-/* ====================================================================
- * The Apache Software License, Version 1.1
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
*
- * Copyright (c) 2000-2002 The Apache Software Foundation. All rights
- * reserved.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. The end-user documentation included with the redistribution,
- * if any, must include the following acknowledgment:
- * "This product includes software developed by the
- * Apache Software Foundation (http://www.apache.org/)."
- * Alternately, this acknowledgment may appear in the software itself,
- * if and wherever such third-party acknowledgments normally appear.
- *
- * 4. The names "Apache" and "Apache Software Foundation" must
- * not be used to endorse or promote products derived from this
- * software without prior written permission. For written
- * permission, please contact apache@apache.org.
- *
- * 5. Products derived from this software may not be called "Apache",
- * nor may "Apache" appear in their name, without prior written
- * permission of the Apache Software Foundation.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- * Portions of this software are based upon public domain software
- * originally written at the National Center for Supercomputing Applications,
- * University of Illinois, Urbana-Champaign.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
/* The purpose of this MPM is to fix the design flaws in the threaded
#include "apr_signal.h"
#include "apr_thread_mutex.h"
#include "apr_proc_mutex.h"
+#include "apr_poll.h"
#define APR_WANT_STRFUNC
#include "apr_want.h"
#include <sys/socket.h>
#endif
#if APR_HAVE_SYS_WAIT_H
-#include <sys/wait.h>
+#include <sys/wait.h>
#endif
#ifdef HAVE_SYS_PROCESSOR_H
#include <sys/processor.h> /* for bindprocessor() */
#error The Worker MPM requires APR threads, but they are unavailable.
#endif
-#define CORE_PRIVATE
-
#include "ap_config.h"
-#include "httpd.h"
-#include "http_main.h"
-#include "http_log.h"
-#include "http_config.h" /* for read_config */
-#include "http_core.h" /* for get_remote_host */
+#include "httpd.h"
+#include "http_main.h"
+#include "http_log.h"
+#include "http_config.h" /* for read_config */
+#include "http_core.h" /* for get_remote_host */
#include "http_connection.h"
#include "ap_mpm.h"
#include "pod.h"
#include "mpm_common.h"
#include "ap_listen.h"
-#include "scoreboard.h"
+#include "scoreboard.h"
#include "fdqueue.h"
#include "mpm_default.h"
* the overhead.
*/
#ifndef DEFAULT_THREAD_LIMIT
-#define DEFAULT_THREAD_LIMIT 64
+#define DEFAULT_THREAD_LIMIT 64
#endif
/* Admin can't tune ThreadLimit beyond MAX_THREAD_LIMIT. We want
static int min_spare_threads = 0;
static int max_spare_threads = 0;
static int ap_daemons_limit = 0;
-static int server_limit = DEFAULT_SERVER_LIMIT;
-static int first_server_limit;
-static int thread_limit = DEFAULT_THREAD_LIMIT;
-static int first_thread_limit;
-static int changed_limit_at_restart;
+static int max_clients = 0;
+static int server_limit = 0;
+static int first_server_limit = 0;
+static int thread_limit = 0;
+static int first_thread_limit = 0;
static int dying = 0;
static int workers_may_exit = 0;
static int start_thread_may_exit = 0;
static int num_listensocks = 0;
static int resource_shortage = 0;
static fd_queue_t *worker_queue;
+static fd_queue_info_t *worker_queue_info;
+static int mpm_state = AP_MPMQ_STARTING;
+static int sick_child_detected;
/* The structure used to pass unique initialization info to each thread */
typedef struct {
int sd;
} proc_info;
-/* Structure used to pass information to the thread responsible for
+/* Structure used to pass information to the thread responsible for
* creating the rest of the threads.
*/
typedef struct {
/*
* The max child slot ever assigned, preserved across restarts. Necessary
- * to deal with MaxClients changes across AP_SIG_GRACEFUL restarts. We
- * use this value to optimize routines that have to scan the entire
+ * to deal with MaxClients changes across AP_SIG_GRACEFUL restarts. We
+ * use this value to optimize routines that have to scan the entire
* scoreboard.
*/
int ap_max_daemons_limit = -1;
static apr_pool_t *pconf; /* Pool for config stuff */
static apr_pool_t *pchild; /* Pool for httpd child stuff */
-static pid_t ap_my_pid; /* Linux getpid() doesn't work except in main
+static pid_t ap_my_pid; /* Linux getpid() doesn't work except in main
thread. Use this instead */
static pid_t parent_pid;
static apr_os_thread_t *listener_os_thread;
#define SAFE_ACCEPT(stmt) (stmt)
#endif
-/* The LISTENER_SIGNAL signal will be sent from the main thread to the
- * listener thread to wake it up for graceful termination (what a child
- * process from an old generation does when the admin does "apachectl
+/* The LISTENER_SIGNAL signal will be sent from the main thread to the
+ * listener thread to wake it up for graceful termination (what a child
+ * process from an old generation does when the admin does "apachectl
* graceful"). This signal will be blocked in all threads of a child
* process except for the listener thread.
*/
#define LISTENER_SIGNAL SIGHUP
+/* The WORKER_SIGNAL signal will be sent from the main thread to the
+ * worker threads during an ungraceful restart or shutdown.
+ * This ensures that on systems (i.e., Linux) where closing the worker
+ * socket doesn't awake the worker thread when it is polling on the socket
+ * (especially in apr_wait_for_io_or_timeout() when handling
+ * Keep-Alive connections), close_worker_sockets() and join_workers()
+ * still function in timely manner and allow ungraceful shutdowns to
+ * proceed to completion. Otherwise join_workers() doesn't return
+ * before the main process decides the child process is non-responsive
+ * and sends a SIGKILL.
+ */
+#define WORKER_SIGNAL AP_SIG_GRACEFUL
+
+/* An array of socket descriptors in use by each thread used to
+ * perform a non-graceful (forced) shutdown of the server. */
+static apr_socket_t **worker_sockets;
+
+static void close_worker_sockets(void)
+{
+ int i;
+ for (i = 0; i < ap_threads_per_child; i++) {
+ if (worker_sockets[i]) {
+ apr_socket_close(worker_sockets[i]);
+ worker_sockets[i] = NULL;
+ }
+ }
+}
+
static void wakeup_listener(void)
{
listener_may_exit = 1;
+ if (!listener_os_thread) {
+ /* XXX there is an obscure path that this doesn't handle perfectly:
+ * right after listener thread is created but before
+ * listener_os_thread is set, the first worker thread hits an
+ * error and starts graceful termination
+ */
+ return;
+ }
+
+ /* unblock the listener if it's waiting for a worker */
+ ap_queue_info_term(worker_queue_info);
+
/*
- * we should just be able to "kill(ap_my_pid, LISTENER_SIGNAL)" and wake
- * up the listener thread since it is the only thread with SIGHUP
- * unblocked, but that doesn't work on Linux
+ * we should just be able to "kill(ap_my_pid, LISTENER_SIGNAL)" on all
+ * platforms and wake up the listener thread since it is the only thread
+ * with SIGHUP unblocked, but that doesn't work on Linux
*/
+#ifdef HAVE_PTHREAD_KILL
pthread_kill(*listener_os_thread, LISTENER_SIGNAL);
+#else
+ kill(ap_my_pid, LISTENER_SIGNAL);
+#endif
}
+#define ST_INIT 0
#define ST_GRACEFUL 1
#define ST_UNGRACEFUL 2
+static int terminate_mode = ST_INIT;
+
static void signal_threads(int mode)
{
+ if (terminate_mode == mode) {
+ return;
+ }
+ terminate_mode = mode;
+ mpm_state = AP_MPMQ_STOPPING;
+
/* in case we weren't called from the listener thread, wake up the
* listener thread
*/
wakeup_listener();
- /* XXX: This will happen naturally on a graceful, and we don't care
- * otherwise.
