1 /* ====================================================================
2 * The Apache Software License, Version 1.1
4 * Copyright (c) 2000-2002 The Apache Software Foundation. All rights
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
19 * 3. The end-user documentation included with the redistribution,
20 * if any, must include the following acknowledgment:
21 * "This product includes software developed by the
22 * Apache Software Foundation (http://www.apache.org/)."
23 * Alternately, this acknowledgment may appear in the software itself,
24 * if and wherever such third-party acknowledgments normally appear.
26 * 4. The names "Apache" and "Apache Software Foundation" must
27 * not be used to endorse or promote products derived from this
28 * software without prior written permission. For written
29 * permission, please contact apache@apache.org.
31 * 5. Products derived from this software may not be called "Apache",
32 * nor may "Apache" appear in their name, without prior written
33 * permission of the Apache Software Foundation.
35 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47 * ====================================================================
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Software Foundation. For more
51 * information on the Apache Software Foundation, please see
52 * <http://www.apache.org/>.
54 * Portions of this software are based upon public domain software
55 * originally written at the National Center for Supercomputing Applications,
56 * University of Illinois, Urbana-Champaign.
60 #include "apr_strings.h"
61 #include "apr_pools.h"
62 #include "apr_portable.h"
63 #include "apr_file_io.h"
64 #include "apr_signal.h"
66 #define APR_WANT_IOVEC
72 #if APR_HAVE_SYS_SOCKET_H
73 #include <sys/socket.h>
77 #error The perchild MPM requires APR threads, but they are unavailable.
82 #include "ap_config.h"
84 #include "http_main.h"
86 #include "http_config.h" /* for read_config */
87 #include "http_core.h" /* for get_remote_host */
88 #include "http_protocol.h"
89 #include "http_connection.h"
92 #include "mpm_common.h"
93 #include "ap_listen.h"
94 #include "mpm_default.h"
96 #include "scoreboard.h"
97 #include "util_filter.h"
99 /* ### should be APR-ized */
103 #include <sys/stat.h>
106 #ifdef HAVE_SYS_PROCESSOR_H
107 #include <sys/processor.h> /* for bindprocessor() */
111 * Define some magic numbers that we use for the state of the incomming
112 * request. These must be < 0 so they don't collide with a file descriptor.
114 #define AP_PERCHILD_THISCHILD -1
115 #define AP_PERCHILD_OTHERCHILD -2
117 /* Limit on the threads per process. Clients will be locked out if more than
118 * this * server_limit are needed.
120 * We keep this for one reason it keeps the size of the scoreboard file small
121 * enough that we can read the whole thing without worrying too much about
124 #ifndef DEFAULT_THREAD_LIMIT
125 #define DEFAULT_THREAD_LIMIT 64
128 /* Admin can't tune ThreadLimit beyond MAX_THREAD_LIMIT. We want
129 * some sort of compile-time limit to help catch typos.
131 #ifndef MAX_THREAD_LIMIT
132 #define MAX_THREAD_LIMIT 20000
135 /* Limit on the total --- clients will be locked out if more servers than
136 * this are needed. It is intended solely to keep the server from crashing
137 * when things get out of hand.
139 * We keep a hard maximum number of servers, for two reasons --- first off,
140 * in case something goes seriously wrong, we want to stop the fork bomb
141 * short of actually crashing the machine we're running on by filling some
142 * kernel table. Secondly, it keeps the size of the scoreboard file small
143 * enough that we can read the whole thing without worrying too much about
146 #ifndef DEFAULT_SERVER_LIMIT
147 #define DEFAULT_SERVER_LIMIT 8
150 /* Admin can't tune ServerLimit beyond MAX_SERVER_LIMIT. We want
151 * some sort of compile-time limit to help catch typos.
153 #ifndef MAX_SERVER_LIMIT
154 #define MAX_SERVER_LIMIT 20000
158 * Actual definitions of config globals
161 static int threads_to_start = 0; /* Worker threads per child */
162 static int min_spare_threads = 0;
163 static int max_spare_threads = 0;
164 static int max_threads = 0;
165 static int server_limit = DEFAULT_SERVER_LIMIT;
166 static int first_server_limit;
167 static int thread_limit = DEFAULT_THREAD_LIMIT;
168 static int first_thread_limit;
169 static int changed_limit_at_restart;
170 static int num_daemons = 0;
171 static int curr_child_num = 0;
172 static int workers_may_exit = 0;
173 static int requests_this_child;
174 static int num_listensocks = 0;
175 static ap_pod_t *pod;
176 static apr_socket_t **listenfds;
177 static jmp_buf jmpbuffer;
179 struct child_info_t {
186 const char *sockname; /* The base name for the socket */
187 const char *fullsockname; /* socket base name + extension */
188 int sd; /* The socket descriptor */
189 int sd2; /* The socket descriptor */
190 } perchild_server_conf;
192 typedef struct child_info_t child_info_t;
194 /* Tables used to determine the user and group each child process should
195 * run as. The hash table is used to correlate a server name with a child
198 static child_info_t *child_info_table;
199 static int *thread_socket_table;
200 struct ap_ctable *ap_child_table;
203 * The max child slot ever assigned, preserved across restarts. Necessary
204 * to deal with NumServers changes across AP_SIG_GRACEFUL restarts. We
205 * use this value to optimize routines that have to scan the entire child
208 * XXX - It might not be worth keeping this code in. There aren't very
209 * many child processes in this MPM.
211 int ap_max_daemons_limit = -1;
212 int ap_threads_per_child; /* XXX not part of API! axe it! */
214 module AP_MODULE_DECLARE_DATA mpm_perchild_module;
216 static apr_file_t *pipe_of_death_in = NULL;
217 static apr_file_t *pipe_of_death_out = NULL;
218 static apr_lock_t *pipe_of_death_mutex;
220 /* *Non*-shared http_main globals... */
222 server_rec *ap_server_conf;
224 /* one_process --- debugging mode variable; can be set from the command line
225 * with the -X flag. If set, this gets you the child_main loop running
226 * in the process which originally started up (no detach, no make_child),
227 * which is a pretty nice debugging environment. (You'll get a SIGHUP
228 * early in standalone_main; just continue through. This is the server
229 * trying to kill off any child processes which it might have lying
230 * around --- Apache doesn't keep track of their pids, it just sends
231 * SIGHUP to the process group, ignoring it in the root process.
232 * Continue through and you'll be fine.).
