1 /* ====================================================================
2 * The Apache Software License, Version 1.1
4 * Copyright (c) 2000-2001 The Apache Software Foundation. All rights
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
19 * 3. The end-user documentation included with the redistribution,
20 * if any, must include the following acknowledgment:
21 * "This product includes software developed by the
22 * Apache Software Foundation (http://www.apache.org/)."
23 * Alternately, this acknowledgment may appear in the software itself,
24 * if and wherever such third-party acknowledgments normally appear.
26 * 4. The names "Apache" and "Apache Software Foundation" must
27 * not be used to endorse or promote products derived from this
28 * software without prior written permission. For written
29 * permission, please contact apache@apache.org.
31 * 5. Products derived from this software may not be called "Apache",
32 * nor may "Apache" appear in their name, without prior written
33 * permission of the Apache Software Foundation.
35 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47 * ====================================================================
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Software Foundation. For more
51 * information on the Apache Software Foundation, please see
52 * <http://www.apache.org/>.
54 * Portions of this software are based upon public domain software
55 * originally written at the National Center for Supercomputing Applications,
56 * University of Illinois, Urbana-Champaign.
60 #include "apr_strings.h"
61 #include "apr_pools.h"
62 #include "apr_portable.h"
63 #include "apr_file_io.h"
64 #include "apr_signal.h"
66 #define APR_WANT_IOVEC
72 #if APR_HAVE_SYS_SOCKET_H
73 #include <sys/socket.h>
77 #error The perchild MPM requires APR threads, but they are unavailable.
82 #include "ap_config.h"
84 #include "http_main.h"
86 #include "http_config.h" /* for read_config */
87 #include "http_core.h" /* for get_remote_host */
88 #include "http_protocol.h"
89 #include "http_connection.h"
92 #include "mpm_common.h"
93 #include "ap_listen.h"
94 #include "mpm_default.h"
96 #include "scoreboard.h"
97 #include "util_filter.h"
99 /* ### should be APR-ized */
103 #include <sys/stat.h>
106 #ifdef HAVE_SYS_PROCESSOR_H
107 #include <sys/processor.h> /* for bindprocessor() */
111 * Define some magic numbers that we use for the state of the incomming
112 * request. These must be < 0 so they don't collide with a file descriptor.
114 #define AP_PERCHILD_THISCHILD -1
115 #define AP_PERCHILD_OTHERCHILD -2
117 /* Limit on the threads per process. Clients will be locked out if more than
118 * this * server_limit are needed.
120 * We keep this for one reason it keeps the size of the scoreboard file small
121 * enough that we can read the whole thing without worrying too much about
124 #ifndef DEFAULT_THREAD_LIMIT
125 #define DEFAULT_THREAD_LIMIT 64
128 /* Admin can't tune ThreadLimit beyond MAX_THREAD_LIMIT. We want
129 * some sort of compile-time limit to help catch typos.
131 #ifndef MAX_THREAD_LIMIT
132 #define MAX_THREAD_LIMIT 20000
135 /* Limit on the total --- clients will be locked out if more servers than
136 * this are needed. It is intended solely to keep the server from crashing
137 * when things get out of hand.
139 * We keep a hard maximum number of servers, for two reasons --- first off,
140 * in case something goes seriously wrong, we want to stop the fork bomb
141 * short of actually crashing the machine we're running on by filling some
142 * kernel table. Secondly, it keeps the size of the scoreboard file small
143 * enough that we can read the whole thing without worrying too much about
146 #ifndef DEFAULT_SERVER_LIMIT
147 #define DEFAULT_SERVER_LIMIT 8
150 /* Admin can't tune ServerLimit beyond MAX_SERVER_LIMIT. We want
151 * some sort of compile-time limit to help catch typos.
153 #ifndef MAX_SERVER_LIMIT
154 #define MAX_SERVER_LIMIT 20000
158 * Actual definitions of config globals
161 static int threads_to_start = 0; /* Worker threads per child */
162 static int min_spare_threads = 0;
163 static int max_spare_threads = 0;
164 static int max_threads = 0;
165 static int server_limit = DEFAULT_SERVER_LIMIT;
166 static int first_server_limit;
167 static int thread_limit = DEFAULT_THREAD_LIMIT;
168 static int first_thread_limit;
169 static int changed_limit_at_restart;
170 static int max_requests_per_child = 0;
171 static int num_daemons = 0;
172 static int curr_child_num = 0;
173 static int workers_may_exit = 0;
174 static int requests_this_child;
175 static int num_listenfds = 0;
176 static apr_socket_t **listenfds;
177 static jmp_buf jmpbuffer;
179 struct child_info_t {
186 const char *sockname; /* The base name for the socket */
187 const char *fullsockname; /* socket base name + extension */
188 int sd; /* The socket descriptor */
189 int sd2; /* The socket descriptor */
190 } perchild_server_conf;
192 typedef struct child_info_t child_info_t;
194 /* Tables used to determine the user and group each child process should
195 * run as. The hash table is used to correlate a server name with a child
198 static child_info_t *child_info_table;
199 static int *thread_socket_table;
200 struct ap_ctable *ap_child_table;
203 * The max child slot ever assigned, preserved across restarts. Necessary
204 * to deal with NumServers changes across AP_SIG_GRACEFUL restarts. We
205 * use this value to optimize routines that have to scan the entire child
208 * XXX - It might not be worth keeping this code in. There aren't very
209 * many child processes in this MPM.
211 int ap_max_daemons_limit = -1;
212 int ap_threads_per_child; /* XXX not part of API! axe it! */
214 module AP_MODULE_DECLARE_DATA mpm_perchild_module;
216 static apr_file_t *pipe_of_death_in = NULL;
217 static apr_file_t *pipe_of_death_out = NULL;
218 static apr_lock_t *pipe_of_death_mutex;
220 /* *Non*-shared http_main globals... */
222 server_rec *ap_server_conf;
224 /* one_process --- debugging mode variable; can be set from the command line
225 * with the -X flag. If set, this gets you the child_main loop running
226 * in the process which originally started up (no detach, no make_child),
227 * which is a pretty nice debugging environment. (You'll get a SIGHUP
228 * early in standalone_main; just continue through. This is the server
229 * trying to kill off any child processes which it might have lying
230 * around --- Apache doesn't keep track of their pids, it just sends
231 * SIGHUP to the process group, ignoring it in the root process.
232 * Continue through and you'll be fine.).
