-/* ====================================================================
- * The Apache Software License, Version 1.1
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
*
- * Copyright (c) 2000-2003 The Apache Software Foundation. All rights
- * reserved.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. The end-user documentation included with the redistribution,
- * if any, must include the following acknowledgment:
- * "This product includes software developed by the
- * Apache Software Foundation (http://www.apache.org/)."
- * Alternately, this acknowledgment may appear in the software itself,
- * if and wherever such third-party acknowledgments normally appear.
- *
- * 4. The names "Apache" and "Apache Software Foundation" must
- * not be used to endorse or promote products derived from this
- * software without prior written permission. For written
- * permission, please contact apache@apache.org.
- *
- * 5. Products derived from this software may not be called "Apache",
- * nor may "Apache" appear in their name, without prior written
- * permission of the Apache Software Foundation.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- * Portions of this software are based upon public domain software
- * originally written at the National Center for Supercomputing Applications,
- * University of Illinois, Urbana-Champaign.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
/* The purpose of this MPM is to fix the design flaws in the threaded
#include <sys/socket.h>
#endif
#if APR_HAVE_SYS_WAIT_H
-#include <sys/wait.h>
+#include <sys/wait.h>
#endif
#ifdef HAVE_SYS_PROCESSOR_H
#include <sys/processor.h> /* for bindprocessor() */
#error The Worker MPM requires APR threads, but they are unavailable.
#endif
-#define CORE_PRIVATE
-
#include "ap_config.h"
-#include "httpd.h"
-#include "http_main.h"
-#include "http_log.h"
-#include "http_config.h" /* for read_config */
-#include "http_core.h" /* for get_remote_host */
+#include "httpd.h"
+#include "http_main.h"
+#include "http_log.h"
+#include "http_config.h" /* for read_config */
+#include "http_core.h" /* for get_remote_host */
#include "http_connection.h"
#include "ap_mpm.h"
#include "pod.h"
#include "mpm_common.h"
#include "ap_listen.h"
-#include "scoreboard.h"
+#include "scoreboard.h"
#include "fdqueue.h"
#include "mpm_default.h"
* the overhead.
*/
#ifndef DEFAULT_THREAD_LIMIT
-#define DEFAULT_THREAD_LIMIT 64
+#define DEFAULT_THREAD_LIMIT 64
#endif
/* Admin can't tune ThreadLimit beyond MAX_THREAD_LIMIT. We want
static int min_spare_threads = 0;
static int max_spare_threads = 0;
static int ap_daemons_limit = 0;
-static int server_limit = DEFAULT_SERVER_LIMIT;
-static int first_server_limit;
-static int thread_limit = DEFAULT_THREAD_LIMIT;
-static int first_thread_limit;
-static int changed_limit_at_restart;
+static int max_clients = 0;
+static int server_limit = 0;
+static int first_server_limit = 0;
+static int thread_limit = 0;
+static int first_thread_limit = 0;
static int dying = 0;
static int workers_may_exit = 0;
static int start_thread_may_exit = 0;
static fd_queue_t *worker_queue;
static fd_queue_info_t *worker_queue_info;
static int mpm_state = AP_MPMQ_STARTING;
+static int sick_child_detected;
/* The structure used to pass unique initialization info to each thread */
typedef struct {
int sd;
} proc_info;
-/* Structure used to pass information to the thread responsible for
+/* Structure used to pass information to the thread responsible for
* creating the rest of the threads.
*/
typedef struct {
/*
* The max child slot ever assigned, preserved across restarts. Necessary
- * to deal with MaxClients changes across AP_SIG_GRACEFUL restarts. We
- * use this value to optimize routines that have to scan the entire
+ * to deal with MaxClients changes across AP_SIG_GRACEFUL restarts. We
+ * use this value to optimize routines that have to scan the entire
* scoreboard.
*/
int ap_max_daemons_limit = -1;
static apr_pool_t *pconf; /* Pool for config stuff */
static apr_pool_t *pchild; /* Pool for httpd child stuff */
-static pid_t ap_my_pid; /* Linux getpid() doesn't work except in main
+static pid_t ap_my_pid; /* Linux getpid() doesn't work except in main
thread. Use this instead */
static pid_t parent_pid;
static apr_os_thread_t *listener_os_thread;
#define SAFE_ACCEPT(stmt) (stmt)
#endif
-/* The LISTENER_SIGNAL signal will be sent from the main thread to the
- * listener thread to wake it up for graceful termination (what a child
- * process from an old generation does when the admin does "apachectl
+/* The LISTENER_SIGNAL signal will be sent from the main thread to the
+ * listener thread to wake it up for graceful termination (what a child
+ * process from an old generation does when the admin does "apachectl
* graceful"). This signal will be blocked in all threads of a child
* process except for the listener thread.
*/
#define LISTENER_SIGNAL SIGHUP
+/* The WORKER_SIGNAL signal will be sent from the main thread to the
+ * worker threads during an ungraceful restart or shutdown.
+ * This ensures that on systems (i.e., Linux) where closing the worker
+ * socket doesn't awake the worker thread when it is polling on the socket
+ * (especially in apr_wait_for_io_or_timeout() when handling
+ * Keep-Alive connections), close_worker_sockets() and join_workers()
+ * still function in timely manner and allow ungraceful shutdowns to
+ * proceed to completion. Otherwise join_workers() doesn't return
+ * before the main process decides the child process is non-responsive
+ * and sends a SIGKILL.
+ */
+#define WORKER_SIGNAL AP_SIG_GRACEFUL
+
/* An array of socket descriptors in use by each thread used to
* perform a non-graceful (forced) shutdown of the server. */
static apr_socket_t **worker_sockets;
}
}
}
-
+
static void wakeup_listener(void)
{
listener_may_exit = 1;
if (!listener_os_thread) {
/* XXX there is an obscure path that this doesn't handle perfectly:
- * right after listener thread is created but before
+ * right after listener thread is created but before
* listener_os_thread is set, the first worker thread hits an
* error and starts graceful termination
*/
return;
}
+
+ /* unblock the listener if it's waiting for a worker */
+ ap_queue_info_term(worker_queue_info);
+
/*
* we should just be able to "kill(ap_my_pid, LISTENER_SIGNAL)" on all
- * platforms and wake up the listener thread since it is the only thread
+ * platforms and wake up the listener thread since it is the only thread
* with SIGHUP unblocked, but that doesn't work on Linux
*/
#ifdef HAVE_PTHREAD_KILL
if (mode == ST_UNGRACEFUL) {
workers_may_exit = 1;
ap_queue_interrupt_all(worker_queue);
- ap_queue_info_term(worker_queue_info);
close_worker_sockets(); /* forcefully kill all current connections */
}
}
case AP_MPMQ_MIN_SPARE_DAEMONS:
*result = 0;
return APR_SUCCESS;
- case AP_MPMQ_MIN_SPARE_THREADS:
+ case AP_MPMQ_MIN_SPARE_THREADS:
*result = min_spare_threads;
return APR_SUCCESS;
case AP_MPMQ_MAX_SPARE_DAEMONS:
return APR_ENOTIMPL;
}
-/* a clean exit from a child with proper cleanup */
+/* a clean exit from a child with proper cleanup */
static void clean_child_exit(int code) __attribute__ ((noreturn));
static void clean_child_exit(int code)
{
static int volatile restart_pending;
static int volatile is_graceful;
static volatile int child_fatal;
-ap_generation_t volatile ap_my_generation;
+ap_generation_t volatile ap_my_generation = 0;
/*
* ap_start_shutdown() and ap_start_restart(), below, are a first stab at
- * functions to initiate shutdown or restart without relying on signals.
