1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * This MPM tries to fix the 'keep alive problem' in HTTP.
20 * After a client completes the first request, the client can keep the
21 * connection open to send more requests with the same socket. This can save
22 * signifigant overhead in creating TCP connections. However, the major
23 * disadvantage is that Apache traditionally keeps an entire child
24 * process/thread waiting for data from the client. To solve this problem,
25 * this MPM has a dedicated thread for handling both the Listenting sockets,
26 * and all sockets that are in a Keep Alive status.
28 * The MPM assumes the underlying apr_pollset implementation is somewhat
29 * threadsafe. This currently is only compatible with KQueue and EPoll. This
30 * enables the MPM to avoid extra high level locking or having to wake up the
31 * listener thread when a keep-alive socket needs to be sent to it.
33 * This MPM not preform well on older platforms that do not have very good
34 * threading, like Linux with a 2.4 kernel, but this does not matter, since we
35 * require EPoll or KQueue.
37 * For FreeBSD, use 5.3. It is possible to run this MPM on FreeBSD 5.2.1, if
38 * you use libkse (see `man libmap.conf`).
40 * For NetBSD, use at least 2.0.
42 * For Linux, you should use a 2.6 kernel, and make sure your glibc has epoll
43 * support compiled in.
48 #include "apr_portable.h"
49 #include "apr_strings.h"
50 #include "apr_file_io.h"
51 #include "apr_thread_proc.h"
52 #include "apr_signal.h"
53 #include "apr_thread_mutex.h"
56 #include "apr_queue.h"
57 #define APR_WANT_STRFUNC
59 #include "apr_version.h"
64 #if APR_HAVE_SYS_SOCKET_H
65 #include <sys/socket.h>
67 #if APR_HAVE_SYS_WAIT_H
70 #ifdef HAVE_SYS_PROCESSOR_H
71 #include <sys/processor.h> /* for bindprocessor() */
75 #error The Event MPM requires APR threads, but they are unavailable.
78 #include "ap_config.h"
80 #include "http_main.h"
82 #include "http_config.h" /* for read_config */
83 #include "http_core.h" /* for get_remote_host */
84 #include "http_connection.h"
87 #include "mpm_common.h"
88 #include "ap_listen.h"
89 #include "scoreboard.h"
91 #include "mpm_default.h"
92 #include "http_vhost.h"
96 #include <limits.h> /* for INT_MAX */
100 #include "mod_serf.h"
104 /* Limit on the total --- clients will be locked out if more servers than
105 * this are needed. It is intended solely to keep the server from crashing
106 * when things get out of hand.
108 * We keep a hard maximum number of servers, for two reasons --- first off,
109 * in case something goes seriously wrong, we want to stop the fork bomb
110 * short of actually crashing the machine we're running on by filling some
111 * kernel table. Secondly, it keeps the size of the scoreboard file small
112 * enough that we can read the whole thing without worrying too much about
115 #ifndef DEFAULT_SERVER_LIMIT
116 #define DEFAULT_SERVER_LIMIT 16
119 /* Admin can't tune ServerLimit beyond MAX_SERVER_LIMIT. We want
120 * some sort of compile-time limit to help catch typos.
122 #ifndef MAX_SERVER_LIMIT
123 #define MAX_SERVER_LIMIT 20000
126 /* Limit on the threads per process. Clients will be locked out if more than
129 * We keep this for one reason it keeps the size of the scoreboard file small
130 * enough that we can read the whole thing without worrying too much about
133 #ifndef DEFAULT_THREAD_LIMIT
134 #define DEFAULT_THREAD_LIMIT 64
137 /* Admin can't tune ThreadLimit beyond MAX_THREAD_LIMIT. We want
138 * some sort of compile-time limit to help catch typos.
140 #ifndef MAX_THREAD_LIMIT
141 #define MAX_THREAD_LIMIT 100000
144 #define MPM_CHILD_PID(i) (ap_scoreboard_image->parent[i].pid)
146 #if !APR_VERSION_AT_LEAST(1,4,0)
147 #define apr_time_from_msec(x) (x * 1000)
151 * Actual definitions of config globals
154 static int threads_per_child = 0; /* Worker threads per child */
155 static int ap_daemons_to_start = 0;
156 static int min_spare_threads = 0;
157 static int max_spare_threads = 0;
158 static int ap_daemons_limit = 0;
159 static int max_clients = 0;
160 static int server_limit = 0;
161 static int thread_limit = 0;
162 static int dying = 0;
163 static int workers_may_exit = 0;
164 static int start_thread_may_exit = 0;
165 static int listener_may_exit = 0;
166 static int requests_this_child;
167 static int num_listensocks = 0;
168 static int resource_shortage = 0;
169 static fd_queue_t *worker_queue;
170 static fd_queue_info_t *worker_queue_info;
171 static int mpm_state = AP_MPMQ_STARTING;
173 static apr_thread_mutex_t *timeout_mutex;
174 APR_RING_HEAD(timeout_head_t, conn_state_t);
175 static struct timeout_head_t timeout_head, keepalive_timeout_head;
177 static apr_pollset_t *event_pollset;
181 apr_pollset_t *pollset;
185 static serf_context_t *g_serf;
188 /* The structure used to pass unique initialization info to each thread */
196 /* Structure used to pass information to the thread responsible for
197 * creating the rest of the threads.
201 apr_thread_t **threads;
202 apr_thread_t *listener;
204 apr_threadattr_t *threadattr;
221 } listener_poll_type;
223 /* data retained by event across load/unload of the module
224 * allocated on first call to pre-config hook; located on
225 * subsequent calls to pre-config hook
227 typedef struct event_retained_data {
228 int first_server_limit;
229 int first_thread_limit;
231 int sick_child_detected;
232 ap_generation_t my_generation;
233 int volatile is_graceful; /* set from signal handler */
234 int maxclients_reported;
236 * The max child slot ever assigned, preserved across restarts. Necessary
237 * to deal with MaxClients changes across AP_SIG_GRACEFUL restarts. We
238 * use this value to optimize routines that have to scan the entire
241 int max_daemons_limit;
243 * idle_spawn_rate is the number of children that will be spawned on the
244 * next maintenance cycle if there aren't enough idle servers. It is
245 * doubled up to MAX_SPAWN_RATE, and reset only when a cycle goes by
246 * without the need to spawn.
249 #ifndef MAX_SPAWN_RATE
250 #define MAX_SPAWN_RATE (32)
252 int hold_off_on_exponential_spawning;
253 } event_retained_data;
254 static event_retained_data *retained;
256 #define ID_FROM_CHILD_THREAD(c, t) ((c * thread_limit) + t)
258 static ap_event_pod_t *pod;
260 /* The event MPM respects a couple of runtime flags that can aid
261 * in debugging. Setting the -DNO_DETACH flag will prevent the root process
262 * from detaching from its controlling terminal. Additionally, setting
263 * the -DONE_PROCESS flag (which implies -DNO_DETACH) will get you the
264 * child_main loop running in the process which originally started up.
265 * This gives you a pretty nice debugging environment. (You'll get a SIGHUP
266 * early in standalone_main; just continue through. This is the server
267 * trying to kill off any child processes which it might have lying
268 * around --- Apache doesn't keep track of their pids, it just sends
269 * SIGHUP to the process group, ignoring it in the root process.
270 * Continue through and you'll be fine.).
273 static int one_process = 0;
276 int raise_sigstop_flags;
279 static apr_pool_t *pconf; /* Pool for config stuff */
280 static apr_pool_t *pchild; /* Pool for httpd child stuff */
282 static pid_t ap_my_pid; /* Linux getpid() doesn't work except in main
283 thread. Use this instead */
284 static pid_t parent_pid;
285 static apr_os_thread_t *listener_os_thread;
287 /* The LISTENER_SIGNAL signal will be sent from the main thread to the
288 * listener thread to wake it up for graceful termination (what a child
289 * process from an old generation does when the admin does "apachectl
290 * graceful"). This signal will be blocked in all threads of a child
291 * process except for the listener thread.
293 #define LISTENER_SIGNAL SIGHUP
295 /* An array of socket descriptors in use by each thread used to
296 * perform a non-graceful (forced) shutdown of the server.
298 static apr_socket_t **worker_sockets;
300 static void close_worker_sockets(void)
303 for (i = 0; i < threads_per_child; i++) {
304 if (worker_sockets[i]) {
305 apr_socket_close(worker_sockets[i]);
306 worker_sockets[i] = NULL;
311 static void wakeup_listener(void)
313 listener_may_exit = 1;
314 if (!listener_os_thread) {
315 /* XXX there is an obscure path that this doesn't handle perfectly:
316 * right after listener thread is created but before
317 * listener_os_thread is set, the first worker thread hits an
318 * error and starts graceful termination
323 /* unblock the listener if it's waiting for a worker */
324 ap_queue_info_term(worker_queue_info);
327 * we should just be able to "kill(ap_my_pid, LISTENER_SIGNAL)" on all
328 * platforms and wake up the listener thread since it is the only thread
329 * with SIGHUP unblocked, but that doesn't work on Linux
331 #ifdef HAVE_PTHREAD_KILL
332 pthread_kill(*listener_os_thread, LISTENER_SIGNAL);
334 kill(ap_my_pid, LISTENER_SIGNAL);
339 #define ST_GRACEFUL 1
340 #define ST_UNGRACEFUL 2
342 static int terminate_mode = ST_INIT;
344 static void signal_threads(int mode)
346 if (terminate_mode == mode) {
349 terminate_mode = mode;
350 mpm_state = AP_MPMQ_STOPPING;
352 /* in case we weren't called from the listener thread, wake up the
357 /* for ungraceful termination, let the workers exit now;
358 * for graceful termination, the listener thread will notify the
359 * workers to exit once it has stopped accepting new connections
361 if (mode == ST_UNGRACEFUL) {
362 workers_may_exit = 1;
363 ap_queue_interrupt_all(worker_queue);
364 close_worker_sockets(); /* forcefully kill all current connections */
368 static int event_query(int query_code, int *result, apr_status_t *rv)
371 switch (query_code) {
372 case AP_MPMQ_MAX_DAEMON_USED:
373 *result = retained->max_daemons_limit;
375 case AP_MPMQ_IS_THREADED:
376 *result = AP_MPMQ_STATIC;
378 case AP_MPMQ_IS_FORKED:
379 *result = AP_MPMQ_DYNAMIC;
381 case AP_MPMQ_IS_ASYNC:
384 case AP_MPMQ_HAS_SERF:
387 case AP_MPMQ_HARD_LIMIT_DAEMONS:
388 *result = server_limit;
390 case AP_MPMQ_HARD_LIMIT_THREADS:
391 *result = thread_limit;
393 case AP_MPMQ_MAX_THREADS:
394 *result = threads_per_child;
396 case AP_MPMQ_MIN_SPARE_DAEMONS:
399 case AP_MPMQ_MIN_SPARE_THREADS:
400 *result = min_spare_threads;
402 case AP_MPMQ_MAX_SPARE_DAEMONS:
405 case AP_MPMQ_MAX_SPARE_THREADS:
406 *result = max_spare_threads;
408 case AP_MPMQ_MAX_REQUESTS_DAEMON:
409 *result = ap_max_requests_per_child;
411 case AP_MPMQ_MAX_DAEMONS:
412 *result = ap_daemons_limit;
414 case AP_MPMQ_MPM_STATE:
417 case AP_MPMQ_GENERATION:
418 *result = retained->my_generation;
427 static apr_status_t event_note_child_killed(int childnum)
429 ap_scoreboard_image->parent[childnum].pid = 0;
433 static const char *event_get_name(void)
438 /* a clean exit from a child with proper cleanup */
439 static void clean_child_exit(int code) __attribute__ ((noreturn));
440 static void clean_child_exit(int code)
442 mpm_state = AP_MPMQ_STOPPING;
444 apr_pool_destroy(pchild);
449 static void just_die(int sig)
454 /*****************************************************************
455 * Connection structures and accounting...