235 static int one_process = 0;
238 int raise_sigstop_flags;
241 static apr_pool_t *pconf; /* Pool for config stuff */
242 static apr_pool_t *pchild; /* Pool for httpd child stuff */
243 static apr_pool_t *thread_pool_parent; /* Parent of per-thread pools */
244 static apr_lock_t *thread_pool_parent_mutex;
246 static int child_num;
247 static unsigned int my_pid; /* Linux getpid() doesn't work except in
248 main thread. Use this instead */
249 /* Keep track of the number of worker threads currently active */
250 static int worker_thread_count;
251 static apr_lock_t *worker_thread_count_mutex;
252 static int *worker_thread_free_ids;
253 static apr_threadattr_t *worker_thread_attr;
255 /* Keep track of the number of idle worker threads */
256 static int idle_thread_count;
257 static apr_lock_t *idle_thread_count_mutex;
259 /* Locks for accept serialization */
260 #ifdef NO_SERIALIZED_ACCEPT
261 #define SAFE_ACCEPT(stmt) APR_SUCCESS
263 #define SAFE_ACCEPT(stmt) (stmt)
264 static apr_lock_t *process_accept_mutex;
265 #endif /* NO_SERIALIZED_ACCEPT */
266 static apr_lock_t *thread_accept_mutex;
268 AP_DECLARE(apr_status_t) ap_mpm_query(int query_code, int *result)
271 case AP_MPMQ_MAX_DAEMON_USED:
272 *result = ap_max_daemons_limit;
274 case AP_MPMQ_IS_THREADED:
275 *result = AP_MPMQ_DYNAMIC;
277 case AP_MPMQ_IS_FORKED:
278 *result = AP_MPMQ_STATIC;
280 case AP_MPMQ_HARD_LIMIT_DAEMONS:
281 *result = server_limit;
283 case AP_MPMQ_HARD_LIMIT_THREADS:
284 *result = thread_limit;
286 case AP_MPMQ_MAX_THREADS:
287 *result = max_threads;
289 case AP_MPMQ_MIN_SPARE_DAEMONS:
292 case AP_MPMQ_MIN_SPARE_THREADS:
293 *result = min_spare_threads;
295 case AP_MPMQ_MAX_SPARE_DAEMONS:
298 case AP_MPMQ_MAX_SPARE_THREADS:
299 *result = max_spare_threads;
301 case AP_MPMQ_MAX_REQUESTS_DAEMON:
302 *result = max_requests_per_child;
304 case AP_MPMQ_MAX_DAEMONS:
305 *result = num_daemons;
311 /* a clean exit from a child with proper cleanup */
312 static void clean_child_exit(int code)
315 apr_pool_destroy(pchild);
320 /* handle all varieties of core dumping signals */
321 static void sig_coredump(int sig)
323 chdir(ap_coredump_dir);
324 apr_signal(sig, SIG_DFL);
326 /* At this point we've got sig blocked, because we're still inside
327 * the signal handler. When we leave the signal handler it will
328 * be unblocked, and we'll take the signal... and coredump or whatever
329 * is appropriate for this particular Unix. In addition the parent
330 * will see the real signal we received -- whereas if we called
331 * abort() here, the parent would only see SIGABRT.
335 static void just_die(int sig)
340 /*****************************************************************
341 * Connection structures and accounting...
344 /* volatile just in case */
345 static int volatile shutdown_pending;
346 static int volatile restart_pending;
347 static int volatile is_graceful;
348 static int volatile child_fatal;
349 /* we don't currently track ap_my_generation, but mod_status
350 * references it so it must be defined */
351 ap_generation_t volatile ap_my_generation=0;
354 * ap_start_shutdown() and ap_start_restart(), below, are a first stab at
355 * functions to initiate shutdown or restart without relying on signals.
356 * Previously this was initiated in sig_term() and restart() signal handlers,
357 * but we want to be able to start a shutdown/restart from other sources --
358 * e.g. on Win32, from the service manager. Now the service manager can
359 * call ap_start_shutdown() or ap_start_restart() as appropiate. Note that
360 * these functions can also be called by the child processes, since global
361 * variables are no longer used to pass on the required action to the parent.
363 * These should only be called from the parent process itself, since the
364 * parent process will use the shutdown_pending and restart_pending variables
365 * to determine whether to shutdown or restart. The child process should
366 * call signal_parent() directly to tell the parent to die -- this will
367 * cause neither of those variable to be set, which the parent will
368 * assume means something serious is wrong (which it will be, for the
369 * child to force an exit) and so do an exit anyway.
372 static void ap_start_shutdown(void)
374 if (shutdown_pending == 1) {
375 /* Um, is this _probably_ not an error, if the user has
376 * tried to do a shutdown twice quickly, so we won't
377 * worry about reporting it.
381 shutdown_pending = 1;
384 /* do a graceful restart if graceful == 1 */
385 static void ap_start_restart(int graceful)
388 if (restart_pending == 1) {
389 /* Probably not an error - don't bother reporting it */
393 is_graceful = graceful;
395 apr_pool_cleanup_kill(pconf, NULL, ap_cleanup_scoreboard);
399 static void sig_term(int sig)
404 static void restart(int sig)
407 ap_start_restart(sig == AP_SIG_GRACEFUL);
413 static void set_signals(void)
415 #ifndef NO_USE_SIGACTION
418 sigemptyset(&sa.sa_mask);
422 sa.sa_handler = sig_coredump;
423 #if defined(SA_ONESHOT)
424 sa.sa_flags = SA_ONESHOT;
425 #elif defined(SA_RESETHAND)
426 sa.sa_flags = SA_RESETHAND;
428 if (sigaction(SIGSEGV, &sa, NULL) < 0)
429 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
430 "sigaction(SIGSEGV)");
432 if (sigaction(SIGBUS, &sa, NULL) < 0)
433 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
434 "sigaction(SIGBUS)");
437 if (sigaction(SIGABORT, &sa, NULL) < 0)
438 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
439 "sigaction(SIGABORT)");
442 if (sigaction(SIGABRT, &sa, NULL) < 0)
443 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
444 "sigaction(SIGABRT)");
447 if (sigaction(SIGILL, &sa, NULL) < 0)
448 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
449 "sigaction(SIGILL)");
453 sa.sa_handler = sig_term;
454 if (sigaction(SIGTERM, &sa, NULL) < 0)
455 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
456 "sigaction(SIGTERM)");
458 if (sigaction(SIGINT, &sa, NULL) < 0)
459 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
460 "sigaction(SIGINT)");
463 sa.sa_handler = SIG_DFL;
464 if (sigaction(SIGXCPU, &sa, NULL) < 0)
465 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
466 "sigaction(SIGXCPU)");
469 sa.sa_handler = SIG_DFL;
470 if (sigaction(SIGXFSZ, &sa, NULL) < 0)
471 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
472 "sigaction(SIGXFSZ)");
475 sa.sa_handler = SIG_IGN;
476 if (sigaction(SIGPIPE, &sa, NULL) < 0)
477 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
478 "sigaction(SIGPIPE)");
481 /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
483 sigaddset(&sa.sa_mask, SIGHUP);
484 sigaddset(&sa.sa_mask, AP_SIG_GRACEFUL);
485 sa.sa_handler = restart;
486 if (sigaction(SIGHUP, &sa, NULL) < 0)
487 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
488 "sigaction(SIGHUP)");
489 if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
490 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
491 "sigaction(" AP_SIG_GRACEFUL_STRING ")");
494 apr_signal(SIGSEGV, sig_coredump);
496 apr_signal(SIGBUS, sig_coredump);
499 apr_signal(SIGABORT, sig_coredump);
500 #endif /* SIGABORT */
502 apr_signal(SIGABRT, sig_coredump);
505 apr_signal(SIGILL, sig_coredump);
508 apr_signal(SIGXCPU, SIG_DFL);
511 apr_signal(SIGXFSZ, SIG_DFL);
515 apr_signal(SIGTERM, sig_term);
517 apr_signal(SIGHUP, restart);
519 #ifdef AP_SIG_GRACEFUL
520 apr_signal(AP_SIG_GRACEFUL, restart);
521 #endif /* AP_SIG_GRACEFUL */
523 apr_signal(SIGPIPE, SIG_IGN);
529 /*****************************************************************
530 * Here follows a long bunch of generic server bookkeeping stuff...
