval); @@ -2148,9 +2149,19 @@ njs_vmcode_finally(njs_vm_t *vm, njs_val return njs_vmcode_return(vm, NULL, exit_value); } else if (njs_number(exit_value) != 0) { - return (njs_jump_off_t) (njs_number(exit_value) > 0) - ? finally->break_offset - : finally->continue_offset; + offset = (njs_number(exit_value) > 0) ? finally->break_offset + : finally->continue_offset; + + if (njs_slow_path(offset + < (njs_jump_off_t) sizeof(njs_vmcode_finally_t))) + { + njs_internal_error(vm, "unset %s offset for FINALLY block", + (njs_number(exit_value) > 0) ? "exit" + : "continuaion"); + return NJS_ERROR; + } + + return offset; } return sizeof(njs_vmcode_finally_t);

1 week

[njs] Added generator debug.

by Dmitry Volyntsev

details: https://hg.nginx.org/njs/rev/0cdbc3d35a2a branches: changeset: 1900:0cdbc3d35a2a user: Dmitry Volyntsev <xeioex(a)nginx.com> date: Tue Jun 28 22:36:37 2022 -0700 description: Added generator debug. diffstat: auto/cc | 4 + auto/help | 2 + auto/options | 2 + src/njs.h | 3 + src/njs_generator.c | 152 ++++++++++++++++++++++++++++++++++++++++----------- src/njs_shell.c | 13 ++++ 6 files changed, 143 insertions(+), 33 deletions(-) diffs (512 lines): diff -r 8fe7d9723477 -r 0cdbc3d35a2a auto/cc --- a/auto/cc Tue Jun 28 22:36:30 2022 -0700 +++ b/auto/cc Tue Jun 28 22:36:37 2022 -0700 @@ -181,6 +181,10 @@ if [ "$NJS_DEBUG_OPCODE" = "YES" ]; then njs_define=NJS_DEBUG_OPCODE . auto/define fi +if [ "$NJS_DEBUG_GENERATOR" = "YES" ]; then + njs_define=NJS_DEBUG_GENERATOR . auto/define +fi + if [ "$NJS_TEST262" = "YES" ]; then njs_define=NJS_TEST262 . auto/define fi diff -r 8fe7d9723477 -r 0cdbc3d35a2a auto/help --- a/auto/help Tue Jun 28 22:36:30 2022 -0700 +++ b/auto/help Tue Jun 28 22:36:37 2022 -0700 @@ -41,6 +41,8 @@ default: "$NJS_DEBUG" default: "$NJS_DEBUG_MEMORY" --debug-opcode=YES enables runtime function tracing, \ default: "$NJS_DEBUG_OPCODE" + --debug-generator=YES enables generator debug, \ +default: "$NJS_DEBUG_GENERATOR" --test262=YES enables test262 extentions, \ default: "$NJS_TEST262" END diff -r 8fe7d9723477 -r 0cdbc3d35a2a auto/options --- a/auto/options Tue Jun 28 22:36:30 2022 -0700 +++ b/auto/options Tue Jun 28 22:36:37 2022 -0700 @@ -9,6 +9,7 @@ NJS_LD_OPT=${NJS_CC_OPT:--O} NJS_DEBUG=NO NJS_DEBUG_MEMORY=NO NJS_DEBUG_OPCODE=NO +NJS_DEBUG_GENERATOR=NO NJS_ADDRESS_SANITIZER=NO NJS_ADDR2LINE=NO @@ -41,6 +42,7 @@ do --debug=*) NJS_DEBUG="$value" ;; --debug-memory=*) NJS_DEBUG_MEMORY="$value" ;; --debug-opcode=*) NJS_DEBUG_OPCODE="$value" ;; + --debug-generator=*) NJS_DEBUG_GENERATOR="$value" ;; --test262=*) NJS_TEST262="$value" ;; --no-openssl) NJS_OPENSSL=NO ;; diff -r 8fe7d9723477 -r 0cdbc3d35a2a src/njs.h --- a/src/njs.h Tue Jun 28 22:36:30 2022 -0700 +++ b/src/njs.h Tue Jun 28 22:36:37 2022 -0700 @@ -253,6 +253,9 @@ typedef struct { #ifdef NJS_DEBUG_OPCODE uint8_t opcode_debug; /* 1 bit */ #endif +#ifdef NJS_DEBUG_GENERATOR + uint8_t generator_debug; /* 1 bit */ +#endif uint8_t unhandled_rejection; } njs_vm_opt_t; diff -r 8fe7d9723477 -r 0cdbc3d35a2a src/njs_generator.c --- a/src/njs_generator.c Tue Jun 28 22:36:30 2022 -0700 +++ b/src/njs_generator.c Tue Jun 28 22:36:37 2022 -0700 @@ -24,6 +24,12 @@ typedef enum { } njs_generator_block_type_t; +typedef enum { + NJS_GENERATOR_CONTINUATION = 1, + NJS_GENERATOR_EXIT = 2, +} njs_generator_patch_type_t; + + struct njs_generator_patch_s { /* * The jump_offset field points to jump offset field which contains a small @@ -179,10 +185,10 @@ static njs_int_t njs_generate_start_bloc const njs_str_t *label); static njs_generator_block_t *njs_generate_lookup_block( njs_generator_block_t *block, uint32_t mask, const njs_str_t *label); -static njs_generator_block_t *njs_generate_find_block( +static njs_generator_block_t *njs_generate_find_block(njs_vm_t *vm, njs_generator_block_t *block, uint32_t mask, const njs_str_t *label); static void njs_generate_patch_block(njs_vm_t *vm, njs_generator_t *generator, - njs_generator_patch_t *list); + njs_generator_block_t *block, unsigned type); static njs_generator_patch_t *njs_generate_make_continuation_patch(njs_vm_t *vm, njs_generator_block_t *block, const njs_str_t *label, njs_jump_off_t offset); @@ -427,13 +433,16 @@ static njs_int_t njs_generate_index_rele ##__VA_ARGS__) -#ifdef NJS_GENERATOR_DEBUG -#define njs_generator_debug(msg, ...) njs_printf(msg "\n", ##__VA_ARGS__) -#define njs_generator_debug_code(code) \ - njs_disassemble((u_char *) code, NULL, 1, NULL) +#ifdef NJS_DEBUG_GENERATOR +#define njs_debug_generator(vm, msg, ...) \ + if (vm->options.generator_debug) \ + njs_printf("GENERATOR " msg "\n", ##__VA_ARGS__) +#define njs_debug_generator_code(code) \ + if (vm->options.generator_debug) \ + njs_disassemble((u_char *) code, NULL, 1, NULL) #else -#define njs_generator_debug(msg, ...) -#define njs_generator_debug_code(code) +#define njs_debug_generator(vm, msg, ...) +#define njs_debug_generator_code(code) #endif @@ -1590,7 +1599,8 @@ njs_generate_while_condition(njs_vm_t *v ctx = generator->context; - njs_generate_patch_block(vm, generator, generator->block->continuation); + njs_generate_patch_block(vm, generator, generator->block, + NJS_GENERATOR_CONTINUATION); njs_code_set_jump_offset(generator, njs_vmcode_jump_t, ctx->jump_offset); @@ -1657,7 +1667,8 @@ static njs_int_t njs_generate_do_while_condition(njs_vm_t *vm, njs_generator_t *generator, njs_parser_node_t *node) { - njs_generate_patch_block(vm, generator, generator->block->continuation); + njs_generate_patch_block(vm, generator, generator->block, + NJS_GENERATOR_CONTINUATION); njs_generator_next(generator, njs_generate, node->right); @@ -1795,7 +1806,8 @@ njs_generate_for_body(njs_vm_t *vm, njs_ return ret; } - njs_generate_patch_block(vm, generator, generator->block->continuation); + njs_generate_patch_block(vm, generator, generator->block, + NJS_GENERATOR_CONTINUATION); njs_generator_next(generator, njs_generate, update); @@ -2062,7 +2074,8 @@ njs_generate_for_in_body(njs_vm_t *vm, n } } - njs_generate_patch_block(vm, generator, generator->block->continuation); + njs_generate_patch_block(vm, generator, generator->block, + NJS_GENERATOR_CONTINUATION); njs_code_set_jump_offset(generator, njs_vmcode_prop_foreach_t, ctx->jump_offset); @@ -2095,6 +2108,24 @@ njs_generate_for_in_body(njs_vm_t *vm, n } +#ifdef NJS_DEBUG_GENERATOR +njs_inline const char* +njs_block_type(njs_generator_block_type_t type) +{ + switch (type) { + case NJS_GENERATOR_LOOP: + return "LOOP "; + case NJS_GENERATOR_SWITCH: + return "SWITCH"; + case NJS_GENERATOR_BLOCK: + return "BLOCK "; + default: + return "TRY "; + } +} +#endif + + static njs_int_t njs_generate_start_block(njs_vm_t *vm, njs_generator_t *generator, njs_generator_block_type_t type, const njs_str_t *label) @@ -2114,6 +2145,8 @@ njs_generate_start_block(njs_vm_t *vm, n block->index = 0; + njs_debug_generator(vm, "START %s %p", njs_block_type(type), block); + return NJS_OK; } @@ -2145,8 +2178,8 @@ njs_generate_lookup_block(njs_generator_ static njs_generator_block_t * -njs_generate_find_block(njs_generator_block_t *block, uint32_t mask, - const njs_str_t *label) +njs_generate_find_block(njs_vm_t *vm, njs_generator_block_t *block, + uint32_t mask, const njs_str_t *label) { njs_generator_block_t *dest_block; @@ -2172,17 +2205,24 @@ njs_generate_find_block(njs_generator_bl while (block != NULL) { if (block->type & NJS_GENERATOR_TRY) { + njs_debug_generator(vm, "FIND %s %p", + njs_block_type(block->type), block); return block; } if (block == dest_block) { - return block; + break; } block = block->next; } } + njs_debug_generator(vm, "FIND %s %p", + dest_block != NULL ? njs_block_type(dest_block->type) + : "NONE ", + dest_block); + return dest_block; } @@ -2206,18 +2246,26 @@ njs_generate_make_continuation_patch(njs patch->label = *label; + + njs_debug_generator(vm, "MAKE CONT %p %L %V", patch, patch->jump_offset, + &patch->label); + return patch; } static void -njs_generate_patch_block(njs_vm_t *vm, njs_generator_t *generator, +njs_generate_patch(njs_vm_t *vm, njs_generator_t *generator, njs_generator_patch_t *list) { njs_generator_patch_t *patch, *next; for (patch = list; patch != NULL; patch = next) { njs_code_update_offset(generator, patch); + njs_debug_generator(vm, "PATCH %p at %L to %L %V", patch, + patch->jump_offset, + *(njs_code_jump_ptr(generator, patch->jump_offset)), + &patch->label); next = patch->next; njs_mp_free(vm->mem_pool, patch); @@ -2225,6 +2273,22 @@ njs_generate_patch_block(njs_vm_t *vm, n } +static void +njs_generate_patch_block(njs_vm_t *vm, njs_generator_t *generator, + njs_generator_block_t *block, unsigned type) +{ + if (type & NJS_GENERATOR_CONTINUATION) { + njs_debug_generator(vm, "PATCH CONT %p", block); + njs_generate_patch(vm, generator, block->continuation); + } + + if (type & NJS_GENERATOR_EXIT) { + njs_debug_generator(vm, "PATCH EXIT %p", block); + njs_generate_patch(vm, generator, block->exit); + } +} + + static njs_generator_patch_t * njs_generate_make_exit_patch(njs_vm_t *vm, njs_generator_block_t *block, const njs_str_t *label, njs_jump_off_t offset) @@ -2244,6 +2308,9 @@ njs_generate_make_exit_patch(njs_vm_t *v patch->label = *label; + njs_debug_generator(vm, "MAKE EXIT %p %L %V", patch, patch->jump_offset, + &patch->label); + return patch; } @@ -2256,7 +2323,9 @@ njs_generate_patch_block_exit(njs_vm_t * block = generator->block; generator->block = block->next; - njs_generate_patch_block(vm, generator, block->exit); + njs_generate_patch_block(vm, generator, block, NJS_GENERATOR_EXIT); + + njs_debug_generator(vm, "EXIT %s %p", njs_block_type(block->type), block); njs_mp_free(vm->mem_pool, block); } @@ -2307,7 +2376,7 @@ njs_generate_continue_statement(njs_vm_t label = &node->name; - block = njs_generate_find_block(generator->block, NJS_GENERATOR_LOOP, + block = njs_generate_find_block(vm, generator->block, NJS_GENERATOR_LOOP, label); if (njs_slow_path(block == NULL)) { @@ -2356,7 +2425,8 @@ njs_generate_break_statement(njs_vm_t *v label = &node->name; - block = njs_generate_find_block(generator->block, NJS_GENERATOR_ALL, label); + block = njs_generate_find_block(vm, generator->block, NJS_GENERATOR_ALL, + label); if (njs_slow_path(block == NULL)) { goto syntax_error; } @@ -3377,7 +3447,7 @@ njs_generate_3addr_operation_end(njs_vm_ code->dst = node->index; - njs_generator_debug_code(code); + njs_debug_generator_code(code); return njs_generator_stack_pop(vm, generator, generator->context); } @@ -3412,7 +3482,7 @@ njs_generate_2addr_operation_end(njs_vm_ code->dst = node->index; - njs_generator_debug_code(code); + njs_debug_generator_code(code); return njs_generator_stack_pop(vm, generator, NULL); } @@ -3461,7 +3531,7 @@ njs_generate_typeof_operation_end(njs_vm code->dst = node->index; - njs_generator_debug_code(code); + njs_debug_generator_code(code); return njs_generator_stack_pop(vm, generator, NULL); } @@ -3884,6 +3954,8 @@ njs_generate_return_statement_end(njs_vm immediate = njs_generate_lookup_block(generator->block, NJS_GENERATOR_TRY, &no_label); + njs_debug_generator(vm, "LOOKUP TRY %p", immediate); + if (njs_fast_path(immediate == NULL)) { njs_generate_code(generator, njs_vmcode_return_t, code, NJS_VMCODE_RETURN, 1, node); @@ -4267,7 +4339,11 @@ njs_generate_try_left(njs_vm_t *vm, njs_ if (try_block->exit != NULL) { ctx->try_exit_label = try_block->exit->label; - njs_generate_patch_block(vm, generator, try_block->exit); + njs_debug_generator(vm, "TRY CTX %p EXIT LABEL %V", ctx, + &ctx->try_exit_label); + + njs_generate_patch_block(vm, generator, try_block, + NJS_GENERATOR_EXIT); njs_generate_code(generator, njs_vmcode_try_trampoline_t, try_break, NJS_VMCODE_TRY_BREAK, 1, NULL); @@ -4282,7 +4358,8 @@ njs_generate_try_left(njs_vm_t *vm, njs_ if (try_block->continuation != NULL) { ctx->try_cont_label = try_block->continuation->label; - njs_generate_patch_block(vm, generator, try_block->continuation); + njs_generate_patch_block(vm, generator, try_block, + NJS_GENERATOR_CONTINUATION); njs_generate_code(generator, njs_vmcode_try_trampoline_t, try_continue, NJS_VMCODE_TRY_CONTINUE, 1, NULL); @@ -4295,6 +4372,10 @@ njs_generate_try_left(njs_vm_t *vm, njs_ } } + njs_debug_generator(vm, "EXIT %s %p", + njs_block_type(generator->block->type), + generator->block); + generator->block = try_block->next; njs_code_set_jump_offset(generator, njs_vmcode_try_start_t, @@ -4396,7 +4477,7 @@ njs_generate_try_catch(njs_vm_t *vm, njs * block != NULL is checked * by njs_generate_continue_statement() */ - block = njs_generate_find_block(generator->block, + block = njs_generate_find_block(vm, generator->block, NJS_GENERATOR_LOOP, &ctx->try_cont_label); @@ -4410,7 +4491,7 @@ njs_generate_try_catch(njs_vm_t *vm, njs } if (try_block->exit != NULL) { - block = njs_generate_find_block(generator->block, + block = njs_generate_find_block(vm, generator->block, NJS_GENERATOR_ALL, &ctx->try_exit_label); @@ -4462,7 +4543,8 @@ njs_generate_try_finally(njs_vm_t *vm, n if (catch_block->exit != NULL) { ctx->catch_exit_label = catch_block->exit->label; - njs_generate_patch_block(vm, generator, catch_block->exit); + njs_generate_patch_block(vm, generator, catch_block, + NJS_GENERATOR_EXIT); njs_generate_code(generator, njs_vmcode_try_trampoline_t, try_break, NJS_VMCODE_TRY_BREAK, 1, NULL); @@ -4478,8 +4560,8 @@ njs_generate_try_finally(njs_vm_t *vm, n if (catch_block->continuation != NULL) { ctx->catch_cont_label = catch_block->continuation->label; - njs_generate_patch_block(vm, generator, - catch_block->continuation); + njs_generate_patch_block(vm, generator, catch_block, + NJS_GENERATOR_CONTINUATION); njs_generate_code(generator, njs_vmcode_try_trampoline_t, try_continue, NJS_VMCODE_TRY_CONTINUE, 1, @@ -4494,6 +4576,10 @@ njs_generate_try_finally(njs_vm_t *vm, n } } + njs_debug_generator(vm, "EXIT %s %p", + njs_block_type(generator->block->type), + generator->block); + generator->block = catch_block->next; njs_code_set_jump_offset(generator, njs_vmcode_catch_t, @@ -4554,7 +4640,7 @@ njs_generate_try_end(njs_vm_t *vm, njs_g * block != NULL is checked * by njs_generate_continue_statement() */ - block = njs_generate_find_block(generator->block, + block = njs_generate_find_block(vm, generator->block, NJS_GENERATOR_LOOP, dest_label); patch = njs_generate_make_continuation_patch(vm, block, dest_label, @@ -4582,7 +4668,7 @@ njs_generate_try_end(njs_vm_t *vm, njs_g * block can be NULL for "return" instruction in * outermost try-catch block. */ - block = njs_generate_find_block(generator->block, + block = njs_generate_find_block(vm, generator->block, NJS_GENERATOR_ALL | NJS_GENERATOR_TRY, dest_label); if (block != NULL) { @@ -4911,7 +4997,7 @@ njs_generate_temp_index_get(njs_vm_t *vm if (cache != NULL && cache->items != 0) { last = njs_arr_remove_last(cache); - njs_generator_debug("INDEX REUSE %04Xz", (size_t) *last); + njs_debug_generator(vm, "INDEX REUSE %04Xz", (size_t) *last); return *last; } @@ -4977,7 +5063,7 @@ njs_generate_index_release(njs_vm_t *vm, njs_arr_t *cache; njs_index_t *last; - njs_generator_debug("INDEX RELEASE %04Xz", (size_t) index); + njs_debug_generator(vm, "INDEX RELEASE %04Xz", (size_t) index); cache = generator->index_cache; diff -r 8fe7d9723477 -r 0cdbc3d35a2a src/njs_shell.c --- a/src/njs_shell.c Tue Jun 28 22:36:30 2022 -0700 +++ b/src/njs_shell.c Tue Jun 28 22:36:37 2022 -0700 @@ -37,6 +37,7 @@ typedef struct { uint8_t ast; uint8_t unhandled_rejection; uint8_t opcode_debug; + uint8_t generator_debug; int exit_code; char *file; @@ -273,6 +274,9 @@ main(int argc, char **argv) vm_options.sandbox = opts.sandbox; vm_options.unsafe = !opts.safe; vm_options.module = opts.module; +#ifdef NJS_DEBUG_GENERATOR + vm_options.generator_debug = opts.generator_debug; +#endif #ifdef NJS_DEBUG_OPCODE vm_options.opcode_debug = opts.opcode_debug; #endif @@ -338,6 +342,9 @@ njs_options_parse(njs_opts_t *opts, int " -d print disassembled code.\n" " -e set failure exit code.\n" " -f disabled denormals mode.\n" +#ifdef NJS_DEBUG_GENERATOR + " -g enable generator debug.\n" +#endif #ifdef NJS_DEBUG_OPCODE " -o enable opcode debug.\n" #endif @@ -417,6 +424,12 @@ njs_options_parse(njs_opts_t *opts, int opts->denormals = 0; break; +#ifdef NJS_DEBUG_GENERATOR + case 'g': + opts->generator_debug = 1; + break; +#endif + #ifdef NJS_DEBUG_OPCODE case 'o': opts->opcode_debug = 1;