458 static int child_fatal;
460 /* volatile because they're updated from a signal handler */
461 static int volatile shutdown_pending;
462 static int volatile restart_pending;
465 * ap_start_shutdown() and ap_start_restart(), below, are a first stab at
466 * functions to initiate shutdown or restart without relying on signals.
467 * Previously this was initiated in sig_term() and restart() signal handlers,
468 * but we want to be able to start a shutdown/restart from other sources --
469 * e.g. on Win32, from the service manager. Now the service manager can
470 * call ap_start_shutdown() or ap_start_restart() as appropiate. Note that
471 * these functions can also be called by the child processes, since global
472 * variables are no longer used to pass on the required action to the parent.
474 * These should only be called from the parent process itself, since the
475 * parent process will use the shutdown_pending and restart_pending variables
476 * to determine whether to shutdown or restart. The child process should
477 * call signal_parent() directly to tell the parent to die -- this will
478 * cause neither of those variable to be set, which the parent will
479 * assume means something serious is wrong (which it will be, for the
480 * child to force an exit) and so do an exit anyway.
483 static void ap_start_shutdown(int graceful)
485 mpm_state = AP_MPMQ_STOPPING;
486 if (shutdown_pending == 1) {
487 /* Um, is this _probably_ not an error, if the user has
488 * tried to do a shutdown twice quickly, so we won't
489 * worry about reporting it.
493 shutdown_pending = 1;
494 retained->is_graceful = graceful;
497 /* do a graceful restart if graceful == 1 */
498 static void ap_start_restart(int graceful)
500 mpm_state = AP_MPMQ_STOPPING;
501 if (restart_pending == 1) {
502 /* Probably not an error - don't bother reporting it */
506 retained->is_graceful = graceful;
509 static void sig_term(int sig)
511 ap_start_shutdown(sig == AP_SIG_GRACEFUL_STOP);
514 static void restart(int sig)
516 ap_start_restart(sig == AP_SIG_GRACEFUL);
519 static void set_signals(void)
521 #ifndef NO_USE_SIGACTION
526 ap_fatal_signal_setup(ap_server_conf, pconf);
529 #ifndef NO_USE_SIGACTION
530 sigemptyset(&sa.sa_mask);
533 sa.sa_handler = sig_term;
534 if (sigaction(SIGTERM, &sa, NULL) < 0)
535 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
536 "sigaction(SIGTERM)");
537 #ifdef AP_SIG_GRACEFUL_STOP
538 if (sigaction(AP_SIG_GRACEFUL_STOP, &sa, NULL) < 0)
539 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
540 "sigaction(" AP_SIG_GRACEFUL_STOP_STRING ")");
543 if (sigaction(SIGINT, &sa, NULL) < 0)
544 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
545 "sigaction(SIGINT)");
548 sa.sa_handler = SIG_DFL;
549 if (sigaction(SIGXCPU, &sa, NULL) < 0)
550 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
551 "sigaction(SIGXCPU)");
554 /* For systems following the LFS standard, ignoring SIGXFSZ allows
555 * a write() beyond the 2GB limit to fail gracefully with E2BIG
556 * rather than terminate the process. */
557 sa.sa_handler = SIG_IGN;
558 if (sigaction(SIGXFSZ, &sa, NULL) < 0)
559 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
560 "sigaction(SIGXFSZ)");
563 sa.sa_handler = SIG_IGN;
564 if (sigaction(SIGPIPE, &sa, NULL) < 0)
565 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
566 "sigaction(SIGPIPE)");
569 /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
571 sigaddset(&sa.sa_mask, SIGHUP);
572 sigaddset(&sa.sa_mask, AP_SIG_GRACEFUL);
573 sa.sa_handler = restart;
574 if (sigaction(SIGHUP, &sa, NULL) < 0)
575 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
576 "sigaction(SIGHUP)");
577 if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
578 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
579 "sigaction(" AP_SIG_GRACEFUL_STRING ")");
583 apr_signal(SIGXCPU, SIG_DFL);
586 apr_signal(SIGXFSZ, SIG_IGN);
590 apr_signal(SIGTERM, sig_term);
592 apr_signal(SIGHUP, restart);
594 #ifdef AP_SIG_GRACEFUL
595 apr_signal(AP_SIG_GRACEFUL, restart);
596 #endif /* AP_SIG_GRACEFUL */
597 #ifdef AP_SIG_GRACEFUL_STOP
598 apr_signal(AP_SIG_GRACEFUL_STOP, sig_term);
599 #endif /* AP_SIG_GRACEFUL_STOP */
601 apr_signal(SIGPIPE, SIG_IGN);
607 /*****************************************************************
608 * Child process main loop.
611 static int process_socket(apr_thread_t *thd, apr_pool_t * p, apr_socket_t * sock,
612 conn_state_t * cs, int my_child_num,
616 listener_poll_type *pt;
617 long conn_id = ID_FROM_CHILD_THREAD(my_child_num, my_thread_num);
621 ap_create_sb_handle(&sbh, p, my_child_num, my_thread_num);
623 if (cs == NULL) { /* This is a new connection */
625 cs = apr_pcalloc(p, sizeof(conn_state_t));
627 pt = apr_pcalloc(p, sizeof(*pt));
629 cs->bucket_alloc = apr_bucket_alloc_create(p);
630 c = ap_run_create_connection(p, ap_server_conf, sock,
631 conn_id, sbh, cs->bucket_alloc);
632 c->current_thread = thd;
636 cs->pfd.desc_type = APR_POLL_SOCKET;
637 cs->pfd.reqevents = APR_POLLIN;
638 cs->pfd.desc.s = sock;
642 cs->pfd.client_data = pt;
643 APR_RING_ELEM_INIT(cs, timeout_list);
645 ap_update_vhost_given_ip(c);
647 rc = ap_run_pre_connection(c, sock);
648 if (rc != OK && rc != DONE) {
649 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
650 "process_socket: connection aborted");
655 * XXX If the platform does not have a usable way of bundling
656 * accept() with a socket readability check, like Win32,
657 * and there are measurable delays before the
658 * socket is readable due to the first data packet arriving,
659 * it might be better to create the cs on the listener thread
660 * with the state set to CONN_STATE_CHECK_REQUEST_LINE_READABLE
662 * FreeBSD users will want to enable the HTTP accept filter
663 * module in their kernel for the highest performance
664 * When the accept filter is active, sockets are kept in the
665 * kernel until a HTTP request is received.
667 cs->state = CONN_STATE_READ_REQUEST_LINE;
673 pt = cs->pfd.client_data;
674 c->current_thread = thd;
677 if (c->clogging_input_filters && !c->aborted) {
678 /* Since we have an input filter which 'cloggs' the input stream,
679 * like mod_ssl, lets just do the normal read from input filters,
680 * like the Worker MPM does.
682 ap_run_process_connection(c);
683 if (cs->state != CONN_STATE_SUSPENDED) {
684 cs->state = CONN_STATE_LINGER;
689 if (cs->state == CONN_STATE_READ_REQUEST_LINE) {
691 ap_run_process_connection(c);
693 /* state will be updated upon return
694 * fall thru to either wait for readability/timeout or
699 cs->state = CONN_STATE_LINGER;
703 if (cs->state == CONN_STATE_WRITE_COMPLETION) {
704 ap_filter_t *output_filter = c->output_filters;
706 while (output_filter->next != NULL) {
707 output_filter = output_filter->next;
709 rv = output_filter->frec->filter_func.out_func(output_filter, NULL);
710 if (rv != APR_SUCCESS) {
711 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
712 "network write failure in core output filter");
713 cs->state = CONN_STATE_LINGER;
715 else if (c->data_in_output_filters) {
716 /* Still in WRITE_COMPLETION_STATE:
717 * Set a write timeout for this connection, and let the
718 * event thread poll for writeability.
720 cs->expiration_time = ap_server_conf->timeout + apr_time_now();
721 apr_thread_mutex_lock(timeout_mutex);
722 APR_RING_INSERT_TAIL(&timeout_head, cs, conn_state_t, timeout_list);
723 apr_thread_mutex_unlock(timeout_mutex);
725 cs->pfd.reqevents = APR_POLLOUT | APR_POLLHUP | APR_POLLERR;
726 rc = apr_pollset_add(event_pollset, &cs->pfd);
729 else if (c->keepalive != AP_CONN_KEEPALIVE || c->aborted ||
731 c->cs->state = CONN_STATE_LINGER;
733 else if (c->data_in_input_filters) {
734 cs->state = CONN_STATE_READ_REQUEST_LINE;
738 cs->state = CONN_STATE_CHECK_REQUEST_LINE_READABLE;
742 if (cs->state == CONN_STATE_LINGER) {
743 ap_lingering_close(c);
745 ap_push_pool(worker_queue_info, p);
748 else if (cs->state == CONN_STATE_CHECK_REQUEST_LINE_READABLE) {
750 listener_poll_type *pt = (listener_poll_type *) cs->pfd.client_data;
752 /* It greatly simplifies the logic to use a single timeout value here
753 * because the new element can just be added to the end of the list and
754 * it will stay sorted in expiration time sequence. If brand new
755 * sockets are sent to the event thread for a readability check, this
756 * will be a slight behavior change - they use the non-keepalive
757 * timeout today. With a normal client, the socket will be readable in
758 * a few milliseconds anyway.