- * Previously this was initiated in sig_term() and restart() signal handlers,
+ * functions to initiate shutdown or restart without relying on signals.
+ * Previously this was initiated in sig_term() and restart() signal handlers,
* but we want to be able to start a shutdown/restart from other sources --
* e.g. on Win32, from the service manager. Now the service manager can
* call ap_start_shutdown() or ap_start_restart() as appropiate. Note that
* child to force an exit) and so do an exit anyway.
*/
-static void ap_start_shutdown(void)
+static void ap_start_shutdown(int graceful)
{
mpm_state = AP_MPMQ_STOPPING;
if (shutdown_pending == 1) {
return;
}
shutdown_pending = 1;
+ is_graceful = graceful;
}
/* do a graceful restart if graceful == 1 */
static void sig_term(int sig)
{
- ap_start_shutdown();
+ ap_start_shutdown(sig == AP_SIG_GRACEFUL_STOP);
}
static void restart(int sig)
sa.sa_handler = sig_term;
if (sigaction(SIGTERM, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGTERM)");
+#ifdef AP_SIG_GRACEFUL_STOP
+ if (sigaction(AP_SIG_GRACEFUL_STOP, &sa, NULL) < 0)
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ "sigaction(" AP_SIG_GRACEFUL_STOP_STRING ")");
+#endif
#ifdef SIGINT
if (sigaction(SIGINT, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGINT)");
#endif
#ifdef SIGXCPU
sa.sa_handler = SIG_DFL;
if (sigaction(SIGXCPU, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGXCPU)");
#endif
#ifdef SIGXFSZ
sa.sa_handler = SIG_DFL;
if (sigaction(SIGXFSZ, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGXFSZ)");
#endif
#ifdef SIGPIPE
sa.sa_handler = SIG_IGN;
if (sigaction(SIGPIPE, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGPIPE)");
#endif
- /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
+ /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
* processing one */
sigaddset(&sa.sa_mask, SIGHUP);
sigaddset(&sa.sa_mask, AP_SIG_GRACEFUL);
sa.sa_handler = restart;
if (sigaction(SIGHUP, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGHUP)");
if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(" AP_SIG_GRACEFUL_STRING ")");
#else
if (!one_process) {
#ifdef AP_SIG_GRACEFUL
apr_signal(AP_SIG_GRACEFUL, restart);
#endif /* AP_SIG_GRACEFUL */
+#ifdef AP_SIG_GRACEFUL_STOP
+ apr_signal(AP_SIG_GRACEFUL_STOP, sig_term);
+#endif /* AP_SIG_GRACEFUL_STOP */
#ifdef SIGPIPE
apr_signal(SIGPIPE, SIG_IGN);
#endif /* SIGPIPE */
* Here follows a long bunch of generic server bookkeeping stuff...
*/
-int ap_graceful_stop_signalled(void)
- /* XXX this is really a bad confusing obsolete name
- * maybe it should be ap_mpm_process_exiting?
- */
-{
- /* note: for a graceful termination, listener_may_exit will be set before
- * workers_may_exit, so check listener_may_exit
- */
- return listener_may_exit;
-}
-
/*****************************************************************
* Child process main loop.
*/
{
conn_rec *current_conn;
long conn_id = ID_FROM_CHILD_THREAD(my_child_num, my_thread_num);
- int csd;
ap_sb_handle_t *sbh;
ap_create_sb_handle(&sbh, p, my_child_num, my_thread_num);
- apr_os_sock_get(&csd, sock);
-
- if (csd >= FD_SETSIZE) {
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL,
- "new file descriptor %d is too large; you probably need "
- "to rebuild Apache with a larger FD_SETSIZE "
- "(currently %d)",
- csd, FD_SETSIZE);
- apr_socket_close(sock);
- return;
- }
current_conn = ap_run_create_connection(p, ap_server_conf, sock,
conn_id, sbh, bucket_alloc);
else {
/* wow! if you're executing this code, you may have set a record.
* either this child process has served over 2 billion requests, or
- * you're running a threaded 2.0 on a 16 bit machine.
+ * you're running a threaded 2.0 on a 16 bit machine.
*
* I'll buy pizza and beers at Apachecon for the first person to do
* the former without cheating (dorking with INT_MAX, or running with
- * uncommitted performance patches, for example).
+ * uncommitted performance patches, for example).
*
* for the latter case, you probably deserve a beer too. Greg Ames
*/
-
- requests_this_child = INT_MAX; /* keep going */
+
+ requests_this_child = INT_MAX; /* keep going */
}
}
*/
}
-static void *listener_thread(apr_thread_t *thd, void * dummy)
+static void * APR_THREAD_FUNC listener_thread(apr_thread_t *thd, void * dummy)
{
proc_info * ti = dummy;
int process_slot = ti->pid;
apr_pool_t *tpool = apr_thread_pool_get(thd);
void *csd = NULL;
- apr_pool_t *ptrans; /* Pool for per-transaction stuff */
- apr_pool_t *recycled_pool = NULL;
+ apr_pool_t *ptrans = NULL; /* Pool for per-transaction stuff */
apr_pollset_t *pollset;
apr_status_t rv;
ap_listen_rec *lr;
if (listener_may_exit) break;
if (!have_idle_worker) {
+ /* the following pops a recycled ptrans pool off a stack
+ * if there is one, in addition to reserving a worker thread
+ */
rv = ap_queue_info_wait_for_idler(worker_queue_info,
- &recycled_pool);
+ &ptrans);
if (APR_STATUS_IS_EOF(rv)) {
break; /* we've been signaled to die now */
}
}
have_idle_worker = 1;
}
-
+
/* We've already decremented the idle worker count inside
* ap_queue_info_wait_for_idler. */
if (listener_may_exit) {
break;
}
- if (ap_scoreboard_image->parent[process_slot].generation !=
+ if (ap_scoreboard_image->parent[process_slot].generation !=
ap_scoreboard_image->global->running_generation) {
level = APLOG_DEBUG; /* common to get these at restart time */
}
} /* if/else */
if (!listener_may_exit) {
- /* create a new transaction pool for each accepted socket */
- if (recycled_pool == NULL) {
+ if (ptrans == NULL) {
+ /* we can't use a recycled transaction pool this time.