1 week

[njs] Added native function symbolizer for function tracing in debug.

by Dmitry Volyntsev

details: https://hg.nginx.org/njs/rev/8fe7d9723477 branches: changeset: 1899:8fe7d9723477 user: Dmitry Volyntsev <xeioex(a)nginx.com> date: Tue Jun 28 22:36:30 2022 -0700 description: Added native function symbolizer for function tracing in debug. diffstat: auto/cc | 4 + auto/help | 4 + auto/libbfd | 35 ++++++ auto/link | 31 +++++ auto/openssl | 1 + auto/options | 9 + auto/pcre | 3 + auto/sources | 4 + configure | 15 +- src/njs.h | 3 + src/njs_addr2line.c | 265 +++++++++++++++++++++++++++++++++++++++++++++++ src/njs_addr2line.h | 22 +++ src/njs_function.c | 25 +++- src/njs_main.h | 1 + src/njs_shell.c | 13 ++ src/njs_sprintf.c | 6 + src/njs_vmcode.c | 6 +- src/njs_vmcode.h | 4 +- src/test/njs_unit_test.c | 43 +++++++- 19 files changed, 474 insertions(+), 20 deletions(-) diffs (736 lines): diff -r 20ee5213e3c4 -r 8fe7d9723477 auto/cc --- a/auto/cc Wed Jun 22 23:37:27 2022 -0700 +++ b/auto/cc Tue Jun 28 22:36:30 2022 -0700 @@ -177,6 +177,10 @@ if [ "$NJS_DEBUG_MEMORY" = "YES" ]; then njs_define=NJS_DEBUG_MEMORY . auto/define fi +if [ "$NJS_DEBUG_OPCODE" = "YES" ]; then + njs_define=NJS_DEBUG_OPCODE . auto/define +fi + if [ "$NJS_TEST262" = "YES" ]; then njs_define=NJS_TEST262 . auto/define fi diff -r 20ee5213e3c4 -r 8fe7d9723477 auto/help --- a/auto/help Wed Jun 22 23:37:27 2022 -0700 +++ b/auto/help Tue Jun 28 22:36:30 2022 -0700 @@ -33,10 +33,14 @@ default: "$NJS_LD_OPT" --address-sanitizer=YES enables build with address sanitizer, \ default: "$NJS_ADDRESS_SANITIZER" + --addr2line=YES enables native function symbolization, \ +default: "$NJS_ADDR2LINE" --debug=YES enables additional runtime checks, \ default: "$NJS_DEBUG" --debug-memory=YES enables memory alloc debug, \ default: "$NJS_DEBUG_MEMORY" + --debug-opcode=YES enables runtime function tracing, \ +default: "$NJS_DEBUG_OPCODE" --test262=YES enables test262 extentions, \ default: "$NJS_TEST262" END diff -r 20ee5213e3c4 -r 8fe7d9723477 auto/libbfd --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/auto/libbfd Tue Jun 28 22:36:30 2022 -0700 @@ -0,0 +1,35 @@ +# Copyright (C) Dmitry Volyntsev +# Copyright (C) NGINX, Inc. + + +NJS_HAVE_LIBBFD=NO + +if [ $NJS_ADDR2LINE = YES ]; then + njs_found=no + + njs_feature="BFD library" + njs_feature_name=NJS_HAVE_LIBBFD + njs_feature_run=yes + njs_feature_incs= + njs_feature_libs="-lbfd" + njs_feature_test="#include <bfd.h> + + int main() { + bfd_init(); + return 0; + }" + . auto/feature + + if [ $njs_found = no ]; then + njs_feature="OpenSSL library -lcrypto" + njs_feature_libs="-lcrypto" + + . auto/feature + fi + + + if [ $njs_found = yes ]; then + NJS_HAVE_LIBBFD=YES + NJS_LIB_AUX_LIBS="$NJS_LIB_AUX_LIBS $njs_feature_libs" + fi +fi diff -r 20ee5213e3c4 -r 8fe7d9723477 auto/link --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/auto/link Tue Jun 28 22:36:30 2022 -0700 @@ -0,0 +1,31 @@ + +# Copyright (C) Dmitry Volyntsev +# Copyright (C) NGINX, Inc. + + +NJS_HAVE_DL_ITERATE_PHDR=NO + +if [ $NJS_ADDR2LINE = YES ]; then + njs_feature="dl_iterate_phdr()" + njs_feature_name=NJS_HAVE_DL_ITERATE_PHDR + njs_feature_run=yes + njs_feature_incs= + njs_feature_libs= + njs_feature_test="#define _GNU_SOURCE + #include <link.h> + + static int + cb(struct dl_phdr_info *info, size_t size, void *data) { + return 0; + } + + int main() { + dl_iterate_phdr(cb, 0); + return 0; + }" + . auto/feature + + if [ $njs_found = yes ]; then + NJS_HAVE_DL_ITERATE_PHDR=YES + fi +fi diff -r 20ee5213e3c4 -r 8fe7d9723477 auto/openssl --- a/auto/openssl Wed Jun 22 23:37:27 2022 -0700 +++ b/auto/openssl Tue Jun 28 22:36:30 2022 -0700 @@ -46,6 +46,7 @@ if [ $NJS_OPENSSL = YES ]; then NJS_HAVE_OPENSSL=YES NJS_OPENSSL_LIB="$njs_feature_libs" + NJS_LIB_AUX_LIBS="$NJS_LIB_AUX_LIBS $njs_feature_libs" fi fi diff -r 20ee5213e3c4 -r 8fe7d9723477 auto/options --- a/auto/options Wed Jun 22 23:37:27 2022 -0700 +++ b/auto/options Tue Jun 28 22:36:30 2022 -0700 @@ -8,7 +8,10 @@ NJS_LD_OPT=${NJS_CC_OPT:--O} NJS_DEBUG=NO NJS_DEBUG_MEMORY=NO +NJS_DEBUG_OPCODE=NO + NJS_ADDRESS_SANITIZER=NO +NJS_ADDR2LINE=NO NJS_TEST262=YES NJS_OPENSSL=YES @@ -34,8 +37,10 @@ do --build-dir=*) NJS_BUILD_DIR="$value" ;; --address-sanitizer=*) NJS_ADDRESS_SANITIZER="$value" ;; + --addr2line=*) NJS_ADDR2LINE="$value" ;; --debug=*) NJS_DEBUG="$value" ;; --debug-memory=*) NJS_DEBUG_MEMORY="$value" ;; + --debug-opcode=*) NJS_DEBUG_OPCODE="$value" ;; --test262=*) NJS_TEST262="$value" ;; --no-openssl) NJS_OPENSSL=NO ;; @@ -66,3 +71,7 @@ done if [ "$NJS_DEBUG_MEMORY" = "YES" ]; then NJS_DEBUG=YES fi + +if [ "$NJS_DEBUG_OPCODE" = "YES" ]; then + NJS_ADDR2LINE=YES +fi diff -r 