760 cs->expiration_time = ap_server_conf->keep_alive_timeout +
762 apr_thread_mutex_lock(timeout_mutex);
763 APR_RING_INSERT_TAIL(&keepalive_timeout_head, cs, conn_state_t, timeout_list);
764 apr_thread_mutex_unlock(timeout_mutex);
767 /* Add work to pollset. */
768 cs->pfd.reqevents = APR_POLLIN;
769 rc = apr_pollset_add(event_pollset, &cs->pfd);
771 if (rc != APR_SUCCESS) {
772 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf,
773 "process_socket: apr_pollset_add failure");
774 AP_DEBUG_ASSERT(rc == APR_SUCCESS);
780 /* requests_this_child has gone to zero or below. See if the admin coded
781 "MaxConnectionsPerChild 0", and keep going in that case. Doing it this way
782 simplifies the hot path in worker_thread */
783 static void check_infinite_requests(void)
785 if (ap_max_requests_per_child) {
786 signal_threads(ST_GRACEFUL);
789 requests_this_child = INT_MAX; /* keep going */
793 static void unblock_signal(int sig)
797 sigemptyset(&sig_mask);
798 sigaddset(&sig_mask, sig);
799 #if defined(SIGPROCMASK_SETS_THREAD_MASK)
800 sigprocmask(SIG_UNBLOCK, &sig_mask, NULL);
802 pthread_sigmask(SIG_UNBLOCK, &sig_mask, NULL);
806 static void dummy_signal_handler(int sig)
808 /* XXX If specifying SIG_IGN is guaranteed to unblock a syscall,
809 * then we don't need this goofy function.
815 static apr_status_t s_socket_add(void *user_baton,
819 s_baton_t *s = (s_baton_t*)user_baton;
820 /* XXXXX: recycle listener_poll_types */
821 listener_poll_type *pt = malloc(sizeof(*pt));
823 pt->baton = serf_baton;
824 pfd->client_data = pt;
825 return apr_pollset_add(s->pollset, pfd);
828 static apr_status_t s_socket_remove(void *user_baton,
832 s_baton_t *s = (s_baton_t*)user_baton;
833 listener_poll_type *pt = pfd->client_data;
835 return apr_pollset_remove(s->pollset, pfd);
839 static apr_status_t init_pollset(apr_pool_t *p)
842 s_baton_t *baton = NULL;
845 listener_poll_type *pt;
847 APR_RING_INIT(&timeout_head, conn_state_t, timeout_list);
848 APR_RING_INIT(&keepalive_timeout_head, conn_state_t, timeout_list);
850 for (lr = ap_listeners; lr != NULL; lr = lr->next) {
851 apr_pollfd_t *pfd = apr_palloc(p, sizeof(*pfd));
852 pt = apr_pcalloc(p, sizeof(*pt));
853 pfd->desc_type = APR_POLL_SOCKET;
854 pfd->desc.s = lr->sd;
855 pfd->reqevents = APR_POLLIN;
857 pt->type = PT_ACCEPT;
860 pfd->client_data = pt;
862 apr_socket_opt_set(pfd->desc.s, APR_SO_NONBLOCK, 1);
863 apr_pollset_add(event_pollset, pfd);
865 lr->accept_func = ap_unixd_accept;
869 baton = apr_pcalloc(p, sizeof(*baton));
870 baton->pollset = event_pollset;
871 /* TODO: subpools, threads, reuse, etc. -- currently use malloc() inside :( */
874 g_serf = serf_context_create_ex(baton,
878 ap_register_provider(p, "mpm_serf",
879 "instance", "0", g_serf);
886 static apr_status_t push_timer2worker(timer_event_t* te)
888 return ap_queue_push_timer(worker_queue, te);
891 static apr_status_t push2worker(const apr_pollfd_t * pfd,
892 apr_pollset_t * pollset)
894 listener_poll_type *pt = (listener_poll_type *) pfd->client_data;
895 conn_state_t *cs = (conn_state_t *) pt->baton;
898 if (pt->bypass_push) {
904 rc = apr_pollset_remove(pollset, pfd);
907 * Some of the pollset backends, like KQueue or Epoll
908 * automagically remove the FD if the socket is closed,
909 * therefore, we can accept _SUCCESS or _NOTFOUND,
910 * and we still want to keep going
912 if (rc != APR_SUCCESS && !APR_STATUS_IS_NOTFOUND(rc)) {
913 cs->state = CONN_STATE_LINGER;
916 rc = ap_queue_push(worker_queue, cs->pfd.desc.s, cs, cs->p);
917 if (rc != APR_SUCCESS) {
918 /* trash the connection; we couldn't queue the connected
921 apr_bucket_alloc_destroy(cs->bucket_alloc);
922 apr_socket_close(cs->pfd.desc.s);
923 ap_log_error(APLOG_MARK, APLOG_CRIT, rc,
924 ap_server_conf, "push2worker: ap_queue_push failed");
925 apr_pool_clear(cs->p);
926 ap_push_pool(worker_queue_info, cs->p);
933 * reserve a worker thread, block if all are currently busy.
934 * this prevents the worker queue from overflowing and lets
935 * other processes accept new connections in the mean time.
937 static int get_worker(int *have_idle_worker_p)
941 if (!*have_idle_worker_p) {
942 rc = ap_queue_info_wait_for_idler(worker_queue_info);
944 if (rc == APR_SUCCESS) {
945 *have_idle_worker_p = 1;
949 if (!APR_STATUS_IS_EOF(rc)) {
950 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf,
951 "ap_queue_info_wait_for_idler failed. "
952 "Attempting to shutdown process gracefully");
953 signal_threads(ST_GRACEFUL);
959 /* already reserved a worker thread - must have hit a
960 * transient error on a previous pass
966 /* XXXXXX: Convert to skiplist or other better data structure
967 * (yes, this is VERY VERY VERY VERY BAD)
970 /* Structures to reuse */
971 static APR_RING_HEAD(timer_free_ring_t, timer_event_t) timer_free_ring;
973 static APR_RING_HEAD(timer_ring_t, timer_event_t) timer_ring;
975 static apr_thread_mutex_t *g_timer_ring_mtx;
977 static apr_status_t event_register_timed_callback(apr_time_t t,
978 ap_mpm_callback_fn_t *cbfn,
984 /* oh yeah, and make locking smarter/fine grained. */
985 apr_thread_mutex_lock(g_timer_ring_mtx);
987 if (!APR_RING_EMPTY(&timer_free_ring, timer_event_t, link)) {
988 te = APR_RING_FIRST(&timer_free_ring);
989 APR_RING_REMOVE(te, link);
992 /* XXXXX: lol, pool allocation without a context from any thread.Yeah. Right. MPMs Suck. */
993 te = malloc(sizeof(timer_event_t));
994 APR_RING_ELEM_INIT(te, link);
999 /* XXXXX: optimize */
1000 te->when = t + apr_time_now();
1002 /* Okay, insert sorted by when.. */
1003 for (ep = APR_RING_FIRST(&timer_ring);
1004 ep != APR_RING_SENTINEL(&timer_ring,
1005 timer_event_t, link);
1006 ep = APR_RING_NEXT(ep, link))
1008 if (ep->when > te->when) {
1010 APR_RING_INSERT_BEFORE(ep, te, link);
1016 APR_RING_INSERT_TAIL(&timer_ring, te, timer_event_t, link);
1019 apr_thread_mutex_unlock(g_timer_ring_mtx);
1024 static void * APR_THREAD_FUNC listener_thread(apr_thread_t * thd, void *dummy)
1029 proc_info *ti = dummy;
1030 int process_slot = ti->pid;
1031 apr_pool_t *tpool = apr_thread_pool_get(thd);
1033 apr_pool_t *ptrans; /* Pool for per-transaction stuff */
1035 int have_idle_worker = 0;
1037 const apr_pollfd_t *out_pfd;
1038 apr_int32_t num = 0;
1039 apr_time_t time_now = 0;
1040 apr_interval_time_t timeout_interval;
1041 apr_time_t timeout_time;
1042 listener_poll_type *pt;
1046 /* the following times out events that are really close in the future
1047 * to prevent extra poll calls
1049 * current value is .1 second
1051 #define TIMEOUT_FUDGE_FACTOR 100000
1052 #define EVENT_FUDGE_FACTOR 10000
1054 rc = init_pollset(tpool);
1055 if (rc != APR_SUCCESS) {
1056 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf,
1057 "failed to initialize pollset, "
1058 "attempting to shutdown process gracefully");
1059 signal_threads(ST_GRACEFUL);
1063 /* Unblock the signal used to wake this thread up, and set a handler for
1066 unblock_signal(LISTENER_SIGNAL);
1067 apr_signal(LISTENER_SIGNAL, dummy_signal_handler);
1069 while (!listener_may_exit) {
1071 if (requests_this_child <= 0) {
1072 check_infinite_requests();
1077 apr_time_t now = apr_time_now();
1078 apr_thread_mutex_lock(g_timer_ring_mtx);
1080 if (!APR_RING_EMPTY(&timer_ring, timer_event_t, link)) {
1081 te = APR_RING_FIRST(&timer_ring);
1082 if (te->when > now) {
1083 timeout_interval = te->when - now;
1086 timeout_interval = 1;
1090 timeout_interval = apr_time_from_msec(100);
1092 apr_thread_mutex_unlock(g_timer_ring_mtx);
1096 rc = serf_context_prerun(g_serf);
1097 if (rc != APR_SUCCESS) {
1098 /* TOOD: what should do here? ugh. */
1102 rc = apr_pollset_poll(event_pollset, timeout_interval, &num,
1105 if (rc != APR_SUCCESS) {