- ap_queue_signal_all_wakeup(worker_queue); */
-
- workers_may_exit = 1;
- ap_queue_interrupt_all(worker_queue);
+ /* for ungraceful termination, let the workers exit now;
+ * for graceful termination, the listener thread will notify the
+ * workers to exit once it has stopped accepting new connections
+ */
+ if (mode == ST_UNGRACEFUL) {
+ workers_may_exit = 1;
+ ap_queue_interrupt_all(worker_queue);
+ close_worker_sockets(); /* forcefully kill all current connections */
+ }
}
AP_DECLARE(apr_status_t) ap_mpm_query(int query_code, int *result)
case AP_MPMQ_MIN_SPARE_DAEMONS:
*result = 0;
return APR_SUCCESS;
- case AP_MPMQ_MIN_SPARE_THREADS:
+ case AP_MPMQ_MIN_SPARE_THREADS:
*result = min_spare_threads;
return APR_SUCCESS;
case AP_MPMQ_MAX_SPARE_DAEMONS:
case AP_MPMQ_MAX_DAEMONS:
*result = ap_daemons_limit;
return APR_SUCCESS;
+ case AP_MPMQ_MPM_STATE:
+ *result = mpm_state;
+ return APR_SUCCESS;
}
return APR_ENOTIMPL;
}
-/* a clean exit from a child with proper cleanup */
+/* a clean exit from a child with proper cleanup */
static void clean_child_exit(int code) __attribute__ ((noreturn));
static void clean_child_exit(int code)
{
+ mpm_state = AP_MPMQ_STOPPING;
if (pchild) {
apr_pool_destroy(pchild);
}
exit(code);
}
-/* handle all varieties of core dumping signals */
-static void sig_coredump(int sig)
-{
- apr_filepath_set(ap_coredump_dir, pconf);
- apr_signal(sig, SIG_DFL);
- if (ap_my_pid == parent_pid) {
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE,
- 0, ap_server_conf,
- "seg fault or similar nasty error detected "
- "in the parent process");
-
- /* XXX we can probably add some rudimentary cleanup code here,
- * like getting rid of the pid file. If any additional bad stuff
- * happens, we are protected from recursive errors taking down the
- * system since this function is no longer the signal handler GLA
- */
- }
- kill(ap_my_pid, sig);
- /* At this point we've got sig blocked, because we're still inside
- * the signal handler. When we leave the signal handler it will
- * be unblocked, and we'll take the signal... and coredump or whatever
- * is appropriate for this particular Unix. In addition the parent
- * will see the real signal we received -- whereas if we called
- * abort() here, the parent would only see SIGABRT.
- */
-}
-
static void just_die(int sig)
{
clean_child_exit(0);
static int volatile restart_pending;
static int volatile is_graceful;
static volatile int child_fatal;
-ap_generation_t volatile ap_my_generation;
+ap_generation_t volatile ap_my_generation = 0;
/*
* ap_start_shutdown() and ap_start_restart(), below, are a first stab at
- * functions to initiate shutdown or restart without relying on signals.
- * Previously this was initiated in sig_term() and restart() signal handlers,
+ * functions to initiate shutdown or restart without relying on signals.
+ * Previously this was initiated in sig_term() and restart() signal handlers,
* but we want to be able to start a shutdown/restart from other sources --
* e.g. on Win32, from the service manager. Now the service manager can
* call ap_start_shutdown() or ap_start_restart() as appropiate. Note that
* child to force an exit) and so do an exit anyway.
*/
-static void ap_start_shutdown(void)
+static void ap_start_shutdown(int graceful)
{
+ mpm_state = AP_MPMQ_STOPPING;
if (shutdown_pending == 1) {
/* Um, is this _probably_ not an error, if the user has
* tried to do a shutdown twice quickly, so we won't
return;
}
shutdown_pending = 1;
+ is_graceful = graceful;
}
/* do a graceful restart if graceful == 1 */
static void ap_start_restart(int graceful)
{
-
+ mpm_state = AP_MPMQ_STOPPING;
if (restart_pending == 1) {
/* Probably not an error - don't bother reporting it */
return;
static void sig_term(int sig)
{
- ap_start_shutdown();
+ ap_start_shutdown(sig == AP_SIG_GRACEFUL_STOP);
}
static void restart(int sig)
{
#ifndef NO_USE_SIGACTION
struct sigaction sa;
+#endif
+
+ if (!one_process) {
+ ap_fatal_signal_setup(ap_server_conf, pconf);
+ }
+#ifndef NO_USE_SIGACTION
sigemptyset(&sa.sa_mask);
sa.sa_flags = 0;
- if (!one_process) {
- sa.sa_handler = sig_coredump;
-#if defined(SA_ONESHOT)
- sa.sa_flags = SA_ONESHOT;
-#elif defined(SA_RESETHAND)
- sa.sa_flags = SA_RESETHAND;
-#endif
- if (sigaction(SIGSEGV, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
- "sigaction(SIGSEGV)");
-#ifdef SIGBUS
- if (sigaction(SIGBUS, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
- "sigaction(SIGBUS)");
-#endif
-#ifdef SIGABORT
- if (sigaction(SIGABORT, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
- "sigaction(SIGABORT)");
-#endif
-#ifdef SIGABRT
- if (sigaction(SIGABRT, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
- "sigaction(SIGABRT)");
-#endif
-#ifdef SIGILL
- if (sigaction(SIGILL, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
- "sigaction(SIGILL)");
-#endif
- sa.sa_flags = 0;
- }
sa.sa_handler = sig_term;
if (sigaction(SIGTERM, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGTERM)");
+#ifdef AP_SIG_GRACEFUL_STOP
+ if (sigaction(AP_SIG_GRACEFUL_STOP, &sa, NULL) < 0)
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ "sigaction(" AP_SIG_GRACEFUL_STOP_STRING ")");
+#endif
#ifdef SIGINT
if (sigaction(SIGINT, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGINT)");
#endif
#ifdef SIGXCPU
sa.sa_handler = SIG_DFL;
if (sigaction(SIGXCPU, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGXCPU)");
#endif
#ifdef SIGXFSZ
sa.sa_handler = SIG_DFL;
if (sigaction(SIGXFSZ, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGXFSZ)");
#endif
#ifdef SIGPIPE
sa.sa_handler = SIG_IGN;
if (sigaction(SIGPIPE, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGPIPE)");
#endif
- /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
+ /* we want to ignore HUPs and AP_SIG_GRACEFUL while we're busy
* processing one */
sigaddset(&sa.sa_mask, SIGHUP);
sigaddset(&sa.sa_mask, AP_SIG_GRACEFUL);
sa.sa_handler = restart;
if (sigaction(SIGHUP, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(SIGHUP)");
if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf,
"sigaction(" AP_SIG_GRACEFUL_STRING ")");
#else
if (!one_process) {
- apr_signal(SIGSEGV, sig_coredump);
-#ifdef SIGBUS
- apr_signal(SIGBUS, sig_coredump);
-#endif /* SIGBUS */
-#ifdef SIGABORT
- apr_signal(SIGABORT, sig_coredump);
-#endif /* SIGABORT */
-#ifdef SIGABRT
- apr_signal(SIGABRT, sig_coredump);
-#endif /* SIGABRT */
-#ifdef SIGILL
- apr_signal(SIGILL, sig_coredump);
-#endif /* SIGILL */
#ifdef SIGXCPU
apr_signal(SIGXCPU, SIG_DFL);
#endif /* SIGXCPU */
#ifdef AP_SIG_GRACEFUL
apr_signal(AP_SIG_GRACEFUL, restart);
#endif /* AP_SIG_GRACEFUL */
+#ifdef AP_SIG_GRACEFUL_STOP
+ apr_signal(AP_SIG_GRACEFUL_STOP, sig_term);
+#endif /* AP_SIG_GRACEFUL_STOP */
#ifdef SIGPIPE
apr_signal(SIGPIPE, SIG_IGN);
#endif /* SIGPIPE */
* Here follows a long bunch of generic server bookkeeping stuff...