533 int ap_graceful_stop_signalled(void)
535 /* XXX - Does this really work? - Manoj */
539 /*****************************************************************
540 * Child process main loop.
543 static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id)
545 conn_rec *current_conn;
548 int thread_num = conn_id % thread_limit;
551 if ((rv = apr_os_sock_get(&csd, sock)) != APR_SUCCESS) {
552 ap_log_error(APLOG_MARK, APLOG_ERR, rv, NULL, "apr_os_sock_get");
555 if (csd >= FD_SETSIZE) {
556 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0, NULL,
557 "new file descriptor %d is too large; you probably need "
558 "to rebuild Apache with a larger FD_SETSIZE "
561 apr_socket_close(sock);
565 if (thread_socket_table[thread_num] < 0) {
566 ap_sock_disable_nagle(sock);
569 ap_create_sb_handle(&sbh, p, conn_id / thread_limit, thread_num);
570 current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, sbh);
572 ap_process_connection(current_conn, sock);
573 ap_lingering_close(current_conn);
577 static void *worker_thread(apr_thread_t *, void *);
579 /* Starts a thread as long as we're below max_threads */
580 static int start_thread(void)
582 apr_thread_t *thread;
585 apr_lock_acquire(worker_thread_count_mutex);
586 if (worker_thread_count < max_threads - 1) {
587 rc = apr_thread_create(&thread, worker_thread_attr, worker_thread,
588 &worker_thread_free_ids[worker_thread_count], pchild);
589 if (rc != APR_SUCCESS) {
590 ap_log_error(APLOG_MARK, APLOG_ALERT, rc, ap_server_conf,
591 "apr_thread_create: unable to create worker thread");
592 /* In case system resources are maxxed out, we don't want
593 Apache running away with the CPU trying to fork over and
594 over and over again if we exit. */
596 workers_may_exit = 1;
597 apr_lock_release(worker_thread_count_mutex);
601 worker_thread_count++;
605 static int reported = 0;
608 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0,
610 "server reached MaxThreadsPerChild setting, "
611 "consider raising the MaxThreadsPerChild or "
612 "NumServers settings");
615 apr_lock_release(worker_thread_count_mutex);
618 apr_lock_release(worker_thread_count_mutex);
622 /* Sets workers_may_exit if we received a character on the pipe_of_death */
623 static void check_pipe_of_death(void)
625 apr_lock_acquire(pipe_of_death_mutex);
626 if (!workers_may_exit) {
631 ret = apr_recv(listenfds[0], &pipe_read_char, &n);
632 if (APR_STATUS_IS_EAGAIN(ret)) {
633 /* It lost the lottery. It must continue to suffer
634 * through a life of servitude. */
637 /* It won the lottery (or something else is very
638 * wrong). Embrace death with open arms. */
639 workers_may_exit = 1;
642 apr_lock_release(pipe_of_death_mutex);
645 /* idle_thread_count should be incremented before starting a worker_thread */
647 static void *worker_thread(apr_thread_t *thd, void *arg)
649 apr_socket_t *csd = NULL;
650 apr_pool_t *tpool; /* Pool for this thread */
651 apr_pool_t *ptrans; /* Pool for per-transaction stuff */
652 apr_socket_t *sd = NULL;
653 volatile int last_pollfd = 0;
654 volatile int thread_just_started = 1;
657 int thread_num = *((int *) arg);
658 long conn_id = child_num * thread_limit + thread_num;
659 apr_pollfd_t *pollset;
663 apr_lock_acquire(thread_pool_parent_mutex);
664 apr_pool_create(&tpool, thread_pool_parent);
665 apr_lock_release(thread_pool_parent_mutex);
666 apr_pool_create(&ptrans, tpool);
668 (void) ap_update_child_status_from_indexes(child_num, thread_num,
670 (request_rec *) NULL);
672 apr_poll_setup(&pollset, num_listenfds+1, tpool);
673 for(n = 0; n <= num_listenfds; ++n) {
674 apr_poll_socket_add(pollset, listenfds[n], APR_POLLIN);
677 while (!workers_may_exit) {
678 workers_may_exit |= (max_requests_per_child != 0)
679 && (requests_this_child <= 0);
680 if (workers_may_exit) break;
681 if (!thread_just_started) {
682 apr_lock_acquire(idle_thread_count_mutex);
683 if (idle_thread_count < max_spare_threads) {
685 apr_lock_release(idle_thread_count_mutex);
688 apr_lock_release(idle_thread_count_mutex);
693 thread_just_started = 0;
696 (void) ap_update_child_status_from_indexes(child_num, thread_num,
698 (request_rec *) NULL);
700 apr_lock_acquire(thread_accept_mutex);
701 if (workers_may_exit) {
702 apr_lock_release(thread_accept_mutex);
705 if ((rv = SAFE_ACCEPT(apr_lock_acquire(process_accept_mutex)))
707 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
708 "apr_lock_acquire failed. Attempting to shutdown "
709 "process gracefully.");
710 workers_may_exit = 1;
713 while (!workers_may_exit) {
715 srv = apr_poll(pollset, &n, -1);
717 if (srv != APR_SUCCESS) {
718 if (APR_STATUS_IS_EINTR(srv)) {
722 /* apr_poll() will only return errors in catastrophic
723 * circumstances. Let's try exiting gracefully, for now. */
724 ap_log_error(APLOG_MARK, APLOG_ERR, srv, (const server_rec *)
725 ap_server_conf, "apr_poll: (listen)");
726 workers_may_exit = 1;
728 if (workers_may_exit) break;
730 apr_poll_revents_get(&event, listenfds[0], pollset);
731 if (event & APR_POLLIN) {
732 /* A process got a signal on the shutdown pipe. Check if we're
733 * the lucky process to die. */
734 check_pipe_of_death();
738 apr_poll_revents_get(&event, listenfds[1], pollset);
739 if (event & APR_POLLIN || event & APR_POLLOUT) {
740 /* This request is from another child in our current process.
741 * We should set a flag here, and then below we will read
742 * two bytes (the socket number and the NULL byte.