1106 if (APR_STATUS_IS_EINTR(rc)) {
1109 if (!APR_STATUS_IS_TIMEUP(rc)) {
1110 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf,
1111 "apr_pollset_poll failed. Attempting to "
1112 "shutdown process gracefully");
1113 signal_threads(ST_GRACEFUL);
1117 if (listener_may_exit)
1121 apr_time_t now = apr_time_now();
1122 apr_thread_mutex_lock(g_timer_ring_mtx);
1123 for (ep = APR_RING_FIRST(&timer_ring);
1124 ep != APR_RING_SENTINEL(&timer_ring,
1125 timer_event_t, link);
1126 ep = APR_RING_FIRST(&timer_ring))
1128 if (ep->when < now + EVENT_FUDGE_FACTOR) {
1129 APR_RING_REMOVE(ep, link);
1130 push_timer2worker(ep);
1136 apr_thread_mutex_unlock(g_timer_ring_mtx);
1139 while (num && get_worker(&have_idle_worker)) {
1140 pt = (listener_poll_type *) out_pfd->client_data;
1141 if (pt->type == PT_CSD) {
1142 /* one of the sockets is readable */
1143 cs = (conn_state_t *) pt->baton;
1144 switch (cs->state) {
1145 case CONN_STATE_CHECK_REQUEST_LINE_READABLE:
1146 cs->state = CONN_STATE_READ_REQUEST_LINE;
1148 case CONN_STATE_WRITE_COMPLETION:
1151 ap_log_error(APLOG_MARK, APLOG_ERR, rc,
1153 "event_loop: unexpected state %d",
1158 apr_thread_mutex_lock(timeout_mutex);
1159 APR_RING_REMOVE(cs, timeout_list);
1160 apr_thread_mutex_unlock(timeout_mutex);
1161 APR_RING_ELEM_INIT(cs, timeout_list);
1163 rc = push2worker(out_pfd, event_pollset);
1164 if (rc != APR_SUCCESS) {
1165 ap_log_error(APLOG_MARK, APLOG_CRIT, rc,
1166 ap_server_conf, "push2worker failed");
1169 have_idle_worker = 0;
1172 else if (pt->type == PT_ACCEPT) {
1173 /* A Listener Socket is ready for an accept() */
1175 lr = (ap_listen_rec *) pt->baton;
1177 ap_pop_pool(&ptrans, worker_queue_info);
1179 if (ptrans == NULL) {
1180 /* create a new transaction pool for each accepted socket */
1181 apr_allocator_t *allocator;
1183 apr_allocator_create(&allocator);
1184 apr_allocator_max_free_set(allocator,
1186 apr_pool_create_ex(&ptrans, pconf, NULL, allocator);
1187 apr_allocator_owner_set(allocator, ptrans);
1188 if (ptrans == NULL) {
1189 ap_log_error(APLOG_MARK, APLOG_CRIT, rc,
1191 "Failed to create transaction pool");
1192 signal_threads(ST_GRACEFUL);
1196 apr_pool_tag(ptrans, "transaction");
1198 rc = lr->accept_func(&csd, lr, ptrans);
1200 /* later we trash rv and rely on csd to indicate
1203 AP_DEBUG_ASSERT(rc == APR_SUCCESS || !csd);
1205 if (rc == APR_EGENERAL) {
1206 /* E[NM]FILE, ENOMEM, etc */
1207 resource_shortage = 1;
1208 signal_threads(ST_GRACEFUL);
1212 rc = ap_queue_push(worker_queue, csd, NULL, ptrans);
1213 if (rc != APR_SUCCESS) {
1214 /* trash the connection; we couldn't queue the connected
1215 * socket to a worker
1217 apr_socket_close(csd);
1218 ap_log_error(APLOG_MARK, APLOG_CRIT, rc,
1220 "ap_queue_push failed");
1221 apr_pool_clear(ptrans);
1222 ap_push_pool(worker_queue_info, ptrans);
1225 have_idle_worker = 0;
1229 apr_pool_clear(ptrans);
1230 ap_push_pool(worker_queue_info, ptrans);
1232 } /* if:else on pt->type */
1234 else if (pt->type == PT_SERF) {
1235 /* send socket to serf. */
1236 /* XXXX: this doesn't require get_worker(&have_idle_worker) */
1237 serf_event_trigger(g_serf, pt->baton, out_pfd);
1242 } /* while for processing poll */
1244 /* XXX possible optimization: stash the current time for use as
1245 * r->request_time for new requests
1247 time_now = apr_time_now();
1249 /* handle timed out sockets */
1250 apr_thread_mutex_lock(timeout_mutex);
1252 /* Step 1: keepalive timeouts */
1253 cs = APR_RING_FIRST(&keepalive_timeout_head);
1254 timeout_time = time_now + TIMEOUT_FUDGE_FACTOR;
1255 while (!APR_RING_EMPTY(&keepalive_timeout_head, conn_state_t, timeout_list)
1256 && cs->expiration_time < timeout_time) {
1258 cs->state = CONN_STATE_LINGER;
1260 APR_RING_REMOVE(cs, timeout_list);
1261 apr_thread_mutex_unlock(timeout_mutex);
1263 if (!get_worker(&have_idle_worker)) {
1264 apr_thread_mutex_lock(timeout_mutex);
1265 APR_RING_INSERT_HEAD(&keepalive_timeout_head, cs,
1266 conn_state_t, timeout_list);
1270 rc = push2worker(&cs->pfd, event_pollset);
1272 if (rc != APR_SUCCESS) {
1274 /* XXX return NULL looks wrong - not an init failure
1275 * that bypasses all the cleanup outside the main loop
1276 * break seems more like it
1277 * need to evaluate seriousness of push2worker failures
1280 have_idle_worker = 0;
1281 apr_thread_mutex_lock(timeout_mutex);
1282 cs = APR_RING_FIRST(&keepalive_timeout_head);
1285 /* Step 2: write completion timeouts */
1286 cs = APR_RING_FIRST(&timeout_head);
1287 while (!APR_RING_EMPTY(&timeout_head, conn_state_t, timeout_list)
1288 && cs->expiration_time < timeout_time) {
1290 cs->state = CONN_STATE_LINGER;
1291 APR_RING_REMOVE(cs, timeout_list);
1292 apr_thread_mutex_unlock(timeout_mutex);
1294 if (!get_worker(&have_idle_worker)) {
1295 apr_thread_mutex_lock(timeout_mutex);
1296 APR_RING_INSERT_HEAD(&timeout_head, cs,
1297 conn_state_t, timeout_list);
1301 rc = push2worker(&cs->pfd, event_pollset);
1302 if (rc != APR_SUCCESS) {
1305 have_idle_worker = 0;
1306 apr_thread_mutex_lock(timeout_mutex);
1307 cs = APR_RING_FIRST(&timeout_head);
1310 apr_thread_mutex_unlock(timeout_mutex);
1312 } /* listener main loop */
1314 ap_close_listeners();
1315 ap_queue_term(worker_queue);
1317 ap_scoreboard_image->parent[process_slot].quiescing = 1;
1319 /* wake up the main thread */
1320 kill(ap_my_pid, SIGTERM);
1322 apr_thread_exit(thd, APR_SUCCESS);
1326 /* XXX For ungraceful termination/restart, we definitely don't want to
1327 * wait for active connections to finish but we may want to wait
1328 * for idle workers to get out of the queue code and release mutexes,
1329 * since those mutexes are cleaned up pretty soon and some systems
1330 * may not react favorably (i.e., segfault) if operations are attempted
1331 * on cleaned-up mutexes.
1333 static void *APR_THREAD_FUNC worker_thread(apr_thread_t * thd, void *dummy)
1335 proc_info *ti = dummy;
1336 int process_slot = ti->pid;
1337 int thread_slot = ti->tid;
1338 apr_socket_t *csd = NULL;
1340 apr_pool_t *ptrans; /* Pool for per-transaction stuff */
1343 timer_event_t *te = NULL;
1347 ap_scoreboard_image->servers[process_slot][thread_slot].pid = ap_my_pid;
1348 ap_scoreboard_image->servers[process_slot][thread_slot].tid = apr_os_thread_current();
1349 ap_scoreboard_image->servers[process_slot][thread_slot].generation = retained->my_generation;
1350 ap_update_child_status_from_indexes(process_slot, thread_slot,
1351 SERVER_STARTING, NULL);
1353 while (!workers_may_exit) {
1355 rv = ap_queue_info_set_idle(worker_queue_info, NULL);
1356 if (rv != APR_SUCCESS) {
1357 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
1358 "ap_queue_info_set_idle failed. Attempting to "
1359 "shutdown process gracefully.");
1360 signal_threads(ST_GRACEFUL);
1366 ap_update_child_status_from_indexes(process_slot, thread_slot,
1367 SERVER_READY, NULL);
1369 if (workers_may_exit) {
1375 rv = ap_queue_pop_something(worker_queue, &csd, &cs, &ptrans, &te);
1377 if (rv != APR_SUCCESS) {
1378 /* We get APR_EOF during a graceful shutdown once all the
1379 * connections accepted by this server process have been handled.
1381 if (APR_STATUS_IS_EOF(rv)) {
1384 /* We get APR_EINTR whenever ap_queue_pop() has been interrupted
1385 * from an explicit call to ap_queue_interrupt_all(). This allows
1386 * us to unblock threads stuck in ap_queue_pop() when a shutdown
1389 * If workers_may_exit is set and this is ungraceful termination/
1390 * restart, we are bound to get an error on some systems (e.g.,
1391 * AIX, which sanity-checks mutex operations) since the queue
1392 * may have already been cleaned up. Don't log the "error" if
1393 * workers_may_exit is set.
