Conversation
This major update introduces a redesigned background queue system and addresses critical memory management issues. Memory Management & Performance: - Fixed a critical memory leak in partial purge operations (previously improperly allocated from the 'ngx_cycle' pool). - Eliminated per-file memory allocations by switching to stack-based buffers. - Introduced batch processing and hash-based deduplication to reduce system load and I/O saturation. Background Queue System: - Implemented an asynchronous purge system to prevent request blocking. - Added a shared memory queue that persists across worker restarts. - Integrated configurable throttling to limit CPU and I/O impact. Security & Stability: - Hardened file operations with path traversal protection and proper handle cleanup. - Added protection against queue flooding via size limits and timeouts. - Recommended: Restrict purge endpoints using access control or auth.
Three correctness and reliability fixes to the background purge queue. No configuration directives added, removed, or renamed. - ngx_http_cache_purge_find_duplicate: hash-only comparison replaced with two-step check (hash, then ngx_memcmp on cache_path and key). Hash collisions between distinct keys previously caused the second purge request to be silently discarded as a duplicate. - ngx_msleep() removed from all three walk handlers (delete_file, delete_partial_file, delete_exact_file). ngx_msleep is a literal usleep() call that blocks the OS thread, stalling every connection on the worker for the sleep duration. throttle_ms and batch_count removed from ngx_http_cache_purge_walk_ctx_t. NGX_CACHE_PURGE_BATCH_MAX constant removed. - process_queue refactored from batch-per-tick to one-item-per-tick. The background handler now dequeues and walks one item per invocation, then re-arms the timer with throttle_ms. This gives the event loop a guaranteed yield between every directory walk. throttle_ms now controls inter-walk delay through the timer rather than intra-walk blocking sleep. The queue, all directives, and all defaults are unchanged.
This patch fixes a regression where wildcard purges and 'purge_all' requests incorrectly returned 412/404, even when successful. Previously, ngx_http_cache_purge_partial() returned void, causing handlers to fall through to an exact-key lookup. Since wildcard/bulk keys don't exist as exact entries, the module would report a miss. Changes: - Update ngx_http_cache_purge_partial() to return the count of deleted files. - Short-circuit handlers after wildcard/purge_all operations to prevent unnecessary exact-key lookups and shm locks. - Ensure 'purge_all' always returns 200 OK, as it is a zone-wide operation. - Align wildcard miss behavior with 'cache_purge_legacy_status' (412/404). - Update documentation and add regression tests for status code consistency.
|
Great work on getting this merged! 👍 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Redesign background queue system, fix memory leaks and walk blocking
Memory Management:
ngx_cyclepool on every call.key_bufferinsidengx_http_cache_purge_walk_ctx_t.Background Queue System:
Deduplication:
ngx_http_cache_purge_find_duplicatenow performs a two-step check: hash comparison first, then fullngx_memcmpon both cache_path and key string. Hash-only comparison silently discarded legitimate purge requests whenever two distinct keys produced the same 32-bit hash value.Security & Stability:
No configuration directives removed, or renamed.
All existing defaults and behaviour for non-background purge paths unchanged.