*/
-int ap_graceful_stop_signalled(void)
- /* XXX this is really a bad confusing obsolete name
- * maybe it should be ap_mpm_process_exiting?
- */
-{
- /* note: for a graceful termination, listener_may_exit will be set before
- * workers_may_exit, so check listener_may_exit
- */
- return listener_may_exit;
-}
-
/*****************************************************************
* Child process main loop.
*/
static void process_socket(apr_pool_t *p, apr_socket_t *sock, int my_child_num,
- int my_thread_num)
+ int my_thread_num, apr_bucket_alloc_t *bucket_alloc)
{
conn_rec *current_conn;
long conn_id = ID_FROM_CHILD_THREAD(my_child_num, my_thread_num);
- int csd;
ap_sb_handle_t *sbh;
ap_create_sb_handle(&sbh, p, my_child_num, my_thread_num);
- apr_os_sock_get(&csd, sock);
-
- if (csd >= FD_SETSIZE) {
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0, NULL,
- "new file descriptor %d is too large; you probably need "
- "to rebuild Apache with a larger FD_SETSIZE "
- "(currently %d)",
- csd, FD_SETSIZE);
- apr_socket_close(sock);
- return;
- }
- current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, sbh);
+ current_conn = ap_run_create_connection(p, ap_server_conf, sock,
+ conn_id, sbh, bucket_alloc);
if (current_conn) {
ap_process_connection(current_conn, sock);
ap_lingering_close(current_conn);
else {
/* wow! if you're executing this code, you may have set a record.
* either this child process has served over 2 billion requests, or
- * you're running a threaded 2.0 on a 16 bit machine.
+ * you're running a threaded 2.0 on a 16 bit machine.
*
* I'll buy pizza and beers at Apachecon for the first person to do
* the former without cheating (dorking with INT_MAX, or running with
- * uncommitted performance patches, for example).
+ * uncommitted performance patches, for example).
*
* for the latter case, you probably deserve a beer too. Greg Ames
*/
-
- requests_this_child = INT_MAX; /* keep going */
+
+ requests_this_child = INT_MAX; /* keep going */
}
}
-static void unblock_the_listener(int sig)
+static void unblock_signal(int sig)
+{
+ sigset_t sig_mask;
+
+ sigemptyset(&sig_mask);
+ sigaddset(&sig_mask, sig);
+#if defined(SIGPROCMASK_SETS_THREAD_MASK)
+ sigprocmask(SIG_UNBLOCK, &sig_mask, NULL);
+#else
+ pthread_sigmask(SIG_UNBLOCK, &sig_mask, NULL);
+#endif
+}
+
+static void dummy_signal_handler(int sig)
{
/* XXX If specifying SIG_IGN is guaranteed to unblock a syscall,
* then we don't need this goofy function.
*/
}
-static void *listener_thread(apr_thread_t *thd, void * dummy)
+static void * APR_THREAD_FUNC listener_thread(apr_thread_t *thd, void * dummy)
{
proc_info * ti = dummy;
int process_slot = ti->pid;
- int thread_slot = ti->tid;
apr_pool_t *tpool = apr_thread_pool_get(thd);
void *csd = NULL;
- apr_pool_t *ptrans; /* Pool for per-transaction stuff */
- apr_pool_t *recycled_pool = NULL;
- int n;
- apr_pollfd_t *pollset;
+ apr_pool_t *ptrans = NULL; /* Pool for per-transaction stuff */
+ apr_pollset_t *pollset;
apr_status_t rv;
- ap_listen_rec *lr, *last_lr = ap_listeners;
- struct sigaction sa;
- sigset_t sig_mask;
+ ap_listen_rec *lr;
+ int have_idle_worker = 0;
+ int last_poll_idx = 0;
free(ti);
- apr_poll_setup(&pollset, num_listensocks, tpool);
- for(lr = ap_listeners ; lr != NULL ; lr = lr->next)
- apr_poll_socket_add(pollset, lr->sd, APR_POLLIN);
+ /* ### check the status */
+ (void) apr_pollset_create(&pollset, num_listensocks, tpool, 0);
+
+ for (lr = ap_listeners; lr != NULL; lr = lr->next) {
+ apr_pollfd_t pfd = { 0 };
+
+ pfd.desc_type = APR_POLL_SOCKET;
+ pfd.desc.s = lr->sd;
+ pfd.reqevents = APR_POLLIN;
+ pfd.client_data = lr;
+
+ /* ### check the status */
+ (void) apr_pollset_add(pollset, &pfd);
+ }
- sigemptyset(&sig_mask);
/* Unblock the signal used to wake this thread up, and set a handler for
* it.
*/
- sigaddset(&sig_mask, LISTENER_SIGNAL);
-#if defined(SIGPROCMASK_SETS_THREAD_MASK)
- sigprocmask(SIG_UNBLOCK, &sig_mask, NULL);
-#else
- pthread_sigmask(SIG_UNBLOCK, &sig_mask, NULL);
-#endif
- sigemptyset(&sa.sa_mask);
- sa.sa_flags = 0;
- sa.sa_handler = unblock_the_listener;
- sigaction(LISTENER_SIGNAL, &sa, NULL);
+ unblock_signal(LISTENER_SIGNAL);
+ apr_signal(LISTENER_SIGNAL, dummy_signal_handler);
/* TODO: Switch to a system where threads reuse the results from earlier
poll calls - manoj */
}
if (listener_may_exit) break;
+ if (!have_idle_worker) {
+ /* the following pops a recycled ptrans pool off a stack
+ * if there is one, in addition to reserving a worker thread
+ */
+ rv = ap_queue_info_wait_for_idler(worker_queue_info,
+ &ptrans);
+ if (APR_STATUS_IS_EOF(rv)) {
+ break; /* we've been signaled to die now */
+ }
+ else if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
+ "apr_queue_info_wait failed. Attempting to "
+ " shutdown process gracefully.");
+ signal_threads(ST_GRACEFUL);
+ break;
+ }
+ have_idle_worker = 1;
+ }
+
+ /* We've already decremented the idle worker count inside
+ * ap_queue_info_wait_for_idler. */
+
if ((rv = SAFE_ACCEPT(apr_proc_mutex_lock(accept_mutex)))
!= APR_SUCCESS) {
int level = APLOG_EMERG;
if (listener_may_exit) {
break;
}
- if (ap_scoreboard_image->parent[process_slot].generation !=
+ if (ap_scoreboard_image->parent[process_slot].generation !=
ap_scoreboard_image->global->running_generation) {
level = APLOG_DEBUG; /* common to get these at restart time */
}
}
else {
while (!listener_may_exit) {
- apr_status_t ret;
- apr_int16_t event;
+ apr_int32_t numdesc;
+ const apr_pollfd_t *pdesc;
- ret = apr_poll(pollset, &n, -1);
- if (ret != APR_SUCCESS) {
- if (APR_STATUS_IS_EINTR(ret)) {
+ rv = apr_pollset_poll(pollset, -1, &numdesc, &pdesc);
+ if (rv != APR_SUCCESS) {
+ if (APR_STATUS_IS_EINTR(rv)) {
continue;
}
- /* apr_poll() will only return errors in catastrophic
+ /* apr_pollset_poll() will only return errors in catastrophic
* circumstances. Let's try exiting gracefully, for now. */
- ap_log_error(APLOG_MARK, APLOG_ERR, ret, (const server_rec *)
- ap_server_conf, "apr_poll: (listen)");
+ ap_log_error(APLOG_MARK, APLOG_ERR, rv,
+ (const server_rec *) ap_server_conf,
+ "apr_pollset_poll: (listen)");
signal_threads(ST_GRACEFUL);
}
if (listener_may_exit) break;
- /* find a listener */
- lr = last_lr;
- do {
- lr = lr->next;
- if (lr == NULL) {
- lr = ap_listeners;
- }
- /* XXX: Should we check for POLLERR? */
- apr_poll_revents_get(&event, lr->sd, pollset);
- if (event & APR_POLLIN) {
- last_lr = lr;
- goto got_fd;
- }
- } while (lr != last_lr);
- }
- }
- got_fd:
+ /* We can always use pdesc[0], but sockets at position N
+ * could end up completely starved of attention in a very
+ * busy server. Therefore, we round-robin across the
+ * returned set of descriptors. While it is possible that
+ * the returned set of descriptors might flip around and
+ * continue to starve some sockets, we happen to know the
+ * internal pollset implementation retains ordering
+ * stability of the sockets. Thus, the round-robin should
+ * ensure that a socket will eventually be serviced.