+ * create a new transaction pool */
apr_allocator_t *allocator;
apr_allocator_create(&allocator);
apr_allocator_max_free_set(allocator, ap_max_mem_free);
- apr_pool_create_ex(&ptrans, NULL, NULL, allocator);
+ apr_pool_create_ex(&ptrans, pconf, NULL, allocator);
apr_allocator_owner_set(allocator, ptrans);
}
- else {
- ptrans = recycled_pool;
- }
apr_pool_tag(ptrans, "transaction");
rv = lr->accept_func(&csd, lr, ptrans);
/* later we trash rv and rely on csd to indicate success/failure */
if (listener_may_exit) {
break;
}
- if (ap_scoreboard_image->parent[process_slot].generation !=
+ if (ap_scoreboard_image->parent[process_slot].generation !=
ap_scoreboard_image->global->running_generation) {
level = APLOG_DEBUG; /* common to get these at restart time */
}
rv = ap_queue_push(worker_queue, csd, ptrans);
if (rv) {
/* trash the connection; we couldn't queue the connected
- * socket to a worker
+ * socket to a worker
*/
apr_socket_close(csd);
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
else {
if ((rv = SAFE_ACCEPT(apr_proc_mutex_unlock(accept_mutex)))
!= APR_SUCCESS) {
- ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
+ int level = APLOG_EMERG;
+
+ if (ap_scoreboard_image->parent[process_slot].generation !=
+ ap_scoreboard_image->global->running_generation) {
+ level = APLOG_DEBUG; /* common to get these at restart time */
+ }
+ ap_log_error(APLOG_MARK, level, rv, ap_server_conf,
"apr_proc_mutex_unlock failed. Attempting to "
"shutdown process gracefully.");
signal_threads(ST_GRACEFUL);
}
}
+ ap_close_listeners();
ap_queue_term(worker_queue);
dying = 1;
ap_scoreboard_image->parent[process_slot].quiescing = 1;
free(ti);
+ ap_scoreboard_image->servers[process_slot][thread_slot].pid = ap_my_pid;
+ ap_scoreboard_image->servers[process_slot][thread_slot].tid = apr_os_thread_current();
+ ap_scoreboard_image->servers[process_slot][thread_slot].generation = ap_my_generation;
ap_update_child_status_from_indexes(process_slot, thread_slot, SERVER_STARTING, NULL);
+#ifdef HAVE_PTHREAD_KILL
+ unblock_signal(WORKER_SIGNAL);
+ apr_signal(WORKER_SIGNAL, dummy_signal_handler);
+#endif
+
while (!workers_may_exit) {
if (!is_idle) {
rv = ap_queue_info_set_idle(worker_queue_info, last_ptrans);
bucket_alloc = apr_bucket_alloc_create(ptrans);
process_socket(ptrans, csd, process_slot, thread_slot, bucket_alloc);
worker_sockets[thread_slot] = NULL;
- requests_this_child--; /* FIXME: should be synchronized - aaron */
+ requests_this_child--;
apr_pool_clear(ptrans);
last_ptrans = ptrans;
}
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
"apr_thread_create: unable to create listener thread");
- /* In case system resources are maxxed out, we don't want
- * Apache running away with the CPU trying to fork over and
- * over and over again if we exit.
- * XXX Jeff doesn't see how Apache is going to try to fork again since
- * the exit code is APEXIT_CHILDFATAL
- */
- apr_sleep(apr_time_from_sec(10));
- clean_child_exit(APEXIT_CHILDFATAL);
+ /* let the parent decide how bad this really is */
+ clean_child_exit(APEXIT_CHILDSICK);
}
apr_os_thread_get(&listener_os_thread, ts->listener);
}
my_info->pid = my_child_num;
my_info->tid = i;
my_info->sd = 0;
-
+
/* We are creating threads right now */
ap_update_child_status_from_indexes(my_child_num, i,
SERVER_STARTING, NULL);
/* We let each thread update its own scoreboard entry. This is
* done because it lets us deal with tid better.
*/
- rv = apr_thread_create(&threads[i], thread_attr,
+ rv = apr_thread_create(&threads[i], thread_attr,
worker_thread, my_info, pchild);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
"apr_thread_create: unable to create worker thread");
- /* In case system resources are maxxed out, we don't want
- Apache running away with the CPU trying to fork over and
- over and over again if we exit. */
- apr_sleep(apr_time_from_sec(10));
- clean_child_exit(APEXIT_CHILDFATAL);
+ /* let the parent decide how bad this really is */
+ clean_child_exit(APEXIT_CHILDSICK);
}
threads_created++;
}
prev_threads_created = threads_created;
}
}
-
- /* What state should this child_main process be listed as in the
+
+ /* What state should this child_main process be listed as in the
* scoreboard...?
- * ap_update_child_status_from_indexes(my_child_num, i, SERVER_STARTING,
+ * ap_update_child_status_from_indexes(my_child_num, i, SERVER_STARTING,
* (request_rec *) NULL);
- *
+ *
* This state should be listed separately in the scoreboard, in some kind
- * of process_status, not mixed in with the worker threads' status.
- * "life_status" is almost right, but it's in the worker's structure, and
+ * of process_status, not mixed in with the worker threads' status.
