1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * This MPM tries to fix the 'keep alive problem' in HTTP.
20 * After a client completes the first request, the client can keep the
21 * connection open to send more requests with the same socket. This can save
22 * signifigant overhead in creating TCP connections. However, the major
23 * disadvantage is that Apache traditionally keeps an entire child
24 * process/thread waiting for data from the client. To solve this problem,
25 * this MPM has a dedicated thread for handling both the Listenting sockets,
26 * and all sockets that are in a Keep Alive status.
28 * The MPM assumes the underlying apr_pollset implmentation is somewhat
29 * threadsafe. This currently is only compatible with KQueue and EPoll. This
30 * enables the MPM to avoid extra high level locking or having to wake up the
31 * listener thread when a keep-alive socket needs to be sent to it.
33 * This MPM not preform well on older platforms that do not have very good
34 * threading, like Linux with a 2.4 kernel, but this does not matter, since we
35 * require EPoll or KQueue.
37 * For FreeBSD, use 5.3. It is possible to run this MPM on FreeBSD 5.2.1, if
38 * you use libkse (see `man libmap.conf`).
40 * For NetBSD, use at least 2.0.
42 * For Linux, you should use a 2.6 kernel, and make sure your glibc has epoll
43 * support compiled in.
48 #include "apr_portable.h"
49 #include "apr_strings.h"
50 #include "apr_file_io.h"
51 #include "apr_thread_proc.h"
52 #include "apr_signal.h"
53 #include "apr_thread_mutex.h"
54 #include "apr_proc_mutex.h"
57 #include "apr_queue.h"
58 #define APR_WANT_STRFUNC
64 #if APR_HAVE_SYS_SOCKET_H
65 #include <sys/socket.h>
67 #if APR_HAVE_SYS_WAIT_H
70 #ifdef HAVE_SYS_PROCESSOR_H
71 #include <sys/processor.h> /* for bindprocessor() */
75 #error The Event MPM requires APR threads, but they are unavailable.
78 #include "ap_config.h"
80 #include "http_main.h"
82 #include "http_config.h" /* for read_config */
83 #include "http_core.h" /* for get_remote_host */
84 #include "http_connection.h"
87 #include "mpm_common.h"
88 #include "ap_listen.h"
89 #include "scoreboard.h"
91 #include "mpm_default.h"
92 #include "http_vhost.h"
96 #include <limits.h> /* for INT_MAX */
104 /* Limit on the total --- clients will be locked out if more servers than
105 * this are needed. It is intended solely to keep the server from crashing
106 * when things get out of hand.
108 * We keep a hard maximum number of servers, for two reasons --- first off,
109 * in case something goes seriously wrong, we want to stop the fork bomb
110 * short of actually crashing the machine we're running on by filling some
111 * kernel table. Secondly, it keeps the size of the scoreboard file small
112 * enough that we can read the whole thing without worrying too much about
115 #ifndef DEFAULT_SERVER_LIMIT
116 #define DEFAULT_SERVER_LIMIT 16
119 /* Admin can't tune ServerLimit beyond MAX_SERVER_LIMIT. We want
120 * some sort of compile-time limit to help catch typos.
122 #ifndef MAX_SERVER_LIMIT
123 #define MAX_SERVER_LIMIT 20000
126 /* Limit on the threads per process. Clients will be locked out if more than
129 * We keep this for one reason it keeps the size of the scoreboard file small
130 * enough that we can read the whole thing without worrying too much about
133 #ifndef DEFAULT_THREAD_LIMIT
134 #define DEFAULT_THREAD_LIMIT 64
137 /* Admin can't tune ThreadLimit beyond MAX_THREAD_LIMIT. We want
138 * some sort of compile-time limit to help catch typos.
140 #ifndef MAX_THREAD_LIMIT
141 #define MAX_THREAD_LIMIT 100000
144 #define MPM_CHILD_PID(i) (ap_scoreboard_image->parent[i].pid)
147 * Actual definitions of config globals
150 static int threads_per_child = 0; /* Worker threads per child */
151 static int ap_daemons_to_start = 0;
152 static int min_spare_threads = 0;
153 static int max_spare_threads = 0;
154 static int ap_daemons_limit = 0;
155 static int max_clients = 0;
156 static int server_limit = 0;
157 static int thread_limit = 0;
158 static int dying = 0;
159 static int workers_may_exit = 0;
160 static int start_thread_may_exit = 0;
161 static int listener_may_exit = 0;
162 static int requests_this_child;
163 static int num_listensocks = 0;
164 static int resource_shortage = 0;
165 static fd_queue_t *worker_queue;
166 static fd_queue_info_t *worker_queue_info;
167 static int mpm_state = AP_MPMQ_STARTING;
168 static int sick_child_detected;
169 static ap_generation_t volatile my_generation = 0;
171 static apr_thread_mutex_t *timeout_mutex;
172 APR_RING_HEAD(timeout_head_t, conn_state_t);
173 static struct timeout_head_t timeout_head, keepalive_timeout_head;
175 static apr_pollset_t *event_pollset;
179 apr_pollset_t *pollset;
183 static serf_context_t *g_serf;
186 /* The structure used to pass unique initialization info to each thread */
194 /* Structure used to pass information to the thread responsible for
195 * creating the rest of the threads.
199 apr_thread_t **threads;
200 apr_thread_t *listener;
202 apr_threadattr_t *threadattr;
219 } listener_poll_type;
221 /* data retained by event across load/unload of the module
222 * allocated on first call to pre-config hook; located on
223 * subsequent calls to pre-config hook
225 typedef struct event_retained_data {
226 int first_server_limit;
227 int first_thread_limit;
229 } event_retained_data;
230 static event_retained_data *retained;
232 #define ID_FROM_CHILD_THREAD(c, t) ((c * thread_limit) + t)
235 * The max child slot ever assigned, preserved across restarts. Necessary
236 * to deal with MaxClients changes across AP_SIG_GRACEFUL restarts. We
237 * use this value to optimize routines that have to scan the entire
240 static int max_daemons_limit = -1;
242 static ap_event_pod_t *pod;
244 /* The event MPM respects a couple of runtime flags that can aid
245 * in debugging. Setting the -DNO_DETACH flag will prevent the root process
246 * from detaching from its controlling terminal. Additionally, setting
247 * the -DONE_PROCESS flag (which implies -DNO_DETACH) will get you the
248 * child_main loop running in the process which originally started up.
249 * This gives you a pretty nice debugging environment. (You'll get a SIGHUP
250 * early in standalone_main; just continue through. This is the server
251 * trying to kill off any child processes which it might have lying
252 * around --- Apache doesn't keep track of their pids, it just sends
253 * SIGHUP to the process group, ignoring it in the root process.
254 * Continue through and you'll be fine.).
257 static int one_process = 0;
260 int raise_sigstop_flags;
263 static apr_pool_t *pconf; /* Pool for config stuff */
264 static apr_pool_t *pchild; /* Pool for httpd child stuff */
266 static pid_t ap_my_pid; /* Linux getpid() doesn't work except in main
267 thread. Use this instead */
268 static pid_t parent_pid;
269 static apr_os_thread_t *listener_os_thread;
271 /* The LISTENER_SIGNAL signal will be sent from the main thread to the
272 * listener thread to wake it up for graceful termination (what a child
273 * process from an old generation does when the admin does "apachectl
274 * graceful"). This signal will be blocked in all threads of a child
275 * process except for the listener thread.
277 #define LISTENER_SIGNAL SIGHUP
279 /* An array of socket descriptors in use by each thread used to
280 * perform a non-graceful (forced) shutdown of the server.
282 static apr_socket_t **worker_sockets;
284 static void close_worker_sockets(void)
287 for (i = 0; i < threads_per_child; i++) {
288 if (worker_sockets[i]) {
289 apr_socket_close(worker_sockets[i]);
290 worker_sockets[i] = NULL;
295 static void wakeup_listener(void)
297 listener_may_exit = 1;
298 if (!listener_os_thread) {
299 /* XXX there is an obscure path that this doesn't handle perfectly:
300 * right after listener thread is created but before
301 * listener_os_thread is set, the first worker thread hits an
302 * error and starts graceful termination
307 /* unblock the listener if it's waiting for a worker */
308 ap_queue_info_term(worker_queue_info);
311 * we should just be able to "kill(ap_my_pid, LISTENER_SIGNAL)" on all
312 * platforms and wake up the listener thread since it is the only thread
313 * with SIGHUP unblocked, but that doesn't work on Linux
315 #ifdef HAVE_PTHREAD_KILL
316 pthread_kill(*listener_os_thread, LISTENER_SIGNAL);
318 kill(ap_my_pid, LISTENER_SIGNAL);
323 #define ST_GRACEFUL 1
324 #define ST_UNGRACEFUL 2
326 static int terminate_mode = ST_INIT;
328 static void signal_threads(int mode)
330 if (terminate_mode == mode) {
333 terminate_mode = mode;
334 mpm_state = AP_MPMQ_STOPPING;
336 /* in case we weren't called from the listener thread, wake up the
341 /* for ungraceful termination, let the workers exit now;
342 * for graceful termination, the listener thread will notify the
343 * workers to exit once it has stopped accepting new connections
345 if (mode == ST_UNGRACEFUL) {
346 workers_may_exit = 1;
347 ap_queue_interrupt_all(worker_queue);
348 close_worker_sockets(); /* forcefully kill all current connections */
352 static apr_status_t event_query(int query_code, int *result)
354 switch (query_code) {
355 case AP_MPMQ_MAX_DAEMON_USED:
356 *result = max_daemons_limit;
358 case AP_MPMQ_IS_THREADED:
359 *result = AP_MPMQ_STATIC;
361 case AP_MPMQ_IS_FORKED:
362 *result = AP_MPMQ_DYNAMIC;
364 case AP_MPMQ_IS_ASYNC:
367 case AP_MPMQ_HAS_SERF:
370 case AP_MPMQ_HARD_LIMIT_DAEMONS:
371 *result = server_limit;
373 case AP_MPMQ_HARD_LIMIT_THREADS:
374 *result = thread_limit;
376 case AP_MPMQ_MAX_THREADS:
377 *result = threads_per_child;
379 case AP_MPMQ_MIN_SPARE_DAEMONS:
382 case AP_MPMQ_MIN_SPARE_THREADS:
383 *result = min_spare_threads;
385 case AP_MPMQ_MAX_SPARE_DAEMONS:
388 case AP_MPMQ_MAX_SPARE_THREADS:
389 *result = max_spare_threads;
391 case AP_MPMQ_MAX_REQUESTS_DAEMON:
392 *result = ap_max_requests_per_child;
394 case AP_MPMQ_MAX_DAEMONS:
395 *result = ap_daemons_limit;
397 case AP_MPMQ_MPM_STATE:
400 case AP_MPMQ_GENERATION:
401 *result = my_generation;
407 static apr_status_t event_note_child_killed(int childnum)
409 ap_scoreboard_image->parent[childnum].pid = 0;
413 static const char *event_get_name(void)
418 /* a clean exit from a child with proper cleanup */
419 static void clean_child_exit(int code) __attribute__ ((noreturn));
420 static void clean_child_exit(int code)
422 mpm_state = AP_MPMQ_STOPPING;
424 apr_pool_destroy(pchild);
429 static void just_die(int sig)
434 /*****************************************************************
435 * Connection structures and accounting...