744 thread_socket_table[thread_num] = AP_PERCHILD_OTHERCHILD;
745 goto got_from_other_child;
748 if (num_listenfds == 1) {
749 sd = ap_listeners->sd;
753 /* find a listener */
754 curr_pollfd = last_pollfd;
757 if (curr_pollfd > num_listenfds) {
760 /* XXX: Should we check for POLLERR? */
761 apr_poll_revents_get(&event, listenfds[curr_pollfd],
763 if (event & APR_POLLIN) {
764 last_pollfd = curr_pollfd;
765 sd = listenfds[curr_pollfd];
768 } while (curr_pollfd != last_pollfd);
772 if (!workers_may_exit) {
773 if ((rv = apr_accept(&csd, sd, ptrans)) != APR_SUCCESS) {
774 ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf,
777 if ((rv = SAFE_ACCEPT(apr_lock_release(process_accept_mutex)))
779 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
780 "apr_lock_release failed. Attempting to shutdown "
781 "process gracefully.");
782 workers_may_exit = 1;
784 apr_lock_release(thread_accept_mutex);
785 apr_lock_acquire(idle_thread_count_mutex);
786 if (idle_thread_count > min_spare_threads) {
790 if (!start_thread()) {
794 apr_lock_release(idle_thread_count_mutex);
795 got_from_other_child:
796 if (thread_socket_table[thread_num] == AP_PERCHILD_OTHERCHILD) {
798 struct cmsghdr *cmsg;
803 iov.iov_base = sockname;
811 cmsg = apr_palloc(ptrans, sizeof(*cmsg) + sizeof(sd));
812 cmsg->cmsg_len = sizeof(*cmsg) + sizeof(sd);
813 msg.msg_control = (caddr_t)cmsg;
814 msg.msg_controllen = cmsg->cmsg_len;
817 ret = recvmsg(child_info_table[child_num].sd, &msg, 0);
819 memcpy(&dp, CMSG_DATA(cmsg), sizeof(dp));
821 thread_socket_table[thread_num] = dp;
822 apr_os_sock_put(&csd, &child_info_table[child_num].sd, ptrans);
824 if (setjmp(jmpbuffer) != 1) {
825 process_socket(ptrans, csd, conn_id);
828 thread_socket_table[thread_num] = AP_PERCHILD_THISCHILD;
830 requests_this_child--;
833 if ((rv = SAFE_ACCEPT(apr_lock_release(process_accept_mutex)))
835 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
836 "apr_lock_release failed. Attempting to shutdown "
837 "process gracefully.");
838 workers_may_exit = 1;
840 apr_lock_release(thread_accept_mutex);
841 apr_lock_acquire(idle_thread_count_mutex);
843 apr_lock_release(idle_thread_count_mutex);
846 apr_pool_clear(ptrans);
849 apr_lock_acquire(thread_pool_parent_mutex);
850 ap_update_child_status_from_indexes(child_num, thread_num, SERVER_DEAD,
851 (request_rec *) NULL);
852 apr_pool_destroy(tpool);
853 apr_lock_release(thread_pool_parent_mutex);
854 apr_lock_acquire(worker_thread_count_mutex);
855 worker_thread_count--;
856 worker_thread_free_ids[worker_thread_count] = thread_num;
857 if (worker_thread_count == 0) {
858 /* All the threads have exited, now finish the shutdown process
859 * by signalling the sigwait thread */
860 kill(my_pid, SIGTERM);
862 apr_lock_release(worker_thread_count_mutex);
867 /* Set group privileges.
869 * Note that we use the username as set in the config files, rather than
870 * the lookup of to uid --- the same uid may have multiple passwd entries,
871 * with different sets of groups for each.
874 static int set_group_privs(uid_t uid, gid_t gid)
879 /* Get username if passed as a uid */
883 if ((ent = getpwuid(uid)) == NULL) {
884 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
885 "getpwuid: couldn't determine user name from uid %u, "
886 "you probably need to modify the User directive",
894 * Set the GID before initgroups(), since on some platforms
895 * setgid() is known to zap the group list.
897 if (setgid(gid) == -1) {
898 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
899 "setgid: unable to set group id to Group %u",
904 /* Reset `groups' attributes. */
906 if (initgroups(name, gid) == -1) {
907 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
908 "initgroups: unable to set groups for User %s "
909 "and Group %u", name, (unsigned)gid);
917 static int perchild_setup_child(int childnum)
919 child_info_t *ug = &child_info_table[childnum];
921 if (ug->uid == -1 && ug->gid == -1) {
922 return unixd_setup_child();
924 if (set_group_privs(ug->uid, ug->gid)) {
927 /* Only try to switch if we're running as root */
931 os_init_job_environment(server_conf, unixd_config.user_name,
934 setuid(ug->uid) == -1)) {
935 ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL,
936 "setuid: unable to change to uid: %ld",
943 static int check_signal(int signum)
954 static void child_main(int child_num_arg)
961 child_num = child_num_arg;
962 apr_pool_create(&pchild, pconf);
964 /*stuff to do before we switch id's, so we have permissions.*/
966 rv = SAFE_ACCEPT(apr_lock_child_init(&process_accept_mutex, ap_lock_fname,
968 if (rv != APR_SUCCESS) {
969 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
970 "Couldn't initialize cross-process lock in child");
971 clean_child_exit(APEXIT_CHILDFATAL);
974 if (perchild_setup_child(child_num)) {
975 clean_child_exit(APEXIT_CHILDFATAL);
978 ap_run_child_init(pchild, ap_server_conf);
980 /*done with init critical section */
982 apr_setup_signal_thread();
984 requests_this_child = max_requests_per_child;
986 /* Set up the pollfd array, num_listenfds + 1 for the pipe and 1 for
989 listenfds = apr_pcalloc(pchild, sizeof(*listenfds) * (num_listenfds + 2));
990 #if APR_FILES_AS_SOCKETS
991 apr_socket_from_file(&listenfds[0], pipe_of_death_in);
994 /* The child socket */
995 apr_os_sock_put(&listenfds[1], &child_info_table[child_num].sd, pchild);
998 for (lr = ap_listeners, i = 2; i <= num_listenfds; lr = lr->next, ++i) {
1002 /* Setup worker threads */
1004 if (threads_to_start > max_threads) {
1005 threads_to_start = max_threads;
1007 idle_thread_count = threads_to_start;
1008 worker_thread_count = 0;
1009 worker_thread_free_ids = (int *)apr_pcalloc(pchild, thread_limit * sizeof(int));
1010 for (i = 0; i < max_threads; i++) {
1011 worker_thread_free_ids[i] = i;
1013 apr_pool_create(&thread_pool_parent, pchild);
1014 apr_lock_create(&thread_pool_parent_mutex, APR_MUTEX, APR_INTRAPROCESS,
1015 APR_LOCK_DEFAULT, NULL, pchild);
1016 apr_lock_create(&idle_thread_count_mutex, APR_MUTEX, APR_INTRAPROCESS,
1017 APR_LOCK_DEFAULT, NULL, pchild);
1018 apr_lock_create(&worker_thread_count_mutex, APR_MUTEX, APR_INTRAPROCESS,
1019 APR_LOCK_DEFAULT, NULL, pchild);
1020 apr_lock_create(&pipe_of_death_mutex, APR_MUTEX, APR_INTRAPROCESS,
1021 APR_LOCK_DEFAULT, NULL, pchild);
1022 apr_lock_create(&thread_accept_mutex, APR_MUTEX, APR_INTRAPROCESS,
1023 APR_LOCK_DEFAULT, NULL, pchild);
1025 apr_threadattr_create(&worker_thread_attr, pchild);
1026 apr_threadattr_detach_set(worker_thread_attr, 1);
1028 /* We are creating worker threads right now */
1029 for (i=0; i < threads_to_start; i++) {
1030 /* start_thread shouldn't fail here */
1031 if (!start_thread()) {
1036 apr_signal_thread(check_signal);
1039 static int make_child(server_rec *s, int slot)
1043 if (slot + 1 > ap_max_daemons_limit) {
1044 ap_max_daemons_limit = slot + 1;
1049 ap_child_table[slot].pid = getpid();
1050 ap_child_table[slot].status = SERVER_ALIVE;
1053 (void) ap_update_child_status_from_indexes(slot, 0, SERVER_STARTING,
1054 (request_rec *) NULL);
1056 if ((pid = fork()) == -1) {
1057 ap_log_error(APLOG_MARK, APLOG_ERR, errno, s,
1058 "fork: Unable to fork new process");
1059 /* In case system resources are maxxed out, we don't want
1060 * Apache running away with the CPU trying to fork over and
1061 * over and over again. */
1068 #ifdef HAVE_BINDPROCESSOR
1069 /* By default, AIX binds to a single processor. This bit unbinds
1070 * children which will then bind to another CPU.