20ee5213e3c4 -r 8fe7d9723477 auto/pcre --- a/auto/pcre Wed Jun 22 23:37:27 2022 -0700 +++ b/auto/pcre Tue Jun 28 22:36:30 2022 -0700 @@ -134,3 +134,6 @@ if [ $NJS_PCRE = YES ]; then fi fi + +NJS_LIB_AUX_CFLAGS="$NJS_LIB_AUX_CFLAGS $NJS_PCRE_CFLAGS" +NJS_LIB_AUX_LIBS="$NJS_LIB_AUX_LIBS $NJS_PCRE_LIB" diff -r 20ee5213e3c4 -r 8fe7d9723477 auto/sources --- a/auto/sources Wed Jun 22 23:37:27 2022 -0700 +++ b/auto/sources Tue Jun 28 22:36:30 2022 -0700 @@ -75,6 +75,10 @@ if [ "$NJS_PCRE" = "YES" ]; then NJS_LIB_SRCS="$NJS_LIB_SRCS external/njs_regex.c" fi +if [ "$NJS_HAVE_LIBBFD" = "YES" -a "$NJS_HAVE_DL_ITERATE_PHDR" = "YES" ]; then + NJS_LIB_SRCS="$NJS_LIB_SRCS src/njs_addr2line.c" +fi + NJS_TS_SRCS=$(find ts/ -name "*.d.ts" -o -name "*.json") NJS_TEST_TS_SRCS=$(find test/ts/ -name "*.ts" -o -name "*.json") diff -r 20ee5213e3c4 -r 8fe7d9723477 configure --- a/configure Wed Jun 22 23:37:27 2022 -0700 +++ b/configure Tue Jun 28 22:36:30 2022 -0700 @@ -33,6 +33,10 @@ cat << END > $NJS_AUTO_CONFIG_H END +NJS_LIBS="$NJS_LIBRT" +NJS_LIB_AUX_CFLAGS= +NJS_LIB_AUX_LIBS= + . auto/os . auto/cc . auto/types @@ -46,16 +50,11 @@ END . auto/pcre . auto/readline . auto/openssl -. auto/sources - -NJS_LIB_AUX_CFLAGS="$NJS_PCRE_CFLAGS" +. auto/libbfd +. auto/link -NJS_LIBS="$NJS_LIBRT" -NJS_LIB_AUX_LIBS="$NJS_PCRE_LIB $NJS_OPENSSL_LIB" - +. auto/sources . auto/modules . auto/make - . auto/expect - . auto/summary diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs.h --- a/src/njs.h Wed Jun 22 23:37:27 2022 -0700 +++ b/src/njs.h Tue Jun 28 22:36:30 2022 -0700 @@ -250,6 +250,9 @@ typedef struct { uint8_t unsafe; /* 1 bit */ uint8_t module; /* 1 bit */ uint8_t ast; /* 1 bit */ +#ifdef NJS_DEBUG_OPCODE + uint8_t opcode_debug; /* 1 bit */ +#endif uint8_t unhandled_rejection; } njs_vm_opt_t; diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs_addr2line.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/njs_addr2line.c Tue Jun 28 22:36:30 2022 -0700 @@ -0,0 +1,265 @@ + +/* + * Copyright (C) Dmitry Volyntsev + * Copyright (C) NGINX, Inc. + * + * addr2line impementaton based upon the work by Jeff Muizelaar. + * + * A hacky replacement for backtrace_symbols in glibc + * + * backtrace_symbols in glibc looks up symbols using dladdr which is limited in + * the symbols that it sees. libbacktracesymbols opens the executable and + * shared libraries using libbfd and will look up backtrace information using + * the symbol table and the dwarf line information. + * + * Derived from addr2line.c from GNU Binutils by Jeff Muizelaar + * + * Copyright 2007 Jeff Muizelaar + * + * addr2line.c -- convert addresses to line number and function name + * Copyright 1997, 1998, 1999, 2000, 2001, 2002 Free Software Foundation, Inc. + * Contributed by Ulrich Lauther <Ulrich.Lauther(a)mchp.siemens.de> + * + * This file was part of GNU Binutils. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#define _GNU_SOURCE +#include <njs_main.h> +#include <njs_addr2line.h> + +#include <bfd.h> +#include <link.h> + + +typedef struct { + const char *file; + ElfW(Addr) address; + ElfW(Addr) base; + void *hdr; +} njs_file_match_t; + + +typedef struct { + bfd_vma pc; + const char *filename; + const char *functionname; + unsigned int line; + njs_bool_t found; + asymbol **syms; +} njs_translate_address_t; + + +static u_char *njs_process_file(u_char *buf, u_char *end, bfd_vma *addr, + const char *file_name); +static long njs_read_symtab(bfd *abfd, asymbol ***syms); +static u_char *njs_translate_address(u_char *buf, u_char *end, bfd_vma *addr, + bfd *abfd, asymbol **syms); +static void njs_find_address_in_section(bfd *abfd, asection *section, + void *data); +static int njs_find_matching_file(struct dl_phdr_info *info, size_t size, + void *data); + + +u_char * +_njs_addr2line(u_char *buf, u_char *end, void *address) +{ + bfd_vma addr; + const char *fname; + + njs_file_match_t match = { .address = (ElfW(Addr)) address }; + + bfd_init(); + + dl_iterate_phdr(njs_find_matching_file, &match); + + fname = "/proc/self/exe"; + if (match.file != NULL && njs_strlen(match.file)) { + fname = match.file; + } + + addr = (ElfW(Addr)) address - match.base; + + return njs_process_file(buf, end, &addr, fname); +} + + +static u_char * +njs_process_file(u_char *buf, u_char *end, bfd_vma *addr, const char *file_name) +{ + bfd *abfd; + char **matching; + u_char *p; + asymbol **syms; + + abfd = bfd_openr(file_name, NULL); + if (abfd == NULL) { + njs_stderror("%s: failed to open while looking for addr2line", + file_name); + return NULL; + } + + if (bfd_check_format(abfd, bfd_archive)) { + njs_stderror("%s: can not get addresses from archive", file_name); + return NULL; + } + + if (!bfd_check_format_matches(abfd, bfd_object, &matching)) { + njs_stderror("%s: bfd_check_format_matches() failed", + bfd_get_filename(abfd)); + return NULL; + } + + if (njs_read_symtab(abfd, &syms) <= 0) { + njs_stderror("%s: njs_read_symtab() failed", + bfd_get_filename(abfd)); + return NULL; + } + + p = njs_translate_address(buf, end, addr, abfd, syms); + + if (syms != NULL) { + free(syms); + syms = NULL; + } + + bfd_close(abfd); + + return p; +} + + +static long +njs_read_symtab(bfd *abfd, asymbol ***syms) +{ + long symcount; + unsigned size; + + if ((bfd_get_file_flags(abfd) & HAS_SYMS) == 0) { + return 0; + } + + symcount = bfd_read_minisymbols(abfd, 0, (PTR) syms, &size); + if (symcount == 0) { + symcount = bfd_read_minisymbols(abfd, 1 /* dynamic */, + (PTR) syms, &size); + } + + return symcount; +} + + +static u_char * +njs_translate_address(u_char *buf, u_char *end, bfd_vma *addr, bfd *abfd, + asymbol **syms) +{ + char *h; + const char *name; + njs_translate_address_t ctx; + + ctx.pc = *addr; + ctx.found = 0; + ctx.syms = syms; + + bfd_map_over_sections(abfd, njs_find_address_in_section, &ctx); + + if (!ctx.found) { + return njs_sprintf(buf, end, "\?\? \t\?\?:0 [0x%p]", addr); + } + + name = ctx.functionname; + + if (name == NULL || *name == '\0') { + name = "??"; + } + + if (ctx.filename != NULL) { + h = strrchr(ctx.filename, '/'); + if (h != NULL) { + ctx.filename = h + 1; + } + } + + return njs_sprintf(buf, end, "%s() %s:%ud [0x%p]", name, + ctx.filename ? ctx.filename : "??", ctx.line, addr); +} + + +static void +njs_find_address_in_section(bfd *abfd, asection *section, void *data) +{ + bfd_vma vma; + bfd_size_type size; + njs_translate_address_t *ctx; + + ctx = data; + + if (ctx->found) { + return; + } + + if ((bfd_section_flags(section) & SEC_ALLOC) == 0) { + return; + } + + vma = bfd_section_vma(section); + if (ctx->pc < vma) { + return; + } + + size = bfd_section_size(section); + if (ctx->pc >= vma + size) { + return; + } + + ctx->found = bfd_find_nearest_line(abfd, section, ctx->syms, ctx->pc - vma, + &ctx->filename, &ctx->functionname, + &ctx->line); +} + + +static int +njs_find_matching_file(struct dl_phdr_info *info, size_t size, void *data) +{ + long n; + const ElfW(Phdr) *phdr; + + ElfW(Addr) load_base = info->dlpi_addr; + njs_file_match_t *match = data; + + /* + * This code is modeled from Gfind_proc_info-lsb.c:callback() + * from libunwind. + */ + + phdr = info->dlpi_phdr; + + for (n = info->dlpi_phnum; --n >= 0; phdr++) { + if (phdr->p_type == PT_LOAD) { + ElfW(Addr) vaddr = phdr->p_vaddr + load_base; + + if (match->address >= vaddr + && match->address < vaddr + phdr->p_memsz) + { + /* we found a match */ + match->file = info->dlpi_name; + match->base = info->dlpi_addr; + } + } + } + + return 0; +} diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs_addr2line.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/njs_addr2line.h Tue Jun 28 22:36:30 2022 -0700 @@ -0,0 +1,22 @@ + +/* + * Copyright (C) Dmitry Volyntsev + * Copyright (C) Nginx, Inc. + */ + +#ifndef _NJS_ADDR2LINE_H_INCLUDED_ +#define _NJS_ADDR2LINE_H_INCLUDED_ + + + u_char *_njs_addr2line(u_char *buf, u_char *end, void *address); + + +#if defined(NJS_HAVE_LIBBFD) && defined(NJS_HAVE_DL_ITERATE_PHDR) +#define NJS_HAVE_ADDR2LINE 1 +#define njs_addr2line(buf, end, addr) _njs_addr2line(buf, end, addr) +#else +#define njs_addr2line(buf, end, addr) \ + njs_sprintf(buf, end, "\?\?() \?\?:0 [0x%p]", addr) +#endif + +#endif /* _NJS_ADDR2LINE_H_INCLUDED_ */ diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs_function.c --- a/src/njs_function.c Wed Jun 22 23:37:27 2022 -0700 +++ b/src/njs_function.c Tue Jun 28 22:36:30 2022 -0700 @@ -711,15 +711,18 @@ njs_function_native_call(njs_vm_t *vm) native = vm->top_frame; function = native->function; -#ifdef NJS_OPCODE_DEBUG - njs_str_t name; +#ifdef NJS_DEBUG_OPCODE + njs_str_t name; + + if (vm->options.opcode_debug) { - ret = njs_builtin_match_native_function(vm, function, &name); - if (ret != NJS_OK) { - name = njs_entry_unknown; - } + ret = njs_builtin_match_native_function(vm, function, &name); + if (ret != NJS_OK) { + name = njs_str_value("unmapped"); + } - njs_printf("CALL NATIVE %V\n", &name); + njs_printf("CALL NATIVE %V %P\n", &name, function->u.native); + } #endif if (njs_fast_path(function->bound == NULL)) { @@ -737,6 +740,14 @@ njs_function_native_call(njs_vm_t *vm) } ret = call(vm, native->arguments, native->nargs, function->magic8); + +#ifdef NJS_DEBUG_OPCODE + if (vm->options.opcode_debug) { + njs_printf("CALL NATIVE RETCODE: %i %V %P\n", ret, &name, + function->u.native); + } +#endif + if (njs_slow_path(ret == NJS_ERROR)) { return