+ */
+ if (last_poll_idx >= numdesc)
+ last_poll_idx = 0;
+
+ /* Grab a listener record from the client_data of the poll
+ * descriptor, and advance our saved index to round-robin
+ * the next fetch.
+ *
+ * ### hmm... this descriptor might have POLLERR rather
+ * ### than POLLIN
+ */
+ lr = pdesc[last_poll_idx++].client_data;
+ break;
+
+ } /* while */
+
+ } /* if/else */
+
if (!listener_may_exit) {
- /* create a new transaction pool for each accepted socket */
- if (recycled_pool == NULL) {
+ if (ptrans == NULL) {
+ /* we can't use a recycled transaction pool this time.
+ * create a new transaction pool */
apr_allocator_t *allocator;
apr_allocator_create(&allocator);
- apr_pool_create_ex(&ptrans, NULL, NULL, allocator);
- apr_allocator_set_owner(allocator, ptrans);
- }
- else {
- ptrans = recycled_pool;
+ apr_allocator_max_free_set(allocator, ap_max_mem_free);
+ apr_pool_create_ex(&ptrans, pconf, NULL, allocator);
+ apr_allocator_owner_set(allocator, ptrans);
}
apr_pool_tag(ptrans, "transaction");
rv = lr->accept_func(&csd, lr, ptrans);
+ /* later we trash rv and rely on csd to indicate success/failure */
+ AP_DEBUG_ASSERT(rv == APR_SUCCESS || !csd);
- /* If we were interrupted for whatever reason, just start
- * the main loop over again.
- */
- if (APR_STATUS_IS_EINTR(rv)) {
- continue;
- }
if (rv == APR_EGENERAL) {
/* E[NM]FILE, ENOMEM, etc */
resource_shortage = 1;
if (listener_may_exit) {
break;
}
- if (ap_scoreboard_image->parent[process_slot].generation !=
+ if (ap_scoreboard_image->parent[process_slot].generation !=
ap_scoreboard_image->global->running_generation) {
level = APLOG_DEBUG; /* common to get these at restart time */
}
signal_threads(ST_GRACEFUL);
}
if (csd != NULL) {
- rv = ap_queue_push(worker_queue, csd, ptrans,
- &recycled_pool);
+ rv = ap_queue_push(worker_queue, csd, ptrans);
if (rv) {
/* trash the connection; we couldn't queue the connected
- * socket to a worker
+ * socket to a worker
*/
apr_socket_close(csd);
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
"ap_queue_push failed");
}
+ else {
+ have_idle_worker = 0;
+ }
}
}
else {
if ((rv = SAFE_ACCEPT(apr_proc_mutex_unlock(accept_mutex)))
!= APR_SUCCESS) {
- ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
+ int level = APLOG_EMERG;
+
+ if (ap_scoreboard_image->parent[process_slot].generation !=
+ ap_scoreboard_image->global->running_generation) {
+ level = APLOG_DEBUG; /* common to get these at restart time */
+ }
+ ap_log_error(APLOG_MARK, level, rv, ap_server_conf,
"apr_proc_mutex_unlock failed. Attempting to "
"shutdown process gracefully.");
signal_threads(ST_GRACEFUL);
}
}
- ap_update_child_status_from_indexes(process_slot, thread_slot,
- (dying) ? SERVER_DEAD : SERVER_GRACEFUL,
- (request_rec *) NULL);
+ ap_close_listeners();
+ ap_queue_term(worker_queue);
dying = 1;
ap_scoreboard_image->parent[process_slot].quiescing = 1;
+
+ /* wake up the main thread */
kill(ap_my_pid, SIGTERM);
apr_thread_exit(thd, APR_SUCCESS);
int process_slot = ti->pid;
int thread_slot = ti->tid;
apr_socket_t *csd = NULL;
+ apr_bucket_alloc_t *bucket_alloc;
apr_pool_t *last_ptrans = NULL;
apr_pool_t *ptrans; /* Pool for per-transaction stuff */
apr_status_t rv;
+ int is_idle = 0;
free(ti);
+ ap_scoreboard_image->servers[process_slot][thread_slot].pid = ap_my_pid;
+ ap_scoreboard_image->servers[process_slot][thread_slot].tid = apr_os_thread_current();
+ ap_scoreboard_image->servers[process_slot][thread_slot].generation = ap_my_generation;
ap_update_child_status_from_indexes(process_slot, thread_slot, SERVER_STARTING, NULL);
+
+#ifdef HAVE_PTHREAD_KILL
+ unblock_signal(WORKER_SIGNAL);
+ apr_signal(WORKER_SIGNAL, dummy_signal_handler);
+#endif
+
while (!workers_may_exit) {
+ if (!is_idle) {
+ rv = ap_queue_info_set_idle(worker_queue_info, last_ptrans);
+ last_ptrans = NULL;
+ if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_EMERG, rv, ap_server_conf,
+ "ap_queue_info_set_idle failed. Attempting to "
+ "shutdown process gracefully.");
+ signal_threads(ST_GRACEFUL);
+ break;
+ }
+ is_idle = 1;
+ }
+
ap_update_child_status_from_indexes(process_slot, thread_slot, SERVER_READY, NULL);
- rv = ap_queue_pop(worker_queue, &csd, &ptrans, last_ptrans);
- last_ptrans = NULL;
+worker_pop:
+ if (workers_may_exit) {
+ break;
+ }
+ rv = ap_queue_pop(worker_queue, &csd, &ptrans);
if (rv != APR_SUCCESS) {
+ /* We get APR_EOF during a graceful shutdown once all the connections
+ * accepted by this server process have been handled.
+ */
+ if (APR_STATUS_IS_EOF(rv)) {
+ break;
+ }
/* We get APR_EINTR whenever ap_queue_pop() has been interrupted
* from an explicit call to ap_queue_interrupt_all(). This allows
* us to unblock threads stuck in ap_queue_pop() when a shutdown
* may have already been cleaned up. Don't log the "error" if
* workers_may_exit is set.