438 /* volatile just in case */
439 static int volatile shutdown_pending;
440 static int volatile restart_pending;
441 static int volatile is_graceful;
442 static volatile int child_fatal;
445 * ap_start_shutdown() and ap_start_restart(), below, are a first stab at
446 * functions to initiate shutdown or restart without relying on signals.
447 * Previously this was initiated in sig_term() and restart() signal handlers,
448 * but we want to be able to start a shutdown/restart from other sources --
449 * e.g. on Win32, from the service manager. Now the service manager can
450 * call ap_start_shutdown() or ap_start_restart() as appropiate. Note that
451 * these functions can also be called by the child processes, since global
452 * variables are no longer used to pass on the required action to the parent.
454 * These should only be called from the parent process itself, since the
455 * parent process will use the shutdown_pending and restart_pending variables
456 * to determine whether to shutdown or restart. The child process should
457 * call signal_parent() directly to tell the parent to die -- this will
458 * cause neither of those variable to be set, which the parent will
459 * assume means something serious is wrong (which it will be, for the
460 * child to force an exit) and so do an exit anyway.
463 static void ap_start_shutdown(int graceful)
465 mpm_state = AP_MPMQ_STOPPING;
466 if (shutdown_pending == 1) {
467 /* Um, is this _probably_ not an error, if the user has
468 * tried to do a shutdown twice quickly, so we won't
469 * worry about reporting it.
473 shutdown_pending = 1;
474 is_graceful = graceful;
477 /* do a graceful restart if graceful == 1 */
478 static void ap_start_restart(int graceful)
480 mpm_state = AP_MPMQ_STOPPING;
481 if (restart_pending == 1) {
482 /* Probably not an error - don't bother reporting it */
486 is_graceful = graceful;
489 static void sig_term(int sig)
491 ap_start_shutdown(sig == AP_SIG_GRACEFUL_STOP);
494 static void restart(int sig)
496 ap_start_restart(sig == AP_SIG_GRACEFUL);
499 static void set_signals(void)
501 #ifndef NO_USE_SIGACTION
506 ap_fatal_signal_setup(ap_server_conf, pconf);
509 #ifndef NO_USE_SIGACTION
510 sigemptyset(&sa.sa_mask);
513 sa.sa_handler = sig_term;
514 if (sigaction(SIGTERM, &sa, NULL) < 0)
515 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
516 "sigaction(SIGTERM)");
517 #ifdef AP_SIG_GRACEFUL_STOP
518 if (sigaction(AP_SIG_GRACEFUL_STOP, &sa, NULL) < 0)
519 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
520 "sigaction(" AP_SIG_GRACEFUL_STOP_STRING ")");
523 if (sigaction(SIGINT, &sa, NULL) < 0)
524 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
525 "sigaction(SIGINT)");
528 sa.sa_handler = SIG_DFL;
529 if (sigaction(SIGXCPU, &sa, NULL) < 0)
530 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
531 "sigaction(SIGXCPU)");
534 sa.sa_handler = SIG_DFL;
535 if (sigaction(SIGXFSZ, &sa, NULL) < 0)
536 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
537 "sigaction(SIGXFSZ)");
540 sa.sa_handler = SIG_IGN;
541 if (sigaction(SIGPIPE, &sa, NULL) < 0)
542 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
543 "sigaction(SIGPIPE)");
546 /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
548 sigaddset(&sa.sa_mask, SIGHUP);
549 sigaddset(&sa.sa_mask, AP_SIG_GRACEFUL);
550 sa.sa_handler = restart;
551 if (sigaction(SIGHUP, &sa, NULL) < 0)
552 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
553 "sigaction(SIGHUP)");
554 if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
555 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
556 "sigaction(" AP_SIG_GRACEFUL_STRING ")");
560 apr_signal(SIGXCPU, SIG_DFL);
563 apr_signal(SIGXFSZ, SIG_DFL);
567 apr_signal(SIGTERM, sig_term);
569 apr_signal(SIGHUP, restart);
571 #ifdef AP_SIG_GRACEFUL
572 apr_signal(AP_SIG_GRACEFUL, restart);
573 #endif /* AP_SIG_GRACEFUL */
574 #ifdef AP_SIG_GRACEFUL_STOP
575 apr_signal(AP_SIG_GRACEFUL_STOP, sig_term);
576 #endif /* AP_SIG_GRACEFUL_STOP */
578 apr_signal(SIGPIPE, SIG_IGN);
584 /*****************************************************************
585 * Child process main loop.
588 static int process_socket(apr_thread_t *thd, apr_pool_t * p, apr_socket_t * sock,
589 conn_state_t * cs, int my_child_num,
593 listener_poll_type *pt;
594 long conn_id = ID_FROM_CHILD_THREAD(my_child_num, my_thread_num);
598 ap_create_sb_handle(&sbh, p, my_child_num, my_thread_num);
600 if (cs == NULL) { /* This is a new connection */
602 cs = apr_pcalloc(p, sizeof(conn_state_t));
604 pt = apr_pcalloc(p, sizeof(*pt));
606 cs->bucket_alloc = apr_bucket_alloc_create(p);
607 c = ap_run_create_connection(p, ap_server_conf, sock,
608 conn_id, sbh, cs->bucket_alloc);
609 c->current_thread = thd;
613 cs->pfd.desc_type = APR_POLL_SOCKET;
614 cs->pfd.reqevents = APR_POLLIN;
615 cs->pfd.desc.s = sock;
619 cs->pfd.client_data = pt;
620 APR_RING_ELEM_INIT(cs, timeout_list);
622 ap_update_vhost_given_ip(c);
624 rc = ap_run_pre_connection(c, sock);
625 if (rc != OK && rc != DONE) {
626 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
627 "process_socket: connection aborted");
632 * XXX If the platform does not have a usable way of bundling
633 * accept() with a socket readability check, like Win32,
634 * and there are measurable delays before the
635 * socket is readable due to the first data packet arriving,
636 * it might be better to create the cs on the listener thread
637 * with the state set to CONN_STATE_CHECK_REQUEST_LINE_READABLE
639 * FreeBSD users will want to enable the HTTP accept filter
640 * module in their kernel for the highest performance
641 * When the accept filter is active, sockets are kept in the
642 * kernel until a HTTP request is received.
644 cs->state = CONN_STATE_READ_REQUEST_LINE;
650 pt = cs->pfd.client_data;
651 c->current_thread = thd;
654 if (c->clogging_input_filters && !c->aborted) {
655 /* Since we have an input filter which 'cloggs' the input stream,
656 * like mod_ssl, lets just do the normal read from input filters,
657 * like the Worker MPM does.
659 ap_run_process_connection(c);
660 if (cs->state != CONN_STATE_SUSPENDED) {
661 cs->state = CONN_STATE_LINGER;
666 if (cs->state == CONN_STATE_READ_REQUEST_LINE) {
668 ap_run_process_connection(c);
670 /* state will be updated upon return
671 * fall thru to either wait for readability/timeout or
676 cs->state = CONN_STATE_LINGER;
680 if (cs->state == CONN_STATE_WRITE_COMPLETION) {
681 ap_filter_t *output_filter = c->output_filters;
683 while (output_filter->next != NULL) {
684 output_filter = output_filter->next;
686 rv = output_filter->frec->filter_func.out_func(output_filter, NULL);
687 if (rv != APR_SUCCESS) {
688 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
689 "network write failure in core output filter");
690 cs->state = CONN_STATE_LINGER;
692 else if (c->data_in_output_filters) {
693 /* Still in WRITE_COMPLETION_STATE:
694 * Set a write timeout for this connection, and let the
695 * event thread poll for writeability.
697 cs->expiration_time = ap_server_conf->timeout + apr_time_now();
698 apr_thread_mutex_lock(timeout_mutex);
699 APR_RING_INSERT_TAIL(&timeout_head, cs, conn_state_t, timeout_list);
700 apr_thread_mutex_unlock(timeout_mutex);
702 cs->pfd.reqevents = APR_POLLOUT | APR_POLLHUP | APR_POLLERR;
703 rc = apr_pollset_add(event_pollset, &cs->pfd);
706 else if (c->keepalive != AP_CONN_KEEPALIVE || c->aborted ||
708 c->cs->state = CONN_STATE_LINGER;
710 else if (c->data_in_input_filters) {
711 cs->state = CONN_STATE_READ_REQUEST_LINE;
715 cs->state = CONN_STATE_CHECK_REQUEST_LINE_READABLE;
719 if (cs->state == CONN_STATE_LINGER) {
720 ap_lingering_close(c);
722 ap_push_pool(worker_queue_info, p);
725 else if (cs->state == CONN_STATE_CHECK_REQUEST_LINE_READABLE) {
727 listener_poll_type *pt = (listener_poll_type *) cs->pfd.client_data;
729 /* It greatly simplifies the logic to use a single timeout value here
730 * because the new element can just be added to the end of the list and
731 * it will stay sorted in expiration time sequence. If brand new
732 * sockets are sent to the event thread for a readability check, this
733 * will be a slight behavior change - they use the non-keepalive
734 * timeout today. With a normal client, the socket will be readable in
735 * a few milliseconds anyway.