ret; } diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs_main.h --- a/src/njs_main.h Wed Jun 22 23:37:27 2022 -0700 +++ b/src/njs_main.h Tue Jun 28 22:36:30 2022 -0700 @@ -37,6 +37,7 @@ #include <njs_utils.h> #include <njs_sprintf.h> #include <njs_assert.h> +#include <njs_addr2line.h> #include <njs_regex.h> diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs_shell.c --- a/src/njs_shell.c Wed Jun 22 23:37:27 2022 -0700 +++ b/src/njs_shell.c Tue Jun 28 22:36:30 2022 -0700 @@ -36,6 +36,7 @@ typedef struct { uint8_t version; uint8_t ast; uint8_t unhandled_rejection; + uint8_t opcode_debug; int exit_code; char *file; @@ -272,6 +273,9 @@ main(int argc, char **argv) vm_options.sandbox = opts.sandbox; vm_options.unsafe = !opts.safe; vm_options.module = opts.module; +#ifdef NJS_DEBUG_OPCODE + vm_options.opcode_debug = opts.opcode_debug; +#endif vm_options.ops = &njs_console_ops; vm_options.addons = njs_console_addon_modules; @@ -334,6 +338,9 @@ njs_options_parse(njs_opts_t *opts, int " -d print disassembled code.\n" " -e set failure exit code.\n" " -f disabled denormals mode.\n" +#ifdef NJS_DEBUG_OPCODE + " -o enable opcode debug.\n" +#endif " -p set path prefix for modules.\n" " -q disable interactive introduction prompt.\n" " -r ignore unhandled promise rejection.\n" @@ -410,6 +417,12 @@ njs_options_parse(njs_opts_t *opts, int opts->denormals = 0; break; +#ifdef NJS_DEBUG_OPCODE + case 'o': + opts->opcode_debug = 1; + break; +#endif + case 'p': if (++i < argc) { opts->n_paths++; diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs_sprintf.c --- a/src/njs_sprintf.c Wed Jun 22 23:37:27 2022 -0700 +++ b/src/njs_sprintf.c Tue Jun 28 22:36:30 2022 -0700 @@ -27,6 +27,7 @@ * %*s length and string * * %p void * + * %P symbolized function address * %b njs_bool_t * %V njs_str_t * * %Z '\0' @@ -372,6 +373,11 @@ njs_vsprintf(u_char *buf, u_char *end, c */ goto number; + case 'P': + buf = njs_addr2line(buf, end, va_arg(args, void *)); + fmt++; + continue; + case 'c': d = va_arg(args, int); *buf++ = (u_char) (d & 0xFF); diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs_vmcode.c --- a/src/njs_vmcode.c Wed Jun 22 23:37:27 2022 -0700 +++ b/src/njs_vmcode.c Tue Jun 28 22:36:30 2022 -0700 @@ -165,8 +165,10 @@ next: * as a single unsigned comparision. */ -#ifdef NJS_OPCODE_DEBUG - njs_disassemble(pc, NULL, 1, NULL); +#ifdef NJS_DEBUG_OPCODE + if (vm->options.opcode_debug) { + njs_disassemble(pc, NULL, 1, NULL); + } #endif if (op > NJS_VMCODE_NORET) { diff -r 20ee5213e3c4 -r 8fe7d9723477 src/njs_vmcode.h --- a/src/njs_vmcode.h Wed Jun 22 23:37:27 2022 -0700 +++ b/src/njs_vmcode.h Tue Jun 28 22:36:30 2022 -0700 @@ -450,9 +450,9 @@ njs_int_t njs_vmcode_interpreter(njs_vm_ njs_object_t *njs_function_new_object(njs_vm_t *vm, njs_value_t *constructor); -#ifdef NJS_OPCODE_DEBUG +#ifdef NJS_DEBUG_OPCODE #define njs_vmcode_debug(vm, pc, prefix) { \ - do { \ + if (vm->options.opcode_debug) do { \ njs_vm_code_t *code; \ \ code = njs_lookup_code(vm, pc); \ diff -r 20ee5213e3c4 -r 8fe7d9723477 src/test/njs_unit_test.c --- a/src/test/njs_unit_test.c Wed Jun 22 23:37:27 2022 -0700 +++ b/src/test/njs_unit_test.c Tue Jun 28 22:36:30 2022 -0700 @@ -13269,7 +13269,7 @@ static njs_unit_test_t njs_test[] = njs_str("5") }, { njs_str("var a = (new Function('return [' + ','.repeat(2**16) + ']'))();" - "njs.dump(a)"), + "njs.dump(a)"), njs_str("[<65536 empty items>]") }, { njs_str("(new Function('var a = 7; return a' + '= a'.repeat(2**13)))()"), @@ -23415,6 +23415,43 @@ njs_to_int32_test(njs_vm_t *vm, njs_opts } +#ifdef NJS_HAVE_ADDR2LINE +static njs_int_t +njs_addr2line_test(njs_vm_t *vm, njs_opts_t *opts, njs_stat_t *stat) +{ + njs_str_t v; + njs_uint_t i; + u_char buf[512]; + + static const struct { + void *fp; + const char *name; + } tests[] = { + { njs_addr2line_test, njs_stringify(njs_addr2line_test) }, + { njs_to_int32_test, njs_stringify(njs_to_int32_test) }, + }; + + for (i = 0; i < njs_nitems(tests); i++) { + v.start = buf; + v.length = njs_sprintf(buf, &buf[512], "%P", tests[i].fp) - buf; + + if (memcmp(buf, tests[i].name, njs_strlen(tests[i].name))) { + njs_printf("njs_addr2line_test(%p):\n" + "expected: %s\n got: %V\n", + tests[i].fp, tests[i].name, &v); + + stat->failed++; + continue; + } + + stat->passed++; + } + + return NJS_OK; +} +#endif + + static njs_int_t njs_vm_internal_api_test(njs_unit_test_t unused[], size_t num, njs_str_t *name, njs_opts_t *opts, njs_stat_t *stat) @@ -23443,6 +23480,10 @@ njs_vm_internal_api_test(njs_unit_test_t njs_str("njs_string_to_index_test") }, { njs_to_int32_test, njs_str("njs_to_int32_test") }, +#ifdef NJS_HAVE_ADDR2LINE + { njs_addr2line_test, + njs_str("njs_addr2line_test") }, +#endif }; vm = NULL;