*/
- if (rv != APR_EINTR && !workers_may_exit) {
+ else if (APR_STATUS_IS_EINTR(rv)) {
+ goto worker_pop;
+ }
+ /* We got some other error. */
+ else if (!workers_may_exit) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
"ap_queue_pop failed");
}
continue;
}
- process_socket(ptrans, csd, process_slot, thread_slot);
- requests_this_child--; /* FIXME: should be synchronized - aaron */
+ is_idle = 0;
+ worker_sockets[thread_slot] = csd;
+ bucket_alloc = apr_bucket_alloc_create(ptrans);
+ process_socket(ptrans, csd, process_slot, thread_slot, bucket_alloc);
+ worker_sockets[thread_slot] = NULL;
+ requests_this_child--;
apr_pool_clear(ptrans);
last_ptrans = ptrans;
}
return 0;
}
+static void create_listener_thread(thread_starter *ts)
+{
+ int my_child_num = ts->child_num_arg;
+ apr_threadattr_t *thread_attr = ts->threadattr;
+ proc_info *my_info;
+ apr_status_t rv;
+
+ my_info = (proc_info *)malloc(sizeof(proc_info));
+ my_info->pid = my_child_num;
+ my_info->tid = -1; /* listener thread doesn't have a thread slot */
+ my_info->sd = 0;
+ rv = apr_thread_create(&ts->listener, thread_attr, listener_thread,
+ my_info, pchild);
+ if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
+ "apr_thread_create: unable to create listener thread");
+ /* let the parent decide how bad this really is */
+ clean_child_exit(APEXIT_CHILDSICK);
+ }
+ apr_os_thread_get(&listener_os_thread, ts->listener);
+}
+
/* XXX under some circumstances not understood, children can get stuck
* in start_threads forever trying to take over slots which will
* never be cleaned up; for now there is an APLOG_DEBUG message issued
apr_threadattr_t *thread_attr = ts->threadattr;
int child_num_arg = ts->child_num_arg;
int my_child_num = child_num_arg;
- proc_info *my_info = NULL;
+ proc_info *my_info;
apr_status_t rv;
- int i = 0;
+ int i;
int threads_created = 0;
+ int listener_started = 0;
int loops;
int prev_threads_created;
clean_child_exit(APEXIT_CHILDFATAL);
}
- my_info = (proc_info *)malloc(sizeof(proc_info));
- my_info->pid = my_child_num;
- my_info->tid = i;
- my_info->sd = 0;
- rv = apr_thread_create(&ts->listener, thread_attr, listener_thread,
- my_info, pchild);
+ rv = ap_queue_info_create(&worker_queue_info, pchild,
+ ap_threads_per_child);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
- "apr_thread_create: unable to create listener thread");
- /* In case system resources are maxxed out, we don't want
- * Apache running away with the CPU trying to fork over and
- * over and over again if we exit.
- * XXX Jeff doesn't see how Apache is going to try to fork again since
- * the exit code is APEXIT_CHILDFATAL
- */
- apr_sleep(10 * APR_USEC_PER_SEC);
+ "ap_queue_info_create() failed");
clean_child_exit(APEXIT_CHILDFATAL);
}
- apr_os_thread_get(&listener_os_thread, ts->listener);
+
+ worker_sockets = apr_pcalloc(pchild, ap_threads_per_child
+ * sizeof(apr_socket_t *));
+
loops = prev_threads_created = 0;
while (1) {
/* ap_threads_per_child does not include the listener thread */
my_info->pid = my_child_num;
my_info->tid = i;
my_info->sd = 0;
-
+
/* We are creating threads right now */
ap_update_child_status_from_indexes(my_child_num, i,
SERVER_STARTING, NULL);
/* We let each thread update its own scoreboard entry. This is
* done because it lets us deal with tid better.
*/
- rv = apr_thread_create(&threads[i], thread_attr,
+ rv = apr_thread_create(&threads[i], thread_attr,
worker_thread, my_info, pchild);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
"apr_thread_create: unable to create worker thread");
- /* In case system resources are maxxed out, we don't want
- Apache running away with the CPU trying to fork over and
- over and over again if we exit. */
- apr_sleep(10 * APR_USEC_PER_SEC);
- clean_child_exit(APEXIT_CHILDFATAL);
+ /* let the parent decide how bad this really is */
+ clean_child_exit(APEXIT_CHILDSICK);
}
threads_created++;
}
+ /* Start the listener only when there are workers available */
+ if (!listener_started && threads_created) {
+ create_listener_thread(ts);
+ listener_started = 1;
+ }
if (start_thread_may_exit || threads_created == ap_threads_per_child) {
break;
}
/* wait for previous generation to clean up an entry */
- apr_sleep(1 * APR_USEC_PER_SEC);
+ apr_sleep(apr_time_from_sec(1));
++loops;
if (loops % 120 == 0) { /* every couple of minutes */
if (prev_threads_created == threads_created) {
prev_threads_created = threads_created;
}
}
-
- /* What state should this child_main process be listed as in the
+
+ /* What state should this child_main process be listed as in the
* scoreboard...?
- * ap_update_child_status_from_indexes(my_child_num, i, SERVER_STARTING,
+ * ap_update_child_status_from_indexes(my_child_num, i, SERVER_STARTING,
* (request_rec *) NULL);
- *
+ *
* This state should be listed separately in the scoreboard, in some kind
- * of process_status, not mixed in with the worker threads' status.
- * "life_status" is almost right, but it's in the worker's structure, and
+ * of process_status, not mixed in with the worker threads' status.
+ * "life_status" is almost right, but it's in the worker's structure, and
* the name could be clearer. gla
*/
apr_thread_exit(thd, APR_SUCCESS);
if (listener) {
int iter;
-
+
/* deal with a rare timing window which affects waking up the
* listener thread... if the signal sent to the listener thread
* is delivered between the time it verifies that the
*/
iter = 0;
- while (iter < 10 && pthread_kill(*listener_os_thread, 0) == 0) {
+ while (iter < 10 &&
+#ifdef HAVE_PTHREAD_KILL
+ pthread_kill(*listener_os_thread, 0)
+#else
+ kill(ap_my_pid, 0)
+#endif
+ == 0) {
/* listener not dead yet */
- apr_sleep(APR_USEC_PER_SEC / 2);
+ apr_sleep(apr_time_make(0, 500000));
wakeup_listener();
++iter;
}
if (iter >= 10) {
- ap_log_error(APLOG_MARK, APLOG_CRIT, 0, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
"the listener thread didn't exit");
}
else {
}
}
}
-
+
for (i = 0; i < ap_threads_per_child; i++) {
if (threads[i]) { /* if we ever created this thread */
+#ifdef HAVE_PTHREAD_KILL
+ apr_os_thread_t *worker_os_thread;
+
+ apr_os_thread_get(&worker_os_thread, threads[i]);
+ pthread_kill(*worker_os_thread, WORKER_SIGNAL);
+#endif
+
rv = apr_thread_join(&thread_rv, threads[i]);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, ap_server_conf,
{
apr_status_t rv, thread_rv;
- start_thread_may_exit = 1; /* tell it to give up in case it is still
- * trying to take over slots from a
+ start_thread_may_exit = 1; /* tell it to give up in case it is still
+ * trying to take over slots from a
* previous generation
*/
rv = apr_thread_join(&thread_rv, start_thread_id);
apr_threadattr_t *thread_attr;
apr_thread_t *start_thread_id;
+ mpm_state = AP_MPMQ_STARTING; /* for benefit of any hooks that run as this
+ * child initializes
+ */
ap_my_pid = getpid();
+ ap_fatal_signal_child_setup(ap_server_conf);
apr_pool_create(&pchild, pconf);
/*stuff to do before we switch id's, so we have permissions.*/
clean_child_exit(APEXIT_CHILDFATAL);
}
- if (unixd_setup_child()) {
+ if (ap_run_drop_privileges(pchild, ap_server_conf)) {
clean_child_exit(APEXIT_CHILDFATAL);
}
/* coding a value of zero means infinity */
requests_this_child = INT_MAX;
}
-
+
/* Setup worker threads */
- /* clear the storage; we may not create all our threads immediately,
+ /* clear the storage; we may not create all our threads immediately,
* and we want a 0 entry to indicate a thread which was not created
