Copilot commented on code in PR #13186:
URL: https://github.com/apache/trafficserver/pull/13186#discussion_r3360361292
##########
src/iocore/net/quic/QUICConfig.cc:
##########
@@ -54,6 +57,21 @@ quic_new_ssl_ctx()
return ssl_ctx;
}
+SSL_CTX *
+quic_new_server_ssl_ctx()
+{
+#if TS_HAS_OPENSSL_QUIC
+ SSL_CTX *ssl_ctx = SSL_CTX_new(OSSL_QUIC_server_method());
+
+ SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_3_VERSION);
+ SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_3_VERSION);
+
+ return ssl_ctx;
Review Comment:
`quic_new_server_ssl_ctx()` calls `SSL_CTX_new(OSSL_QUIC_server_method())`
and then unconditionally dereferences the result with
`SSL_CTX_set_min_proto_version`. If `SSL_CTX_new` fails (OOM / OpenSSL internal
error), this will crash. Add a nullptr check before using the returned context
and return nullptr (or otherwise hard-fail) on allocation failure.
##########
tests/gold_tests/autest-site/conditions.test.ext:
##########
@@ -217,6 +231,29 @@ def HasProxyVerifierVersion(self, version):
return self.EnsureVersion([verifier_path, "--version"],
min_version=version)
+def HasGoVersion(self, version):
+ """Check whether the go command is available at the requested version."""
+
+ def version_tuple(value):
+ return tuple(int(part) for part in value.split('.'))
Review Comment:
`HasGoVersion()` compares tuples built directly from the dotted version
string. This makes `go1.24` compare as *less than* a requested `1.24.0` because
`(1, 24) < (1, 24, 0)` in Python tuple ordering. Normalizing both versions to
the same width (e.g., pad missing components with zeros) avoids surprising
skips when callers include a patch component.
##########
src/iocore/net/UnixUDPNet.cc:
##########
@@ -666,14 +666,16 @@
UDPNetProcessorInternal::read_multiple_messages_from_net(UDPNetHandler *nh, UDPC
nh->udp_callbacks.enqueue(uc);
uc->onCallbackQueue = 1;
}
+
+ return return_val == static_cast<int>(MAX_RECEIVE_MSG_PER_CALL);
}
#endif
void
UDPNetProcessorInternal::udp_read_from_net(UDPNetHandler *nh, UDPConnection
*xuc)
{
#if HAVE_RECVMMSG
- read_multiple_messages_from_net(nh, xuc);
+ while (read_multiple_messages_from_net(nh, xuc)) {}
#else
Review Comment:
`udp_read_from_net()` now drains the UDP socket in a tight `while
(read_multiple_messages_from_net(...)) {}` loop. Under sustained load, this can
monopolize the net thread for an unbounded amount of time (each iteration reads
up to `MAX_RECEIVE_MSG_PER_CALL` datagrams), delaying other connections/events.
Consider bounding the number of drain iterations per event (or yielding) to
avoid starvation while still batching reads.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