235 static int one_process = 0;
238 int raise_sigstop_flags;
241 static apr_pool_t *pconf; /* Pool for config stuff */
242 static apr_pool_t *pchild; /* Pool for httpd child stuff */
243 static apr_pool_t *thread_pool_parent; /* Parent of per-thread pools */
244 static apr_lock_t *thread_pool_parent_mutex;
246 static int child_num;
247 static unsigned int my_pid; /* Linux getpid() doesn't work except in
248 main thread. Use this instead */
249 /* Keep track of the number of worker threads currently active */
250 static int worker_thread_count;
251 static apr_lock_t *worker_thread_count_mutex;
252 static int *worker_thread_free_ids;
253 static apr_threadattr_t *worker_thread_attr;
255 /* Keep track of the number of idle worker threads */
256 static int idle_thread_count;
257 static apr_lock_t *idle_thread_count_mutex;
259 /* Locks for accept serialization */
260 #ifdef NO_SERIALIZED_ACCEPT
261 #define SAFE_ACCEPT(stmt) APR_SUCCESS
263 #define SAFE_ACCEPT(stmt) (stmt)
264 static apr_lock_t *process_accept_mutex;
265 #endif /* NO_SERIALIZED_ACCEPT */
266 static apr_lock_t *thread_accept_mutex;
268 AP_DECLARE(apr_status_t) ap_mpm_query(int query_code, int *result)
271 case AP_MPMQ_MAX_DAEMON_USED:
272 *result = ap_max_daemons_limit;
274 case AP_MPMQ_IS_THREADED:
275 *result = AP_MPMQ_DYNAMIC;
277 case AP_MPMQ_IS_FORKED:
278 *result = AP_MPMQ_STATIC;
280 case AP_MPMQ_HARD_LIMIT_DAEMONS:
281 *result = server_limit;
283 case AP_MPMQ_HARD_LIMIT_THREADS:
284 *result = thread_limit;
286 case AP_MPMQ_MAX_THREADS:
287 *result = max_threads;
289 case AP_MPMQ_MIN_SPARE_DAEMONS:
292 case AP_MPMQ_MIN_SPARE_THREADS:
293 *result = min_spare_threads;
295 case AP_MPMQ_MAX_SPARE_DAEMONS:
298 case AP_MPMQ_MAX_SPARE_THREADS:
299 *result = max_spare_threads;
301 case AP_MPMQ_MAX_REQUESTS_DAEMON:
302 *result = ap_max_requests_per_child;
304 case AP_MPMQ_MAX_DAEMONS:
305 *result = num_daemons;
311 /* a clean exit from a child with proper cleanup */
312 static void clean_child_exit(int code)
315 apr_pool_destroy(pchild);
320 /* handle all varieties of core dumping signals */
321 static void sig_coredump(int sig)
323 chdir(ap_coredump_dir);
324 apr_signal(sig, SIG_DFL);
326 /* At this point we've got sig blocked, because we're still inside
327 * the signal handler. When we leave the signal handler it will
328 * be unblocked, and we'll take the signal... and coredump or whatever
329 * is appropriate for this particular Unix. In addition the parent
330 * will see the real signal we received -- whereas if we called
331 * abort() here, the parent would only see SIGABRT.
335 static void just_die(int sig)
340 /*****************************************************************
341 * Connection structures and accounting...
344 /* volatile just in case */
345 static int volatile shutdown_pending;
346 static int volatile restart_pending;
347 static int volatile is_graceful;
348 static int volatile child_fatal;
349 /* we don't currently track ap_my_generation, but mod_status
350 * references it so it must be defined */
351 ap_generation_t volatile ap_my_generation=0;
354 * ap_start_shutdown() and ap_start_restart(), below, are a first stab at
355 * functions to initiate shutdown or restart without relying on signals.
356 * Previously this was initiated in sig_term() and restart() signal handlers,
357 * but we want to be able to start a shutdown/restart from other sources --
358 * e.g. on Win32, from the service manager. Now the service manager can
359 * call ap_start_shutdown() or ap_start_restart() as appropiate. Note that
360 * these functions can also be called by the child processes, since global
361 * variables are no longer used to pass on the required action to the parent.
363 * These should only be called from the parent process itself, since the
364 * parent process will use the shutdown_pending and restart_pending variables
365 * to determine whether to shutdown or restart. The child process should
366 * call signal_parent() directly to tell the parent to die -- this will
367 * cause neither of those variable to be set, which the parent will
368 * assume means something serious is wrong (which it will be, for the
369 * child to force an exit) and so do an exit anyway.
372 static void ap_start_shutdown(void)
374 if (shutdown_pending == 1) {
375 /* Um, is this _probably_ not an error, if the user has
376 * tried to do a shutdown twice quickly, so we won't
377 * worry about reporting it.
381 shutdown_pending = 1;
384 /* do a graceful restart if graceful == 1 */
385 static void ap_start_restart(int graceful)
388 if (restart_pending == 1) {
389 /* Probably not an error - don't bother reporting it */
393 is_graceful = graceful;
396 static void sig_term(int sig)
401 static void restart(int sig)
404 ap_start_restart(sig == AP_SIG_GRACEFUL);
410 static void set_signals(void)
412 #ifndef NO_USE_SIGACTION
415 sigemptyset(&sa.sa_mask);
419 sa.sa_handler = sig_coredump;
420 #if defined(SA_ONESHOT)
421 sa.sa_flags = SA_ONESHOT;
422 #elif defined(SA_RESETHAND)
423 sa.sa_flags = SA_RESETHAND;
425 if (sigaction(SIGSEGV, &sa, NULL) < 0)
426 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
427 "sigaction(SIGSEGV)");
429 if (sigaction(SIGBUS, &sa, NULL) < 0)
430 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
431 "sigaction(SIGBUS)");
434 if (sigaction(SIGABORT, &sa, NULL) < 0)
435 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
436 "sigaction(SIGABORT)");
439 if (sigaction(SIGABRT, &sa, NULL) < 0)
440 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
441 "sigaction(SIGABRT)");
444 if (sigaction(SIGILL, &sa, NULL) < 0)
445 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
446 "sigaction(SIGILL)");
450 sa.sa_handler = sig_term;
451 if (sigaction(SIGTERM, &sa, NULL) < 0)
452 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
453 "sigaction(SIGTERM)");
455 if (sigaction(SIGINT, &sa, NULL) < 0)
456 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
457 "sigaction(SIGINT)");
460 sa.sa_handler = SIG_DFL;
461 if (sigaction(SIGXCPU, &sa, NULL) < 0)
462 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
463 "sigaction(SIGXCPU)");
466 sa.sa_handler = SIG_DFL;
467 if (sigaction(SIGXFSZ, &sa, NULL) < 0)
468 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
469 "sigaction(SIGXFSZ)");
472 sa.sa_handler = SIG_IGN;
473 if (sigaction(SIGPIPE, &sa, NULL) < 0)
474 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
475 "sigaction(SIGPIPE)");
478 /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
480 sigaddset(&sa.sa_mask, SIGHUP);
481 sigaddset(&sa.sa_mask, AP_SIG_GRACEFUL);
482 sa.sa_handler = restart;
483 if (sigaction(SIGHUP, &sa, NULL) < 0)
484 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
485 "sigaction(SIGHUP)");
486 if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
487 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
488 "sigaction(" AP_SIG_GRACEFUL_STRING ")");
491 apr_signal(SIGSEGV, sig_coredump);
493 apr_signal(SIGBUS, sig_coredump);
496 apr_signal(SIGABORT, sig_coredump);
497 #endif /* SIGABORT */
499 apr_signal(SIGABRT, sig_coredump);
502 apr_signal(SIGILL, sig_coredump);
505 apr_signal(SIGXCPU, SIG_DFL);
508 apr_signal(SIGXFSZ, SIG_DFL);
512 apr_signal(SIGTERM, sig_term);
514 apr_signal(SIGHUP, restart);
516 #ifdef AP_SIG_GRACEFUL
517 apr_signal(AP_SIG_GRACEFUL, restart);
518 #endif /* AP_SIG_GRACEFUL */
520 apr_signal(SIGPIPE, SIG_IGN);
526 /*****************************************************************
527 * Here follows a long bunch of generic server bookkeeping stuff...