*/
- threads = (apr_thread_t **)calloc(1,
+ threads = (apr_thread_t **)calloc(1,
sizeof(apr_thread_t *) * ap_threads_per_child);
if (threads == NULL) {
ap_log_error(APLOG_MARK, APLOG_ALERT, errno, ap_server_conf,
/* 0 means PTHREAD_CREATE_JOINABLE */
apr_threadattr_detach_set(thread_attr, 0);
+ if (ap_thread_stacksize != 0) {
+ apr_threadattr_stacksize_set(thread_attr, ap_thread_stacksize);
+ }
+
ts->threads = threads;
ts->listener = NULL;
ts->child_num_arg = child_num_arg;
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ALERT, rv, ap_server_conf,
"apr_thread_create: unable to create worker thread");
- /* In case system resources are maxxed out, we don't want
- Apache running away with the CPU trying to fork over and
- over and over again if we exit. */
- apr_sleep(10 * APR_USEC_PER_SEC);
- clean_child_exit(APEXIT_CHILDFATAL);
+ /* let the parent decide how bad this really is */
+ clean_child_exit(APEXIT_CHILDSICK);
}
+ mpm_state = AP_MPMQ_RUNNING;
+
/* If we are only running in one_process mode, we will want to
* still handle signals. */
if (one_process) {
/* Block until we get a terminating signal. */
apr_signal_thread(check_signal);
- /* make sure the start thread has finished; signal_threads()
+ /* make sure the start thread has finished; signal_threads()
* and join_workers() depend on that
*/
/* XXX join_start_thread() won't be awakened if one of our
join_workers(ts->listener, threads);
}
else { /* !one_process */
+ /* remove SIGTERM from the set of blocked signals... if one of
+ * the other threads in the process needs to take us down
+ * (e.g., for MaxRequestsPerChild) it will send us SIGTERM
+ */
+ unblock_signal(SIGTERM);
+ apr_signal(SIGTERM, dummy_signal_handler);
/* Watch for any messages from the parent over the POD */
while (1) {
- /* XXX join_start_thread() won't be awakened if one of our
- * threads encounters a critical error and attempts to
- * shutdown this child
- */
rv = ap_mpm_pod_check(pod);
+ if (rv == AP_NORESTART) {
+ /* see if termination was triggered while we slept */
+ switch(terminate_mode) {
+ case ST_GRACEFUL:
+ rv = AP_GRACEFUL;
+ break;
+ case ST_UNGRACEFUL:
+ rv = AP_RESTART;
+ break;
+ }
+ }
if (rv == AP_GRACEFUL || rv == AP_RESTART) {
- /* make sure the start thread has finished;
+ /* make sure the start thread has finished;
* signal_threads() and join_workers depend on that
*/
join_start_thread(start_thread_id);
}
}
- if (rv == AP_GRACEFUL) {
- /* A terminating signal was received. Now join each of the
- * workers to clean them up.
- * If the worker already exited, then the join frees
- * their resources and returns.
- * If the worker hasn't exited, then this blocks until
- * they have (then cleans up).
- */
- join_workers(ts->listener, threads);
- }
+ /* A terminating signal was received. Now join each of the
+ * workers to clean them up.
+ * If the worker already exited, then the join frees
+ * their resources and returns.
+ * If the worker hasn't exited, then this blocks until
+ * they have (then cleans up).
+ */
+ join_workers(ts->listener, threads);
}
free(threads);
clean_child_exit(resource_shortage ? APEXIT_CHILDSICK : 0);
}
-static int make_child(server_rec *s, int slot)
+static int make_child(server_rec *s, int slot)
{
int pid;
}
if ((pid = fork()) == -1) {
- ap_log_error(APLOG_MARK, APLOG_ERR, errno, s,
+ ap_log_error(APLOG_MARK, APLOG_ERR, errno, s,
"fork: Unable to fork new process");
-
- /* fork didn't succeed. Fix the scoreboard or else
- * it will say SERVER_STARTING forever and ever
+ /* fork didn't succeed. There's no need to touch the scoreboard;
+ * if we were trying to replace a failed child process, then
+ * server_main_loop() marked its workers SERVER_DEAD, and if
+ * we were trying to replace a child process that exited normally,
+ * its worker_thread()s left SERVER_DEAD or SERVER_GRACEFUL behind.
*/
- ap_update_child_status_from_indexes(slot, 0, SERVER_DEAD, NULL);
/* In case system resources are maxxed out, we don't want
Apache running away with the CPU trying to fork over and
over and over again. */
- apr_sleep(10 * APR_USEC_PER_SEC);
+ apr_sleep(apr_time_from_sec(10));
return -1;
}
int status = bindprocessor(BINDPROCESS, (int)getpid(),
PROCESSOR_CLASS_ANY);
if (status != OK)
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, errno,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, errno,
ap_server_conf,
"processor unbind failed %d", status);
#endif
clean_child_exit(0);
}
/* else */
+ if (ap_scoreboard_image->parent[slot].pid != 0) {
+ /* This new child process is squatting on the scoreboard
+ * entry owned by an exiting child process, which cannot
+ * exit until all active requests complete.
+ * Don't forget about this exiting child process, or we
+ * won't be able to kill it if it doesn't exit by the
+ * time the server is shut down.
+ */
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
+ "taking over scoreboard slot from %" APR_PID_T_FMT "%s",
+ ap_scoreboard_image->parent[slot].pid,
+ ap_scoreboard_image->parent[slot].quiescing ?
+ " (quiescing)" : "");
+ ap_register_extra_mpm_process(ap_scoreboard_image->parent[slot].pid);
+ }
ap_scoreboard_image->parent[slot].quiescing = 0;
ap_scoreboard_image->parent[slot].pid = pid;
return 0;
int free_slots[MAX_SPAWN_RATE];
int last_non_dead;
int total_non_dead;
+ int active_thread_count = 0;
/* initialize the free_list */
free_length = 0;
last_non_dead = -1;
total_non_dead = 0;
- ap_sync_scoreboard_image();
for (i = 0; i < ap_daemons_limit; ++i) {
/* Initialization to satisfy the compiler. It doesn't know
* that ap_threads_per_child is always > 0 */
int all_dead_threads = 1;
if (i >= ap_max_daemons_limit && totally_free_length == idle_spawn_rate)
+ /* short cut if all active processes have been examined and
+ * enough empty scoreboard slots have been found
+ */
break;
ps = &ap_scoreboard_image->parent[i];
for (j = 0; j < ap_threads_per_child; j++) {
status = ws->status;
/* XXX any_dying_threads is probably no longer needed GLA */
- any_dying_threads = any_dying_threads ||
+ any_dying_threads = any_dying_threads ||
(status == SERVER_GRACEFUL);
any_dead_threads = any_dead_threads || (status == SERVER_DEAD);
all_dead_threads = all_dead_threads &&
* So we hopefully won't need to fork more if we count it.
* This depends on the ordering of SERVER_READY and SERVER_STARTING.
*/
- if (status <= SERVER_READY && status != SERVER_DEAD &&
- !ps->quiescing &&
- ps->generation == ap_my_generation &&
- /* XXX the following shouldn't be necessary if we clean up
- * properly after seg faults, but we're not yet GLA
- */
- ps->pid != 0) {
- ++idle_thread_count;
+ if (ps->pid != 0) { /* XXX just set all_dead_threads in outer for
+ loop if no pid? not much else matters */
+ if (status <= SERVER_READY &&
+ !ps->quiescing &&
+ ps->generation == ap_my_generation) {
+ ++idle_thread_count;
+ }
+ if (status >= SERVER_READY && status < SERVER_GRACEFUL) {
+ ++active_thread_count;
+ }
}
}
- if (any_dead_threads && totally_free_length < idle_spawn_rate
+ if (any_dead_threads && totally_free_length < idle_spawn_rate
+ && free_length < MAX_SPAWN_RATE
&& (!ps->pid /* no process in the slot */
|| ps->quiescing)) { /* or at least one is going away */
if (all_dead_threads) {
/* great! we prefer these, because the new process can
- * start more threads sooner. So prioritize this slot
+ * start more threads sooner. So prioritize this slot
* by putting it ahead of any slots with active threads.