+ * "life_status" is almost right, but it's in the worker's structure, and
* the name could be clearer. gla
*/
apr_thread_exit(thd, APR_SUCCESS);
if (listener) {
int iter;
-
+
/* deal with a rare timing window which affects waking up the
* listener thread... if the signal sent to the listener thread
* is delivered between the time it verifies that the
*/
iter = 0;
- while (iter < 10 &&
+ while (iter < 10 &&
#ifdef HAVE_PTHREAD_KILL
pthread_kill(*listener_os_thread, 0)
#else
}
}
}
-
+
for (i = 0; i < ap_threads_per_child; i++) {
if (threads[i]) { /* if we ever created this thread */
+#ifdef HAVE_PTHREAD_KILL
+ apr_os_thread_t *worker_os_thread;
+
+ apr_os_thread_get(&worker_os_thread, threads[i]);
+ pthread_kill(*worker_os_thread, WORKER_SIGNAL);
+#endif
+
rv = apr_thread_join(&thread_rv, threads[i]);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
{
apr_status_t rv, thread_rv;
- start_thread_may_exit = 1; /* tell it to give up in case it is still
- * trying to take over slots from a
+ start_thread_may_exit = 1; /* tell it to give up in case it is still
+ * trying to take over slots from a
* previous generation
*/
rv = apr_thread_join(&thread_rv, start_thread_id);
clean_child_exit(APEXIT_CHILDFATAL);
}
- if (unixd_setup_child()) {
+ if (ap_run_drop_privileges(pchild, ap_server_conf)) {
clean_child_exit(APEXIT_CHILDFATAL);
}
/* coding a value of zero means infinity */
requests_this_child = INT_MAX;
}
-
+
/* Setup worker threads */
- /* clear the storage; we may not create all our threads immediately,
+ /* clear the storage; we may not create all our threads immediately,
* and we want a 0 entry to indicate a thread which was not created
*/
- threads = (apr_thread_t **)calloc(1,
+ threads = (apr_thread_t **)calloc(1,
sizeof(apr_thread_t *) * ap_threads_per_child);
if (threads == NULL) {
ap_log_error(APLOG_MARK, APLOG_ALERT, errno, ap_server_conf,
/* 0 means PTHREAD_CREATE_JOINABLE */
apr_threadattr_detach_set(thread_attr, 0);
+ if (ap_thread_stacksize != 0) {
+ apr_threadattr_stacksize_set(thread_attr, ap_thread_stacksize);
+ }
+
ts->threads = threads;
ts->listener = NULL;
ts->child_num_arg = child_num_arg;
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
"apr_thread_create: unable to create worker thread");
- /* In case system resources are maxxed out, we don't want
- Apache running away with the CPU trying to fork over and
- over and over again if we exit. */
- apr_sleep(apr_time_from_sec(10));
- clean_child_exit(APEXIT_CHILDFATAL);
+ /* let the parent decide how bad this really is */
+ clean_child_exit(APEXIT_CHILDSICK);
}
mpm_state = AP_MPMQ_RUNNING;
if (one_process) {
/* Block until we get a terminating signal. */
apr_signal_thread(check_signal);
- /* make sure the start thread has finished; signal_threads()
+ /* make sure the start thread has finished; signal_threads()
* and join_workers() depend on that
*/
/* XXX join_start_thread() won't be awakened if one of our
}
}
if (rv == AP_GRACEFUL || rv == AP_RESTART) {
- /* make sure the start thread has finished;
+ /* make sure the start thread has finished;
* signal_threads() and join_workers depend on that
*/
join_start_thread(start_thread_id);
clean_child_exit(resource_shortage ? APEXIT_CHILDSICK : 0);
}
-static int make_child(server_rec *s, int slot)
+static int make_child(server_rec *s, int slot)
{
int pid;
}
if ((pid = fork()) == -1) {
- ap_log_error(APLOG_MARK, APLOG_ERR, errno, s,
+ ap_log_error(APLOG_MARK, APLOG_ERR, errno, s,
"fork: Unable to fork new process");
-
- /* fork didn't succeed. Fix the scoreboard or else
- * it will say SERVER_STARTING forever and ever
+ /* fork didn't succeed. There's no need to touch the scoreboard;
+ * if we were trying to replace a failed child process, then
+ * server_main_loop() marked its workers SERVER_DEAD, and if
+ * we were trying to replace a child process that exited normally,
+ * its worker_thread()s left SERVER_DEAD or SERVER_GRACEFUL behind.
*/
- ap_update_child_status_from_indexes(slot, 0, SERVER_DEAD, NULL);
/* In case system resources are maxxed out, we don't want
Apache running away with the CPU trying to fork over and
int status = bindprocessor(BINDPROCESS, (int)getpid(),
PROCESSOR_CLASS_ANY);
if (status != OK)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno,
ap_server_conf,
"processor unbind failed %d", status);
#endif
clean_child_exit(0);
}
/* else */
+ if (ap_scoreboard_image->parent[slot].pid != 0) {
+ /* This new child process is squatting on the scoreboard
+ * entry owned by an exiting child process, which cannot
+ * exit until all active requests complete.
+ * Don't forget about this exiting child process, or we
+ * won't be able to kill it if it doesn't exit by the
+ * time the server is shut down.
+ */
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
+ "taking over scoreboard slot from %" APR_PID_T_FMT "%s",
+ ap_scoreboard_image->parent[slot].pid,
+ ap_scoreboard_image->parent[slot].quiescing ?
+ " (quiescing)" : "");
+ ap_register_extra_mpm_process(ap_scoreboard_image->parent[slot].pid);
+ }
ap_scoreboard_image->parent[slot].quiescing = 0;
ap_scoreboard_image->parent[slot].pid = pid;
return 0;
int free_slots[MAX_SPAWN_RATE];
int last_non_dead;
int total_non_dead;
+ int active_thread_count = 0;
/* initialize the free_list */
free_length = 0;
int all_dead_threads = 1;
if (i >= ap_max_daemons_limit && totally_free_length == idle_spawn_rate)
+ /* short cut if all active processes have been examined and
+ * enough empty scoreboard slots have been found
+ */
break;
ps = &ap_scoreboard_image->parent[i];
for (j = 0; j < ap_threads_per_child; j++) {
status = ws->status;
/* XXX any_dying_threads is probably no longer needed GLA */
- any_dying_threads = any_dying_threads ||
+ any_dying_threads = any_dying_threads ||
(status == SERVER_GRACEFUL);
any_dead_threads = any_dead_threads || (status == SERVER_DEAD);
all_dead_threads = all_dead_threads &&
* So we hopefully won't need to fork more if we count it.
* This depends on the ordering of SERVER_READY and SERVER_STARTING.
*/
- if (status <= SERVER_READY && status != SERVER_DEAD &&
- !ps->quiescing &&
- ps->generation == ap_my_generation &&
- /* XXX the following shouldn't be necessary if we clean up
- * properly after seg faults, but we're not yet GLA
- */
- ps->pid != 0) {
- ++idle_thread_count;
+ if (ps->pid != 0) { /* XXX just set all_dead_threads in outer for
+ loop if no pid? not much else matters */
+ if (status <= SERVER_READY &&
+ !ps->quiescing &&
+ ps->generation == ap_my_generation) {
+ ++idle_thread_count;
+ }
+ if (status >= SERVER_READY && status < SERVER_GRACEFUL) {
+ ++active_thread_count;
+ }
}
}
- if (any_dead_threads && totally_free_length < idle_spawn_rate
+ if (any_dead_threads && totally_free_length < idle_spawn_rate
+ && free_length < MAX_SPAWN_RATE
&& (!ps->pid /* no process in the slot */
|| ps->quiescing)) { /* or at least one is going away */
if (all_dead_threads) {
/* great! we prefer these, because the new process can
- * start more threads sooner. So prioritize this slot
+ * start more threads sooner. So prioritize this slot
* by putting it ahead of any slots with active threads.
