View Bazaar branches
Get this repository:
git clone

Squid has 4 active reviews.


Name Last Modified Last Commit
auto 2020-12-23 20:56:11 UTC 2020-12-23
Fix memory allocation for from-server network reads (#736)

Author: Alex Rousskov
Author Date: 2020-12-23 20:56:08 UTC

Fix memory allocation for from-server network reads (#736)

Use tcp_recv_bufsize (not read_ahead_gap) for the response socket
read(2) buffer. This change may increase default Squid memory footprint
by ~50KB per to-server connection in most environments and decrease
Squid memory footprint by approximately (read_ahead_gap - 64KB) in many
performance-sensitive deployments that run with an n*MB read_ahead_gap.
The admin now has better control over memory usage and I/O performance.
Using tcp_recv_bufsize for kernel and Squid receive buffer is natural
and simple.

HttpStateData::inBuf is used for socket read(2) when receiving data from
an origin server or cache peer. The buffer does _not_ accumulate content
between reads except when parsing response headers and chunked encoding
metadata. In fact, the buffer is usually empty between reads. Squid
accumulates response content in Store or adaptation BodyPipe instead.

Squid was incorrectly using a mostly unrelated read_ahead_gap directive
to size inBuf. The default read_ahead_gap value is 16KB. Admins increase
read_ahead_gap because accumulating more response data often improves
overall Squid performance or user satisfaction. Large increases caused
excessive (and unpooled!) inBuf memory allocations. In some cases, these
memory allocations blocked the entire worker for a few milliseconds!

We could just replace Config.readAheadGap with Config.tcpRcvBufsz (or
another directive) when calculating inBuf capacity, ignoring other
problems in the surrounding code, but that would make it impractical to
tell the admins what this change really means because there would be too
many exceptions where Squid would still not behave as (re)configured.

* Small read_ahead_gap values stalled response header and body parsing.

* Squid was deferring response reads when inBuf became full due to
  reconfiguration but deferring does not always reduce buffer size.

* Squid was not always deferring response reads when running out of
  buffer space, stalling some transactions.

* 64-bit configuration values could overflow int-based local variables.

* inBuf was grown earlier than the code wanted to grow it (before the
  socket became ready for reading) and not grown when the new/grown
  space was actually needed/used (just before reading from the socket).

* Transactions killed by a Must() failure when a reconfiguration made
  inBuf "full" just before read(2) in HttpStateData::readReply().

* Wrong/misleading/stale comments/debugs documenting key decisions.

SBuf implementation and parsing API exacerbate the bug by forcing memory
re-allocations for inBuf even when the underlying buffer storage has
enough space (and often is completely empty!). We will address these
problems separately, but this fix reduces their negative impact.

Also do not wait for the rest of the HTTP response header or chunk
metadata if we have no space to store more incoming bytes. The parser
does not know how much more buffer space we have (if any). It is our
responsibility to check that some progress is still possible.

I replaced "Non-HTTP-compliant" with "cannot parse" because we do not
know whether the parsing failure is related to HTTP compliance. For
example, buffer space limitations are not a compliance-related problem.

The changes near wasThereAnException look wrong, but it is the existing
wasThereAnException name that is "reversed". Compiled code should be OK.

Also fixed commit 1ad6851 to delay buffer allocations until we are ready
to read from the server. That old commit made buffer allocations in
maybeMakeSpaceAvailable() optional so that they can be delayed until we
actually read from the peer socket. Delaying buffer allocation until
read(2) is the right thing to do. The callers (correctly) passed a
boolean flag to trigger the allocation, but the method interpreted the
flag as if it meant "do not allocate". That is, commit tried to delay
allocations but actually allocated early.

Why was the 1ad6851 bug unnoticed since 2015? The outside observers
could not see the problem because Squid continued to allocate the
buffer, and there was no code that would fiddle with that buffer while
Squid was waiting for the socket to become ready for reading (unlike bug
that served as an inspiration for commit 1ad6851).

Also fixed "read_ahead_gap none" (i.e. unlimited gap) handling that was
broken since commit 5791270 (at least). I am not sure we should support
this -- the admin can just give a large positive value -- but now we do.

Also improved reply_header_max_size validation to help adjust
(incorrect) admin assumptions that Squid can handle response headers
exceeding SBug::maxSize.

Also improved tcp_recv_bufsize/read_ahead_gap documentation, validation.

master 2020-12-23 16:34:46 UTC 2020-12-23
Detail client closures of CONNECT tunnels during TLS handshake (#691)

Author: Christos Tsantilas
Author Date: 2020-12-10 20:12:45 UTC

Detail client closures of CONNECT tunnels during TLS handshake (#691)

... and improve detailing of other errors.

Many admins cannot triage TLS client failures, and even Squid developers
often cannot diagnose TLS problems without requiring detailed debugging
logs of failing transactions. The problem is especially bad for busy
proxies where debugging individual transactions is often impractical.