*
* first, make room by moving a slot that's potentially still
else {
/* slot is still in use - back of the bus
*/
- free_slots[free_length] = i;
+ free_slots[free_length] = i;
}
++free_length;
}
++total_non_dead;
}
}
+
+ if (sick_child_detected) {
+ if (active_thread_count > 0) {
+ /* some child processes appear to be working. don't kill the
+ * whole server.
+ */
+ sick_child_detected = 0;
+ }
+ else {
+ /* looks like a basket case. give up.
+ */
+ shutdown_pending = 1;
+ child_fatal = 1;
+ ap_log_error(APLOG_MARK, APLOG_ALERT, 0,
+ ap_server_conf,
+ "No active workers found..."
+ " Apache is exiting!");
+ /* the child already logged the failure details */
+ return;
+ }
+ }
+
ap_max_daemons_limit = last_non_dead + 1;
if (idle_thread_count > max_spare_threads) {
}
else if (idle_thread_count < min_spare_threads) {
/* terminate the free list */
- if (free_length == 0) {
- /* only report this condition once */
- static int reported = 0;
-
- if (!reported) {
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0,
+ if (free_length == 0) { /* scoreboard is full, can't fork */
+
+ if (active_thread_count >= ap_daemons_limit * ap_threads_per_child) {
+ static int reported = 0;
+ if (!reported) {
+ /* only report this condition once */
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0,
+ ap_server_conf,
+ "server reached MaxClients setting, consider"
+ " raising the MaxClients setting");
+ reported = 1;
+ }
+ }
+ else {
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0,
ap_server_conf,
- "server reached MaxClients setting, consider"
- " raising the MaxClients setting");
- reported = 1;
+ "scoreboard is full, not at MaxClients");
}
idle_spawn_rate = 1;
}
free_length = idle_spawn_rate;
}
if (idle_spawn_rate >= 8) {
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, 0,
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0,
ap_server_conf,
"server seems busy, (you may need "
"to increase StartServers, ThreadsPerChild "
while (!restart_pending && !shutdown_pending) {
ap_wait_or_timeout(&exitwhy, &status, &pid, pconf);
-
+
if (pid.pid != -1) {
processed_status = ap_process_child_status(&pid, exitwhy, status);
if (processed_status == APEXIT_CHILDFATAL) {
child_fatal = 1;
return;
}
+ else if (processed_status == APEXIT_CHILDSICK) {
+ /* tell perform_idle_server_maintenance to check into this
+ * on the next timer pop
+ */
+ sick_child_detected = 1;
+ }
/* non-fatal death... note that it's gone in the scoreboard. */
child_slot = find_child_by_pid(&pid);
if (child_slot >= 0) {
for (i = 0; i < ap_threads_per_child; i++)
- ap_update_child_status_from_indexes(child_slot, i, SERVER_DEAD,
+ ap_update_child_status_from_indexes(child_slot, i, SERVER_DEAD,
(request_rec *) NULL);
-
+
ap_scoreboard_image->parent[child_slot].pid = 0;
ap_scoreboard_image->parent[child_slot].quiescing = 0;
if (processed_status == APEXIT_CHILDSICK) {
make_child(ap_server_conf, child_slot);
--remaining_children_to_start;
}
+ }
+ else if (ap_unregister_extra_mpm_process(pid.pid) == 1) {
+ /* handled */
#if APR_HAS_OTHER_CHILD
}
- else if (apr_proc_other_child_read(&pid, status) == 0) {
+ else if (apr_proc_other_child_alert(&pid, APR_OC_REASON_DEATH,
+ status) == 0) {
/* handled */
#endif
}
/* Great, we've probably just lost a slot in the
* scoreboard. Somehow we don't know about this child.
*/
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0,
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
ap_server_conf,
"long lost child came home! (pid %ld)",
(long)pid.pid);
ap_log_pid(pconf, ap_pid_fname);
- first_server_limit = server_limit;
- first_thread_limit = thread_limit;
- if (changed_limit_at_restart) {
- ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_NOERRNO, 0, s,
- "WARNING: Attempt to change ServerLimit or ThreadLimit "
- "ignored during restart");
- changed_limit_at_restart = 0;
- }
-
/* Initialize cross-process accept lock */
ap_lock_fname = apr_psprintf(_pconf, "%s.%" APR_PID_T_FMT,
ap_server_root_relative(_pconf, ap_lock_fname),
ap_my_pid);
- rv = apr_proc_mutex_create(&accept_mutex, ap_lock_fname,
+ rv = apr_proc_mutex_create(&accept_mutex, ap_lock_fname,
ap_accept_lock_mech, _pconf);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
"Couldn't create accept lock");
+ mpm_state = AP_MPMQ_STOPPING;
return 1;
}
#if APR_USE_SYSVSEM_SERIALIZE
- if (ap_accept_lock_mech == APR_LOCK_DEFAULT ||
+ if (ap_accept_lock_mech == APR_LOCK_DEFAULT ||
ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
#else
if (ap_accept_lock_mech == APR_LOCK_SYSVSEM) {
rv = unixd_set_proc_mutex_perms(accept_mutex);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_EMERG, rv, s,
- "Couldn't set permissions on cross-process lock");
+ "Couldn't set permissions on cross-process lock; "
+ "check User and Group directives");
+ mpm_state = AP_MPMQ_STOPPING;
return 1;
}
}
if (!is_graceful) {
if (ap_run_pre_mpm(s->process->pool, SB_SHARED) != OK) {
+ mpm_state = AP_MPMQ_STOPPING;
return 1;
}
/* fix the generation number in the global score; we just got a new,
* cleared scoreboard
*/
ap_scoreboard_image->global->running_generation = ap_my_generation;
- update_scoreboard_global();
}
set_signals();
/* If we're doing a graceful_restart then we're going to see a lot
* of children exiting immediately when we get into the main loop
* below (because we just sent them AP_SIG_GRACEFUL). This happens pretty
- * rapidly... and for each one that exits we'll start a new one until
- * we reach at least daemons_min_free. But we may be permitted to
- * start more than that, so we'll just keep track of how many we're
+ * rapidly... and for each one that exits we may start a new one, until
+ * there are at least min_spare_threads idle threads, counting across
+ * all children. But we may be permitted to start more children than
+ * that, so we'll just keep track of how many we're
* supposed to start up without the 1 second penalty between each fork.
*/
remaining_children_to_start = ap_daemons_to_start;
hold_off_on_exponential_spawning = 10;
}
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
"%s configured -- resuming normal operations",
- ap_get_server_version());
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, 0, ap_server_conf,
+ ap_get_server_description());
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0, ap_server_conf,
"Server built: %s", ap_get_server_built());
#ifdef AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, 0, ap_server_conf,
- "AcceptMutex: %s", ap_valid_accept_mutex_string);
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf,
+ "AcceptMutex: %s (default: %s)",
+ apr_proc_mutex_name(accept_mutex),
+ apr_proc_mutex_defname());
#endif
restart_pending = shutdown_pending = 0;
+ mpm_state = AP_MPMQ_RUNNING;
server_main_loop(remaining_children_to_start);
+ mpm_state = AP_MPMQ_STOPPING;
- if (shutdown_pending) {
- /* Time to gracefully shut down:
+ if (shutdown_pending && !is_graceful) {
+ /* Time to shut down:
* Kill child processes, tell them to call child_exit, etc...