*
* first, make room by moving a slot that's potentially still
else {
/* slot is still in use - back of the bus
*/
- free_slots[free_length] = i;
+ free_slots[free_length] = i;
}
++free_length;
}
++total_non_dead;
}
}
+
+ if (sick_child_detected) {
+ if (active_thread_count > 0) {
+ /* some child processes appear to be working. don't kill the
+ * whole server.
+ */
+ sick_child_detected = 0;
+ }
+ else {
+ /* looks like a basket case. give up.
+ */
+ shutdown_pending = 1;
+ child_fatal = 1;
+ ap_log_error(APLOG_MARK, APLOG_ALERT, 0,
+ ap_server_conf,
+ "No active workers found..."
+ " Apache is exiting!");
+ /* the child already logged the failure details */
+ return;
+ }
+ }
+
ap_max_daemons_limit = last_non_dead + 1;
if (idle_thread_count > max_spare_threads) {
}
else if (idle_thread_count < min_spare_threads) {
/* terminate the free list */
- if (free_length == 0) {
- /* only report this condition once */
- static int reported = 0;
-
- if (!reported) {
- ap_log_error(APLOG_MARK, APLOG_ERR, 0,
+ if (free_length == 0) { /* scoreboard is full, can't fork */
+
+ if (active_thread_count >= ap_daemons_limit * ap_threads_per_child) {
+ static int reported = 0;
+ if (!reported) {
+ /* only report this condition once */
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0,
+ ap_server_conf,
+ "server reached MaxClients setting, consider"
+ " raising the MaxClients setting");
+ reported = 1;
+ }
+ }
+ else {
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0,
ap_server_conf,
- "server reached MaxClients setting, consider"
- " raising the MaxClients setting");
- reported = 1;
+ "scoreboard is full, not at MaxClients");
}
idle_spawn_rate = 1;
}
free_length = idle_spawn_rate;
}
if (idle_spawn_rate >= 8) {
- ap_log_error(APLOG_MARK, APLOG_INFO, 0,
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0,
ap_server_conf,
"server seems busy, (you may need "
"to increase StartServers, ThreadsPerChild "
while (!restart_pending && !shutdown_pending) {
ap_wait_or_timeout(&exitwhy, &status, &pid, pconf);
-
+
if (pid.pid != -1) {
processed_status = ap_process_child_status(&pid, exitwhy, status);
if (processed_status == APEXIT_CHILDFATAL) {
child_fatal = 1;
return;
}
+ else if (processed_status == APEXIT_CHILDSICK) {
+ /* tell perform_idle_server_maintenance to check into this
+ * on the next timer pop
+ */
+ sick_child_detected = 1;
+ }
/* non-fatal death... note that it's gone in the scoreboard. */
child_slot = find_child_by_pid(&pid);
if (child_slot >= 0) {
for (i = 0; i < ap_threads_per_child; i++)
- ap_update_child_status_from_indexes(child_slot, i, SERVER_DEAD,
+ ap_update_child_status_from_indexes(child_slot, i, SERVER_DEAD,
(request_rec *) NULL);
-
+
ap_scoreboard_image->parent[child_slot].pid = 0;
ap_scoreboard_image->parent[child_slot].quiescing = 0;
if (processed_status == APEXIT_CHILDSICK) {
make_child(ap_server_conf, child_slot);
--remaining_children_to_start;
}
+ }
+ else if (ap_unregister_extra_mpm_process(pid.pid) == 1) {
+ /* handled */
#if APR_HAS_OTHER_CHILD
}
else if (apr_proc_other_child_alert(&pid, APR_OC_REASON_DEATH,
ap_log_pid(pconf, ap_pid_fname);
- first_server_limit = server_limit;
- first_thread_limit = thread_limit;
- if (changed_limit_at_restart) {
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
- "WARNING: Attempt to change ServerLimit or ThreadLimit "
- "ignored during restart");
- changed_limit_at_restart = 0;
- }
-
/* Initialize cross-process accept lock */
ap_lock_fname = apr_psprintf(_pconf, "%s.%" APR_PID_T_FMT,
ap_server_root_relative(_pconf, ap_lock_fname),
ap_my_pid);
- rv = apr_proc_mutex_create(&accept_mutex, ap_lock_fname,
+ rv = apr_proc_mutex_create(&accept_mutex, ap_lock_fname,
ap_accept_lock_mech, _pconf);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
}
#if APR_USE_SYSVSEM_SERIALIZE
- if (ap_accept_lock_mech == APR_LOCK_DEFAULT ||
+ if (ap_accept_lock_mech == APR_LOCK_DEFAULT ||
ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
#else
if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
/* If we're doing a graceful_restart then we're going to see a lot
* of children exiting immediately when we get into the main loop
* below (because we just sent them AP_SIG_GRACEFUL). This happens pretty
- * rapidly... and for each one that exits we'll start a new one until
- * we reach at least daemons_min_free. But we may be permitted to
- * start more than that, so we'll just keep track of how many we're
+ * rapidly... and for each one that exits we may start a new one, until
+ * there are at least min_spare_threads idle threads, counting across
+ * all children. But we may be permitted to start more children than
+ * that, so we'll just keep track of how many we're
* supposed to start up without the 1 second penalty between each fork.
*/
remaining_children_to_start = ap_daemons_to_start;
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
"%s configured -- resuming normal operations",
- ap_get_server_version());
+ ap_get_server_description());
ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
"Server built: %s", ap_get_server_built());
#ifdef AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
- "AcceptMutex: %s (default: %s)",
- apr_proc_mutex_name(accept_mutex),
- apr_proc_mutex_defname());
+ "AcceptMutex: %s (default: %s)",
+ apr_proc_mutex_name(accept_mutex),
+ apr_proc_mutex_defname());
#endif
restart_pending = shutdown_pending = 0;
mpm_state = AP_MPMQ_RUNNING;
-
+
server_main_loop(remaining_children_to_start);
mpm_state = AP_MPMQ_STOPPING;
- if (shutdown_pending) {
- /* Time to gracefully shut down:
+ if (shutdown_pending && !is_graceful) {
+ /* Time to shut down:
* Kill child processes, tell them to call child_exit, etc...