530 int ap_graceful_stop_signalled(void)
532 /* XXX - Does this really work? - Manoj */
536 /*****************************************************************
537 * Child process main loop.
540 static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id)
542 conn_rec *current_conn;
545 int thread_num = conn_id % thread_limit;
548 if ((rv = apr_os_sock_get(&csd, sock)) != APR_SUCCESS) {
549 ap_log_error(APLOG_MARK, APLOG_ERR, rv, NULL, "apr_os_sock_get");
552 if (csd >= FD_SETSIZE) {
553 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0, NULL,
554 "new file descriptor %d is too large; you probably need "
555 "to rebuild Apache with a larger FD_SETSIZE "
558 apr_socket_close(sock);
562 if (thread_socket_table[thread_num] < 0) {
563 ap_sock_disable_nagle(sock);
566 ap_create_sb_handle(&sbh, p, conn_id / thread_limit, thread_num);
567 current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, sbh);
569 ap_process_connection(current_conn, sock);
570 ap_lingering_close(current_conn);
574 static void *worker_thread(apr_thread_t *, void *);
576 /* Starts a thread as long as we're below max_threads */
577 static int start_thread(void)
579 apr_thread_t *thread;
582 apr_lock_acquire(worker_thread_count_mutex);
583 if (worker_thread_count < max_threads - 1) {
584 rc = apr_thread_create(&thread, worker_thread_attr, worker_thread,
585 &worker_thread_free_ids[worker_thread_count], pchild);
586 if (rc != APR_SUCCESS) {
587 ap_log_error(APLOG_MARK, APLOG_ALERT, rc, ap_server_conf,
588 "apr_thread_create: unable to create worker thread");
589 /* In case system resources are maxxed out, we don't want
590 Apache running away with the CPU trying to fork over and
591 over and over again if we exit. */
593 workers_may_exit = 1;
594 apr_lock_release(worker_thread_count_mutex);
598 worker_thread_count++;
602 static int reported = 0;
605 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0,
607 "server reached MaxThreadsPerChild setting, "
608 "consider raising the MaxThreadsPerChild or "
609 "NumServers settings");
612 apr_lock_release(worker_thread_count_mutex);
615 apr_lock_release(worker_thread_count_mutex);
619 /* Sets workers_may_exit if we received a character on the pipe_of_death */
620 static void check_pipe_of_death(void)
622 apr_lock_acquire(pipe_of_death_mutex);
623 if (!workers_may_exit) {
628 ret = apr_recv(listenfds[0], &pipe_read_char, &n);
629 if (APR_STATUS_IS_EAGAIN(ret)) {
630 /* It lost the lottery. It must continue to suffer
631 * through a life of servitude. */
634 /* It won the lottery (or something else is very
635 * wrong). Embrace death with open arms. */
636 workers_may_exit = 1;
639 apr_lock_release(pipe_of_death_mutex);
642 /* idle_thread_count should be incremented before starting a worker_thread */
644 static void *worker_thread(apr_thread_t *thd, void *arg)
646 apr_socket_t *csd = NULL;
647 apr_pool_t *tpool; /* Pool for this thread */
648 apr_pool_t *ptrans; /* Pool for per-transaction stuff */
649 apr_socket_t *sd = NULL;
650 volatile int last_pollfd = 0;
651 volatile int thread_just_started = 1;
654 int thread_num = *((int *) arg);
655 long conn_id = child_num * thread_limit + thread_num;
656 apr_pollfd_t *pollset;
660 apr_socket_t *childsock = NULL;
662 apr_lock_acquire(thread_pool_parent_mutex);
663 apr_pool_create(&tpool, thread_pool_parent);
664 apr_lock_release(thread_pool_parent_mutex);
665 apr_pool_create(&ptrans, tpool);
667 (void) ap_update_child_status_from_indexes(child_num, thread_num,
669 (request_rec *) NULL);
671 apr_poll_setup(&pollset, num_listensocks + 1, tpool);
672 for(lr = ap_listeners; lr != NULL; lr = lr->next) {
673 apr_poll_socket_add(pollset, lr->sd, APR_POLLIN);
675 apr_os_sock_put(&childsock, &child_info_table[child_num].sd, tpool);
676 apr_poll_socket_add(pollset, childsock, APR_POLLIN);
678 while (!workers_may_exit) {
679 workers_may_exit |= ((ap_max_requests_per_child != 0)
680 && (requests_this_child <= 0));
681 if (workers_may_exit) break;
682 if (!thread_just_started) {
683 apr_lock_acquire(idle_thread_count_mutex);
684 if (idle_thread_count < max_spare_threads) {
686 apr_lock_release(idle_thread_count_mutex);
689 apr_lock_release(idle_thread_count_mutex);
694 thread_just_started = 0;
697 (void) ap_update_child_status_from_indexes(child_num, thread_num,
699 (request_rec *) NULL);
701 apr_lock_acquire(thread_accept_mutex);
702 if (workers_may_exit) {
703 apr_lock_release(thread_accept_mutex);
706 if ((rv = SAFE_ACCEPT(apr_lock_acquire(process_accept_mutex)))
708 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
709 "apr_lock_acquire failed. Attempting to shutdown "
710 "process gracefully.");
711 workers_may_exit = 1;
714 while (!workers_may_exit) {
716 srv = apr_poll(pollset, &n, -1);
718 if (srv != APR_SUCCESS) {
719 if (APR_STATUS_IS_EINTR(srv)) {
723 /* apr_poll() will only return errors in catastrophic
724 * circumstances. Let's try exiting gracefully, for now. */
725 ap_log_error(APLOG_MARK, APLOG_ERR, srv, (const server_rec *)
726 ap_server_conf, "apr_poll: (listen)");
727 workers_may_exit = 1;
729 if (workers_may_exit) break;
731 /* apr_poll_revents_get(&event, listenfds[0], pollset);
732 if (event & APR_POLLIN) {
733 /* A process got a signal on the shutdown pipe. Check if we're
734 * the lucky process to die.
735 check_pipe_of_death();
738 apr_poll_revents_get(&event, listenfds[1], pollset);
739 if (event & APR_POLLIN || event & APR_POLLOUT) {
740 /* This request is from another child in our current process.
741 * We should set a flag here, and then below we will read
742 * two bytes (the socket number and the NULL byte.