737 cs->expiration_time = ap_server_conf->keep_alive_timeout +
739 apr_thread_mutex_lock(timeout_mutex);
740 APR_RING_INSERT_TAIL(&keepalive_timeout_head, cs, conn_state_t, timeout_list);
741 apr_thread_mutex_unlock(timeout_mutex);
744 /* Add work to pollset. */
745 cs->pfd.reqevents = APR_POLLIN;
746 rc = apr_pollset_add(event_pollset, &cs->pfd);
748 if (rc != APR_SUCCESS) {
749 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf,
750 "process_socket: apr_pollset_add failure");
751 AP_DEBUG_ASSERT(rc == APR_SUCCESS);
757 /* requests_this_child has gone to zero or below. See if the admin coded
758 "MaxRequestsPerChild 0", and keep going in that case. Doing it this way
759 simplifies the hot path in worker_thread */
760 static void check_infinite_requests(void)
762 if (ap_max_requests_per_child) {
763 signal_threads(ST_GRACEFUL);
766 /* wow! if you're executing this code, you may have set a record.
767 * either this child process has served over 2 billion requests, or
768 * you're running a threaded 2.0 on a 16 bit machine.
770 * I'll buy pizza and beers at Apachecon for the first person to do
771 * the former without cheating (dorking with INT_MAX, or running with
772 * uncommitted performance patches, for example).
774 * for the latter case, you probably deserve a beer too. Greg Ames
777 requests_this_child = INT_MAX; /* keep going */
781 static void unblock_signal(int sig)
785 sigemptyset(&sig_mask);
786 sigaddset(&sig_mask, sig);
787 #if defined(SIGPROCMASK_SETS_THREAD_MASK)
788 sigprocmask(SIG_UNBLOCK, &sig_mask, NULL);
790 pthread_sigmask(SIG_UNBLOCK, &sig_mask, NULL);
794 static void dummy_signal_handler(int sig)
796 /* XXX If specifying SIG_IGN is guaranteed to unblock a syscall,
797 * then we don't need this goofy function.
803 static apr_status_t s_socket_add(void *user_baton,
807 s_baton_t *s = (s_baton_t*)user_baton;
808 /* XXXXX: recycle listener_poll_types */
809 listener_poll_type *pt = malloc(sizeof(*pt));
811 pt->baton = serf_baton;
812 pfd->client_data = pt;
813 return apr_pollset_add(s->pollset, pfd);
816 static apr_status_t s_socket_remove(void *user_baton,
820 s_baton_t *s = (s_baton_t*)user_baton;
821 listener_poll_type *pt = pfd->client_data;
823 return apr_pollset_remove(s->pollset, pfd);
827 static apr_status_t init_pollset(apr_pool_t *p)
830 s_baton_t *baton = NULL;
834 listener_poll_type *pt;
836 rv = apr_thread_mutex_create(&timeout_mutex, APR_THREAD_MUTEX_DEFAULT, p);
837 if (rv != APR_SUCCESS) {
838 ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf,
839 "creation of the timeout mutex failed.");
843 APR_RING_INIT(&timeout_head, conn_state_t, timeout_list);
844 APR_RING_INIT(&keepalive_timeout_head, conn_state_t, timeout_list);
846 /* Create the main pollset */
847 rv = apr_pollset_create(&event_pollset,
849 p, APR_POLLSET_THREADSAFE | APR_POLLSET_NOCOPY);
850 if (rv != APR_SUCCESS) {
851 ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf,
852 "apr_pollset_create with Thread Safety failed.");
856 for (lr = ap_listeners; lr != NULL; lr = lr->next) {
857 apr_pollfd_t *pfd = apr_palloc(p, sizeof(*pfd));
858 pt = apr_pcalloc(p, sizeof(*pt));
859 pfd->desc_type = APR_POLL_SOCKET;
860 pfd->desc.s = lr->sd;
861 pfd->reqevents = APR_POLLIN;
863 pt->type = PT_ACCEPT;
866 pfd->client_data = pt;
868 apr_socket_opt_set(pfd->desc.s, APR_SO_NONBLOCK, 1);
869 apr_pollset_add(event_pollset, pfd);
871 lr->accept_func = ap_unixd_accept;
875 baton = apr_pcalloc(p, sizeof(*baton));
876 baton->pollset = event_pollset;
877 /* TODO: subpools, threads, reuse, etc. -- currently use malloc() inside :( */
880 g_serf = serf_context_create_ex(baton,
884 ap_register_provider(p, "mpm_serf",
885 "instance", "0", g_serf);
892 static apr_status_t push_timer2worker(timer_event_t* te)
894 return ap_queue_push_timer(worker_queue, te);
897 static apr_status_t push2worker(const apr_pollfd_t * pfd,
898 apr_pollset_t * pollset)
900 listener_poll_type *pt = (listener_poll_type *) pfd->client_data;
901 conn_state_t *cs = (conn_state_t *) pt->baton;
904 if (pt->bypass_push) {
910 rc = apr_pollset_remove(pollset, pfd);
913 * Some of the pollset backends, like KQueue or Epoll
914 * automagically remove the FD if the socket is closed,
915 * therefore, we can accept _SUCCESS or _NOTFOUND,
916 * and we still want to keep going
918 if (rc != APR_SUCCESS && !APR_STATUS_IS_NOTFOUND(rc)) {
919 cs->state = CONN_STATE_LINGER;
922 rc = ap_queue_push(worker_queue, cs->pfd.desc.s, cs, cs->p);
923 if (rc != APR_SUCCESS) {
924 /* trash the connection; we couldn't queue the connected
927 apr_bucket_alloc_destroy(cs->bucket_alloc);
928 apr_socket_close(cs->pfd.desc.s);
929 ap_log_error(APLOG_MARK, APLOG_CRIT, rc,
930 ap_server_conf, "push2worker: ap_queue_push failed");
931 apr_pool_clear(cs->p);
932 ap_push_pool(worker_queue_info, cs->p);
939 * reserve a worker thread, block if all are currently busy.
940 * this prevents the worker queue from overflowing and lets
941 * other processes accept new connections in the mean time.
943 static int get_worker(int *have_idle_worker_p)
947 if (!*have_idle_worker_p) {
948 rc = ap_queue_info_wait_for_idler(worker_queue_info);
950 if (rc == APR_SUCCESS) {
951 *have_idle_worker_p = 1;
955 if (!APR_STATUS_IS_EOF(rc)) {
956 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf,
957 "ap_queue_info_wait_for_idler failed. "
958 "Attempting to shutdown process gracefully");
959 signal_threads(ST_GRACEFUL);
965 /* already reserved a worker thread - must have hit a
966 * transient error on a previous pass
972 /* XXXXXX: Convert to skiplist or other better data structure
973 * (yes, this is VERY VERY VERY VERY BAD)
976 /* Structures to reuse */
977 static APR_RING_HEAD(timer_free_ring_t, timer_event_t) timer_free_ring;
979 static APR_RING_HEAD(timer_ring_t, timer_event_t) timer_ring;
981 static apr_thread_mutex_t *g_timer_ring_mtx;
983 static apr_status_t event_register_timed_callback(apr_time_t t,
984 ap_mpm_callback_fn_t *cbfn,
990 /* oh yeah, and make locking smarter/fine grained. */
991 apr_thread_mutex_lock(g_timer_ring_mtx);
993 if (!APR_RING_EMPTY(&timer_free_ring, timer_event_t, link)) {
994 te = APR_RING_FIRST(&timer_free_ring);
995 APR_RING_REMOVE(te, link);
998 /* XXXXX: lol, pool allocation without a context from any thread.Yeah. Right. MPMs Suck. */
999 te = malloc(sizeof(timer_event_t));
1000 APR_RING_ELEM_INIT(te, link);
1005 /* XXXXX: optimize */
1006 te->when = t + apr_time_now();
1008 /* Okay, insert sorted by when.. */
1009 for (ep = APR_RING_FIRST(&timer_ring);
1010 ep != APR_RING_SENTINEL(&timer_ring,
1011 timer_event_t, link);
1012 ep = APR_RING_NEXT(ep, link))
1014 if (ep->when > te->when) {
1016 APR_RING_INSERT_BEFORE(ep, te, link);
1022 APR_RING_INSERT_TAIL(&timer_ring, te, timer_event_t, link);
1025 apr_thread_mutex_unlock(g_timer_ring_mtx);
1030 #ifndef apr_time_from_msec
1031 #define apr_time_from_msec(x) (x * 1000)
1034 static void * APR_THREAD_FUNC listener_thread(apr_thread_t * thd, void *dummy)
1039 proc_info *ti = dummy;
1040 int process_slot = ti->pid;
1041 apr_pool_t *tpool = apr_thread_pool_get(thd);
1043 apr_pool_t *ptrans; /* Pool for per-transaction stuff */
1045 int have_idle_worker = 0;
1047 const apr_pollfd_t *out_pfd;
1048 apr_int32_t num = 0;
1049 apr_time_t time_now = 0;
1050 apr_interval_time_t timeout_interval;
1051 apr_time_t timeout_time;
1052 listener_poll_type *pt;
1056 /* the following times out events that are really close in the future
1057 * to prevent extra poll calls
1059 * current value is .1 second
1061 #define TIMEOUT_FUDGE_FACTOR 100000
1062 #define EVENT_FUDGE_FACTOR 10000
1064 rc = init_pollset(tpool);
1065 if (rc != APR_SUCCESS) {
1066 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf,
1067 "failed to initialize pollset, "
1068 "attempting to shutdown process gracefully");
1069 signal_threads(ST_GRACEFUL);
1073 /* Unblock the signal used to wake this thread up, and set a handler for
1076 unblock_signal(LISTENER_SIGNAL);
1077 apr_signal(LISTENER_SIGNAL, dummy_signal_handler);
1079 while (!listener_may_exit) {
1081 if (requests_this_child <= 0) {
1082 check_infinite_requests();
1087 apr_time_t now = apr_time_now();