- * (By "gracefully" we don't mean graceful in the same sense as
- * "apachectl graceful" where we allow old connections to finish.)
*/
ap_mpm_pod_killpg(pod, ap_daemons_limit, FALSE);
ap_reclaim_child_processes(1); /* Start with SIGTERM */
if ( pidfile != NULL && unlink(pidfile) == 0)
ap_log_error(APLOG_MARK, APLOG_INFO, 0,
ap_server_conf,
- "removed PID file %s (pid=%ld)",
- pidfile, (long)getpid());
-
+ "removed PID file %s (pid=%" APR_PID_T_FMT ")",
+ pidfile, getpid());
+
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0,
ap_server_conf, "caught SIGTERM, shutting down");
}
+ return 1;
+ } else if (shutdown_pending) {
+ /* Time to gracefully shut down:
+ * Kill child processes, tell them to call child_exit, etc...
+ */
+ int active_children;
+ int index;
+ apr_time_t cutoff = 0;
+
+ /* Close our listeners, and then ask our children to do same */
+ ap_close_listeners();
+ ap_mpm_pod_killpg(pod, ap_daemons_limit, TRUE);
+ ap_relieve_child_processes();
+
+ if (!child_fatal) {
+ /* cleanup pid file on normal shutdown */
+ const char *pidfile = NULL;
+ pidfile = ap_server_root_relative (pconf, ap_pid_fname);
+ if ( pidfile != NULL && unlink(pidfile) == 0)
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0,
+ ap_server_conf,
+ "removed PID file %s (pid=%" APR_PID_T_FMT ")",
+ pidfile, getpid());
+
+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
+ "caught " AP_SIG_GRACEFUL_STOP_STRING
+ ", shutting down gracefully");
+ }
+
+ if (ap_graceful_shutdown_timeout) {
+ cutoff = apr_time_now() +
+ apr_time_from_sec(ap_graceful_shutdown_timeout);
+ }
+
+ /* Don't really exit until each child has finished */
+ shutdown_pending = 0;
+ do {
+ /* Pause for a second */
+ apr_sleep(apr_time_from_sec(1));
+
+ /* Relieve any children which have now exited */
+ ap_relieve_child_processes();
+
+ active_children = 0;
+ for (index = 0; index < ap_daemons_limit; ++index) {
+ if (ap_mpm_safe_kill(MPM_CHILD_PID(index), 0) == APR_SUCCESS) {
+ active_children = 1;
+ /* Having just one child is enough to stay around */
+ break;
+ }
+ }
+ } while (!shutdown_pending && active_children &&
+ (!ap_graceful_shutdown_timeout || apr_time_now() < cutoff));
+
+ /* We might be here because we received SIGTERM, either
+ * way, try and make sure that all of our processes are
+ * really dead.
+ */
+ ap_mpm_pod_killpg(pod, ap_daemons_limit, FALSE);
+ ap_reclaim_child_processes(1);
+
return 1;
}
*/
++ap_my_generation;
ap_scoreboard_image->global->running_generation = ap_my_generation;
-
+
if (is_graceful) {
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
AP_SIG_GRACEFUL_STRING " received. Doing graceful restart");
/* wake up the children...time to die. But we'll have more soon */
ap_mpm_pod_killpg(pod, ap_daemons_limit, TRUE);
-
+
/* This is mostly for debugging... so that we know what is still
* gracefully dealing with existing request.
*/
-
+
}
else {
- /* Kill 'em all. Since the child acts the same on the parents SIGTERM
+ /* Kill 'em all. Since the child acts the same on the parents SIGTERM
* and a SIGHUP, we may as well use the same signal, because some user
* pthreads are stealing signals from us left and right.
*/
*/
static int worker_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
{
+ static int restart_num = 0;
+ int startup = 0;
+ int level_flags = 0;
apr_status_t rv;
pconf = p;
ap_server_conf = s;
+ /* the reverse of pre_config, we want this only the first time around */
+ if (restart_num++ == 0) {
+ startup = 1;
+ level_flags |= APLOG_STARTUP;
+ }
+
if ((num_listensocks = ap_setup_listeners(ap_server_conf)) < 1) {
- ap_log_error(APLOG_MARK, APLOG_ALERT|APLOG_STARTUP, 0,
- NULL, "no listening sockets available, shutting down");
+ ap_log_error(APLOG_MARK, APLOG_ALERT | level_flags, 0,
+ (startup ? NULL : s),
+ "no listening sockets available, shutting down");
return DONE;
}
if (!one_process) {
if ((rv = ap_mpm_pod_open(pconf, &pod))) {
- ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_STARTUP, rv, NULL,
- "Could not open pipe-of-death.");
+ ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv,
+ (startup ? NULL : s),
+ "could not open pipe-of-death");
return DONE;
}
}
return OK;
}
-static int worker_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
+static int worker_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
apr_pool_t *ptemp)
{
static int restart_num = 0;
int no_detach, debug, foreground;
- ap_directive_t *pdir;
- ap_directive_t *max_clients = NULL;
apr_status_t rv;
mpm_state = AP_MPMQ_STARTING;
- /* make sure that "ThreadsPerChild" gets set before "MaxClients" */
- for (pdir = ap_conftree; pdir != NULL; pdir = pdir->next) {
- if (strncasecmp(pdir->directive, "ThreadsPerChild", 15) == 0) {
- if (!max_clients) {
- break; /* we're in the clear, got ThreadsPerChild first */
- }
- else {
- /* now to swap the data */
- ap_directive_t temp;
-
- temp.directive = pdir->directive;
- temp.args = pdir->args;
- /* Make sure you don't change 'next', or you may get loops! */
- /* XXX: first_child, parent, and data can never be set
- * for these directives, right? -aaron */
- temp.filename = pdir->filename;
- temp.line_num = pdir->line_num;
-
- pdir->directive = max_clients->directive;
- pdir->args = max_clients->args;
- pdir->filename = max_clients->filename;
- pdir->line_num = max_clients->line_num;
-
- max_clients->directive = temp.directive;
- max_clients->args = temp.args;
- max_clients->filename = temp.filename;
- max_clients->line_num = temp.line_num;
- break;
- }
- }
- else if (!max_clients
- && strncasecmp(pdir->directive, "MaxClients", 10) == 0) {
- max_clients = pdir;
- }
- }
-
debug = ap_exists_config_define("DEBUG");
if (debug) {
ap_daemons_to_start = DEFAULT_START_DAEMON;
min_spare_threads = DEFAULT_MIN_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
max_spare_threads = DEFAULT_MAX_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
+ server_limit = DEFAULT_SERVER_LIMIT;
+ thread_limit = DEFAULT_THREAD_LIMIT;
ap_daemons_limit = server_limit;
ap_threads_per_child = DEFAULT_THREADS_PER_CHILD;
+ max_clients = ap_daemons_limit * ap_threads_per_child;
ap_pid_fname = DEFAULT_PIDLOG;
ap_lock_fname = DEFAULT_LOCKFILE;
ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
ap_extended_status = 0;
#ifdef AP_MPM_WANT_SET_MAX_MEM_FREE
- ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;
+ ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;
#endif
apr_cpystrn(ap_coredump_dir, ap_server_root, sizeof(ap_coredump_dir));
return OK;
}
+static int worker_check_config(apr_pool_t *p, apr_pool_t *plog,
+ apr_pool_t *ptemp, server_rec *s)
+{
+ static int restart_num = 0;
+ int startup = 0;
+
+ /* the reverse of pre_config, we want this only the first time around */
+ if (restart_num++ == 0) {
+ startup = 1;
+ }
+
+ if (server_limit > MAX_SERVER_LIMIT) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ServerLimit of %d exceeds compile-time "