743 thread_socket_table[thread_num] = AP_PERCHILD_OTHERCHILD;
744 goto got_from_other_child;
748 if (num_listensocks == 1) {
749 sd = ap_listeners->sd;
753 /* find a listener */
754 curr_pollfd = last_pollfd;
757 if (curr_pollfd > num_listensocks) {
760 /* XXX: Should we check for POLLERR? */
761 apr_poll_revents_get(&event, listenfds[curr_pollfd],
763 if (event & APR_POLLIN) {
764 last_pollfd = curr_pollfd;
765 sd = listenfds[curr_pollfd];
768 } while (curr_pollfd != last_pollfd);
772 if (!workers_may_exit) {
773 if ((rv = apr_accept(&csd, sd, ptrans)) != APR_SUCCESS) {
774 ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf,
777 if ((rv = SAFE_ACCEPT(apr_lock_release(process_accept_mutex)))
779 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
780 "apr_lock_release failed. Attempting to shutdown "
781 "process gracefully.");
782 workers_may_exit = 1;
784 apr_lock_release(thread_accept_mutex);
785 apr_lock_acquire(idle_thread_count_mutex);
786 if (idle_thread_count > min_spare_threads) {
790 if (!start_thread()) {
794 apr_lock_release(idle_thread_count_mutex);
795 got_from_other_child:
796 if (thread_socket_table[thread_num] == AP_PERCHILD_OTHERCHILD) {
798 struct cmsghdr *cmsg;
803 iov.iov_base = sockname;
811 cmsg = apr_palloc(ptrans, sizeof(*cmsg) + sizeof(sd));
812 cmsg->cmsg_len = sizeof(*cmsg) + sizeof(sd);
813 msg.msg_control = (caddr_t)cmsg;
814 msg.msg_controllen = cmsg->cmsg_len;
817 ret = recvmsg(child_info_table[child_num].sd, &msg, 0);
819 memcpy(&dp, CMSG_DATA(cmsg), sizeof(dp));
821 thread_socket_table[thread_num] = dp;
822 apr_os_sock_put(&csd, &child_info_table[child_num].sd, ptrans);
824 if (setjmp(jmpbuffer) != 1) {
825 process_socket(ptrans, csd, conn_id);
828 thread_socket_table[thread_num] = AP_PERCHILD_THISCHILD;
830 requests_this_child--;
833 if ((rv = SAFE_ACCEPT(apr_lock_release(process_accept_mutex)))
835 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
836 "apr_lock_release failed. Attempting to shutdown "
837 "process gracefully.");
838 workers_may_exit = 1;
840 apr_lock_release(thread_accept_mutex);
841 apr_lock_acquire(idle_thread_count_mutex);
843 apr_lock_release(idle_thread_count_mutex);
846 apr_pool_clear(ptrans);
849 apr_lock_acquire(thread_pool_parent_mutex);
850 ap_update_child_status_from_indexes(child_num, thread_num, SERVER_DEAD,
851 (request_rec *) NULL);
852 apr_pool_destroy(tpool);
853 apr_lock_release(thread_pool_parent_mutex);
854 apr_lock_acquire(worker_thread_count_mutex);
855 worker_thread_count--;
856 worker_thread_free_ids[worker_thread_count] = thread_num;
857 if (worker_thread_count == 0) {
858 /* All the threads have exited, now finish the shutdown process
859 * by signalling the sigwait thread */
860 kill(my_pid, SIGTERM);
862 apr_lock_release(worker_thread_count_mutex);
867 /* Set group privileges.
869 * Note that we use the username as set in the config files, rather than
870 * the lookup of to uid --- the same uid may have multiple passwd entries,
871 * with different sets of groups for each.
874 static int set_group_privs(uid_t uid, gid_t gid)
879 /* Get username if passed as a uid */
883 if ((ent = getpwuid(uid)) == NULL) {
884 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
885 "getpwuid: couldn't determine user name from uid %u, "
886 "you probably need to modify the User directive",
894 * Set the GID before initgroups(), since on some platforms
895 * setgid() is known to zap the group list.
897 if (setgid(gid) == -1) {
898 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
899 "setgid: unable to set group id to Group %u",
904 /* Reset `groups' attributes. */
906 if (initgroups(name, gid) == -1) {
907 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
908 "initgroups: unable to set groups for User %s "
909 "and Group %u", name, (unsigned)gid);
917 static int perchild_setup_child(int childnum)
919 child_info_t *ug = &child_info_table[childnum];
921 if (ug->uid == -1 && ug->gid == -1) {
922 return unixd_setup_child();
924 if (set_group_privs(ug->uid, ug->gid)) {
927 /* Only try to switch if we're running as root */
931 os_init_job_environment(server_conf, unixd_config.user_name,
934 setuid(ug->uid) == -1)) {
935 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
936 "setuid: unable to change to uid: %ld",
943 static int check_signal(int signum)
954 static void child_main(int child_num_arg)
960 child_num = child_num_arg;
961 apr_pool_create(&pchild, pconf);
963 /*stuff to do before we switch id's, so we have permissions.*/
965 rv = SAFE_ACCEPT(apr_lock_child_init(&process_accept_mutex, ap_lock_fname,
967 if (rv != APR_SUCCESS) {
968 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
969 "Couldn't initialize cross-process lock in child");
970 clean_child_exit(APEXIT_CHILDFATAL);
973 if (perchild_setup_child(child_num)) {
974 clean_child_exit(APEXIT_CHILDFATAL);
977 ap_run_child_init(pchild, ap_server_conf);
979 /*done with init critical section */
981 apr_setup_signal_thread();
983 requests_this_child = ap_max_requests_per_child;
986 /* Setup worker threads */
988 if (threads_to_start > max_threads) {
989 threads_to_start = max_threads;
991 idle_thread_count = threads_to_start;
992 worker_thread_count = 0;
993 worker_thread_free_ids = (int *)apr_pcalloc(pchild, thread_limit * sizeof(int));
994 for (i = 0; i < max_threads; i++) {
995 worker_thread_free_ids[i] = i;
997 apr_pool_create(&thread_pool_parent, pchild);
998 apr_lock_create(&thread_pool_parent_mutex, APR_MUTEX, APR_INTRAPROCESS,
999 APR_LOCK_DEFAULT, NULL, pchild);
1000 apr_lock_create(&idle_thread_count_mutex, APR_MUTEX, APR_INTRAPROCESS,
1001 APR_LOCK_DEFAULT, NULL, pchild);
1002 apr_lock_create(&worker_thread_count_mutex, APR_MUTEX, APR_INTRAPROCESS,
1003 APR_LOCK_DEFAULT, NULL, pchild);
1004 apr_lock_create(&pipe_of_death_mutex, APR_MUTEX, APR_INTRAPROCESS,
1005 APR_LOCK_DEFAULT, NULL, pchild);
1006 apr_lock_create(&thread_accept_mutex, APR_MUTEX, APR_INTRAPROCESS,
1007 APR_LOCK_DEFAULT, NULL, pchild);
1009 apr_threadattr_create(&worker_thread_attr, pchild);
1010 apr_threadattr_detach_set(worker_thread_attr, 1);
1012 /* We are creating worker threads right now */
1013 for (i=0; i < threads_to_start; i++) {
1014 /* start_thread shouldn't fail here */
1015 if (!start_thread()) {
1020 apr_signal_thread(check_signal);
1023 static int make_child(server_rec *s, int slot)
1027 if (slot + 1 > ap_max_daemons_limit) {
1028 ap_max_daemons_limit = slot + 1;
1033 ap_child_table[slot].pid = getpid();
1034 ap_child_table[slot].status = SERVER_ALIVE;
1037 (void) ap_update_child_status_from_indexes(slot, 0, SERVER_STARTING,
1038 (request_rec *) NULL);
1040 if ((pid = fork()) == -1) {
1041 ap_log_error(APLOG_MARK, APLOG_ERR, errno, s,
1042 "fork: Unable to fork new process");
1043 /* In case system resources are maxxed out, we don't want
1044 * Apache running away with the CPU trying to fork over and
1045 * over and over again. */
1052 #ifdef HAVE_BINDPROCESSOR
1053 /* By default, AIX binds to a single processor. This bit unbinds
1054 * children which will then bind to another CPU.