1088 apr_thread_mutex_lock(g_timer_ring_mtx);
1090 if (!APR_RING_EMPTY(&timer_ring, timer_event_t, link)) {
1091 te = APR_RING_FIRST(&timer_ring);
1092 if (te->when > now) {
1093 timeout_interval = te->when - now;
1096 timeout_interval = 1;
1100 timeout_interval = apr_time_from_msec(100);
1102 apr_thread_mutex_unlock(g_timer_ring_mtx);
1106 rc = serf_context_prerun(g_serf);
1107 if (rc != APR_SUCCESS) {
1108 /* TOOD: what should do here? ugh. */
1112 rc = apr_pollset_poll(event_pollset, timeout_interval, &num,
1115 if (rc != APR_SUCCESS) {
1116 if (APR_STATUS_IS_EINTR(rc)) {
1119 if (!APR_STATUS_IS_TIMEUP(rc)) {
1120 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf,
1121 "apr_pollset_poll failed. Attempting to "
1122 "shutdown process gracefully");
1123 signal_threads(ST_GRACEFUL);
1127 if (listener_may_exit)
1131 apr_time_t now = apr_time_now();
1132 apr_thread_mutex_lock(g_timer_ring_mtx);
1133 for (ep = APR_RING_FIRST(&timer_ring);
1134 ep != APR_RING_SENTINEL(&timer_ring,
1135 timer_event_t, link);
1136 ep = APR_RING_FIRST(&timer_ring))
1138 if (ep->when < now + EVENT_FUDGE_FACTOR) {
1139 APR_RING_REMOVE(ep, link);
1140 push_timer2worker(ep);
1146 apr_thread_mutex_unlock(g_timer_ring_mtx);
1149 while (num && get_worker(&have_idle_worker)) {
1150 pt = (listener_poll_type *) out_pfd->client_data;
1151 if (pt->type == PT_CSD) {
1152 /* one of the sockets is readable */
1153 cs = (conn_state_t *) pt->baton;
1154 switch (cs->state) {
1155 case CONN_STATE_CHECK_REQUEST_LINE_READABLE:
1156 cs->state = CONN_STATE_READ_REQUEST_LINE;
1158 case CONN_STATE_WRITE_COMPLETION:
1161 ap_log_error(APLOG_MARK, APLOG_ERR, rc,
1163 "event_loop: unexpected state %d",
1168 apr_thread_mutex_lock(timeout_mutex);
1169 APR_RING_REMOVE(cs, timeout_list);
1170 apr_thread_mutex_unlock(timeout_mutex);
1171 APR_RING_ELEM_INIT(cs, timeout_list);
1173 rc = push2worker(out_pfd, event_pollset);
1174 if (rc != APR_SUCCESS) {
1175 ap_log_error(APLOG_MARK, APLOG_CRIT, rc,
1176 ap_server_conf, "push2worker failed");
1179 have_idle_worker = 0;
1182 else if (pt->type == PT_ACCEPT) {
1183 /* A Listener Socket is ready for an accept() */
1185 lr = (ap_listen_rec *) pt->baton;
1187 ap_pop_pool(&ptrans, worker_queue_info);
1189 if (ptrans == NULL) {
1190 /* create a new transaction pool for each accepted socket */
1191 apr_allocator_t *allocator;
1193 apr_allocator_create(&allocator);
1194 apr_allocator_max_free_set(allocator,
1196 apr_pool_create_ex(&ptrans, pconf, NULL, allocator);
1197 apr_allocator_owner_set(allocator, ptrans);
1198 if (ptrans == NULL) {
1199 ap_log_error(APLOG_MARK, APLOG_CRIT, rc,
1201 "Failed to create transaction pool");
1202 signal_threads(ST_GRACEFUL);
1206 apr_pool_tag(ptrans, "transaction");
1208 rc = lr->accept_func(&csd, lr, ptrans);
1210 /* later we trash rv and rely on csd to indicate
1213 AP_DEBUG_ASSERT(rc == APR_SUCCESS || !csd);
1215 if (rc == APR_EGENERAL) {
1216 /* E[NM]FILE, ENOMEM, etc */
1217 resource_shortage = 1;
1218 signal_threads(ST_GRACEFUL);
1222 rc = ap_queue_push(worker_queue, csd, NULL, ptrans);
1223 if (rc != APR_SUCCESS) {
1224 /* trash the connection; we couldn't queue the connected
1225 * socket to a worker
1227 apr_socket_close(csd);
1228 ap_log_error(APLOG_MARK, APLOG_CRIT, rc,
1230 "ap_queue_push failed");
1231 apr_pool_clear(ptrans);
1232 ap_push_pool(worker_queue_info, ptrans);
1235 have_idle_worker = 0;
1239 apr_pool_clear(ptrans);
1240 ap_push_pool(worker_queue_info, ptrans);
1242 } /* if:else on pt->type */
1244 else if (pt->type == PT_SERF) {
1245 /* send socket to serf. */
1246 /* XXXX: this doesn't require get_worker(&have_idle_worker) */
1247 serf_event_trigger(g_serf, pt->baton, out_pfd);
1252 } /* while for processing poll */
1254 /* XXX possible optimization: stash the current time for use as
1255 * r->request_time for new requests
1257 time_now = apr_time_now();
1259 /* handle timed out sockets */
1260 apr_thread_mutex_lock(timeout_mutex);
1262 /* Step 1: keepalive timeouts */
1263 cs = APR_RING_FIRST(&keepalive_timeout_head);
1264 timeout_time = time_now + TIMEOUT_FUDGE_FACTOR;
1265 while (!APR_RING_EMPTY(&keepalive_timeout_head, conn_state_t, timeout_list)
1266 && cs->expiration_time < timeout_time) {
1268 cs->state = CONN_STATE_LINGER;
1270 APR_RING_REMOVE(cs, timeout_list);
1271 apr_thread_mutex_unlock(timeout_mutex);
1273 if (!get_worker(&have_idle_worker)) {
1274 apr_thread_mutex_lock(timeout_mutex);
1275 APR_RING_INSERT_HEAD(&keepalive_timeout_head, cs,
1276 conn_state_t, timeout_list);
1280 rc = push2worker(&cs->pfd, event_pollset);
1282 if (rc != APR_SUCCESS) {
1284 /* XXX return NULL looks wrong - not an init failure
1285 * that bypasses all the cleanup outside the main loop
1286 * break seems more like it
1287 * need to evaluate seriousness of push2worker failures
1290 have_idle_worker = 0;
1291 apr_thread_mutex_lock(timeout_mutex);
1292 cs = APR_RING_FIRST(&keepalive_timeout_head);
1295 /* Step 2: write completion timeouts */
1296 cs = APR_RING_FIRST(&timeout_head);
1297 while (!APR_RING_EMPTY(&timeout_head, conn_state_t, timeout_list)
1298 && cs->expiration_time < timeout_time) {
1300 cs->state = CONN_STATE_LINGER;
1301 APR_RING_REMOVE(cs, timeout_list);
1302 apr_thread_mutex_unlock(timeout_mutex);
1304 if (!get_worker(&have_idle_worker)) {
1305 apr_thread_mutex_lock(timeout_mutex);
1306 APR_RING_INSERT_HEAD(&timeout_head, cs,
1307 conn_state_t, timeout_list);
1311 rc = push2worker(&cs->pfd, event_pollset);
1312 if (rc != APR_SUCCESS) {
1315 have_idle_worker = 0;
1316 apr_thread_mutex_lock(timeout_mutex);
1317 cs = APR_RING_FIRST(&timeout_head);
1320 apr_thread_mutex_unlock(timeout_mutex);
1322 } /* listener main loop */
1324 ap_close_listeners();
1325 ap_queue_term(worker_queue);
1327 ap_scoreboard_image->parent[process_slot].quiescing = 1;
1329 /* wake up the main thread */
1330 kill(ap_my_pid, SIGTERM);
1332 apr_thread_exit(thd, APR_SUCCESS);
1336 /* XXX For ungraceful termination/restart, we definitely don't want to
1337 * wait for active connections to finish but we may want to wait
1338 * for idle workers to get out of the queue code and release mutexes,
1339 * since those mutexes are cleaned up pretty soon and some systems
1340 * may not react favorably (i.e., segfault) if operations are attempted
1341 * on cleaned-up mutexes.
1343 static void *APR_THREAD_FUNC worker_thread(apr_thread_t * thd, void *dummy)
1345 proc_info *ti = dummy;
1346 int process_slot = ti->pid;
1347 int thread_slot = ti->tid;
1348 apr_socket_t *csd = NULL;
1350 apr_pool_t *ptrans; /* Pool for per-transaction stuff */
1353 timer_event_t *te = NULL;
1357 ap_scoreboard_image->servers[process_slot][thread_slot].pid = ap_my_pid;
1358 ap_scoreboard_image->servers[process_slot][thread_slot].tid = apr_os_thread_current();
1359 ap_scoreboard_image->servers[process_slot][thread_slot].generation = my_generation;
1360 ap_update_child_status_from_indexes(process_slot, thread_slot,
1361 SERVER_STARTING, NULL);
1363 while (!workers_may_exit) {
1365 rv = ap_queue_info_set_idle(worker_queue_info, NULL);
1366 if (rv != APR_SUCCESS) {
1367 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
1368 "ap_queue_info_set_idle failed. Attempting to "
1369 "shutdown process gracefully.");
1370 signal_threads(ST_GRACEFUL);
1376 ap_update_child_status_from_indexes(process_slot, thread_slot,
1377 SERVER_READY, NULL);
1379 if (workers_may_exit) {
1385 rv = ap_queue_pop_something(worker_queue, &csd, &cs, &ptrans, &te);
1387 if (rv != APR_SUCCESS) {
1388 /* We get APR_EOF during a graceful shutdown once all the
1389 * connections accepted by this server process have been handled.
1391 if (APR_STATUS_IS_EOF(rv)) {
1394 /* We get APR_EINTR whenever ap_queue_pop() has been interrupted
1395 * from an explicit call to ap_queue_interrupt_all(). This allows
1396 * us to unblock threads stuck in ap_queue_pop() when a shutdown
1399 * If workers_may_exit is set and this is ungraceful termination/
1400 * restart, we are bound to get an error on some systems (e.g.,
1401 * AIX, which sanity-checks mutex operations) since the queue
1402 * may have already been cleaned up. Don't log the "error" if
1403 * workers_may_exit is set.