1395 else if (APR_STATUS_IS_EINTR(rv)) {
1398 /* We got some other error. */
1399 else if (!workers_may_exit) {
1400 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
1401 "ap_queue_pop failed");
1407 te->cbfunc(te->baton);
1410 apr_thread_mutex_lock(g_timer_ring_mtx);
1411 APR_RING_INSERT_TAIL(&timer_free_ring, te, timer_event_t, link);
1412 apr_thread_mutex_unlock(g_timer_ring_mtx);
1417 worker_sockets[thread_slot] = csd;
1418 rv = process_socket(thd, ptrans, csd, cs, process_slot, thread_slot);
1420 requests_this_child--;
1422 worker_sockets[thread_slot] = NULL;
1426 ap_update_child_status_from_indexes(process_slot, thread_slot,
1427 (dying) ? SERVER_DEAD :
1429 (request_rec *) NULL);
1431 apr_thread_exit(thd, APR_SUCCESS);
1435 static int check_signal(int signum)
1447 static void create_listener_thread(thread_starter * ts)
1449 int my_child_num = ts->child_num_arg;
1450 apr_threadattr_t *thread_attr = ts->threadattr;
1454 my_info = (proc_info *) malloc(sizeof(proc_info));
1455 my_info->pid = my_child_num;
1456 my_info->tid = -1; /* listener thread doesn't have a thread slot */
1458 rv = apr_thread_create(&ts->listener, thread_attr, listener_thread,
1460 if (rv != APR_SUCCESS) {
1461 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1462 "apr_thread_create: unable to create listener thread");
1463 /* let the parent decide how bad this really is */
1464 clean_child_exit(APEXIT_CHILDSICK);
1466 apr_os_thread_get(&listener_os_thread, ts->listener);
1469 /* XXX under some circumstances not understood, children can get stuck
1470 * in start_threads forever trying to take over slots which will
1471 * never be cleaned up; for now there is an APLOG_DEBUG message issued
1472 * every so often when this condition occurs
1474 static void *APR_THREAD_FUNC start_threads(apr_thread_t * thd, void *dummy)
1476 thread_starter *ts = dummy;
1477 apr_thread_t **threads = ts->threads;
1478 apr_threadattr_t *thread_attr = ts->threadattr;
1479 int child_num_arg = ts->child_num_arg;
1480 int my_child_num = child_num_arg;
1484 int threads_created = 0;
1485 int listener_started = 0;
1487 int prev_threads_created;
1489 /* We must create the fd queues before we start up the listener
1490 * and worker threads. */
1491 worker_queue = apr_pcalloc(pchild, sizeof(*worker_queue));
1492 rv = ap_queue_init(worker_queue, threads_per_child, pchild);
1493 if (rv != APR_SUCCESS) {
1494 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1495 "ap_queue_init() failed");
1496 clean_child_exit(APEXIT_CHILDFATAL);
1499 rv = ap_queue_info_create(&worker_queue_info, pchild,
1501 if (rv != APR_SUCCESS) {
1502 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1503 "ap_queue_info_create() failed");
1504 clean_child_exit(APEXIT_CHILDFATAL);
1507 /* Create the timeout mutex and main pollset before the listener
1510 rv = apr_thread_mutex_create(&timeout_mutex, APR_THREAD_MUTEX_DEFAULT,
1512 if (rv != APR_SUCCESS) {
1513 ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf,
1514 "creation of the timeout mutex failed.");
1515 clean_child_exit(APEXIT_CHILDFATAL);
1518 /* Create the main pollset */
1519 rv = apr_pollset_create(&event_pollset,
1521 pchild, APR_POLLSET_THREADSAFE | APR_POLLSET_NOCOPY);
1522 if (rv != APR_SUCCESS) {
1523 ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf,
1524 "apr_pollset_create with Thread Safety failed.");
1525 clean_child_exit(APEXIT_CHILDFATAL);
1528 worker_sockets = apr_pcalloc(pchild, threads_per_child
1529 * sizeof(apr_socket_t *));
1531 loops = prev_threads_created = 0;
1533 /* threads_per_child does not include the listener thread */
1534 for (i = 0; i < threads_per_child; i++) {
1536 ap_scoreboard_image->servers[child_num_arg][i].status;
1538 if (status != SERVER_GRACEFUL && status != SERVER_DEAD) {
1542 my_info = (proc_info *) malloc(sizeof(proc_info));
1543 if (my_info == NULL) {
1544 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, ap_server_conf,
1545 "malloc: out of memory");
1546 clean_child_exit(APEXIT_CHILDFATAL);
1548 my_info->pid = my_child_num;
1552 /* We are creating threads right now */
1553 ap_update_child_status_from_indexes(my_child_num, i,
1554 SERVER_STARTING, NULL);
1555 /* We let each thread update its own scoreboard entry. This is
1556 * done because it lets us deal with tid better.
1558 rv = apr_thread_create(&threads[i], thread_attr,
1559 worker_thread, my_info, pchild);
1560 if (rv != APR_SUCCESS) {
1561 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1562 "apr_thread_create: unable to create worker thread");
1563 /* let the parent decide how bad this really is */
1564 clean_child_exit(APEXIT_CHILDSICK);
1569 /* Start the listener only when there are workers available */
1570 if (!listener_started && threads_created) {
1571 create_listener_thread(ts);
1572 listener_started = 1;
1576 if (start_thread_may_exit || threads_created == threads_per_child) {
1579 /* wait for previous generation to clean up an entry */
1580 apr_sleep(apr_time_from_sec(1));
1582 if (loops % 120 == 0) { /* every couple of minutes */
1583 if (prev_threads_created == threads_created) {
1584 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1585 "child %" APR_PID_T_FMT " isn't taking over "
1586 "slots very quickly (%d of %d)",
1587 ap_my_pid, threads_created,
1590 prev_threads_created = threads_created;
1594 /* What state should this child_main process be listed as in the
1596 * ap_update_child_status_from_indexes(my_child_num, i, SERVER_STARTING,
1597 * (request_rec *) NULL);
1599 * This state should be listed separately in the scoreboard, in some kind
1600 * of process_status, not mixed in with the worker threads' status.
1601 * "life_status" is almost right, but it's in the worker's structure, and
1602 * the name could be clearer. gla
1604 apr_thread_exit(thd, APR_SUCCESS);
1608 static void join_workers(apr_thread_t * listener, apr_thread_t ** threads)
1611 apr_status_t rv, thread_rv;
1616 /* deal with a rare timing window which affects waking up the
1617 * listener thread... if the signal sent to the listener thread
1618 * is delivered between the time it verifies that the
1619 * listener_may_exit flag is clear and the time it enters a
1620 * blocking syscall, the signal didn't do any good... work around
1621 * that by sleeping briefly and sending it again
1626 #ifdef HAVE_PTHREAD_KILL
1627 pthread_kill(*listener_os_thread, 0)
1632 /* listener not dead yet */
1633 apr_sleep(apr_time_make(0, 500000));
1638 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1639 "the listener thread didn't exit");
1642 rv = apr_thread_join(&thread_rv, listener);
1643 if (rv != APR_SUCCESS) {
1644 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
1645 "apr_thread_join: unable to join listener thread");
1650 for (i = 0; i < threads_per_child; i++) {
1651 if (threads[i]) { /* if we ever created this thread */
1652 rv = apr_thread_join(&thread_rv, threads[i]);
1653 if (rv != APR_SUCCESS) {
1654 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
1655 "apr_thread_join: unable to join worker "
1662 static void join_start_thread(apr_thread_t * start_thread_id)
1664 apr_status_t rv, thread_rv;
1666 start_thread_may_exit = 1; /* tell it to give up in case it is still
1667 * trying to take over slots from a
1668 * previous generation
1670 rv = apr_thread_join(&thread_rv, start_thread_id);
1671 if (rv != APR_SUCCESS) {
1672 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
1673 "apr_thread_join: unable to join the start " "thread");
1677 static void child_main(int child_num_arg)
1679 apr_thread_t **threads;
1682 apr_threadattr_t *thread_attr;
1683 apr_thread_t *start_thread_id;
1685 mpm_state = AP_MPMQ_STARTING; /* for benefit of any hooks that run as this
1688 ap_my_pid = getpid();
1689 ap_fatal_signal_child_setup(ap_server_conf);
1690 apr_pool_create(&pchild, pconf);
1692 /*stuff to do before we switch id's, so we have permissions. */
1693 ap_reopen_scoreboard(pchild, NULL, 0);
1695 if (ap_run_drop_privileges(pchild, ap_server_conf)) {
1696 clean_child_exit(APEXIT_CHILDFATAL);
1699 apr_thread_mutex_create(&g_timer_ring_mtx, APR_THREAD_MUTEX_DEFAULT, pchild);
1700 APR_RING_INIT(&timer_free_ring, timer_event_t, link);
1701 APR_RING_INIT(&timer_ring, timer_event_t, link);
1703 ap_run_child_init(pchild, ap_server_conf);
1705 /* done with init critical section */
1707 /* Just use the standard apr_setup_signal_thread to block all signals
1708 * from being received. The child processes no longer use signals for
1709 * any communication with the parent process.
1711 rv = apr_setup_signal_thread();
1712 if (rv != APR_SUCCESS) {
1713 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
1714 "Couldn't initialize signal thread");
1715 clean_child_exit(APEXIT_CHILDFATAL);
1718 if (ap_max_requests_per_child) {
1719 requests_this_child = ap_max_requests_per_child;
1722 /* coding a value of zero means infinity */
1723 requests_this_child = INT_MAX;
1726 /* Setup worker threads */
1728 /* clear the storage; we may not create all our threads immediately,
1729 * and we want a 0 entry to indicate a thread which was not created
1731 threads = (apr_thread_t **) calloc(1,
1732 sizeof(apr_thread_t *) *
1734 if (threads == NULL) {
1735 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, ap_server_conf,
1736 "malloc: out of memory");
1737 clean_child_exit(APEXIT_CHILDFATAL);
1740 ts = (thread_starter *) apr_palloc(pchild, sizeof(*ts));
1742 apr_threadattr_create(&thread_attr, pchild);
1743 /* 0 means PTHREAD_CREATE_JOINABLE */
1744 apr_threadattr_detach_set(thread_attr, 0);
1746 if (ap_thread_stacksize != 0) {
1747 apr_threadattr_stacksize_set(thread_attr, ap_thread_stacksize);
1750 ts->threads = threads;
1751 ts->listener = NULL;
1752 ts->child_num_arg = child_num_arg;
1753 ts->threadattr = thread_attr;
1755 rv = apr_thread_create(&start_thread_id, thread_attr, start_threads,
1757 if (rv != APR_SUCCESS) {
1758 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1759 "apr_thread_create: unable to create worker thread");
1760 /* let the parent decide how bad this really is */
1761 clean_child_exit(APEXIT_CHILDSICK);
1764 mpm_state = AP_MPMQ_RUNNING;
1766 /* If we are only running in one_process mode, we will want to
1767 * still handle signals. */
1769 /* Block until we get a terminating signal. */
1770 apr_signal_thread(check_signal);
1771 /* make sure the start thread has finished; signal_threads()
1772 * and join_workers() depend on that
1774 /* XXX join_start_thread() won't be awakened if one of our
1775 * threads encounters a critical error and attempts to
1776 * shutdown this child
1778 join_start_thread(start_thread_id);
1780 /* helps us terminate a little more quickly than the dispatch of the
1781 * signal thread; beats the Pipe of Death and the browsers
1783 signal_threads(ST_UNGRACEFUL);
1785 /* A terminating signal was received. Now join each of the
1786 * workers to clean them up.
1787 * If the worker already exited, then the join frees
1788 * their resources and returns.
1789 * If the worker hasn't exited, then this blocks until
1790 * they have (then cleans up).