1056 int status = bindprocessor(BINDPROCESS, (int)getpid(),
1057 PROCESSOR_CLASS_ANY);
1059 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, errno,
1060 ap_server_conf, "processor unbind failed %d", status);
1064 RAISE_SIGSTOP(MAKE_CHILD);
1066 /* XXX - For an unthreaded server, a signal handler will be necessary
1067 * apr_signal(SIGTERM, just_die);
1070 clean_child_exit(0);
1073 ap_child_table[slot].pid = pid;
1074 ap_child_table[slot].status = SERVER_ALIVE;
1079 /* start up a bunch of children */
1080 static int startup_children(int number_to_start)
1084 for (i = 0; number_to_start && i < num_daemons; ++i) {
1085 if (ap_child_table[i].pid) {
1088 if (make_child(ap_server_conf, i) < 0) {
1093 return number_to_start;
1098 * spawn_rate is the number of children that will be spawned on the
1099 * next maintenance cycle if there aren't enough servers. It is
1100 * doubled up to MAX_SPAWN_RATE, and reset only when a cycle goes by
1101 * without the need to spawn.
1103 static int spawn_rate = 1;
1104 #ifndef MAX_SPAWN_RATE
1105 #define MAX_SPAWN_RATE (32)
1107 static int hold_off_on_exponential_spawning;
1109 static void perform_child_maintenance(void)
1113 int free_slots[MAX_SPAWN_RATE];
1114 int last_non_dead = -1;
1116 /* initialize the free_list */
1119 for (i = 0; i < num_daemons; ++i) {
1120 if (ap_child_table[i].pid == 0) {
1121 if (free_length < spawn_rate) {
1122 free_slots[free_length] = i;
1130 if (i >= ap_max_daemons_limit && free_length >= spawn_rate) {
1134 ap_max_daemons_limit = last_non_dead + 1;
1136 if (free_length > 0) {
1137 for (i = 0; i < free_length; ++i) {
1138 make_child(ap_server_conf, free_slots[i]);
1140 /* the next time around we want to spawn twice as many if this
1141 * wasn't good enough, but not if we've just done a graceful
1143 if (hold_off_on_exponential_spawning) {
1144 --hold_off_on_exponential_spawning;
1146 else if (spawn_rate < MAX_SPAWN_RATE) {
1155 static void server_main_loop(int remaining_children_to_start)
1158 apr_exit_why_e exitwhy;
1163 while (!restart_pending && !shutdown_pending) {
1164 ap_wait_or_timeout(&exitwhy, &status, &pid, pconf);
1166 if (pid.pid != -1) {
1167 if (ap_process_child_status(&pid, exitwhy, status)
1168 == APEXIT_CHILDFATAL) {
1169 shutdown_pending = 1;
1173 /* non-fatal death... note that it's gone in the child table and
1174 * clean out the status table. */
1176 for (i = 0; i < ap_max_daemons_limit; ++i) {
1177 if (ap_child_table[i].pid == pid.pid) {
1182 if (child_slot >= 0) {
1183 ap_child_table[child_slot].pid = 0;
1184 ap_update_child_status_from_indexes(child_slot, i, SERVER_DEAD,
1185 (request_rec *) NULL);
1188 if (remaining_children_to_start
1189 && child_slot < num_daemons) {
1190 /* we're still doing a 1-for-1 replacement of dead
1191 * children with new children
1193 make_child(ap_server_conf, child_slot);
1194 --remaining_children_to_start;
1196 #if APR_HAS_OTHER_CHILD
1198 else if (apr_proc_other_child_read(&pid, status) == 0) {
1202 else if (is_graceful) {
1203 /* Great, we've probably just lost a slot in the
1204 * child table. Somehow we don't know about this
1207 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0,
1209 "long lost child came home! (pid %ld)",
1212 /* Don't perform idle maintenance when a child dies,
1213 * only do it when there's a timeout. Remember only a
1214 * finite number of children can die, and it's pretty
1215 * pathological for a lot to die suddenly.
1219 else if (remaining_children_to_start) {
1220 /* we hit a 1 second timeout in which none of the previous
1221 * generation of children needed to be reaped... so assume
1222 * they're all done, and pick up the slack if any is left.
1224 remaining_children_to_start = \
1225 startup_children(remaining_children_to_start);
1226 /* In any event we really shouldn't do the code below because
1227 * few of the servers we just started are in the IDLE state
1228 * yet, so we'd mistakenly create an extra server.
1233 perform_child_maintenance();
1237 int ap_mpm_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
1239 int remaining_children_to_start;
1244 ap_log_pid(pconf, ap_pid_fname);
1246 first_server_limit = server_limit;
1247 first_thread_limit = thread_limit;
1248 if (changed_limit_at_restart) {
1249 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_NOERRNO, 0, s,
1250 "WARNING: Attempt to change ServerLimit or ThreadLimit "
1251 "ignored during restart");
1252 changed_limit_at_restart = 0;
1255 if ((rv = apr_file_pipe_create(&pipe_of_death_in, &pipe_of_death_out,
1256 pconf)) != APR_SUCCESS) {
1257 ap_log_error(APLOG_MARK, APLOG_ERR, rv,
1258 (const server_rec*) ap_server_conf,
1259 "apr_file_pipe_create (pipe_of_death)");
1262 if ((rv = apr_file_pipe_timeout_set(pipe_of_death_in, 0)) != APR_SUCCESS) {
1263 ap_log_error(APLOG_MARK, APLOG_ERR, rv,
1264 (const server_rec*) ap_server_conf,
1265 "apr_file_pipe_timeout_set (pipe_of_death)");
1270 /* Initialize cross-process accept lock */
1271 ap_lock_fname = apr_psprintf(_pconf, "%s.%u",
1272 ap_server_root_relative(_pconf, ap_lock_fname),
1274 rv = SAFE_ACCEPT(apr_lock_create(&process_accept_mutex, APR_MUTEX,
1275 APR_CROSS_PROCESS, ap_accept_lock_mech,
1276 ap_lock_fname, _pconf));
1277 if (rv != APR_SUCCESS) {
1278 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
1279 "Couldn't create cross-process lock");
1284 if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) {
1288 /* Initialize the child table */
1290 for (i = 0; i < server_limit; i++) {
1291 ap_child_table[i].pid = 0;
1297 /* If we're doing a graceful_restart then we're going to see a lot
1298 * of children exiting immediately when we get into the main loop
1299 * below (because we just sent them AP_SIG_GRACEFUL). This happens
1300 * pretty rapidly... and for each one that exits we'll start a new one
1301 * until we reach at least daemons_min_free. But we may be permitted to
1302 * start more than that, so we'll just keep track of how many we're
1303 * supposed to start up without the 1 second penalty between each fork.