+ "limit of", server_limit);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " %d servers, decreasing to %d.",
+ MAX_SERVER_LIMIT, MAX_SERVER_LIMIT);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ServerLimit of %d exceeds compile-time limit "
+ "of %d, decreasing to match",
+ server_limit, MAX_SERVER_LIMIT);
+ }
+ server_limit = MAX_SERVER_LIMIT;
+ }
+ else if (server_limit < 1) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ServerLimit of %d not allowed, "
+ "increasing to 1.", server_limit);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ServerLimit of %d not allowed, increasing to 1",
+ server_limit);
+ }
+ server_limit = 1;
+ }
+
+ /* you cannot change ServerLimit across a restart; ignore
+ * any such attempts
+ */
+ if (!first_server_limit) {
+ first_server_limit = server_limit;
+ }
+ else if (server_limit != first_server_limit) {
+ /* don't need a startup console version here */
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "changing ServerLimit to %d from original value of %d "
+ "not allowed during restart",
+ server_limit, first_server_limit);
+ server_limit = first_server_limit;
+ }
+
+ if (thread_limit > MAX_THREAD_LIMIT) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ThreadLimit of %d exceeds compile-time "
+ "limit of", thread_limit);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " %d threads, decreasing to %d.",
+ MAX_THREAD_LIMIT, MAX_THREAD_LIMIT);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ThreadLimit of %d exceeds compile-time limit "
+ "of %d, decreasing to match",
+ thread_limit, MAX_THREAD_LIMIT);
+ }
+ thread_limit = MAX_THREAD_LIMIT;
+ }
+ else if (thread_limit < 1) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ThreadLimit of %d not allowed, "
+ "increasing to 1.", thread_limit);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ThreadLimit of %d not allowed, increasing to 1",
+ thread_limit);
+ }
+ thread_limit = 1;
+ }
+
+ /* you cannot change ThreadLimit across a restart; ignore
+ * any such attempts
+ */
+ if (!first_thread_limit) {
+ first_thread_limit = thread_limit;
+ }
+ else if (thread_limit != first_thread_limit) {
+ /* don't need a startup console version here */
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "changing ThreadLimit to %d from original value of %d "
+ "not allowed during restart",
+ thread_limit, first_thread_limit);
+ thread_limit = first_thread_limit;
+ }
+
+ if (ap_threads_per_child > thread_limit) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ThreadsPerChild of %d exceeds ThreadLimit "
+ "of", ap_threads_per_child);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " %d threads, decreasing to %d.",
+ thread_limit, thread_limit);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " To increase, please see the ThreadLimit "
+ "directive.");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ThreadsPerChild of %d exceeds ThreadLimit "
+ "of %d, decreasing to match",
+ ap_threads_per_child, thread_limit);
+ }
+ ap_threads_per_child = thread_limit;
+ }
+ else if (ap_threads_per_child < 1) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ThreadsPerChild of %d not allowed, "
+ "increasing to 1.", ap_threads_per_child);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ThreadsPerChild of %d not allowed, increasing to 1",
+ ap_threads_per_child);
+ }
+ ap_threads_per_child = 1;
+ }
+
+ if (max_clients < ap_threads_per_child) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: MaxClients of %d is less than "
+ "ThreadsPerChild of", max_clients);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " %d, increasing to %d. MaxClients must be at "
+ "least as large",
+ ap_threads_per_child, ap_threads_per_child);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " as the number of threads in a single server.");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "MaxClients of %d is less than ThreadsPerChild "
+ "of %d, increasing to match",
+ max_clients, ap_threads_per_child);
+ }
+ max_clients = ap_threads_per_child;
+ }
+
+ ap_daemons_limit = max_clients / ap_threads_per_child;
+
+ if (max_clients % ap_threads_per_child) {
+ int tmp_max_clients = ap_daemons_limit * ap_threads_per_child;
+
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: MaxClients of %d is not an integer "
+ "multiple of", max_clients);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " ThreadsPerChild of %d, decreasing to nearest "
+ "multiple %d,", ap_threads_per_child,
+ tmp_max_clients);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " for a maximum of %d servers.",
+ ap_daemons_limit);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "MaxClients of %d is not an integer multiple of "
+ "ThreadsPerChild of %d, decreasing to nearest "
+ "multiple %d", max_clients, ap_threads_per_child,
+ tmp_max_clients);
+ }
+ max_clients = tmp_max_clients;
+ }
+
+ if (ap_daemons_limit > server_limit) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: MaxClients of %d would require %d "
+ "servers and ", max_clients, ap_daemons_limit);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " would exceed ServerLimit of %d, decreasing to %d.",
+ server_limit, server_limit * ap_threads_per_child);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " To increase, please see the ServerLimit "
+ "directive.");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "MaxClients of %d would require %d servers and "
+ "exceed ServerLimit of %d, decreasing to %d",
+ max_clients, ap_daemons_limit, server_limit,
+ server_limit * ap_threads_per_child);
+ }
+ ap_daemons_limit = server_limit;
+ }
+
+ /* ap_daemons_to_start > ap_daemons_limit checked in ap_mpm_run() */
+ if (ap_daemons_to_start < 0) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: StartServers of %d not allowed, "
+ "increasing to 1.", ap_daemons_to_start);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "StartServers of %d not allowed, increasing to 1",
+ ap_daemons_to_start);
+ }
+ ap_daemons_to_start = 1;
+ }
+
+ if (min_spare_threads < 1) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: MinSpareThreads of %d not allowed, "
+ "increasing to 1", min_spare_threads);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " to avoid almost certain server failure.");
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " Please read the documentation.");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "MinSpareThreads of %d not allowed, increasing to 1",
+ min_spare_threads);
+ }
+ min_spare_threads = 1;
+ }
+
+ /* max_spare_threads < min_spare_threads + ap_threads_per_child
+ * checked in ap_mpm_run()
+ */
+
+ return OK;
+}
+
static void worker_hooks(apr_pool_t *p)
{
- /* The worker open_logs phase must run before the core's, or stderr
+ /* Our open_logs hook function must run before the core's, or stderr
* will be redirected to a file, and the messages won't print to the
* console.