1792 join_workers(ts->listener, threads);
1794 else { /* !one_process */
1795 /* remove SIGTERM from the set of blocked signals... if one of
1796 * the other threads in the process needs to take us down
1797 * (e.g., for MaxConnectionsPerChild) it will send us SIGTERM
1799 unblock_signal(SIGTERM);
1800 apr_signal(SIGTERM, dummy_signal_handler);
1801 /* Watch for any messages from the parent over the POD */
1803 rv = ap_event_pod_check(pod);
1804 if (rv == AP_NORESTART) {
1805 /* see if termination was triggered while we slept */
1806 switch (terminate_mode) {
1815 if (rv == AP_GRACEFUL || rv == AP_RESTART) {
1816 /* make sure the start thread has finished;
1817 * signal_threads() and join_workers depend on that
1819 join_start_thread(start_thread_id);
1820 signal_threads(rv ==
1821 AP_GRACEFUL ? ST_GRACEFUL : ST_UNGRACEFUL);
1826 /* A terminating signal was received. Now join each of the
1827 * workers to clean them up.
1828 * If the worker already exited, then the join frees
1829 * their resources and returns.
1830 * If the worker hasn't exited, then this blocks until
1831 * they have (then cleans up).
1833 join_workers(ts->listener, threads);
1838 clean_child_exit(resource_shortage ? APEXIT_CHILDSICK : 0);
1841 static int make_child(server_rec * s, int slot)
1845 if (slot + 1 > retained->max_daemons_limit) {
1846 retained->max_daemons_limit = slot + 1;
1851 ap_scoreboard_image->parent[slot].pid = getpid();
1856 if ((pid = fork()) == -1) {
1857 ap_log_error(APLOG_MARK, APLOG_ERR, errno, s,
1858 "fork: Unable to fork new process");
1860 /* fork didn't succeed. There's no need to touch the scoreboard;
1861 * if we were trying to replace a failed child process, then
1862 * server_main_loop() marked its workers SERVER_DEAD, and if
1863 * we were trying to replace a child process that exited normally,
1864 * its worker_thread()s left SERVER_DEAD or SERVER_GRACEFUL behind.
1867 /* In case system resources are maxxed out, we don't want
1868 Apache running away with the CPU trying to fork over and
1869 over and over again. */
1870 apr_sleep(apr_time_from_sec(10));
1876 #ifdef HAVE_BINDPROCESSOR
1877 /* By default, AIX binds to a single processor. This bit unbinds
1878 * children which will then bind to another CPU.
1880 int status = bindprocessor(BINDPROCESS, (int) getpid(),
1881 PROCESSOR_CLASS_ANY);
1883 ap_log_error(APLOG_MARK, APLOG_DEBUG, errno,
1885 "processor unbind failed");
1887 RAISE_SIGSTOP(MAKE_CHILD);
1889 apr_signal(SIGTERM, just_die);
1894 if (ap_scoreboard_image->parent[slot].pid != 0) {
1895 /* This new child process is squatting on the scoreboard
1896 * entry owned by an exiting child process, which cannot
1897 * exit until all active requests complete.
1898 * Don't forget about this exiting child process, or we
1899 * won't be able to kill it if it doesn't exit by the
1900 * time the server is shut down.
1902 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1903 "taking over scoreboard slot from %" APR_PID_T_FMT "%s",
1904 ap_scoreboard_image->parent[slot].pid,
1905 ap_scoreboard_image->parent[slot].quiescing ?
1906 " (quiescing)" : "");
1907 ap_register_extra_mpm_process(ap_scoreboard_image->parent[slot].pid);
1909 ap_scoreboard_image->parent[slot].quiescing = 0;
1910 ap_scoreboard_image->parent[slot].pid = pid;
1914 /* start up a bunch of children */
1915 static void startup_children(int number_to_start)
1919 for (i = 0; number_to_start && i < ap_daemons_limit; ++i) {
1920 if (ap_scoreboard_image->parent[i].pid != 0) {
1923 if (make_child(ap_server_conf, i) < 0) {
1930 static void perform_idle_server_maintenance(void)
1933 int idle_thread_count;
1937 int totally_free_length = 0;
1938 int free_slots[MAX_SPAWN_RATE];
1941 int active_thread_count = 0;
1943 /* initialize the free_list */
1946 idle_thread_count = 0;
1950 for (i = 0; i < ap_daemons_limit; ++i) {
1951 /* Initialization to satisfy the compiler. It doesn't know
1952 * that threads_per_child is always > 0 */
1953 int status = SERVER_DEAD;
1954 int any_dying_threads = 0;
1955 int any_dead_threads = 0;
1956 int all_dead_threads = 1;
1958 if (i >= retained->max_daemons_limit
1959 && totally_free_length == retained->idle_spawn_rate)
1960 /* short cut if all active processes have been examined and
1961 * enough empty scoreboard slots have been found
1965 ps = &ap_scoreboard_image->parent[i];
1966 for (j = 0; j < threads_per_child; j++) {
1967 ws = &ap_scoreboard_image->servers[i][j];
1968 status = ws->status;
1970 /* XXX any_dying_threads is probably no longer needed GLA */
1971 any_dying_threads = any_dying_threads ||
1972 (status == SERVER_GRACEFUL);
1973 any_dead_threads = any_dead_threads || (status == SERVER_DEAD);
1974 all_dead_threads = all_dead_threads &&
1975 (status == SERVER_DEAD || status == SERVER_GRACEFUL);
1977 /* We consider a starting server as idle because we started it
1978 * at least a cycle ago, and if it still hasn't finished starting
1979 * then we're just going to swamp things worse by forking more.
1980 * So we hopefully won't need to fork more if we count it.
1981 * This depends on the ordering of SERVER_READY and SERVER_STARTING.
1983 if (ps->pid != 0) { /* XXX just set all_dead_threads in outer
1984 for loop if no pid? not much else matters */
1985 if (status <= SERVER_READY &&
1986 !ps->quiescing && ps->generation == retained->my_generation) {
1987 ++idle_thread_count;
1989 if (status >= SERVER_READY && status < SERVER_GRACEFUL) {
1990 ++active_thread_count;
1994 if (any_dead_threads
1995 && totally_free_length < retained->idle_spawn_rate
1996 && free_length < MAX_SPAWN_RATE
1997 && (!ps->pid /* no process in the slot */
1998 || ps->quiescing)) { /* or at least one is going away */
1999 if (all_dead_threads) {
2000 /* great! we prefer these, because the new process can
2001 * start more threads sooner. So prioritize this slot
2002 * by putting it ahead of any slots with active threads.
2004 * first, make room by moving a slot that's potentially still
2005 * in use to the end of the array
2007 free_slots[free_length] = free_slots[totally_free_length];
2008 free_slots[totally_free_length++] = i;
2011 /* slot is still in use - back of the bus
2013 free_slots[free_length] = i;
2017 /* XXX if (!ps->quiescing) is probably more reliable GLA */
2018 if (!any_dying_threads) {
2024 if (retained->sick_child_detected) {
2025 if (active_thread_count > 0) {
2026 /* some child processes appear to be working. don't kill the
2029 retained->sick_child_detected = 0;
2032 /* looks like a basket case. give up.
2034 shutdown_pending = 1;
2036 ap_log_error(APLOG_MARK, APLOG_ALERT, 0,
2038 "No active workers found..."
2039 " Apache is exiting!");
2040 /* the child already logged the failure details */
2045 retained->max_daemons_limit = last_non_dead + 1;
2047 if (idle_thread_count > max_spare_threads) {
2048 /* Kill off one child */
2049 ap_event_pod_signal(pod, TRUE);
2050 retained->idle_spawn_rate = 1;
2052 else if (idle_thread_count < min_spare_threads) {
2053 /* terminate the free list */
2054 if (free_length == 0) { /* scoreboard is full, can't fork */
2056 if (active_thread_count >= ap_daemons_limit * threads_per_child) {
2057 if (!retained->maxclients_reported) {
2058 /* only report this condition once */
2059 ap_log_error(APLOG_MARK, APLOG_ERR, 0,
2061 "server reached MaxClients setting, consider"
2062 " raising the MaxClients setting");
2063 retained->maxclients_reported = 1;
2067 ap_log_error(APLOG_MARK, APLOG_ERR, 0,
2069 "scoreboard is full, not at MaxClients");
2071 retained->idle_spawn_rate = 1;
2074 if (free_length > retained->idle_spawn_rate) {
2075 free_length = retained->idle_spawn_rate;
2077 if (retained->idle_spawn_rate >= 8) {
2078 ap_log_error(APLOG_MARK, APLOG_INFO, 0,
2080 "server seems busy, (you may need "
2081 "to increase StartServers, ThreadsPerChild "
2082 "or Min/MaxSpareThreads), "
2083 "spawning %d children, there are around %d idle "
2084 "threads, and %d total children", free_length,
2085 idle_thread_count, total_non_dead);
2087 for (i = 0; i < free_length; ++i) {
2088 make_child(ap_server_conf, free_slots[i]);
2090 /* the next time around we want to spawn twice as many if this
2091 * wasn't good enough, but not if we've just done a graceful
2093 if (retained->hold_off_on_exponential_spawning) {
2094 --retained->hold_off_on_exponential_spawning;
2096 else if (retained->idle_spawn_rate < MAX_SPAWN_RATE) {
2097 retained->idle_spawn_rate *= 2;
2102 retained->idle_spawn_rate = 1;
2106 static void server_main_loop(int remaining_children_to_start)
2109 apr_exit_why_e exitwhy;
2110 int status, processed_status;
2114 while (!restart_pending && !shutdown_pending) {
2115 ap_wait_or_timeout(&exitwhy, &status, &pid, pconf, ap_server_conf);
2117 if (pid.pid != -1) {
2118 processed_status = ap_process_child_status(&pid, exitwhy, status);
2119 if (processed_status == APEXIT_CHILDFATAL) {
2120 shutdown_pending = 1;
2124 else if (processed_status == APEXIT_CHILDSICK) {
2125 /* tell perform_idle_server_maintenance to check into this
2126 * on the next timer pop
2128 retained->sick_child_detected = 1;
2130 /* non-fatal death... note that it's gone in the scoreboard. */
2131 child_slot = ap_find_child_by_pid(&pid);
2132 if (child_slot >= 0) {
2133 for (i = 0; i < threads_per_child; i++)
2134 ap_update_child_status_from_indexes(child_slot, i,
2136 (request_rec *) NULL);
2138 ap_scoreboard_image->parent[child_slot].pid = 0;
2139 ap_scoreboard_image->parent[child_slot].quiescing = 0;
2140 if (processed_status == APEXIT_CHILDSICK) {
2141 /* resource shortage, minimize the fork rate */
2142 retained->idle_spawn_rate = 1;
2144 else if (remaining_children_to_start
2145 && child_slot < ap_daemons_limit) {
2146 /* we're still doing a 1-for-1 replacement of dead
2147 * children with new children
2149 make_child(ap_server_conf, child_slot);
2150 --remaining_children_to_start;
2153 else if (ap_unregister_extra_mpm_process(pid.pid) == 1) {
2155 #if APR_HAS_OTHER_CHILD
2157 else if (apr_proc_other_child_alert(&pid, APR_OC_REASON_DEATH,
2162 else if (retained->is_graceful) {
2163 /* Great, we've probably just lost a slot in the
2164 * scoreboard. Somehow we don't know about this child.