1305 remaining_children_to_start = num_daemons;
1307 remaining_children_to_start = \
1308 startup_children(remaining_children_to_start);
1311 /* give the system some time to recover before kicking into
1312 * exponential mode */
1313 hold_off_on_exponential_spawning = 10;
1316 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0, ap_server_conf,
1317 "%s configured -- resuming normal operations",
1318 ap_get_server_version());
1319 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, 0, ap_server_conf,
1320 "Server built: %s", ap_get_server_built());
1321 #ifdef AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
1322 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, 0, ap_server_conf,
1323 "AcceptMutex: %s", ap_valid_accept_mutex_string);
1325 restart_pending = shutdown_pending = 0;
1327 server_main_loop(remaining_children_to_start);
1329 if (shutdown_pending) {
1330 /* Time to gracefully shut down:
1331 * Kill child processes, tell them to call child_exit, etc...
1333 if (unixd_killpg(getpgrp(), SIGTERM) < 0) {
1334 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
1337 ap_reclaim_child_processes(1); /* Start with SIGTERM */
1340 /* cleanup pid file on normal shutdown */
1341 const char *pidfile = NULL;
1342 pidfile = ap_server_root_relative (pconf, ap_pid_fname);
1343 if (pidfile != NULL && unlink(pidfile) == 0) {
1344 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, 0,
1346 "removed PID file %s (pid=%ld)",
1347 pidfile, (long)getpid());
1350 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0,
1351 ap_server_conf, "caught SIGTERM, shutting down");
1356 /* we've been told to restart */
1357 apr_signal(SIGHUP, SIG_IGN);
1360 /* not worth thinking about */
1365 char char_of_death = '!';
1367 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0,
1368 ap_server_conf, AP_SIG_GRACEFUL_STRING " received. "
1369 "Doing graceful restart");
1371 /* This is mostly for debugging... so that we know what is still
1372 * gracefully dealing with existing request.
1375 for (i = 0; i < num_daemons; ++i) {
1376 if (ap_child_table[i].pid) {
1377 ap_child_table[i].status = SERVER_DYING;
1380 /* give the children the signal to die */
1381 for (i = 0; i < num_daemons;) {
1382 if ((rv = apr_file_write(pipe_of_death_out, &char_of_death,
1383 &one)) != APR_SUCCESS) {
1384 if (APR_STATUS_IS_EINTR(rv)) continue;
1385 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
1386 "write pipe_of_death");
1392 /* Kill 'em all. Since the child acts the same on the parents SIGTERM
1393 * and a SIGHUP, we may as well use the same signal, because some user
1394 * pthreads are stealing signals from us left and right.
1396 if (unixd_killpg(getpgrp(), SIGTERM) < 0) {
1397 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
1400 ap_reclaim_child_processes(1); /* Start with SIGTERM */
1401 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0,
1402 ap_server_conf, "SIGHUP received. Attempting to restart");
1407 /* This really should be a post_config hook, but the error log is already
1408 * redirected by that point, so we need to do this in the open_logs phase.
1410 static int perchild_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
1417 if ((num_listensocks = ap_setup_listeners(ap_server_conf)) < 1) {
1418 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ALERT|APLOG_STARTUP, 0,
1419 NULL, "no listening sockets available, shutting down");
1423 ap_log_pid(pconf, ap_pid_fname);
1425 if ((rv = ap_mpm_pod_open(pconf, &pod))) {
1426 ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_STARTUP, rv, NULL,
1427 "Could not open pipe-of-death.");
1433 static int perchild_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp)
1435 static int restart_num = 0;
1436 int no_detach, debug;
1437 ap_directive_t *pdir;
1439 int tmp_server_limit = DEFAULT_SERVER_LIMIT;
1440 int tmp_thread_limit = DEFAULT_THREAD_LIMIT;
1443 debug = ap_exists_config_define("DEBUG");
1446 no_detach = one_process = 1;
1449 one_process = ap_exists_config_define("ONE_PROCESS");
1450 no_detach = ap_exists_config_define("NO_DETACH");
1453 /* sigh, want this only the second time around */
1454 if (restart_num++ == 1) {
1458 rv = apr_proc_detach(no_detach ? APR_PROC_DETACH_FOREGROUND
1459 : APR_PROC_DETACH_DAEMONIZE);
1460 if (rv != APR_SUCCESS) {
1461 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
1462 "apr_proc_detach failed");
1463 return HTTP_INTERNAL_SERVER_ERROR;
1470 unixd_pre_config(ptemp);
1471 ap_listen_pre_config();
1472 num_daemons = DEFAULT_NUM_DAEMON;
1473 threads_to_start = DEFAULT_START_THREAD;
1474 min_spare_threads = DEFAULT_MIN_SPARE_THREAD;
1475 max_spare_threads = DEFAULT_MAX_SPARE_THREAD;
1476 max_threads = thread_limit;
1477 ap_pid_fname = DEFAULT_PIDLOG;
1478 ap_lock_fname = DEFAULT_LOCKFILE;
1479 ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
1482 apr_cpystrn(ap_coredump_dir, ap_server_root, sizeof(ap_coredump_dir));
1484 /* we need to know ServerLimit and ThreadLimit before we start processing
1485 * the tree because we need to already have allocated child_info_table
1487 for (pdir = ap_conftree; pdir != NULL; pdir = pdir->next) {
1488 if (!strcasecmp(pdir->directive, "ServerLimit")) {
1489 if (atoi(pdir->args) > tmp_server_limit) {
1490 tmp_server_limit = atoi(pdir->args);
1491 if (tmp_server_limit > MAX_SERVER_LIMIT) {
1492 tmp_server_limit = MAX_SERVER_LIMIT;
1496 else if (!strcasecmp(pdir->directive, "ThreadLimit")) {
1497 if (atoi(pdir->args) > tmp_thread_limit) {
1498 tmp_thread_limit = atoi(pdir->args);
1499 if (tmp_thread_limit > MAX_THREAD_LIMIT) {
1500 tmp_thread_limit = MAX_THREAD_LIMIT;
1506 child_info_table = (child_info_t *)apr_pcalloc(p, tmp_server_limit * sizeof(child_info_t));
1507 for (i = 0; i < tmp_server_limit; i++) {
1508 child_info_table[i].uid = -1;
1509 child_info_table[i].gid = -1;
1510 child_info_table[i].sd = -1;
1516 static int pass_request(request_rec *r)
1518 apr_socket_t *thesock = ap_get_module_config(r->connection->conn_config, &core_module);
1520 struct cmsghdr *cmsg;
1523 conn_rec *c = r->connection;
1524 apr_bucket_brigade *bb = apr_brigade_create(r->pool, c->bucket_alloc);
1525 perchild_server_conf *sconf = (perchild_server_conf *)
1526 ap_get_module_config(r->server->module_config,
1527 &mpm_perchild_module);
1531 apr_pool_userdata_get((void **)&foo, "PERCHILD_BUFFER", c->pool);
1534 apr_pool_userdata_set(NULL, "PERCHILD_BUFFER", apr_pool_cleanup_null,
1537 apr_os_sock_get(&sfd, thesock);
1539 iov.iov_base = NULL;
1542 msg.msg_name = NULL;
1543 msg.msg_namelen = 0;
1547 cmsg = apr_palloc(r->pool, sizeof(*cmsg) + sizeof(sfd));
1548 cmsg->cmsg_len = sizeof(*cmsg) + sizeof(int);
1549 cmsg->cmsg_level = SOL_SOCKET;
1550 cmsg->cmsg_type = SCM_RIGHTS;
1552 memcpy(CMSG_DATA(cmsg), &sfd, sizeof(sfd));
1554 msg.msg_control = (caddr_t)cmsg;
1555 msg.msg_controllen = cmsg->cmsg_len;
1558 if (sendmsg(sconf->sd2, &msg, 0) == -1) {
1559 apr_pool_destroy(r->pool);
1563 write(sconf->sd2, foo, len);
1565 /* ### this "read one line" doesn't seem right... shouldn't we be
1566 ### reading large chunks of data or something?