1072 int status = bindprocessor(BINDPROCESS, (int)getpid(),
1073 PROCESSOR_CLASS_ANY);
1075 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, errno,
1076 ap_server_conf, "processor unbind failed %d", status);
1080 RAISE_SIGSTOP(MAKE_CHILD);
1082 /* XXX - For an unthreaded server, a signal handler will be necessary
1083 * apr_signal(SIGTERM, just_die);
1086 clean_child_exit(0);
1089 ap_child_table[slot].pid = pid;
1090 ap_child_table[slot].status = SERVER_ALIVE;
1095 /* start up a bunch of children */
1096 static int startup_children(int number_to_start)
1100 for (i = 0; number_to_start && i < num_daemons; ++i) {
1101 if (ap_child_table[i].pid) {
1104 if (make_child(ap_server_conf, i) < 0) {
1109 return number_to_start;
1114 * spawn_rate is the number of children that will be spawned on the
1115 * next maintenance cycle if there aren't enough servers. It is
1116 * doubled up to MAX_SPAWN_RATE, and reset only when a cycle goes by
1117 * without the need to spawn.
1119 static int spawn_rate = 1;
1120 #ifndef MAX_SPAWN_RATE
1121 #define MAX_SPAWN_RATE (32)
1123 static int hold_off_on_exponential_spawning;
1125 static void perform_child_maintenance(void)
1129 int free_slots[MAX_SPAWN_RATE];
1130 int last_non_dead = -1;
1132 /* initialize the free_list */
1135 for (i = 0; i < num_daemons; ++i) {
1136 if (ap_child_table[i].pid == 0) {
1137 if (free_length < spawn_rate) {
1138 free_slots[free_length] = i;
1146 if (i >= ap_max_daemons_limit && free_length >= spawn_rate) {
1150 ap_max_daemons_limit = last_non_dead + 1;
1152 if (free_length > 0) {
1153 for (i = 0; i < free_length; ++i) {
1154 make_child(ap_server_conf, free_slots[i]);
1156 /* the next time around we want to spawn twice as many if this
1157 * wasn't good enough, but not if we've just done a graceful
1159 if (hold_off_on_exponential_spawning) {
1160 --hold_off_on_exponential_spawning;
1162 else if (spawn_rate < MAX_SPAWN_RATE) {
1171 static void server_main_loop(int remaining_children_to_start)
1174 apr_exit_why_e exitwhy;
1179 while (!restart_pending && !shutdown_pending) {
1180 ap_wait_or_timeout(&exitwhy, &status, &pid, pconf);
1182 if (pid.pid != -1) {
1183 if (ap_process_child_status(&pid, exitwhy, status)
1184 == APEXIT_CHILDFATAL) {
1185 shutdown_pending = 1;
1189 /* non-fatal death... note that it's gone in the child table and
1190 * clean out the status table. */
1192 for (i = 0; i < ap_max_daemons_limit; ++i) {
1193 if (ap_child_table[i].pid == pid.pid) {
1198 if (child_slot >= 0) {
1199 ap_child_table[child_slot].pid = 0;
1200 ap_update_child_status_from_indexes(child_slot, i, SERVER_DEAD,
1201 (request_rec *) NULL);
1204 if (remaining_children_to_start
1205 && child_slot < num_daemons) {
1206 /* we're still doing a 1-for-1 replacement of dead
1207 * children with new children
1209 make_child(ap_server_conf, child_slot);
1210 --remaining_children_to_start;
1212 #if APR_HAS_OTHER_CHILD
1214 else if (apr_proc_other_child_read(&pid, status) == 0) {
1218 else if (is_graceful) {
1219 /* Great, we've probably just lost a slot in the
1220 * child table. Somehow we don't know about this
1223 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0,
1225 "long lost child came home! (pid %ld)",
1228 /* Don't perform idle maintenance when a child dies,
1229 * only do it when there's a timeout. Remember only a
1230 * finite number of children can die, and it's pretty
1231 * pathological for a lot to die suddenly.
1235 else if (remaining_children_to_start) {
1236 /* we hit a 1 second timeout in which none of the previous
1237 * generation of children needed to be reaped... so assume
1238 * they're all done, and pick up the slack if any is left.
1240 remaining_children_to_start = \
1241 startup_children(remaining_children_to_start);
1242 /* In any event we really shouldn't do the code below because
1243 * few of the servers we just started are in the IDLE state
1244 * yet, so we'd mistakenly create an extra server.
1249 perform_child_maintenance();
1253 int ap_mpm_run(apr_pool_t *_pconf, apr_pool_t *plog, server_rec *s)
1255 int remaining_children_to_start;
1260 ap_log_pid(pconf, ap_pid_fname);
1262 first_server_limit = server_limit;
1263 first_thread_limit = thread_limit;
1264 if (changed_limit_at_restart) {
1265 ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_NOERRNO, 0, s,
1266 "WARNING: Attempt to change ServerLimit or ThreadLimit "
1267 "ignored during restart");
1268 changed_limit_at_restart = 0;
1271 if ((rv = apr_file_pipe_create(&pipe_of_death_in, &pipe_of_death_out,
1272 pconf)) != APR_SUCCESS) {
1273 ap_log_error(APLOG_MARK, APLOG_ERR, rv,
1274 (const server_rec*) ap_server_conf,
1275 "apr_file_pipe_create (pipe_of_death)");
1278 if ((rv = apr_file_pipe_timeout_set(pipe_of_death_in, 0)) != APR_SUCCESS) {
1279 ap_log_error(APLOG_MARK, APLOG_ERR, rv,
1280 (const server_rec*) ap_server_conf,
1281 "apr_file_pipe_timeout_set (pipe_of_death)");
1285 if ((num_listenfds = ap_setup_listeners(ap_server_conf)) < 1) {
1286 /* XXX: hey, what's the right way for the mpm to indicate
1288 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ALERT, 0, s,
1289 "no listening sockets available, shutting down");
1293 /* Initialize cross-process accept lock */
1294 ap_lock_fname = apr_psprintf(_pconf, "%s.%u",
1295 ap_server_root_relative(_pconf, ap_lock_fname),
1297 rv = SAFE_ACCEPT(apr_lock_create(&process_accept_mutex, APR_MUTEX,
1298 APR_CROSS_PROCESS, ap_accept_lock_mech,
1299 ap_lock_fname, _pconf));
1300 if (rv != APR_SUCCESS) {
1301 ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
1302 "Couldn't create cross-process lock");
1307 if (ap_run_pre_mpm(pconf, SB_SHARED) != OK) {
1311 /* Initialize the child table */
1313 for (i = 0; i < server_limit; i++) {
1314 ap_child_table[i].pid = 0;
1320 /* If we're doing a graceful_restart then we're going to see a lot
1321 * of children exiting immediately when we get into the main loop
1322 * below (because we just sent them AP_SIG_GRACEFUL). This happens
1323 * pretty rapidly... and for each one that exits we'll start a new one
1324 * until we reach at least daemons_min_free. But we may be permitted to
1325 * start more than that, so we'll just keep track of how many we're
1326 * supposed to start up without the 1 second penalty between each fork.