2166 ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
2168 "long lost child came home! (pid %ld)",
2171 /* Don't perform idle maintenance when a child dies,
2172 * only do it when there's a timeout. Remember only a
2173 * finite number of children can die, and it's pretty
2174 * pathological for a lot to die suddenly.
2178 else if (remaining_children_to_start) {
2179 /* we hit a 1 second timeout in which none of the previous
2180 * generation of children needed to be reaped... so assume
2181 * they're all done, and pick up the slack if any is left.
2183 startup_children(remaining_children_to_start);
2184 remaining_children_to_start = 0;
2185 /* In any event we really shouldn't do the code below because
2186 * few of the servers we just started are in the IDLE state
2187 * yet, so we'd mistakenly create an extra server.
2192 perform_idle_server_maintenance();
2196 static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
2198 int remaining_children_to_start;
2200 ap_log_pid(pconf, ap_pid_fname);
2202 if (!retained->is_graceful) {
2203 if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) {
2204 mpm_state = AP_MPMQ_STOPPING;
2207 /* fix the generation number in the global score; we just got a new,
2208 * cleared scoreboard
2210 ap_scoreboard_image->global->running_generation = retained->my_generation;
2214 /* Don't thrash... */
2215 if (max_spare_threads < min_spare_threads + threads_per_child)
2216 max_spare_threads = min_spare_threads + threads_per_child;
2218 /* If we're doing a graceful_restart then we're going to see a lot
2219 * of children exiting immediately when we get into the main loop
2220 * below (because we just sent them AP_SIG_GRACEFUL). This happens pretty
2221 * rapidly... and for each one that exits we may start a new one, until
2222 * there are at least min_spare_threads idle threads, counting across
2223 * all children. But we may be permitted to start more children than
2224 * that, so we'll just keep track of how many we're
2225 * supposed to start up without the 1 second penalty between each fork.
2227 remaining_children_to_start = ap_daemons_to_start;
2228 if (remaining_children_to_start > ap_daemons_limit) {
2229 remaining_children_to_start = ap_daemons_limit;
2231 if (!retained->is_graceful) {
2232 startup_children(remaining_children_to_start);
2233 remaining_children_to_start = 0;
2236 /* give the system some time to recover before kicking into
2237 * exponential mode */
2238 retained->hold_off_on_exponential_spawning = 10;
2241 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2242 "%s configured -- resuming normal operations",
2243 ap_get_server_description());
2244 ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
2245 "Server built: %s", ap_get_server_built());
2246 ap_log_command_line(plog, s);
2248 restart_pending = shutdown_pending = 0;
2249 mpm_state = AP_MPMQ_RUNNING;
2251 server_main_loop(remaining_children_to_start);
2252 mpm_state = AP_MPMQ_STOPPING;
2254 if (shutdown_pending && !retained->is_graceful) {
2255 /* Time to shut down:
2256 * Kill child processes, tell them to call child_exit, etc...
2258 ap_event_pod_killpg(pod, ap_daemons_limit, FALSE);
2259 ap_reclaim_child_processes(1); /* Start with SIGTERM */
2262 /* cleanup pid file on normal shutdown */
2263 const char *pidfile = NULL;
2264 pidfile = ap_server_root_relative(pconf, ap_pid_fname);
2265 if (pidfile != NULL && unlink(pidfile) == 0)
2266 ap_log_error(APLOG_MARK, APLOG_INFO, 0,
2268 "removed PID file %s (pid=%ld)",
2269 pidfile, (long) getpid());
2271 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0,
2272 ap_server_conf, "caught SIGTERM, shutting down");
2275 } else if (shutdown_pending) {
2276 /* Time to gracefully shut down:
2277 * Kill child processes, tell them to call child_exit, etc...
2279 int active_children;
2281 apr_time_t cutoff = 0;
2283 /* Close our listeners, and then ask our children to do same */
2284 ap_close_listeners();
2285 ap_event_pod_killpg(pod, ap_daemons_limit, TRUE);
2286 ap_relieve_child_processes();
2289 /* cleanup pid file on normal shutdown */
2290 const char *pidfile = NULL;
2291 pidfile = ap_server_root_relative (pconf, ap_pid_fname);
2292 if ( pidfile != NULL && unlink(pidfile) == 0)
2293 ap_log_error(APLOG_MARK, APLOG_INFO, 0,
2295 "removed PID file %s (pid=%ld)",
2296 pidfile, (long)getpid());
2298 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2299 "caught " AP_SIG_GRACEFUL_STOP_STRING
2300 ", shutting down gracefully");
2303 if (ap_graceful_shutdown_timeout) {
2304 cutoff = apr_time_now() +
2305 apr_time_from_sec(ap_graceful_shutdown_timeout);
2308 /* Don't really exit until each child has finished */
2309 shutdown_pending = 0;
2311 /* Pause for a second */
2312 apr_sleep(apr_time_from_sec(1));
2314 /* Relieve any children which have now exited */
2315 ap_relieve_child_processes();
2317 active_children = 0;
2318 for (index = 0; index < ap_daemons_limit; ++index) {
2319 if (ap_mpm_safe_kill(MPM_CHILD_PID(index), 0) == APR_SUCCESS) {
2320 active_children = 1;
2321 /* Having just one child is enough to stay around */
2325 } while (!shutdown_pending && active_children &&
2326 (!ap_graceful_shutdown_timeout || apr_time_now() < cutoff));
2328 /* We might be here because we received SIGTERM, either
2329 * way, try and make sure that all of our processes are
2332 ap_event_pod_killpg(pod, ap_daemons_limit, FALSE);
2333 ap_reclaim_child_processes(1);
2338 /* we've been told to restart */
2339 apr_signal(SIGHUP, SIG_IGN);
2342 /* not worth thinking about */
2346 /* advance to the next generation */
2347 /* XXX: we really need to make sure this new generation number isn't in
2348 * use by any of the children.
2350 ++retained->my_generation;
2351 ap_scoreboard_image->global->running_generation = retained->my_generation;
2353 if (retained->is_graceful) {
2354 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2355 AP_SIG_GRACEFUL_STRING
2356 " received. Doing graceful restart");
2357 /* wake up the children...time to die. But we'll have more soon */
2358 ap_event_pod_killpg(pod, ap_daemons_limit, TRUE);
2361 /* This is mostly for debugging... so that we know what is still
2362 * gracefully dealing with existing request.
2367 /* Kill 'em all. Since the child acts the same on the parents SIGTERM
2368 * and a SIGHUP, we may as well use the same signal, because some user
2369 * pthreads are stealing signals from us left and right.
2371 ap_event_pod_killpg(pod, ap_daemons_limit, FALSE);
2373 ap_reclaim_child_processes(1); /* Start with SIGTERM */
2374 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2375 "SIGHUP received. Attempting to restart");
2381 /* This really should be a post_config hook, but the error log is already
2382 * redirected by that point, so we need to do this in the open_logs phase.
2384 static int event_open_logs(apr_pool_t * p, apr_pool_t * plog,
2385 apr_pool_t * ptemp, server_rec * s)
2388 int level_flags = 0;
2393 /* the reverse of pre_config, we want this only the first time around */
2394 if (retained->module_loads == 1) {
2396 level_flags |= APLOG_STARTUP;
2399 if ((num_listensocks = ap_setup_listeners(ap_server_conf)) < 1) {
2400 ap_log_error(APLOG_MARK, APLOG_ALERT | level_flags, 0,
2401 (startup ? NULL : s),
2402 "no listening sockets available, shutting down");
2407 if ((rv = ap_event_pod_open(pconf, &pod))) {
2408 ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv,
2409 (startup ? NULL : s),
2410 "could not open pipe-of-death");
2417 static int event_pre_config(apr_pool_t * pconf, apr_pool_t * plog,
2420 int no_detach, debug, foreground;
2422 const char *userdata_key = "mpm_event_module";
2424 mpm_state = AP_MPMQ_STARTING;
2426 debug = ap_exists_config_define("DEBUG");
2429 foreground = one_process = 1;
2433 one_process = ap_exists_config_define("ONE_PROCESS");
2434 no_detach = ap_exists_config_define("NO_DETACH");
2435 foreground = ap_exists_config_define("FOREGROUND");
2438 /* sigh, want this only the second time around */
2439 retained = ap_retained_data_get(userdata_key);
2441 retained = ap_retained_data_create(userdata_key, sizeof(*retained));
2442 retained->max_daemons_limit = -1;
2443 retained->idle_spawn_rate = 1;
2445 ++retained->module_loads;
2446 if (retained->module_loads == 2) {
2447 rv = apr_pollset_create(&event_pollset, 1, plog,
2448 APR_POLLSET_THREADSAFE | APR_POLLSET_NOCOPY);
2449 if (rv != APR_SUCCESS) {
2450 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
2451 "Couldn't create a Thread Safe Pollset. "
2452 "Is it supported on your platform?"