1568 while (ap_get_brigade(r->input_filters, bb, AP_MODE_GETLINE,
1569 APR_NONBLOCK_READ, 0) == APR_SUCCESS) {
1571 APR_BRIGADE_FOREACH(e, bb) {
1574 apr_bucket_read(e, &str, &len, APR_NONBLOCK_READ);
1575 write(sconf->sd2, str, len);
1579 apr_pool_destroy(r->pool);
1583 static char *make_perchild_socket(const char *fullsockname, int sd[2])
1585 socketpair(PF_UNIX, SOCK_STREAM, 0, sd);
1589 static int perchild_post_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
1593 perchild_server_conf *sconf;
1599 for (sr = s; sr; sr = sr->next) {
1600 sconf = (perchild_server_conf *)ap_get_module_config(sr->module_config,
1601 &mpm_perchild_module);
1603 if (sconf->sd == -1) {
1604 sconf->fullsockname = apr_pstrcat(sr->process->pool,
1605 sconf->sockname, ".DEFAULT", NULL);
1606 if (def_sd[0] == -1) {
1607 if (!make_perchild_socket(sconf->fullsockname, def_sd)) {
1611 sconf->sd = def_sd[0];
1612 sconf->sd2 = def_sd[1];
1616 for (i = 0; i < num_daemons; i++) {
1617 if (child_info_table[i].uid == -1) {
1618 child_info_table[i].sd = def_sd[0];
1622 thread_socket_table = (int *)apr_pcalloc(p, thread_limit * sizeof(int));
1623 for (i = 0; i < thread_limit; i++) {
1624 thread_socket_table[i] = AP_PERCHILD_THISCHILD;
1626 ap_child_table = (ap_ctable *)apr_pcalloc(p, server_limit * sizeof(ap_ctable));
1631 static int perchild_post_read(request_rec *r)
1633 ap_filter_t *f = r->connection->input_filters;
1634 int thread_num = r->connection->id % thread_limit;
1635 perchild_server_conf *sconf = (perchild_server_conf *)
1636 ap_get_module_config(r->server->module_config,
1637 &mpm_perchild_module);
1640 if (!strcasecmp("PERCHILD_BUFFER", f->frec->name)) {
1641 ap_remove_output_filter(f);
1647 if (thread_socket_table[thread_num] != AP_PERCHILD_THISCHILD) {
1648 apr_socket_t *csd = NULL;
1650 apr_os_sock_put(&csd, &thread_socket_table[thread_num],
1651 r->connection->pool);
1652 ap_sock_disable_nagle(csd);
1653 ap_set_module_config(r->connection->conn_config, &core_module, csd);
1657 /* sconf is the server config for this vhost, so if our socket
1658 * is not the same that was set in the config, then the request
1659 * needs to be passed to another child. */
1660 if (sconf->sd != child_info_table[child_num].sd) {
1661 if (pass_request(r) == -1) {
1662 ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0,
1663 ap_server_conf, "Could not pass request to proper "
1664 "child, request will not be honored.");
1666 longjmp(jmpbuffer, 1);
1673 static apr_status_t perchild_buffer(ap_filter_t *f, apr_bucket_brigade *b,
1674 ap_input_mode_t mode,
1675 apr_read_type_e block,
1676 apr_off_t readbytes)
1680 char *buffer = NULL;
1684 if ((rv = ap_get_brigade(f->next, b, mode, block,
1685 readbytes)) != APR_SUCCESS) {
1689 apr_pool_userdata_get((void **)&buffer, "PERCHILD_BUFFER", f->c->pool);
1691 APR_BRIGADE_FOREACH(e, b) {
1692 if (e->length != 0) {
1693 apr_bucket_read(e, &str, &len, APR_NONBLOCK_READ);
1695 if (buffer == NULL) {
1696 buffer = apr_pstrndup(f->c->pool, str, len);
1699 buffer = apr_pstrcat(f->c->pool, buffer,
1700 apr_pstrndup(f->c->pool, str, len), NULL);
1704 apr_pool_userdata_set(buffer, "PERCHILD_BUFFER", apr_pool_cleanup_null,
1710 static int perchild_pre_connection(conn_rec *c, void *csd)
1712 ap_add_input_filter("PERCHILD_BUFFER", NULL, NULL, c);
1716 static void perchild_hooks(apr_pool_t *p)
1718 /* The perchild open_logs phase must run before the core's, or stderr
1719 * will be redirected to a file, and the messages won't print to the
1722 static const char *const aszSucc[] = {"core.c", NULL};
1725 ap_hook_open_logs(perchild_open_logs, NULL, aszSucc, APR_HOOK_MIDDLE);
1726 ap_hook_pre_config(perchild_pre_config, NULL, NULL, APR_HOOK_MIDDLE);
1727 ap_hook_post_config(perchild_post_config, NULL, NULL, APR_HOOK_MIDDLE);
1728 ap_hook_pre_connection(perchild_pre_connection,NULL,NULL, APR_HOOK_MIDDLE);
1730 /* This must be run absolutely first. If this request isn't for this
1731 * server then we need to forward it to the proper child. No sense
1732 * tying up this server running more post_read request hooks if it is
1733 * just going to be forwarded along.