1328 remaining_children_to_start = num_daemons;
1330 remaining_children_to_start = \
1331 startup_children(remaining_children_to_start);
1334 /* give the system some time to recover before kicking into
1335 * exponential mode */
1336 hold_off_on_exponential_spawning = 10;
1339 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0, ap_server_conf,
1340 "%s configured -- resuming normal operations",
1341 ap_get_server_version());
1342 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, 0, ap_server_conf,
1343 "Server built: %s", ap_get_server_built());
1344 restart_pending = shutdown_pending = 0;
1346 server_main_loop(remaining_children_to_start);
1348 if (shutdown_pending) {
1349 /* Time to gracefully shut down:
1350 * Kill child processes, tell them to call child_exit, etc...
1352 if (unixd_killpg(getpgrp(), SIGTERM) < 0) {
1353 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
1356 ap_reclaim_child_processes(1); /* Start with SIGTERM */
1359 /* cleanup pid file on normal shutdown */
1360 const char *pidfile = NULL;
1361 pidfile = ap_server_root_relative (pconf, ap_pid_fname);
1362 if (pidfile != NULL && unlink(pidfile) == 0) {
1363 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, 0,
1365 "removed PID file %s (pid=%ld)",
1366 pidfile, (long)getpid());
1369 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0,
1370 ap_server_conf, "caught SIGTERM, shutting down");
1375 /* we've been told to restart */
1376 apr_signal(SIGHUP, SIG_IGN);
1379 /* not worth thinking about */
1384 char char_of_death = '!';
1386 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0,
1387 ap_server_conf, AP_SIG_GRACEFUL_STRING " received. "
1388 "Doing graceful restart");
1390 /* This is mostly for debugging... so that we know what is still
1391 * gracefully dealing with existing request.
1394 for (i = 0; i < num_daemons; ++i) {
1395 if (ap_child_table[i].pid) {
1396 ap_child_table[i].status = SERVER_DYING;
1399 /* give the children the signal to die */
1400 for (i = 0; i < num_daemons;) {
1401 if ((rv = apr_file_write(pipe_of_death_out, &char_of_death,
1402 &one)) != APR_SUCCESS) {
1403 if (APR_STATUS_IS_EINTR(rv)) continue;
1404 ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
1405 "write pipe_of_death");
1411 /* Kill 'em all. Since the child acts the same on the parents SIGTERM
1412 * and a SIGHUP, we may as well use the same signal, because some user
1413 * pthreads are stealing signals from us left and right.
1415 if (unixd_killpg(getpgrp(), SIGTERM) < 0) {
1416 ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
1419 ap_reclaim_child_processes(1); /* Start with SIGTERM */
1420 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0,
1421 ap_server_conf, "SIGHUP received. Attempting to restart");
1426 /* This really should be a post_config hook, but the error log is already
1427 * redirected by that point, so we need to do this in the open_logs phase.
1429 static int perchild_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
1436 if ((num_listensocks = ap_setup_listeners(ap_server_conf)) < 1) {
1437 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ALERT|APLOG_STARTUP, 0,
1438 NULL, "no listening sockets available, shutting down");
1442 ap_log_pid(pconf, ap_pid_fname);
1444 if ((rv = ap_mpm_pod_open(pconf, &pod))) {
1445 ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_STARTUP, rv, NULL,
1446 "Could not open pipe-of-death.");
1452 static int perchild_pre_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp)
1454 static int restart_num = 0;
1455 int no_detach, debug;
1456 ap_directive_t *pdir;
1458 int tmp_server_limit = DEFAULT_SERVER_LIMIT;
1459 int tmp_thread_limit = DEFAULT_THREAD_LIMIT;
1462 debug = ap_exists_config_define("DEBUG");
1465 no_detach = one_process = 1;
1468 one_process = ap_exists_config_define("ONE_PROCESS");
1469 no_detach = ap_exists_config_define("NO_DETACH");
1472 /* sigh, want this only the second time around */
1473 if (restart_num++ == 1) {
1477 rv = apr_proc_detach(no_detach ? APR_PROC_DETACH_FOREGROUND
1478 : APR_PROC_DETACH_DAEMONIZE);
1479 if (rv != APR_SUCCESS) {
1480 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL,
1481 "apr_proc_detach failed");
1482 return HTTP_INTERNAL_SERVER_ERROR;
1489 unixd_pre_config(ptemp);
1490 ap_listen_pre_config();
1491 num_daemons = DEFAULT_NUM_DAEMON;
1492 threads_to_start = DEFAULT_START_THREAD;
1493 min_spare_threads = DEFAULT_MIN_SPARE_THREAD;
1494 max_spare_threads = DEFAULT_MAX_SPARE_THREAD;
1495 max_threads = thread_limit;
1496 ap_pid_fname = DEFAULT_PIDLOG;
1497 ap_lock_fname = DEFAULT_LOCKFILE;
1498 max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
1501 apr_cpystrn(ap_coredump_dir, ap_server_root, sizeof(ap_coredump_dir));
1503 /* we need to know ServerLimit and ThreadLimit before we start processing
1504 * the tree because we need to already have allocated child_info_table
1506 for (pdir = ap_conftree; pdir != NULL; pdir = pdir->next) {
1507 if (!strcasecmp(pdir->directive, "ServerLimit")) {
1508 if (atoi(pdir->args) > tmp_server_limit) {
1509 tmp_server_limit = atoi(pdir->args);
1510 if (tmp_server_limit > MAX_SERVER_LIMIT) {
1511 tmp_server_limit = MAX_SERVER_LIMIT;
1515 else if (!strcasecmp(pdir->directive, "ThreadLimit")) {
1516 if (atoi(pdir->args) > tmp_thread_limit) {
1517 tmp_thread_limit = atoi(pdir->args);
1518 if (tmp_thread_limit > MAX_THREAD_LIMIT) {
1519 tmp_thread_limit = MAX_THREAD_LIMIT;
1525 child_info_table = (child_info_t *)apr_pcalloc(p, tmp_server_limit * sizeof(child_info_t));
1526 for (i = 0; i < tmp_server_limit; i++) {
1527 child_info_table[i].uid = -1;
1528 child_info_table[i].gid = -1;
1529 child_info_table[i].sd = -1;
1535 static int pass_request(request_rec *r)
1537 apr_socket_t *thesock = ap_get_module_config(r->connection->conn_config, &core_module);
1539 struct cmsghdr *cmsg;
1542 apr_bucket_brigade *bb = apr_brigade_create(r->pool);
1543 perchild_server_conf *sconf = (perchild_server_conf *)
1544 ap_get_module_config(r->server->module_config,
1545 &mpm_perchild_module);
1549 apr_pool_userdata_get((void **)&foo, "PERCHILD_BUFFER",
1550 r->connection->pool);
1553 apr_pool_userdata_set(NULL, "PERCHILD_BUFFER", apr_pool_cleanup_null,
1554 r->connection->pool);
1556 apr_os_sock_get(&sfd, thesock);
1558 iov.iov_base = NULL;
1561 msg.msg_name = NULL;
1562 msg.msg_namelen = 0;
1566 cmsg = apr_palloc(r->pool, sizeof(*cmsg) + sizeof(sfd));
1567 cmsg->cmsg_len = sizeof(*cmsg) + sizeof(int);
1568 cmsg->cmsg_level = SOL_SOCKET;
1569 cmsg->cmsg_type = SCM_RIGHTS;
1571 memcpy(CMSG_DATA(cmsg), &sfd, sizeof(sfd));
1573 msg.msg_control = (caddr_t)cmsg;
1574 msg.msg_controllen = cmsg->cmsg_len;
1577 if (sendmsg(sconf->sd2, &msg, 0) == -1) {
1578 apr_pool_destroy(r->pool);
1582 write(sconf->sd2, foo, len);
1584 /* ### this "read one line" doesn't seem right... shouldn't we be
1585 ### reading large chunks of data or something?