1 week

SSL contexts reuse across locations

by Pavel Pautov

Hello, Attaching POC patch for https://trac.nginx.org/nginx/ticket/1234. At very least, ngx_http_proxy_set_ssl() needs to be converted into ngx_http_proxy_create_ssl(). But there are also a couple of things to discuss: 1. Patch uses pretty straightforward reuse criteria (absence of directives), but shall we go further, say, compare directive arguments (with special treatment of complex values with variables)? 2. Since similar change also makes sense for "grpc", "uwsgi" (and may be "stream proxy") modules, perhaps it's time to factor out SSL upstream settings code for all these modules to avoid copypasting of above patch? We can introduce something like "ngx_ssl_upstream_conf_t" to keep shared SSL settings and unite ngx_http_(proxy|grpc|uwsgi)_set_ssl functions. Config merge logic (together with attached patch) can be moved to something like ngx_ssl_upstream_conf_merge. Optionally, ngx_http_upstream_conf_t can be updated to contain ngx_ssl_upstream_conf_t. Thanks, Pavel

1 week, 1 day

nginx abort connection during reload when proxy_cache enabled

by Wenjun

We use nginx as the cluster ingress provider, and hit the case when: 1. enabled proxy_cache, and the specific cache is expired 2. nginx is reloading config then for incoming request, the backend servers can still receive the request and send back response to nginx, while client will receive "curl: (52) Empty reply from server". It seems nginx reload may cause the connection break? attached debug log below:

1 week, 6 days

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

nginx-devel June 2022