2453 "Also check system or user limits!");
2454 return HTTP_INTERNAL_SERVER_ERROR;
2456 apr_pollset_destroy(event_pollset);
2458 if (!one_process && !foreground) {
2459 rv = apr_proc_detach(no_detach ? APR_PROC_DETACH_FOREGROUND
2460 : APR_PROC_DETACH_DAEMONIZE);
2461 if (rv != APR_SUCCESS) {
2462 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
2463 "apr_proc_detach failed");
2464 return HTTP_INTERNAL_SERVER_ERROR;
2469 parent_pid = ap_my_pid = getpid();
2471 ap_listen_pre_config();
2472 ap_daemons_to_start = DEFAULT_START_DAEMON;
2473 min_spare_threads = DEFAULT_MIN_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
2474 max_spare_threads = DEFAULT_MAX_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
2475 server_limit = DEFAULT_SERVER_LIMIT;
2476 thread_limit = DEFAULT_THREAD_LIMIT;
2477 ap_daemons_limit = server_limit;
2478 threads_per_child = DEFAULT_THREADS_PER_CHILD;
2479 max_clients = ap_daemons_limit * threads_per_child;
2480 ap_pid_fname = DEFAULT_PIDLOG;
2481 ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
2482 ap_extended_status = 0;
2483 ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;
2485 apr_cpystrn(ap_coredump_dir, ap_server_root, sizeof(ap_coredump_dir));
2490 static int event_check_config(apr_pool_t *p, apr_pool_t *plog,
2491 apr_pool_t *ptemp, server_rec *s)
2495 /* the reverse of pre_config, we want this only the first time around */
2496 if (retained->module_loads == 1) {
2500 if (server_limit > MAX_SERVER_LIMIT) {
2502 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2503 "WARNING: ServerLimit of %d exceeds compile-time "
2504 "limit of", server_limit);
2505 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2506 " %d servers, decreasing to %d.",
2507 MAX_SERVER_LIMIT, MAX_SERVER_LIMIT);
2509 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2510 "ServerLimit of %d exceeds compile-time limit "
2511 "of %d, decreasing to match",
2512 server_limit, MAX_SERVER_LIMIT);
2514 server_limit = MAX_SERVER_LIMIT;
2516 else if (server_limit < 1) {
2518 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2519 "WARNING: ServerLimit of %d not allowed, "
2520 "increasing to 1.", server_limit);
2522 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2523 "ServerLimit of %d not allowed, increasing to 1",
2529 /* you cannot change ServerLimit across a restart; ignore
2532 if (!retained->first_server_limit) {
2533 retained->first_server_limit = server_limit;
2535 else if (server_limit != retained->first_server_limit) {
2536 /* don't need a startup console version here */
2537 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2538 "changing ServerLimit to %d from original value of %d "
2539 "not allowed during restart",
2540 server_limit, retained->first_server_limit);
2541 server_limit = retained->first_server_limit;
2544 if (thread_limit > MAX_THREAD_LIMIT) {
2546 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2547 "WARNING: ThreadLimit of %d exceeds compile-time "
2548 "limit of", thread_limit);
2549 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2550 " %d threads, decreasing to %d.",
2551 MAX_THREAD_LIMIT, MAX_THREAD_LIMIT);
2553 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2554 "ThreadLimit of %d exceeds compile-time limit "
2555 "of %d, decreasing to match",
2556 thread_limit, MAX_THREAD_LIMIT);
2558 thread_limit = MAX_THREAD_LIMIT;
2560 else if (thread_limit < 1) {
2562 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2563 "WARNING: ThreadLimit of %d not allowed, "
2564 "increasing to 1.", thread_limit);
2566 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2567 "ThreadLimit of %d not allowed, increasing to 1",
2573 /* you cannot change ThreadLimit across a restart; ignore
2576 if (!retained->first_thread_limit) {
2577 retained->first_thread_limit = thread_limit;
2579 else if (thread_limit != retained->first_thread_limit) {
2580 /* don't need a startup console version here */
2581 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2582 "changing ThreadLimit to %d from original value of %d "
2583 "not allowed during restart",
2584 thread_limit, retained->first_thread_limit);
2585 thread_limit = retained->first_thread_limit;
2588 if (threads_per_child > thread_limit) {
2590 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2591 "WARNING: ThreadsPerChild of %d exceeds ThreadLimit "
2592 "of", threads_per_child);
2593 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2594 " %d threads, decreasing to %d.",
2595 thread_limit, thread_limit);
2596 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2597 " To increase, please see the ThreadLimit "
2600 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2601 "ThreadsPerChild of %d exceeds ThreadLimit "
2602 "of %d, decreasing to match",
2603 threads_per_child, thread_limit);
2605 threads_per_child = thread_limit;
2607 else if (threads_per_child < 1) {
2609 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2610 "WARNING: ThreadsPerChild of %d not allowed, "
2611 "increasing to 1.", threads_per_child);
2613 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2614 "ThreadsPerChild of %d not allowed, increasing to 1",
2617 threads_per_child = 1;
2620 if (max_clients < threads_per_child) {
2622 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2623 "WARNING: MaxClients of %d is less than "
2624 "ThreadsPerChild of", max_clients);
2625 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2626 " %d, increasing to %d. MaxClients must be at "
2628 threads_per_child, threads_per_child);
2629 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2630 " as the number of threads in a single server.");
2632 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2633 "MaxClients of %d is less than ThreadsPerChild "
2634 "of %d, increasing to match",
2635 max_clients, threads_per_child);
2637 max_clients = threads_per_child;
2640 ap_daemons_limit = max_clients / threads_per_child;
2642 if (max_clients % threads_per_child) {
2643 int tmp_max_clients = ap_daemons_limit * threads_per_child;
2646 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2647 "WARNING: MaxClients of %d is not an integer "
2648 "multiple of", max_clients);
2649 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2650 " ThreadsPerChild of %d, decreasing to nearest "
2651 "multiple %d,", threads_per_child,
2653 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2654 " for a maximum of %d servers.",
2657 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2658 "MaxClients of %d is not an integer multiple of "
2659 "ThreadsPerChild of %d, decreasing to nearest "
2660 "multiple %d", max_clients, threads_per_child,
2663 max_clients = tmp_max_clients;
2666 if (ap_daemons_limit > server_limit) {
2668 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2669 "WARNING: MaxClients of %d would require %d "
2670 "servers and ", max_clients, ap_daemons_limit);
2671 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2672 " would exceed ServerLimit of %d, decreasing to %d.",
2673 server_limit, server_limit * threads_per_child);
2674 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2675 " To increase, please see the ServerLimit "
2678 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2679 "MaxClients of %d would require %d servers and "
2680 "exceed ServerLimit of %d, decreasing to %d",
2681 max_clients, ap_daemons_limit, server_limit,
2682 server_limit * threads_per_child);
2684 ap_daemons_limit = server_limit;
2687 /* ap_daemons_to_start > ap_daemons_limit checked in ap_mpm_run() */
2688 if (ap_daemons_to_start < 0) {
2690 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2691 "WARNING: StartServers of %d not allowed, "
2692 "increasing to 1.", ap_daemons_to_start);
2694 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2695 "StartServers of %d not allowed, increasing to 1",
2696 ap_daemons_to_start);
2698 ap_daemons_to_start = 1;
2701 if (min_spare_threads < 1) {
2703 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2704 "WARNING: MinSpareThreads of %d not allowed, "
2705 "increasing to 1", min_spare_threads);
2706 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2707 " to avoid almost certain server failure.");
2708 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2709 " Please read the documentation.");
2711 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2712 "MinSpareThreads of %d not allowed, increasing to 1",
2715 min_spare_threads = 1;
2718 /* max_spare_threads < min_spare_threads + threads_per_child
2719 * checked in ap_mpm_run()
2725 static void event_hooks(apr_pool_t * p)
2727 /* Our open_logs hook function must run before the core's, or stderr
2728 * will be redirected to a file, and the messages won't print to the
2731 static const char *const aszSucc[] = { "core.c", NULL };
2734 ap_hook_open_logs(event_open_logs, NULL, aszSucc, APR_HOOK_REALLY_FIRST);
2735 /* we need to set the MPM state before other pre-config hooks use MPM query
2736 * to retrieve it, so register as REALLY_FIRST
2738 ap_hook_pre_config(event_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
2739 ap_hook_check_config(event_check_config, NULL, NULL, APR_HOOK_MIDDLE);
2740 ap_hook_mpm(event_run, NULL, NULL, APR_HOOK_MIDDLE);
2741 ap_hook_mpm_query(event_query, NULL, NULL, APR_HOOK_MIDDLE);
2742 ap_hook_mpm_note_child_killed(event_note_child_killed, NULL, NULL, APR_HOOK_MIDDLE);
2743 ap_hook_mpm_register_timed_callback(event_register_timed_callback, NULL, NULL,
2745 ap_hook_mpm_get_name(event_get_name, NULL, NULL, APR_HOOK_MIDDLE);
2748 static const char *set_daemons_to_start(cmd_parms *cmd, void *dummy,
2751 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2756 ap_daemons_to_start = atoi(arg);
2760 static const char *set_min_spare_threads(cmd_parms * cmd, void *dummy,
2763 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2768 min_spare_threads = atoi(arg);
2772 static const char *set_max_spare_threads(cmd_parms * cmd, void *dummy,
2775 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2780 max_spare_threads = atoi(arg);
2784 static const char *set_max_clients(cmd_parms * cmd, void *dummy,
2787 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2792 max_clients = atoi(arg);
2796 static const char *set_threads_per_child(cmd_parms * cmd, void *dummy,
2799 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2804 threads_per_child = atoi(arg);
2807 static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
2809 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2814 server_limit = atoi(arg);
2818 static const char *set_thread_limit(cmd_parms * cmd, void *dummy,
2821 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2826 thread_limit = atoi(arg);
2830 static const command_rec event_cmds[] = {
2832 AP_INIT_TAKE1("StartServers", set_daemons_to_start, NULL, RSRC_CONF,
2833 "Number of child processes launched at server startup"),
2834 AP_INIT_TAKE1("ServerLimit", set_server_limit, NULL, RSRC_CONF,
2835 "Maximum number of child processes for this run of Apache"),
2836 AP_INIT_TAKE1("MinSpareThreads", set_min_spare_threads, NULL, RSRC_CONF,
2837 "Minimum number of idle threads, to handle request spikes"),
2838 AP_INIT_TAKE1("MaxSpareThreads", set_max_spare_threads, NULL, RSRC_CONF,
2839 "Maximum number of idle threads"),
2840 AP_INIT_TAKE1("MaxClients", set_max_clients, NULL, RSRC_CONF,
2841 "Maximum number of threads alive at the same time"),
2842 AP_INIT_TAKE1("ThreadsPerChild", set_threads_per_child, NULL, RSRC_CONF,
2843 "Number of threads each child creates"),
2844 AP_INIT_TAKE1("ThreadLimit", set_thread_limit, NULL, RSRC_CONF,
2845 "Maximum number of worker threads per child process for this "
2846 "run of Apache - Upper limit for ThreadsPerChild"),
2847 AP_GRACEFUL_SHUTDOWN_TIMEOUT_COMMAND,
2851 AP_DECLARE_MODULE(mpm_event) = {
2853 NULL, /* hook to run before apache parses args */
2854 NULL, /* create per-directory config structure */
2855 NULL, /* merge per-directory config structures */
2856 NULL, /* create per-server config structure */
2857 NULL, /* merge per-server config structures */
2858 event_cmds, /* command apr_table_t */
2859 event_hooks /* register_hooks */
projects / apache / blob