1587 while (ap_get_brigade(r->input_filters, bb, AP_MODE_GETLINE,
1588 APR_NONBLOCK_READ, 0) == APR_SUCCESS) {
1590 APR_BRIGADE_FOREACH(e, bb) {
1593 apr_bucket_read(e, &str, &len, APR_NONBLOCK_READ);
1594 write(sconf->sd2, str, len);
1598 apr_pool_destroy(r->pool);
1602 static char *make_perchild_socket(const char *fullsockname, int sd[2])
1604 socketpair(PF_UNIX, SOCK_STREAM, 0, sd);
1608 static int perchild_post_config(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
1612 perchild_server_conf *sconf;
1618 for (sr = s; sr; sr = sr->next) {
1619 sconf = (perchild_server_conf *)ap_get_module_config(sr->module_config,
1620 &mpm_perchild_module);
1622 if (sconf->sd == -1) {
1623 sconf->fullsockname = apr_pstrcat(sr->process->pool,
1624 sconf->sockname, ".DEFAULT", NULL);
1625 if (def_sd[0] == -1) {
1626 if (!make_perchild_socket(sconf->fullsockname, def_sd)) {
1630 sconf->sd = def_sd[0];
1631 sconf->sd2 = def_sd[1];
1635 for (i = 0; i < num_daemons; i++) {
1636 if (child_info_table[i].uid == -1) {
1637 child_info_table[i].sd = def_sd[0];
1641 thread_socket_table = (int *)apr_pcalloc(p, thread_limit * sizeof(int));
1642 for (i = 0; i < thread_limit; i++) {
1643 thread_socket_table[i] = AP_PERCHILD_THISCHILD;
1645 ap_child_table = (ap_ctable *)apr_pcalloc(p, server_limit * sizeof(ap_ctable));
1650 static int perchild_post_read(request_rec *r)
1652 ap_filter_t *f = r->connection->input_filters;
1653 int thread_num = r->connection->id % thread_limit;
1654 perchild_server_conf *sconf = (perchild_server_conf *)
1655 ap_get_module_config(r->server->module_config,
1656 &mpm_perchild_module);
1659 if (!strcasecmp("PERCHILD_BUFFER", f->frec->name)) {
1660 ap_remove_output_filter(f);
1666 if (thread_socket_table[thread_num] != AP_PERCHILD_THISCHILD) {
1667 apr_socket_t *csd = NULL;
1669 apr_os_sock_put(&csd, &thread_socket_table[thread_num],
1670 r->connection->pool);
1671 ap_sock_disable_nagle(csd);
1672 ap_set_module_config(r->connection->conn_config, &core_module, csd);
1676 /* sconf is the server config for this vhost, so if our socket
1677 * is not the same that was set in the config, then the request
1678 * needs to be passed to another child. */
1679 if (sconf->sd != child_info_table[child_num].sd) {
1680 if (pass_request(r) == -1) {
1681 ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0,
1682 ap_server_conf, "Could not pass request to proper "
1683 "child, request will not be honored.");
1685 longjmp(jmpbuffer, 1);
1692 static apr_status_t perchild_buffer(ap_filter_t *f, apr_bucket_brigade *b,
1693 ap_input_mode_t mode,
1694 apr_read_type_e block,
1695 apr_off_t readbytes)
1699 char *buffer = NULL;
1703 if ((rv = ap_get_brigade(f->next, b, mode, block,
1704 readbytes)) != APR_SUCCESS) {
1708 apr_pool_userdata_get((void **)&buffer, "PERCHILD_BUFFER", f->c->pool);
1710 APR_BRIGADE_FOREACH(e, b) {
1711 if (e->length != 0) {
1712 apr_bucket_read(e, &str, &len, APR_NONBLOCK_READ);
1714 if (buffer == NULL) {
1715 buffer = apr_pstrndup(f->c->pool, str, len);
1718 buffer = apr_pstrcat(f->c->pool, buffer,
1719 apr_pstrndup(f->c->pool, str, len), NULL);
1723 apr_pool_userdata_set(buffer, "PERCHILD_BUFFER", apr_pool_cleanup_null,
1729 static int perchild_pre_connection(conn_rec *c, void *csd)
1731 ap_add_input_filter("PERCHILD_BUFFER", NULL, NULL, c);
1735 static void perchild_hooks(apr_pool_t *p)
1737 /* The perchild open_logs phase must run before the core's, or stderr
1738 * will be redirected to a file, and the messages won't print to the
1741 static const char *const aszSucc[] = {"core.c", NULL};
1744 ap_hook_open_logs(perchild_open_logs, NULL, aszSucc, APR_HOOK_MIDDLE);
1745 ap_hook_pre_config(perchild_pre_config, NULL, NULL, APR_HOOK_MIDDLE);
1746 ap_hook_post_config(perchild_post_config, NULL, NULL, APR_HOOK_MIDDLE);
1747 ap_hook_pre_connection(perchild_pre_connection,NULL,NULL, APR_HOOK_MIDDLE);
1749 /* This must be run absolutely first. If this request isn't for this
1750 * server then we need to forward it to the proper child. No sense
1751 * tying up this server running more post_read request hooks if it is
1752 * just going to be forwarded along.