1405 else if (APR_STATUS_IS_EINTR(rv)) {
1408 /* We got some other error. */
1409 else if (!workers_may_exit) {
1410 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
1411 "ap_queue_pop failed");
1417 te->cbfunc(te->baton);
1420 apr_thread_mutex_lock(g_timer_ring_mtx);
1421 APR_RING_INSERT_TAIL(&timer_free_ring, te, timer_event_t, link);
1422 apr_thread_mutex_unlock(g_timer_ring_mtx);
1427 worker_sockets[thread_slot] = csd;
1428 rv = process_socket(thd, ptrans, csd, cs, process_slot, thread_slot);
1430 requests_this_child--;
1432 worker_sockets[thread_slot] = NULL;
1436 ap_update_child_status_from_indexes(process_slot, thread_slot,
1437 (dying) ? SERVER_DEAD :
1439 (request_rec *) NULL);
1441 apr_thread_exit(thd, APR_SUCCESS);
1445 static int check_signal(int signum)
1457 static void create_listener_thread(thread_starter * ts)
1459 int my_child_num = ts->child_num_arg;
1460 apr_threadattr_t *thread_attr = ts->threadattr;
1464 my_info = (proc_info *) malloc(sizeof(proc_info));
1465 my_info->pid = my_child_num;
1466 my_info->tid = -1; /* listener thread doesn't have a thread slot */
1468 rv = apr_thread_create(&ts->listener, thread_attr, listener_thread,
1470 if (rv != APR_SUCCESS) {
1471 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1472 "apr_thread_create: unable to create listener thread");
1473 /* let the parent decide how bad this really is */
1474 clean_child_exit(APEXIT_CHILDSICK);
1476 apr_os_thread_get(&listener_os_thread, ts->listener);
1479 /* XXX under some circumstances not understood, children can get stuck
1480 * in start_threads forever trying to take over slots which will
1481 * never be cleaned up; for now there is an APLOG_DEBUG message issued
1482 * every so often when this condition occurs
1484 static void *APR_THREAD_FUNC start_threads(apr_thread_t * thd, void *dummy)
1486 thread_starter *ts = dummy;
1487 apr_thread_t **threads = ts->threads;
1488 apr_threadattr_t *thread_attr = ts->threadattr;
1489 int child_num_arg = ts->child_num_arg;
1490 int my_child_num = child_num_arg;
1494 int threads_created = 0;
1495 int listener_started = 0;
1497 int prev_threads_created;
1499 /* We must create the fd queues before we start up the listener
1500 * and worker threads. */
1501 worker_queue = apr_pcalloc(pchild, sizeof(*worker_queue));
1502 rv = ap_queue_init(worker_queue, threads_per_child, pchild);
1503 if (rv != APR_SUCCESS) {
1504 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1505 "ap_queue_init() failed");
1506 clean_child_exit(APEXIT_CHILDFATAL);
1509 rv = ap_queue_info_create(&worker_queue_info, pchild,
1511 if (rv != APR_SUCCESS) {
1512 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1513 "ap_queue_info_create() failed");
1514 clean_child_exit(APEXIT_CHILDFATAL);
1517 worker_sockets = apr_pcalloc(pchild, threads_per_child
1518 * sizeof(apr_socket_t *));
1520 loops = prev_threads_created = 0;
1522 /* threads_per_child does not include the listener thread */
1523 for (i = 0; i < threads_per_child; i++) {
1525 ap_scoreboard_image->servers[child_num_arg][i].status;
1527 if (status != SERVER_GRACEFUL && status != SERVER_DEAD) {
1531 my_info = (proc_info *) malloc(sizeof(proc_info));
1532 if (my_info == NULL) {
1533 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, ap_server_conf,
1534 "malloc: out of memory");
1535 clean_child_exit(APEXIT_CHILDFATAL);
1537 my_info->pid = my_child_num;
1541 /* We are creating threads right now */
1542 ap_update_child_status_from_indexes(my_child_num, i,
1543 SERVER_STARTING, NULL);
1544 /* We let each thread update its own scoreboard entry. This is
1545 * done because it lets us deal with tid better.
1547 rv = apr_thread_create(&threads[i], thread_attr,
1548 worker_thread, my_info, pchild);
1549 if (rv != APR_SUCCESS) {
1550 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1551 "apr_thread_create: unable to create worker thread");
1552 /* let the parent decide how bad this really is */
1553 clean_child_exit(APEXIT_CHILDSICK);
1558 /* Start the listener only when there are workers available */
1559 if (!listener_started && threads_created) {
1560 create_listener_thread(ts);
1561 listener_started = 1;
1565 if (start_thread_may_exit || threads_created == threads_per_child) {
1568 /* wait for previous generation to clean up an entry */
1569 apr_sleep(apr_time_from_sec(1));
1571 if (loops % 120 == 0) { /* every couple of minutes */
1572 if (prev_threads_created == threads_created) {
1573 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1574 "child %" APR_PID_T_FMT " isn't taking over "
1575 "slots very quickly (%d of %d)",
1576 ap_my_pid, threads_created,
1579 prev_threads_created = threads_created;
1583 /* What state should this child_main process be listed as in the
1585 * ap_update_child_status_from_indexes(my_child_num, i, SERVER_STARTING,
1586 * (request_rec *) NULL);
1588 * This state should be listed separately in the scoreboard, in some kind
1589 * of process_status, not mixed in with the worker threads' status.
1590 * "life_status" is almost right, but it's in the worker's structure, and
1591 * the name could be clearer. gla
1593 apr_thread_exit(thd, APR_SUCCESS);
1597 static void join_workers(apr_thread_t * listener, apr_thread_t ** threads)
1600 apr_status_t rv, thread_rv;
1605 /* deal with a rare timing window which affects waking up the
1606 * listener thread... if the signal sent to the listener thread
1607 * is delivered between the time it verifies that the
1608 * listener_may_exit flag is clear and the time it enters a
1609 * blocking syscall, the signal didn't do any good... work around
1610 * that by sleeping briefly and sending it again
1615 #ifdef HAVE_PTHREAD_KILL
1616 pthread_kill(*listener_os_thread, 0)
1621 /* listener not dead yet */
1622 apr_sleep(apr_time_make(0, 500000));
1627 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1628 "the listener thread didn't exit");
1631 rv = apr_thread_join(&thread_rv, listener);
1632 if (rv != APR_SUCCESS) {
1633 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
1634 "apr_thread_join: unable to join listener thread");
1639 for (i = 0; i < threads_per_child; i++) {
1640 if (threads[i]) { /* if we ever created this thread */
1641 rv = apr_thread_join(&thread_rv, threads[i]);
1642 if (rv != APR_SUCCESS) {
1643 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
1644 "apr_thread_join: unable to join worker "
1651 static void join_start_thread(apr_thread_t * start_thread_id)
1653 apr_status_t rv, thread_rv;
1655 start_thread_may_exit = 1; /* tell it to give up in case it is still
1656 * trying to take over slots from a
1657 * previous generation
1659 rv = apr_thread_join(&thread_rv, start_thread_id);
1660 if (rv != APR_SUCCESS) {
1661 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
1662 "apr_thread_join: unable to join the start " "thread");
1666 static void child_main(int child_num_arg)
1668 apr_thread_t **threads;
1671 apr_threadattr_t *thread_attr;
1672 apr_thread_t *start_thread_id;
1674 mpm_state = AP_MPMQ_STARTING; /* for benefit of any hooks that run as this
1677 ap_my_pid = getpid();
1678 ap_fatal_signal_child_setup(ap_server_conf);
1679 apr_pool_create(&pchild, pconf);
1681 /*stuff to do before we switch id's, so we have permissions. */
1682 ap_reopen_scoreboard(pchild, NULL, 0);
1684 if (ap_run_drop_privileges(pchild, ap_server_conf)) {
1685 clean_child_exit(APEXIT_CHILDFATAL);
1688 apr_thread_mutex_create(&g_timer_ring_mtx, APR_THREAD_MUTEX_DEFAULT, pchild);
1689 APR_RING_INIT(&timer_free_ring, timer_event_t, link);
1690 APR_RING_INIT(&timer_ring, timer_event_t, link);
1692 ap_run_child_init(pchild, ap_server_conf);
1694 /* done with init critical section */
1696 /* Just use the standard apr_setup_signal_thread to block all signals
1697 * from being received. The child processes no longer use signals for
1698 * any communication with the parent process.
1700 rv = apr_setup_signal_thread();
1701 if (rv != APR_SUCCESS) {
1702 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
1703 "Couldn't initialize signal thread");
1704 clean_child_exit(APEXIT_CHILDFATAL);
1707 if (ap_max_requests_per_child) {
1708 requests_this_child = ap_max_requests_per_child;
1711 /* coding a value of zero means infinity */
1712 requests_this_child = INT_MAX;
1715 /* Setup worker threads */
1717 /* clear the storage; we may not create all our threads immediately,
1718 * and we want a 0 entry to indicate a thread which was not created
1720 threads = (apr_thread_t **) calloc(1,
1721 sizeof(apr_thread_t *) *
1723 if (threads == NULL) {
1724 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, ap_server_conf,
1725 "malloc: out of memory");
1726 clean_child_exit(APEXIT_CHILDFATAL);
1729 ts = (thread_starter *) apr_palloc(pchild, sizeof(*ts));
1731 apr_threadattr_create(&thread_attr, pchild);
1732 /* 0 means PTHREAD_CREATE_JOINABLE */
1733 apr_threadattr_detach_set(thread_attr, 0);
1735 if (ap_thread_stacksize != 0) {
1736 apr_threadattr_stacksize_set(thread_attr, ap_thread_stacksize);
1739 ts->threads = threads;
1740 ts->listener = NULL;
1741 ts->child_num_arg = child_num_arg;
1742 ts->threadattr = thread_attr;
1744 rv = apr_thread_create(&start_thread_id, thread_attr, start_threads,
1746 if (rv != APR_SUCCESS) {
1747 ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
1748 "apr_thread_create: unable to create worker thread");
1749 /* let the parent decide how bad this really is */
1750 clean_child_exit(APEXIT_CHILDSICK);
1753 mpm_state = AP_MPMQ_RUNNING;
1755 /* If we are only running in one_process mode, we will want to
1756 * still handle signals. */
1758 /* Block until we get a terminating signal. */
1759 apr_signal_thread(check_signal);
1760 /* make sure the start thread has finished; signal_threads()
1761 * and join_workers() depend on that
1763 /* XXX join_start_thread() won't be awakened if one of our
1764 * threads encounters a critical error and attempts to
1765 * shutdown this child
1767 join_start_thread(start_thread_id);
1769 /* helps us terminate a little more quickly than the dispatch of the
1770 * signal thread; beats the Pipe of Death and the browsers
1772 signal_threads(ST_UNGRACEFUL);
1774 /* A terminating signal was received. Now join each of the
1775 * workers to clean them up.
1776 * If the worker already exited, then the join frees
1777 * their resources and returns.
1778 * If the worker hasn't exited, then this blocks until
1779 * they have (then cleans up).