1735 ap_hook_post_read_request(perchild_post_read, NULL, NULL,
1736 APR_HOOK_REALLY_FIRST);
1737 ap_register_input_filter("PERCHILD_BUFFER", perchild_buffer,
1741 static const char *set_num_daemons(cmd_parms *cmd, void *dummy,
1744 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1749 num_daemons = atoi(arg);
1750 if (num_daemons > server_limit) {
1751 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1752 "WARNING: NumServers of %d exceeds ServerLimit value "
1753 "of %d servers,", num_daemons, server_limit);
1754 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1755 " lowering NumServers to %d. To increase, please "
1756 "see the", server_limit);
1757 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1758 " ServerLimit directive.");
1759 num_daemons = server_limit;
1761 else if (num_daemons < 1) {
1762 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1763 "WARNING: Require NumServers > 0, setting to 1");
1769 static const char *set_threads_to_start(cmd_parms *cmd, void *dummy,
1772 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1777 threads_to_start = atoi(arg);
1778 if (threads_to_start > thread_limit) {
1779 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1780 "WARNING: StartThreads of %d exceeds ThreadLimit value"
1781 " of %d threads,", threads_to_start,
1783 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1784 " lowering StartThreads to %d. To increase, please"
1785 " see the", thread_limit);
1786 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1787 " ThreadLimit directive.");
1789 else if (threads_to_start < 1) {
1790 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1791 "WARNING: Require StartThreads > 0, setting to 1");
1792 threads_to_start = 1;
1797 static const char *set_min_spare_threads(cmd_parms *cmd, void *dummy,
1800 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1805 min_spare_threads = atoi(arg);
1806 if (min_spare_threads <= 0) {
1807 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1808 "WARNING: detected MinSpareThreads set to non-positive.");
1809 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1810 "Resetting to 1 to avoid almost certain Apache failure.");
1811 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1812 "Please read the documentation.");
1813 min_spare_threads = 1;
1819 static const char *set_max_spare_threads(cmd_parms *cmd, void *dummy,
1822 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1827 max_spare_threads = atoi(arg);
1828 if (max_spare_threads >= thread_limit) {
1829 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1830 "WARNING: detected MinSpareThreads set higher than");
1831 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1832 "ThreadLimit. Resetting to %d", thread_limit);
1833 max_spare_threads = thread_limit;
1838 static const char *set_max_threads(cmd_parms *cmd, void *dummy, const char *arg)
1840 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1845 max_threads = atoi(arg);
1846 if (max_threads > thread_limit) {
1847 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1848 "WARNING: detected MaxThreadsPerChild set higher than");
1849 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1850 "ThreadLimit. Resetting to %d", thread_limit);
1851 max_threads = thread_limit;
1856 static const char *set_child_per_uid(cmd_parms *cmd, void *dummy, const char *u,
1857 const char *g, const char *num)
1860 int max_this_time = atoi(num) + curr_child_num;
1862 for (i = curr_child_num; i < max_this_time; i++, curr_child_num++) {
1863 child_info_t *ug = &child_info_table[i - 1];
1865 if (i > num_daemons) {
1866 return "Trying to use more child ID's than NumServers. Increase "
1867 "NumServers in your config file.";
1876 static const char *assign_childuid(cmd_parms *cmd, void *dummy, const char *uid,
1884 perchild_server_conf *sconf = (perchild_server_conf *)
1885 ap_get_module_config(cmd->server->module_config,
1886 &mpm_perchild_module);
1888 sconf->fullsockname = apr_pstrcat(cmd->pool, sconf->sockname, ".", uid,
1891 if ((errstr = make_perchild_socket(sconf->fullsockname, socks))) {
1895 sconf->sd = socks[0];
1896 sconf->sd2 = socks[1];
1898 for (i = 0; i < num_daemons; i++) {
1899 if (u == child_info_table[i].uid && g == child_info_table[i].gid) {
1900 child_info_table[i].sd = sconf->sd;
1907 static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
1909 int tmp_server_limit;
1911 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1916 tmp_server_limit = atoi(arg);
1917 /* you cannot change ServerLimit across a restart; ignore
1920 if (first_server_limit &&
1921 tmp_server_limit != server_limit) {
1922 /* how do we log a message? the error log is a bit bucket at this
1923 * point; we'll just have to set a flag so that ap_mpm_run()
1924 * logs a warning later
1926 changed_limit_at_restart = 1;
1929 server_limit = tmp_server_limit;
1931 if (server_limit > MAX_SERVER_LIMIT) {
1932 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1933 "WARNING: ServerLimit of %d exceeds compile time limit "
1934 "of %d servers,", server_limit, MAX_SERVER_LIMIT);
1935 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1936 " lowering ServerLimit to %d.", MAX_SERVER_LIMIT);
1937 server_limit = MAX_SERVER_LIMIT;
1939 else if (server_limit < 1) {
1940 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1941 "WARNING: Require ServerLimit > 0, setting to 1");
1947 static const char *set_thread_limit (cmd_parms *cmd, void *dummy, const char *arg)
1949 int tmp_thread_limit;
1951 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1956 tmp_thread_limit = atoi(arg);
1957 /* you cannot change ThreadLimit across a restart; ignore
1960 if (first_thread_limit &&
1961 tmp_thread_limit != thread_limit) {
1962 /* how do we log a message? the error log is a bit bucket at this
1963 * point; we'll just have to set a flag so that ap_mpm_run()
1964 * logs a warning later
1966 changed_limit_at_restart = 1;
1969 thread_limit = tmp_thread_limit;
1971 if (thread_limit > MAX_THREAD_LIMIT) {
1972 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1973 "WARNING: ThreadLimit of %d exceeds compile time limit "
1974 "of %d servers,", thread_limit, MAX_THREAD_LIMIT);
1975 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1976 " lowering ThreadLimit to %d.", MAX_THREAD_LIMIT);
1977 thread_limit = MAX_THREAD_LIMIT;
1979 else if (thread_limit < 1) {
1980 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1981 "WARNING: Require ThreadLimit > 0, setting to 1");
1987 static const command_rec perchild_cmds[] = {
1988 UNIX_DAEMON_COMMANDS,
1990 AP_INIT_TAKE1("NumServers", set_num_daemons, NULL, RSRC_CONF,
1991 "Number of children alive at the same time"),
1992 AP_INIT_TAKE1("StartThreads", set_threads_to_start, NULL, RSRC_CONF,
1993 "Number of threads each child creates"),
1994 AP_INIT_TAKE1("MinSpareThreads", set_min_spare_threads, NULL, RSRC_CONF,
1995 "Minimum number of idle threads per child, to handle "
1997 AP_INIT_TAKE1("MaxSpareThreads", set_max_spare_threads, NULL, RSRC_CONF,
1998 "Maximum number of idle threads per child"),
1999 AP_INIT_TAKE1("MaxThreadsPerChild", set_max_threads, NULL, RSRC_CONF,
2000 "Maximum number of threads per child"),
2001 AP_INIT_TAKE3("ChildperUserID", set_child_per_uid, NULL, RSRC_CONF,
2002 "Specify a User and Group for a specific child process."),
2003 AP_INIT_TAKE2("AssignUserID", assign_childuid, NULL, RSRC_CONF,
2004 "Tie a virtual host to a specific child process."),
2005 AP_INIT_TAKE1("ServerLimit", set_server_limit, NULL, RSRC_CONF,
2006 "Maximum value of NumServers for this run of Apache"),
2007 AP_INIT_TAKE1("ThreadLimit", set_thread_limit, NULL, RSRC_CONF,
2008 "Maximum worker threads in a server for this run of Apache"),
2012 static void *perchild_create_config(apr_pool_t *p, server_rec *s)
2014 perchild_server_conf *c = (perchild_server_conf *)
2015 apr_pcalloc(p, sizeof(perchild_server_conf));
2021 module AP_MODULE_DECLARE_DATA mpm_perchild_module = {
2023 NULL, /* hook to run before apache parses args */
2024 NULL, /* create per-directory config structure */
2025 NULL, /* merge per-directory config structures */
2026 perchild_create_config, /* create per-server config structure */
2027 NULL, /* merge per-server config structures */
2028 perchild_cmds, /* command apr_table_t */
2029 perchild_hooks /* register_hooks */