We enhance existing error detailing code so that more information is
logged via the existing %err_code/%err_detail logformat codes.
Propagating low-level error details required significant enhancements
and refactoring. We also built initial scaffolding for better error
detailing by GnuTLS-driven code and documented several key
error-handling APIs, exposing a few out-of-scope problems.

Also checkLogging() once, after consuming unparsed input attributed to a
transaction: Due to fake CONNECT requests, from-client read errors, and
possibly other complications, we may have a transaction that did not
consume every input byte available to it. That transaction is still
responsible for reporting those unparsed bytes (e.g., by logging the
number of bytes read on a connection and the number of parsed bytes).

Also fixed passing wrong (errno vs. size) or stale (requested vs. read)
I/O size to connFinishedWithConn(); now shouldCloseOnEof(). The bad
value was "correct" (i.e. zero) in many cases, obscuring the bug.

This is a Measurement Factory project

v4 2020-11-23 09:44:04 UTC 2020-11-23
Transactions exceeding client_lifetime are logged as _ABORTED (#748)

Author: Alex Rousskov
Author Date: 2020-11-10 21:42:18 UTC

Transactions exceeding client_lifetime are logged as _ABORTED (#748)

... rather than timed out (_TIMEOUT).

To record the right cause of death, we have to call terminateAll()
rather than setting logType.err.timedout directly. Otherwise, when
ConnStateData::swanSong() calls terminateAll(0), it overwrites our
direct setting.

v5 2020-11-17 01:10:07 UTC 2020-11-17
Ignore SMP queue responses made stale by worker restarts (#711)

Author: eduard-bagdasaryan
Author Date: 2020-08-12 22:47:14 UTC

Ignore SMP queue responses made stale by worker restarts (#711)

When a worker restarts (for any reason), the disker-to-worker queue may
contain disker responses to I/O requests sent by the previous
incarnation of the restarted worker process (the "previous generation"
responses). Since the current response:request mapping mechanism relies
on a 32-bit integer counter, and a worker process always starts counting
from 0, there is a small chance that the restarted worker may see a
previous generation response that accidentally matches the current
generation request ID.

For writing transactions, accepting a previous generation response may
mean unlocking a cache entry too soon, making not yet written slots
available to other workers that might read wrong content. For reading
transactions, accepting a previous generation response may mean
immediately serving wrong response content (that have been already
overwritten on disk with the information that the restarted worker is
now waiting for).

To avoid these problems, each disk I/O request now stores the worker
process ID. Workers ignore responses to requests originated by a
different/mismatching worker ID.

yadij-patch-1 2020-08-16 02:36:21 UTC 2020-08-16
Merge branch 'master' into yadij-patch-1

Author: Amos Jeffries
Author Date: 2020-08-16 02:36:21 UTC

Merge branch 'master' into yadij-patch-1

v3.5 2020-02-04 23:13:24 UTC 2020-02-04
fix security patch

Author: Armin Wolfermann
Author Date: 2020-02-04 20:15:00 UTC

fix security patch

mingw-fixes 2018-10-21 13:06:33 UTC 2018-10-21
Mingw build fixes

Author: Francesco Chemolli
Author Date: 2018-10-21 13:06:33 UTC

Mingw build fixes

There are type errors and data access errors in windows-specific bits of

v3.1 2016-12-17 13:56:49 UTC 2016-12-17
Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 13:56:49 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

v3.2 2016-12-17 12:59:41 UTC 2016-12-17
Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 12:59:41 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

v3.3 2016-12-17 10:04:42 UTC 2016-12-17
Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 10:04:42 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

v3.4 2016-12-17 06:37:44 UTC 2016-12-17
Do not override user defined -std option

Author: Amos Jeffries
Author Date: 2016-12-17 06:37:44 UTC

Do not override user defined -std option

v3.0 2015-04-23 13:02:10 UTC 2015-04-23

Author: Source Maintenance
Author Date: 2015-04-23 13:02:10 UTC


mswin 2012-08-08 08:16:36 UTC 2012-08-08
merged from trunk

Author: Amos Jeffries
Author Date: 2012-08-08 08:16:36 UTC

merged from trunk

SQUID_NT_3_0 2008-03-02 23:54:50 UTC 2008-03-02
Windows port: Add reconfigure action to cachemgr.

Author: serassio <>
Author Date: 2008-03-02 23:54:50 UTC

Windows port: Add reconfigure action to cachemgr.

cbdatahistory 2002-10-24 20:53:10 UTC 2002-10-24
cbdata debug history

Author: robertc <>
Author Date: 2002-10-24 20:53:10 UTC

cbdata debug history

115 of 15 results

Other repositories

Name Last Modified
lp:squid 6 hours ago
11 of 1 result
You can't create new repositories for Squid.