1781 join_workers(ts->listener, threads);
1783 else { /* !one_process */
1784 /* remove SIGTERM from the set of blocked signals... if one of
1785 * the other threads in the process needs to take us down
1786 * (e.g., for MaxRequestsPerChild) it will send us SIGTERM
1788 unblock_signal(SIGTERM);
1789 apr_signal(SIGTERM, dummy_signal_handler);
1790 /* Watch for any messages from the parent over the POD */
1792 rv = ap_event_pod_check(pod);
1793 if (rv == AP_NORESTART) {
1794 /* see if termination was triggered while we slept */
1795 switch (terminate_mode) {
1804 if (rv == AP_GRACEFUL || rv == AP_RESTART) {
1805 /* make sure the start thread has finished;
1806 * signal_threads() and join_workers depend on that
1808 join_start_thread(start_thread_id);
1809 signal_threads(rv ==
1810 AP_GRACEFUL ? ST_GRACEFUL : ST_UNGRACEFUL);
1815 /* A terminating signal was received. Now join each of the
1816 * workers to clean them up.
1817 * If the worker already exited, then the join frees
1818 * their resources and returns.
1819 * If the worker hasn't exited, then this blocks until
1820 * they have (then cleans up).
1822 join_workers(ts->listener, threads);
1827 clean_child_exit(resource_shortage ? APEXIT_CHILDSICK : 0);
1830 static int make_child(server_rec * s, int slot)
1834 if (slot + 1 > max_daemons_limit) {
1835 max_daemons_limit = slot + 1;
1840 ap_scoreboard_image->parent[slot].pid = getpid();
1844 if ((pid = fork()) == -1) {
1845 ap_log_error(APLOG_MARK, APLOG_ERR, errno, s,
1846 "fork: Unable to fork new process");
1848 /* fork didn't succeed. There's no need to touch the scoreboard;
1849 * if we were trying to replace a failed child process, then
1850 * server_main_loop() marked its workers SERVER_DEAD, and if
1851 * we were trying to replace a child process that exited normally,
1852 * its worker_thread()s left SERVER_DEAD or SERVER_GRACEFUL behind.
1855 /* In case system resources are maxxed out, we don't want
1856 Apache running away with the CPU trying to fork over and
1857 over and over again. */
1858 apr_sleep(apr_time_from_sec(10));
1864 #ifdef HAVE_BINDPROCESSOR
1865 /* By default, AIX binds to a single processor. This bit unbinds
1866 * children which will then bind to another CPU.
1868 int status = bindprocessor(BINDPROCESS, (int) getpid(),
1869 PROCESSOR_CLASS_ANY);
1871 ap_log_error(APLOG_MARK, APLOG_WARNING, errno,
1873 "processor unbind failed %d", status);
1875 RAISE_SIGSTOP(MAKE_CHILD);
1877 apr_signal(SIGTERM, just_die);
1880 clean_child_exit(0);
1883 if (ap_scoreboard_image->parent[slot].pid != 0) {
1884 /* This new child process is squatting on the scoreboard
1885 * entry owned by an exiting child process, which cannot
1886 * exit until all active requests complete.
1887 * Don't forget about this exiting child process, or we
1888 * won't be able to kill it if it doesn't exit by the
1889 * time the server is shut down.
1891 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
1892 "taking over scoreboard slot from %" APR_PID_T_FMT "%s",
1893 ap_scoreboard_image->parent[slot].pid,
1894 ap_scoreboard_image->parent[slot].quiescing ?
1895 " (quiescing)" : "");
1896 ap_register_extra_mpm_process(ap_scoreboard_image->parent[slot].pid);
1898 ap_scoreboard_image->parent[slot].quiescing = 0;
1899 ap_scoreboard_image->parent[slot].pid = pid;
1903 /* start up a bunch of children */
1904 static void startup_children(int number_to_start)
1908 for (i = 0; number_to_start && i < ap_daemons_limit; ++i) {
1909 if (ap_scoreboard_image->parent[i].pid != 0) {
1912 if (make_child(ap_server_conf, i) < 0) {
1921 * idle_spawn_rate is the number of children that will be spawned on the
1922 * next maintenance cycle if there aren't enough idle servers. It is
1923 * doubled up to MAX_SPAWN_RATE, and reset only when a cycle goes by
1924 * without the need to spawn.
1926 static int idle_spawn_rate = 1;
1927 #ifndef MAX_SPAWN_RATE
1928 #define MAX_SPAWN_RATE (32)
1930 static int hold_off_on_exponential_spawning;
1932 static void perform_idle_server_maintenance(void)
1935 int idle_thread_count;
1939 int totally_free_length = 0;
1940 int free_slots[MAX_SPAWN_RATE];
1943 int active_thread_count = 0;
1945 /* initialize the free_list */
1948 idle_thread_count = 0;
1952 for (i = 0; i < ap_daemons_limit; ++i) {
1953 /* Initialization to satisfy the compiler. It doesn't know
1954 * that threads_per_child is always > 0 */
1955 int status = SERVER_DEAD;
1956 int any_dying_threads = 0;
1957 int any_dead_threads = 0;
1958 int all_dead_threads = 1;
1960 if (i >= max_daemons_limit
1961 && totally_free_length == idle_spawn_rate)
1962 /* short cut if all active processes have been examined and
1963 * enough empty scoreboard slots have been found
1967 ps = &ap_scoreboard_image->parent[i];
1968 for (j = 0; j < threads_per_child; j++) {
1969 ws = &ap_scoreboard_image->servers[i][j];
1970 status = ws->status;
1972 /* XXX any_dying_threads is probably no longer needed GLA */
1973 any_dying_threads = any_dying_threads ||
1974 (status == SERVER_GRACEFUL);
1975 any_dead_threads = any_dead_threads || (status == SERVER_DEAD);
1976 all_dead_threads = all_dead_threads &&
1977 (status == SERVER_DEAD || status == SERVER_GRACEFUL);
1979 /* We consider a starting server as idle because we started it
1980 * at least a cycle ago, and if it still hasn't finished starting
1981 * then we're just going to swamp things worse by forking more.
1982 * So we hopefully won't need to fork more if we count it.
1983 * This depends on the ordering of SERVER_READY and SERVER_STARTING.
1985 if (ps->pid != 0) { /* XXX just set all_dead_threads in outer
1986 for loop if no pid? not much else matters */
1987 if (status <= SERVER_READY &&
1988 !ps->quiescing && ps->generation == my_generation) {
1989 ++idle_thread_count;
1991 if (status >= SERVER_READY && status < SERVER_GRACEFUL) {
1992 ++active_thread_count;
1996 if (any_dead_threads
1997 && totally_free_length < idle_spawn_rate
1998 && free_length < MAX_SPAWN_RATE
1999 && (!ps->pid /* no process in the slot */
2000 || ps->quiescing)) { /* or at least one is going away */
2001 if (all_dead_threads) {
2002 /* great! we prefer these, because the new process can
2003 * start more threads sooner. So prioritize this slot
2004 * by putting it ahead of any slots with active threads.
2006 * first, make room by moving a slot that's potentially still
2007 * in use to the end of the array
2009 free_slots[free_length] = free_slots[totally_free_length];
2010 free_slots[totally_free_length++] = i;
2013 /* slot is still in use - back of the bus
2015 free_slots[free_length] = i;
2019 /* XXX if (!ps->quiescing) is probably more reliable GLA */
2020 if (!any_dying_threads) {
2026 if (sick_child_detected) {
2027 if (active_thread_count > 0) {
2028 /* some child processes appear to be working. don't kill the
2031 sick_child_detected = 0;
2034 /* looks like a basket case. give up.
2036 shutdown_pending = 1;
2038 ap_log_error(APLOG_MARK, APLOG_ALERT, 0,
2040 "No active workers found..."
2041 " Apache is exiting!");
2042 /* the child already logged the failure details */
2047 max_daemons_limit = last_non_dead + 1;
2049 if (idle_thread_count > max_spare_threads) {
2050 /* Kill off one child */
2051 ap_event_pod_signal(pod, TRUE);
2052 idle_spawn_rate = 1;
2054 else if (idle_thread_count < min_spare_threads) {
2055 /* terminate the free list */
2056 if (free_length == 0) { /* scoreboard is full, can't fork */
2058 if (active_thread_count >= ap_daemons_limit * threads_per_child) {
2059 static int reported = 0;
2061 /* only report this condition once */
2062 ap_log_error(APLOG_MARK, APLOG_ERR, 0,
2064 "server reached MaxClients setting, consider"
2065 " raising the MaxClients setting");
2070 ap_log_error(APLOG_MARK, APLOG_ERR, 0,
2072 "scoreboard is full, not at MaxClients");
2074 idle_spawn_rate = 1;
2077 if (free_length > idle_spawn_rate) {
2078 free_length = idle_spawn_rate;
2080 if (idle_spawn_rate >= 8) {
2081 ap_log_error(APLOG_MARK, APLOG_INFO, 0,
2083 "server seems busy, (you may need "
2084 "to increase StartServers, ThreadsPerChild "
2085 "or Min/MaxSpareThreads), "
2086 "spawning %d children, there are around %d idle "
2087 "threads, and %d total children", free_length,
2088 idle_thread_count, total_non_dead);
2090 for (i = 0; i < free_length; ++i) {
2091 make_child(ap_server_conf, free_slots[i]);
2093 /* the next time around we want to spawn twice as many if this
2094 * wasn't good enough, but not if we've just done a graceful
2096 if (hold_off_on_exponential_spawning) {
2097 --hold_off_on_exponential_spawning;
2099 else if (idle_spawn_rate < MAX_SPAWN_RATE) {
2100 idle_spawn_rate *= 2;
2105 idle_spawn_rate = 1;
2109 static void server_main_loop(int remaining_children_to_start)
2112 apr_exit_why_e exitwhy;
2113 int status, processed_status;
2117 while (!restart_pending && !shutdown_pending) {
2118 ap_wait_or_timeout(&exitwhy, &status, &pid, pconf);
2120 if (pid.pid != -1) {
2121 processed_status = ap_process_child_status(&pid, exitwhy, status);
2122 if (processed_status == APEXIT_CHILDFATAL) {
2123 shutdown_pending = 1;
2127 else if (processed_status == APEXIT_CHILDSICK) {
2128 /* tell perform_idle_server_maintenance to check into this
2129 * on the next timer pop
2131 sick_child_detected = 1;
2133 /* non-fatal death... note that it's gone in the scoreboard. */
2134 child_slot = ap_find_child_by_pid(&pid);
2135 if (child_slot >= 0) {
2136 for (i = 0; i < threads_per_child; i++)
2137 ap_update_child_status_from_indexes(child_slot, i,
2139 (request_rec *) NULL);
2141 ap_scoreboard_image->parent[child_slot].pid = 0;
2142 ap_scoreboard_image->parent[child_slot].quiescing = 0;
2143 if (processed_status == APEXIT_CHILDSICK) {
2144 /* resource shortage, minimize the fork rate */
2145 idle_spawn_rate = 1;
2147 else if (remaining_children_to_start
2148 && child_slot < ap_daemons_limit) {
2149 /* we're still doing a 1-for-1 replacement of dead
2150 * children with new children
2152 make_child(ap_server_conf, child_slot);
2153 --remaining_children_to_start;
2156 else if (ap_unregister_extra_mpm_process(pid.pid) == 1) {
2158 #if APR_HAS_OTHER_CHILD
2160 else if (apr_proc_other_child_alert(&pid, APR_OC_REASON_DEATH,
2165 else if (is_graceful) {
2166 /* Great, we've probably just lost a slot in the
2167 * scoreboard. Somehow we don't know about this child.