1754 ap_hook_post_read_request(perchild_post_read, NULL, NULL,
1755 APR_HOOK_REALLY_FIRST);
1756 ap_register_input_filter("PERCHILD_BUFFER", perchild_buffer,
1760 static const char *set_num_daemons(cmd_parms *cmd, void *dummy,
1763 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1768 num_daemons = atoi(arg);
1769 if (num_daemons > server_limit) {
1770 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1771 "WARNING: NumServers of %d exceeds ServerLimit value "
1772 "of %d servers,", num_daemons, server_limit);
1773 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1774 " lowering NumServers to %d. To increase, please "
1775 "see the", server_limit);
1776 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1777 " ServerLimit directive.");
1778 num_daemons = server_limit;
1780 else if (num_daemons < 1) {
1781 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1782 "WARNING: Require NumServers > 0, setting to 1");
1788 static const char *set_threads_to_start(cmd_parms *cmd, void *dummy,
1791 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1796 threads_to_start = atoi(arg);
1797 if (threads_to_start > thread_limit) {
1798 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1799 "WARNING: StartThreads of %d exceeds ThreadLimit value"
1800 " of %d threads,", threads_to_start,
1802 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1803 " lowering StartThreads to %d. To increase, please"
1804 " see the", thread_limit);
1805 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1806 " ThreadLimit directive.");
1808 else if (threads_to_start < 1) {
1809 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1810 "WARNING: Require StartThreads > 0, setting to 1");
1811 threads_to_start = 1;
1816 static const char *set_min_spare_threads(cmd_parms *cmd, void *dummy,
1819 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1824 min_spare_threads = atoi(arg);
1825 if (min_spare_threads <= 0) {
1826 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1827 "WARNING: detected MinSpareThreads set to non-positive.");
1828 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1829 "Resetting to 1 to avoid almost certain Apache failure.");
1830 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1831 "Please read the documentation.");
1832 min_spare_threads = 1;
1838 static const char *set_max_spare_threads(cmd_parms *cmd, void *dummy,
1841 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1846 max_spare_threads = atoi(arg);
1847 if (max_spare_threads >= thread_limit) {
1848 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1849 "WARNING: detected MinSpareThreads set higher than");
1850 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1851 "ThreadLimit. Resetting to %d", thread_limit);
1852 max_spare_threads = thread_limit;
1857 static const char *set_max_threads(cmd_parms *cmd, void *dummy, const char *arg)
1859 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1864 max_threads = atoi(arg);
1865 if (max_threads > thread_limit) {
1866 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1867 "WARNING: detected MaxThreadsPerChild set higher than");
1868 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1869 "ThreadLimit. Resetting to %d", thread_limit);
1870 max_threads = thread_limit;
1875 static const char *set_child_per_uid(cmd_parms *cmd, void *dummy, const char *u,
1876 const char *g, const char *num)
1879 int max_this_time = atoi(num) + curr_child_num;
1881 for (i = curr_child_num; i < max_this_time; i++, curr_child_num++) {
1882 child_info_t *ug = &child_info_table[i - 1];
1884 if (i > num_daemons) {
1885 return "Trying to use more child ID's than NumServers. Increase "
1886 "NumServers in your config file.";
1895 static const char *assign_childuid(cmd_parms *cmd, void *dummy, const char *uid,
1903 perchild_server_conf *sconf = (perchild_server_conf *)
1904 ap_get_module_config(cmd->server->module_config,
1905 &mpm_perchild_module);
1907 sconf->fullsockname = apr_pstrcat(cmd->pool, sconf->sockname, ".", uid,
1910 if ((errstr = make_perchild_socket(sconf->fullsockname, socks))) {
1914 sconf->sd = socks[0];
1915 sconf->sd2 = socks[1];
1917 for (i = 0; i < num_daemons; i++) {
1918 if (u == child_info_table[i].uid && g == child_info_table[i].gid) {
1919 child_info_table[i].sd = sconf->sd;
1926 static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
1928 int tmp_server_limit;
1930 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1935 tmp_server_limit = atoi(arg);
1936 /* you cannot change ServerLimit across a restart; ignore
1939 if (first_server_limit &&
1940 tmp_server_limit != server_limit) {
1941 /* how do we log a message? the error log is a bit bucket at this
1942 * point; we'll just have to set a flag so that ap_mpm_run()
1943 * logs a warning later
1945 changed_limit_at_restart = 1;
1948 server_limit = tmp_server_limit;
1950 if (server_limit > MAX_SERVER_LIMIT) {
1951 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1952 "WARNING: ServerLimit of %d exceeds compile time limit "
1953 "of %d servers,", server_limit, MAX_SERVER_LIMIT);
1954 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1955 " lowering ServerLimit to %d.", MAX_SERVER_LIMIT);
1956 server_limit = MAX_SERVER_LIMIT;
1958 else if (server_limit < 1) {
1959 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1960 "WARNING: Require ServerLimit > 0, setting to 1");
1966 static const char *set_thread_limit (cmd_parms *cmd, void *dummy, const char *arg)
1968 int tmp_thread_limit;
1970 const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
1975 tmp_thread_limit = atoi(arg);
1976 /* you cannot change ThreadLimit across a restart; ignore
1979 if (first_thread_limit &&
1980 tmp_thread_limit != thread_limit) {
1981 /* how do we log a message? the error log is a bit bucket at this
1982 * point; we'll just have to set a flag so that ap_mpm_run()
1983 * logs a warning later
1985 changed_limit_at_restart = 1;
1988 thread_limit = tmp_thread_limit;
1990 if (thread_limit > MAX_THREAD_LIMIT) {
1991 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1992 "WARNING: ThreadLimit of %d exceeds compile time limit "
1993 "of %d servers,", thread_limit, MAX_THREAD_LIMIT);
1994 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
1995 " lowering ThreadLimit to %d.", MAX_THREAD_LIMIT);
1996 thread_limit = MAX_THREAD_LIMIT;
1998 else if (thread_limit < 1) {
1999 ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
2000 "WARNING: Require ThreadLimit > 0, setting to 1");
2006 static const command_rec perchild_cmds[] = {
2007 UNIX_DAEMON_COMMANDS,
2009 AP_INIT_TAKE1("NumServers", set_num_daemons, NULL, RSRC_CONF,
2010 "Number of children alive at the same time"),
2011 AP_INIT_TAKE1("StartThreads", set_threads_to_start, NULL, RSRC_CONF,
2012 "Number of threads each child creates"),
2013 AP_INIT_TAKE1("MinSpareThreads", set_min_spare_threads, NULL, RSRC_CONF,
2014 "Minimum number of idle threads per child, to handle "
2016 AP_INIT_TAKE1("MaxSpareThreads", set_max_spare_threads, NULL, RSRC_CONF,
2017 "Maximum number of idle threads per child"),
2018 AP_INIT_TAKE1("MaxThreadsPerChild", set_max_threads, NULL, RSRC_CONF,
2019 "Maximum number of threads per child"),
2020 AP_INIT_TAKE3("ChildperUserID", set_child_per_uid, NULL, RSRC_CONF,
2021 "Specify a User and Group for a specific child process."),
2022 AP_INIT_TAKE2("AssignUserID", assign_childuid, NULL, RSRC_CONF,
2023 "Tie a virtual host to a specific child process."),
2024 AP_INIT_TAKE1("ServerLimit", set_server_limit, NULL, RSRC_CONF,
2025 "Maximum value of NumServers for this run of Apache"),
2026 AP_INIT_TAKE1("ThreadLimit", set_thread_limit, NULL, RSRC_CONF,
2027 "Maximum worker threads in a server for this run of Apache"),
2031 static void *perchild_create_config(apr_pool_t *p, server_rec *s)
2033 perchild_server_conf *c = (perchild_server_conf *)
2034 apr_pcalloc(p, sizeof(perchild_server_conf));
2040 module AP_MODULE_DECLARE_DATA mpm_perchild_module = {
2042 NULL, /* hook to run before apache parses args */
2043 NULL, /* create per-directory config structure */
2044 NULL, /* merge per-directory config structures */
2045 perchild_create_config, /* create per-server config structure */
2046 NULL, /* merge per-server config structures */
2047 perchild_cmds, /* command apr_table_t */
2048 perchild_hooks /* register_hooks */