*/
static const char *const aszSucc[] = {"core.c", NULL};
one_process = 0;
- ap_hook_open_logs(worker_open_logs, NULL, aszSucc, APR_HOOK_MIDDLE);
+ ap_hook_open_logs(worker_open_logs, NULL, aszSucc, APR_HOOK_REALLY_FIRST);
/* we need to set the MPM state before other pre-config hooks use MPM query
* to retrieve it, so register as REALLY_FIRST
*/
ap_hook_pre_config(worker_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
+ ap_hook_check_config(worker_check_config, NULL, NULL, APR_HOOK_MIDDLE);
}
static const char *set_daemons_to_start(cmd_parms *cmd, void *dummy,
- const char *arg)
+ const char *arg)
{
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
}
min_spare_threads = atoi(arg);
- if (min_spare_threads <= 0) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: detected MinSpareThreads set to non-positive.");
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "Resetting to 1 to avoid almost certain Apache failure.");
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "Please read the documentation.");
- min_spare_threads = 1;
- }
-
return NULL;
}
}
static const char *set_max_clients (cmd_parms *cmd, void *dummy,
- const char *arg)
+ const char *arg)
{
- int max_clients;
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
- /* It is ok to use ap_threads_per_child here because we are
- * sure that it gets set before MaxClients in the pre_config stage. */
max_clients = atoi(arg);
- if (max_clients < ap_threads_per_child) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: MaxClients (%d) must be at least as large",
- max_clients);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " as ThreadsPerChild (%d). Automatically",
- ap_threads_per_child);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " increasing MaxClients to %d.",
- ap_threads_per_child);
- max_clients = ap_threads_per_child;
- }
- ap_daemons_limit = max_clients / ap_threads_per_child;
- if ((max_clients > 0) && (max_clients % ap_threads_per_child)) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: MaxClients (%d) is not an integer multiple",
- max_clients);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " of ThreadsPerChild (%d), lowering MaxClients to %d",
- ap_threads_per_child,
- ap_daemons_limit * ap_threads_per_child);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " for a maximum of %d child processes,",
- ap_daemons_limit);
- max_clients = ap_daemons_limit * ap_threads_per_child;
- }
- if (ap_daemons_limit > server_limit) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: MaxClients of %d would require %d servers,",
- max_clients, ap_daemons_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " and would exceed the ServerLimit value of %d.",
- server_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " Automatically lowering MaxClients to %d. To increase,",
- server_limit * ap_threads_per_child);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " please see the ServerLimit directive.");
- ap_daemons_limit = server_limit;
- }
- else if (ap_daemons_limit < 1) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: Require MaxClients > 0, setting to 1");
- ap_daemons_limit = 1;
- }
return NULL;
}
static const char *set_threads_per_child (cmd_parms *cmd, void *dummy,
- const char *arg)
+ const char *arg)
{
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
}
ap_threads_per_child = atoi(arg);
- if (ap_threads_per_child > thread_limit) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: ThreadsPerChild of %d exceeds ThreadLimit "
- "value of %d", ap_threads_per_child,
- thread_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "threads, lowering ThreadsPerChild to %d. To increase, please"
- " see the", thread_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " ThreadLimit directive.");
- ap_threads_per_child = thread_limit;
- }
- else if (ap_threads_per_child < 1) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: Require ThreadsPerChild > 0, setting to 1");
- ap_threads_per_child = 1;
- }
return NULL;
}
-static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
+static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
{
- int tmp_server_limit;
-
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
- tmp_server_limit = atoi(arg);
- /* you cannot change ServerLimit across a restart; ignore
- * any such attempts
- */
- if (first_server_limit &&
- tmp_server_limit != server_limit) {
- /* how do we log a message? the error log is a bit bucket at this
- * point; we'll just have to set a flag so that ap_mpm_run()
- * logs a warning later
- */
- changed_limit_at_restart = 1;
- return NULL;
- }
- server_limit = tmp_server_limit;
-
- if (server_limit > MAX_SERVER_LIMIT) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: ServerLimit of %d exceeds compile time limit "
- "of %d servers,", server_limit, MAX_SERVER_LIMIT);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " lowering ServerLimit to %d.", MAX_SERVER_LIMIT);
- server_limit = MAX_SERVER_LIMIT;
- }
- else if (server_limit < 1) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: Require ServerLimit > 0, setting to 1");
- server_limit = 1;
- }
+ server_limit = atoi(arg);
return NULL;
}
-static const char *set_thread_limit (cmd_parms *cmd, void *dummy, const char *arg)
+static const char *set_thread_limit (cmd_parms *cmd, void *dummy, const char *arg)
{
- int tmp_thread_limit;
-
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
- tmp_thread_limit = atoi(arg);
- /* you cannot change ThreadLimit across a restart; ignore
- * any such attempts
- */
- if (first_thread_limit &&
- tmp_thread_limit != thread_limit) {
- /* how do we log a message? the error log is a bit bucket at this
- * point; we'll just have to set a flag so that ap_mpm_run()
- * logs a warning later
- */
- changed_limit_at_restart = 1;
- return NULL;
- }
- thread_limit = tmp_thread_limit;
-
- if (thread_limit > MAX_THREAD_LIMIT) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: ThreadLimit of %d exceeds compile time limit "
- "of %d servers,", thread_limit, MAX_THREAD_LIMIT);
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- " lowering ThreadLimit to %d.", MAX_THREAD_LIMIT);
- thread_limit = MAX_THREAD_LIMIT;
- }
- else if (thread_limit < 1) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP, 0, NULL,
- "WARNING: Require ThreadLimit > 0, setting to 1");
- thread_limit = 1;
- }
+ thread_limit = atoi(arg);
return NULL;
}
"Maximum number of child processes for this run of Apache"),
AP_INIT_TAKE1("ThreadLimit", set_thread_limit, NULL, RSRC_CONF,
"Maximum number of worker threads per child process for this run of Apache - Upper limit for ThreadsPerChild"),
+AP_GRACEFUL_SHUTDOWN_TIMEOUT_COMMAND,
{ NULL }
};
projects / apache / blobdiff