2169 ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
2171 "long lost child came home! (pid %ld)",
2174 /* Don't perform idle maintenance when a child dies,
2175 * only do it when there's a timeout. Remember only a
2176 * finite number of children can die, and it's pretty
2177 * pathological for a lot to die suddenly.
2181 else if (remaining_children_to_start) {
2182 /* we hit a 1 second timeout in which none of the previous
2183 * generation of children needed to be reaped... so assume
2184 * they're all done, and pick up the slack if any is left.
2186 startup_children(remaining_children_to_start);
2187 remaining_children_to_start = 0;
2188 /* In any event we really shouldn't do the code below because
2189 * few of the servers we just started are in the IDLE state
2190 * yet, so we'd mistakenly create an extra server.
2195 perform_idle_server_maintenance();
2199 static int event_run(apr_pool_t * _pconf, apr_pool_t * plog, server_rec * s)
2201 int remaining_children_to_start;
2203 ap_log_pid(pconf, ap_pid_fname);
2206 if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) {
2207 mpm_state = AP_MPMQ_STOPPING;
2210 /* fix the generation number in the global score; we just got a new,
2211 * cleared scoreboard
2213 ap_scoreboard_image->global->running_generation = my_generation;
2217 /* Don't thrash... */
2218 if (max_spare_threads < min_spare_threads + threads_per_child)
2219 max_spare_threads = min_spare_threads + threads_per_child;
2221 /* If we're doing a graceful_restart then we're going to see a lot
2222 * of children exiting immediately when we get into the main loop
2223 * below (because we just sent them AP_SIG_GRACEFUL). This happens pretty
2224 * rapidly... and for each one that exits we may start a new one, until
2225 * there are at least min_spare_threads idle threads, counting across
2226 * all children. But we may be permitted to start more children than
2227 * that, so we'll just keep track of how many we're
2228 * supposed to start up without the 1 second penalty between each fork.
2230 remaining_children_to_start = ap_daemons_to_start;
2231 if (remaining_children_to_start > ap_daemons_limit) {
2232 remaining_children_to_start = ap_daemons_limit;
2235 startup_children(remaining_children_to_start);
2236 remaining_children_to_start = 0;
2239 /* give the system some time to recover before kicking into
2240 * exponential mode */
2241 hold_off_on_exponential_spawning = 10;
2244 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2245 "%s configured -- resuming normal operations",
2246 ap_get_server_description());
2247 ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
2248 "Server built: %s", ap_get_server_built());
2250 restart_pending = shutdown_pending = 0;
2251 mpm_state = AP_MPMQ_RUNNING;
2253 server_main_loop(remaining_children_to_start);
2254 mpm_state = AP_MPMQ_STOPPING;
2256 if (shutdown_pending && !is_graceful) {
2257 /* Time to shut down:
2258 * Kill child processes, tell them to call child_exit, etc...
2260 ap_event_pod_killpg(pod, ap_daemons_limit, FALSE);
2261 ap_reclaim_child_processes(1); /* Start with SIGTERM */
2264 /* cleanup pid file on normal shutdown */
2265 const char *pidfile = NULL;
2266 pidfile = ap_server_root_relative(pconf, ap_pid_fname);
2267 if (pidfile != NULL && unlink(pidfile) == 0)
2268 ap_log_error(APLOG_MARK, APLOG_INFO, 0,
2270 "removed PID file %s (pid=%ld)",
2271 pidfile, (long) getpid());
2273 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0,
2274 ap_server_conf, "caught SIGTERM, shutting down");
2277 } else if (shutdown_pending) {
2278 /* Time to gracefully shut down:
2279 * Kill child processes, tell them to call child_exit, etc...
2281 int active_children;
2283 apr_time_t cutoff = 0;
2285 /* Close our listeners, and then ask our children to do same */
2286 ap_close_listeners();
2287 ap_event_pod_killpg(pod, ap_daemons_limit, TRUE);
2288 ap_relieve_child_processes();
2291 /* cleanup pid file on normal shutdown */
2292 const char *pidfile = NULL;
2293 pidfile = ap_server_root_relative (pconf, ap_pid_fname);
2294 if ( pidfile != NULL && unlink(pidfile) == 0)
2295 ap_log_error(APLOG_MARK, APLOG_INFO, 0,
2297 "removed PID file %s (pid=%ld)",
2298 pidfile, (long)getpid());
2300 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2301 "caught " AP_SIG_GRACEFUL_STOP_STRING
2302 ", shutting down gracefully");
2305 if (ap_graceful_shutdown_timeout) {
2306 cutoff = apr_time_now() +
2307 apr_time_from_sec(ap_graceful_shutdown_timeout);
2310 /* Don't really exit until each child has finished */
2311 shutdown_pending = 0;
2313 /* Pause for a second */
2314 apr_sleep(apr_time_from_sec(1));
2316 /* Relieve any children which have now exited */
2317 ap_relieve_child_processes();
2319 active_children = 0;
2320 for (index = 0; index < ap_daemons_limit; ++index) {
2321 if (ap_mpm_safe_kill(MPM_CHILD_PID(index), 0) == APR_SUCCESS) {
2322 active_children = 1;
2323 /* Having just one child is enough to stay around */
2327 } while (!shutdown_pending && active_children &&
2328 (!ap_graceful_shutdown_timeout || apr_time_now() < cutoff));
2330 /* We might be here because we received SIGTERM, either
2331 * way, try and make sure that all of our processes are
2334 ap_event_pod_killpg(pod, ap_daemons_limit, FALSE);
2335 ap_reclaim_child_processes(1);
2340 /* we've been told to restart */
2341 apr_signal(SIGHUP, SIG_IGN);
2344 /* not worth thinking about */
2348 /* advance to the next generation */
2349 /* XXX: we really need to make sure this new generation number isn't in
2350 * use by any of the children.
2353 ap_scoreboard_image->global->running_generation = my_generation;
2356 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2357 AP_SIG_GRACEFUL_STRING
2358 " received. Doing graceful restart");
2359 /* wake up the children...time to die. But we'll have more soon */
2360 ap_event_pod_killpg(pod, ap_daemons_limit, TRUE);
2363 /* This is mostly for debugging... so that we know what is still
2364 * gracefully dealing with existing request.
2369 /* Kill 'em all. Since the child acts the same on the parents SIGTERM
2370 * and a SIGHUP, we may as well use the same signal, because some user
2371 * pthreads are stealing signals from us left and right.
2373 ap_event_pod_killpg(pod, ap_daemons_limit, FALSE);
2375 ap_reclaim_child_processes(1); /* Start with SIGTERM */
2376 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
2377 "SIGHUP received. Attempting to restart");
2383 /* This really should be a post_config hook, but the error log is already
2384 * redirected by that point, so we need to do this in the open_logs phase.
2386 static int event_open_logs(apr_pool_t * p, apr_pool_t * plog,
2387 apr_pool_t * ptemp, server_rec * s)
2390 int level_flags = 0;
2395 /* the reverse of pre_config, we want this only the first time around */
2396 if (retained->module_loads == 1) {
2398 level_flags |= APLOG_STARTUP;
2401 if ((num_listensocks = ap_setup_listeners(ap_server_conf)) < 1) {
2402 ap_log_error(APLOG_MARK, APLOG_ALERT | level_flags, 0,
2403 (startup ? NULL : s),
2404 "no listening sockets available, shutting down");
2409 if ((rv = ap_event_pod_open(pconf, &pod))) {
2410 ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv,
2411 (startup ? NULL : s),
2412 "could not open pipe-of-death");
2419 static int event_pre_config(apr_pool_t * pconf, apr_pool_t * plog,
2422 int no_detach, debug, foreground;
2424 const char *userdata_key = "mpm_event_module";
2426 mpm_state = AP_MPMQ_STARTING;
2428 debug = ap_exists_config_define("DEBUG");
2431 foreground = one_process = 1;
2435 one_process = ap_exists_config_define("ONE_PROCESS");
2436 no_detach = ap_exists_config_define("NO_DETACH");
2437 foreground = ap_exists_config_define("FOREGROUND");
2440 /* sigh, want this only the second time around */
2441 retained = ap_get_retained_data(userdata_key);
2443 retained = ap_set_retained_data(userdata_key, sizeof(*retained));
2445 ++retained->module_loads;
2446 if (retained->module_loads == 2) {
2448 rv = apr_pollset_create(&event_pollset, 1, plog,
2449 APR_POLLSET_THREADSAFE | APR_POLLSET_NOCOPY);
2450 if (rv != APR_SUCCESS) {
2451 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
2452 "Couldn't create a Thread Safe Pollset. "
2453 "Is it supported on your platform?");
2454 return HTTP_INTERNAL_SERVER_ERROR;
2456 apr_pollset_destroy(event_pollset);
2458 if (!one_process && !foreground) {
2459 rv = apr_proc_detach(no_detach ? APR_PROC_DETACH_FOREGROUND
2460 : APR_PROC_DETACH_DAEMONIZE);
2461 if (rv != APR_SUCCESS) {
2462 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
2463 "apr_proc_detach failed");
2464 return HTTP_INTERNAL_SERVER_ERROR;
2467 parent_pid = ap_my_pid = getpid();
2470 ap_listen_pre_config();
2471 ap_daemons_to_start = DEFAULT_START_DAEMON;
2472 min_spare_threads = DEFAULT_MIN_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
2473 max_spare_threads = DEFAULT_MAX_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
2474 server_limit = DEFAULT_SERVER_LIMIT;
2475 thread_limit = DEFAULT_THREAD_LIMIT;
2476 ap_daemons_limit = server_limit;
2477 threads_per_child = DEFAULT_THREADS_PER_CHILD;
2478 max_clients = ap_daemons_limit * threads_per_child;
2479 ap_pid_fname = DEFAULT_PIDLOG;
2480 ap_lock_fname = DEFAULT_LOCKFILE;
2481 ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
2482 ap_extended_status = 0;
2483 ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;
2485 apr_cpystrn(ap_coredump_dir, ap_server_root, sizeof(ap_coredump_dir));
2490 static int event_check_config(apr_pool_t *p, apr_pool_t *plog,
2491 apr_pool_t *ptemp, server_rec *s)
2495 /* the reverse of pre_config, we want this only the first time around */
2496 if (retained->module_loads == 1) {
2500 if (server_limit > MAX_SERVER_LIMIT) {
2502 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2503 "WARNING: ServerLimit of %d exceeds compile-time "
2504 "limit of", server_limit);
2505 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2506 " %d servers, decreasing to %d.",
2507 MAX_SERVER_LIMIT, MAX_SERVER_LIMIT);
2509 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2510 "ServerLimit of %d exceeds compile-time limit "
2511 "of %d, decreasing to match",
2512 server_limit, MAX_SERVER_LIMIT);
2514 server_limit = MAX_SERVER_LIMIT;
2516 else if (server_limit < 1) {
2518 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2519 "WARNING: ServerLimit of %d not allowed, "
2520 "increasing to 1.", server_limit);
2522 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2523 "ServerLimit of %d not allowed, increasing to 1",
2529 /* you cannot change ServerLimit across a restart; ignore
2532 if (!retained->first_server_limit) {
2533 retained->first_server_limit = server_limit;
2535 else if (server_limit != retained->first_server_limit) {
2536 /* don't need a startup console version here */
2537 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2538 "changing ServerLimit to %d from original value of %d "
2539 "not allowed during restart",
2540 server_limit, retained->first_server_limit);
2541 server_limit = retained->first_server_limit;
2544 if (thread_limit > MAX_THREAD_LIMIT) {
2546 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2547 "WARNING: ThreadLimit of %d exceeds compile-time "
2548 "limit of", thread_limit);
2549 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2550 " %d threads, decreasing to %d.",
2551 MAX_THREAD_LIMIT, MAX_THREAD_LIMIT);
2553 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2554 "ThreadLimit of %d exceeds compile-time limit "
2555 "of %d, decreasing to match",
2556 thread_limit, MAX_THREAD_LIMIT);
2558 thread_limit = MAX_THREAD_LIMIT;
2560 else if (thread_limit < 1) {
2562 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2563 "WARNING: ThreadLimit of %d not allowed, "
2564 "increasing to 1.", thread_limit);
2566 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2567 "ThreadLimit of %d not allowed, increasing to 1",
2573 /* you cannot change ThreadLimit across a restart; ignore
2576 if (!retained->first_thread_limit) {
2577 retained->first_thread_limit = thread_limit;
2579 else if (thread_limit != retained->first_thread_limit) {
2580 /* don't need a startup console version here */
2581 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2582 "changing ThreadLimit to %d from original value of %d "
2583 "not allowed during restart",
2584 thread_limit, retained->first_thread_limit);
2585 thread_limit = retained->first_thread_limit;
2588 if (threads_per_child > thread_limit) {
2590 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2591 "WARNING: ThreadsPerChild of %d exceeds ThreadLimit "
2592 "of", threads_per_child);
2593 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2594 " %d threads, decreasing to %d.",
2595 thread_limit, thread_limit);
2596 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2597 " To increase, please see the ThreadLimit "
2600 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2601 "ThreadsPerChild of %d exceeds ThreadLimit "
2602 "of %d, decreasing to match",
2603 threads_per_child, thread_limit);
2605 threads_per_child = thread_limit;
2607 else if (threads_per_child < 1) {
2609 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2610 "WARNING: ThreadsPerChild of %d not allowed, "
2611 "increasing to 1.", threads_per_child);
2613 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2614 "ThreadsPerChild of %d not allowed, increasing to 1",
2617 threads_per_child = 1;
2620 if (max_clients < threads_per_child) {
2622 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2623 "WARNING: MaxClients of %d is less than "
2624 "ThreadsPerChild of", max_clients);
2625 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2626 " %d, increasing to %d. MaxClients must be at "
2628 threads_per_child, threads_per_child);
2629 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2630 " as the number of threads in a single server.");
2632 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2633 "MaxClients of %d is less than ThreadsPerChild "
2634 "of %d, increasing to match",
2635 max_clients, threads_per_child);
2637 max_clients = threads_per_child;
2640 ap_daemons_limit = max_clients / threads_per_child;
2642 if (max_clients % threads_per_child) {
2643 int tmp_max_clients = ap_daemons_limit * threads_per_child;
2646 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2647 "WARNING: MaxClients of %d is not an integer "
2648 "multiple of", max_clients);
2649 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2650 " ThreadsPerChild of %d, decreasing to nearest "
2651 "multiple %d,", threads_per_child,
2653 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2654 " for a maximum of %d servers.",
2657 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2658 "MaxClients of %d is not an integer multiple of "
2659 "ThreadsPerChild of %d, decreasing to nearest "
2660 "multiple %d", max_clients, threads_per_child,
2663 max_clients = tmp_max_clients;
2666 if (ap_daemons_limit > server_limit) {
2668 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2669 "WARNING: MaxClients of %d would require %d "
2670 "servers and ", max_clients, ap_daemons_limit);
2671 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2672 " would exceed ServerLimit of %d, decreasing to %d.",
2673 server_limit, server_limit * threads_per_child);
2674 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2675 " To increase, please see the ServerLimit "
2678 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2679 "MaxClients of %d would require %d servers and "
2680 "exceed ServerLimit of %d, decreasing to %d",
2681 max_clients, ap_daemons_limit, server_limit,
2682 server_limit * threads_per_child);
2684 ap_daemons_limit = server_limit;
2687 /* ap_daemons_to_start > ap_daemons_limit checked in ap_mpm_run() */
2688 if (ap_daemons_to_start < 0) {
2690 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2691 "WARNING: StartServers of %d not allowed, "
2692 "increasing to 1.", ap_daemons_to_start);
2694 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2695 "StartServers of %d not allowed, increasing to 1",
2696 ap_daemons_to_start);
2698 ap_daemons_to_start = 1;
2701 if (min_spare_threads < 1) {
2703 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2704 "WARNING: MinSpareThreads of %d not allowed, "
2705 "increasing to 1", min_spare_threads);
2706 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2707 " to avoid almost certain server failure.");
2708 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
2709 " Please read the documentation.");
2711 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
2712 "MinSpareThreads of %d not allowed, increasing to 1",
2715 min_spare_threads = 1;
2718 /* max_spare_threads < min_spare_threads + threads_per_child
2719 * checked in ap_mpm_run()
2725 static void event_hooks(apr_pool_t * p)
2727 /* Our open_logs hook function must run before the core's, or stderr
2728 * will be redirected to a file, and the messages won't print to the
2731 static const char *const aszSucc[] = { "core.c", NULL };
2734 ap_hook_open_logs(event_open_logs, NULL, aszSucc, APR_HOOK_REALLY_FIRST);
2735 /* we need to set the MPM state before other pre-config hooks use MPM query
2736 * to retrieve it, so register as REALLY_FIRST
2738 ap_hook_pre_config(event_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
2739 ap_hook_check_config(event_check_config, NULL, NULL, APR_HOOK_MIDDLE);
2740 ap_hook_mpm(event_run, NULL, NULL, APR_HOOK_MIDDLE);
2741 ap_hook_mpm_query(event_query, NULL, NULL, APR_HOOK_MIDDLE);
2742 ap_hook_mpm_note_child_killed(event_note_child_killed, NULL, NULL, APR_HOOK_MIDDLE);
2743 ap_hook_mpm_register_timed_callback(event_register_timed_callback, NULL, NULL,
2745 ap_hook_mpm_get_name(event_get_name, NULL, NULL, APR_HOOK_MIDDLE);
2748 static const char *set_daemons_to_start(cmd_parms *cmd, void *dummy,
2751 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2756 ap_daemons_to_start = atoi(arg);
2760 static const char *set_min_spare_threads(cmd_parms * cmd, void *dummy,
2763 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2768 min_spare_threads = atoi(arg);
2772 static const char *set_max_spare_threads(cmd_parms * cmd, void *dummy,
2775 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2780 max_spare_threads = atoi(arg);
2784 static const char *set_max_clients(cmd_parms * cmd, void *dummy,
2787 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2792 max_clients = atoi(arg);
2796 static const char *set_threads_per_child(cmd_parms * cmd, void *dummy,
2799 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2804 threads_per_child = atoi(arg);
2807 static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
2809 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2814 server_limit = atoi(arg);
2818 static const char *set_thread_limit(cmd_parms * cmd, void *dummy,
2821 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
2826 thread_limit = atoi(arg);
2830 static const command_rec event_cmds[] = {
2832 AP_INIT_TAKE1("StartServers", set_daemons_to_start, NULL, RSRC_CONF,
2833 "Number of child processes launched at server startup"),
2834 AP_INIT_TAKE1("ServerLimit", set_server_limit, NULL, RSRC_CONF,
2835 "Maximum number of child processes for this run of Apache"),
2836 AP_INIT_TAKE1("MinSpareThreads", set_min_spare_threads, NULL, RSRC_CONF,
2837 "Minimum number of idle threads, to handle request spikes"),
2838 AP_INIT_TAKE1("MaxSpareThreads", set_max_spare_threads, NULL, RSRC_CONF,
2839 "Maximum number of idle threads"),
2840 AP_INIT_TAKE1("MaxClients", set_max_clients, NULL, RSRC_CONF,
2841 "Maximum number of threads alive at the same time"),
2842 AP_INIT_TAKE1("ThreadsPerChild", set_threads_per_child, NULL, RSRC_CONF,
2843 "Number of threads each child creates"),
2844 AP_INIT_TAKE1("ThreadLimit", set_thread_limit, NULL, RSRC_CONF,
2845 "Maximum number of worker threads per child process for this "
2846 "run of Apache - Upper limit for ThreadsPerChild"),
2847 AP_GRACEFUL_SHUTDOWN_TIMEOUT_COMMAND,
2851 module AP_MODULE_DECLARE_DATA mpm_event_module = {
2853 NULL, /* hook to run before apache parses args */
2854 NULL, /* create per-directory config structure */
2855 NULL, /* merge per-directory config structures */
2856 NULL, /* create per-server config structure */
2857 NULL, /* merge per-server config structures */
2858 event_cmds, /* command apr_table_t */
2859 event_hooks /* register_hooks */
projects / apache / blob