- * (By "gracefully" we don't mean graceful in the same sense as
- * "apachectl graceful" where we allow old connections to finish.)
*/
ap_mpm_pod_killpg(pod, ap_daemons_limit, FALSE);
ap_reclaim_child_processes(1); /* Start with SIGTERM */
const char *pidfile = NULL;
pidfile = ap_server_root_relative (pconf, ap_pid_fname);
if ( pidfile != NULL && unlink(pidfile) == 0)
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_INFO, 0,
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0,
ap_server_conf,
- "removed PID file %s (pid=%ld)",
- pidfile, (long)getpid());
-
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0,
+ "removed PID file %s (pid=%" APR_PID_T_FMT ")",
+ pidfile, getpid());
+
+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0,
ap_server_conf, "caught SIGTERM, shutting down");
}
+ return 1;
+ } else if (shutdown_pending) {
+ /* Time to gracefully shut down:
+ * Kill child processes, tell them to call child_exit, etc...
+ */
+ int active_children;
+ int index;
+ apr_time_t cutoff = 0;
+
+ /* Close our listeners, and then ask our children to do same */
+ ap_close_listeners();
+ ap_mpm_pod_killpg(pod, ap_daemons_limit, TRUE);
+ ap_relieve_child_processes();
+
+ if (!child_fatal) {
+ /* cleanup pid file on normal shutdown */
+ const char *pidfile = NULL;
+ pidfile = ap_server_root_relative (pconf, ap_pid_fname);
+ if ( pidfile != NULL && unlink(pidfile) == 0)
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0,
+ ap_server_conf,
+ "removed PID file %s (pid=%" APR_PID_T_FMT ")",
+ pidfile, getpid());
+
+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
+ "caught " AP_SIG_GRACEFUL_STOP_STRING
+ ", shutting down gracefully");
+ }
+
+ if (ap_graceful_shutdown_timeout) {
+ cutoff = apr_time_now() +
+ apr_time_from_sec(ap_graceful_shutdown_timeout);
+ }
+
+ /* Don't really exit until each child has finished */
+ shutdown_pending = 0;
+ do {
+ /* Pause for a second */
+ apr_sleep(apr_time_from_sec(1));
+
+ /* Relieve any children which have now exited */
+ ap_relieve_child_processes();
+
+ active_children = 0;
+ for (index = 0; index < ap_daemons_limit; ++index) {
+ if (ap_mpm_safe_kill(MPM_CHILD_PID(index), 0) == APR_SUCCESS) {
+ active_children = 1;
+ /* Having just one child is enough to stay around */
+ break;
+ }
+ }
+ } while (!shutdown_pending && active_children &&
+ (!ap_graceful_shutdown_timeout || apr_time_now() < cutoff));
+
+ /* We might be here because we received SIGTERM, either
+ * way, try and make sure that all of our processes are
+ * really dead.
+ */
+ ap_mpm_pod_killpg(pod, ap_daemons_limit, FALSE);
+ ap_reclaim_child_processes(1);
+
return 1;
}
*/
++ap_my_generation;
ap_scoreboard_image->global->running_generation = ap_my_generation;
- update_scoreboard_global();
-
+
if (is_graceful) {
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
AP_SIG_GRACEFUL_STRING " received. Doing graceful restart");
/* wake up the children...time to die. But we'll have more soon */
ap_mpm_pod_killpg(pod, ap_daemons_limit, TRUE);
-
+
/* This is mostly for debugging... so that we know what is still
* gracefully dealing with existing request.
*/
-
+
}
else {
- /* Kill 'em all. Since the child acts the same on the parents SIGTERM
+ /* Kill 'em all. Since the child acts the same on the parents SIGTERM
* and a SIGHUP, we may as well use the same signal, because some user
* pthreads are stealing signals from us left and right.
*/
ap_mpm_pod_killpg(pod, ap_daemons_limit, FALSE);
ap_reclaim_child_processes(1); /* Start with SIGTERM */
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0, ap_server_conf,
+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, ap_server_conf,
"SIGHUP received. Attempting to restart");
}
*/
static int worker_open_logs(apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
{
+ static int restart_num = 0;
+ int startup = 0;
+ int level_flags = 0;
apr_status_t rv;
pconf = p;
ap_server_conf = s;
+ /* the reverse of pre_config, we want this only the first time around */
+ if (restart_num++ == 0) {
+ startup = 1;
+ level_flags |= APLOG_STARTUP;
+ }
+
if ((num_listensocks = ap_setup_listeners(ap_server_conf)) < 1) {
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ALERT|APLOG_STARTUP, 0,
- NULL, "no listening sockets available, shutting down");
+ ap_log_error(APLOG_MARK, APLOG_ALERT | level_flags, 0,
+ (startup ? NULL : s),
+ "no listening sockets available, shutting down");
return DONE;
}
if (!one_process) {
if ((rv = ap_mpm_pod_open(pconf, &pod))) {
- ap_log_error(APLOG_MARK, APLOG_CRIT|APLOG_STARTUP, rv, NULL,
- "Could not open pipe-of-death.");
+ ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv,
+ (startup ? NULL : s),
+ "could not open pipe-of-death");
return DONE;
}
}
return OK;
}
-static int worker_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
+static int worker_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
apr_pool_t *ptemp)
{
static int restart_num = 0;
- int no_detach, debug;
- ap_directive_t *pdir;
- ap_directive_t *max_clients = NULL;
+ int no_detach, debug, foreground;
apr_status_t rv;
- /* make sure that "ThreadsPerChild" gets set before "MaxClients" */
- for (pdir = ap_conftree; pdir != NULL; pdir = pdir->next) {
- if (strncasecmp(pdir->directive, "ThreadsPerChild", 15) == 0) {
- if (!max_clients) {
- break; /* we're in the clear, got ThreadsPerChild first */
- }
- else {
- /* now to swap the data */
- ap_directive_t temp;
-
- temp.directive = pdir->directive;
- temp.args = pdir->args;
- /* Make sure you don't change 'next', or you may get loops! */
- /* XXX: first_child, parent, and data can never be set
- * for these directives, right? -aaron */
- temp.filename = pdir->filename;
- temp.line_num = pdir->line_num;
-
- pdir->directive = max_clients->directive;
- pdir->args = max_clients->args;
- pdir->filename = max_clients->filename;
- pdir->line_num = max_clients->line_num;
-
- max_clients->directive = temp.directive;
- max_clients->args = temp.args;
- max_clients->filename = temp.filename;
- max_clients->line_num = temp.line_num;
- break;
- }
- }
- else if (!max_clients
- && strncasecmp(pdir->directive, "MaxClients", 10) == 0) {
- max_clients = pdir;
- }
- }
+ mpm_state = AP_MPMQ_STARTING;
debug = ap_exists_config_define("DEBUG");
if (debug) {
- no_detach = one_process = 1;
+ foreground = one_process = 1;
+ no_detach = 0;
}
else {
one_process = ap_exists_config_define("ONE_PROCESS");
no_detach = ap_exists_config_define("NO_DETACH");
+ foreground = ap_exists_config_define("FOREGROUND");
}
/* sigh, want this only the second time around */
if (restart_num++ == 1) {
is_graceful = 0;
- if (!one_process) {
+ if (!one_process && !foreground) {
rv = apr_proc_detach(no_detach ? APR_PROC_DETACH_FOREGROUND
: APR_PROC_DETACH_DAEMONIZE);
if (rv != APR_SUCCESS) {
ap_daemons_to_start = DEFAULT_START_DAEMON;
min_spare_threads = DEFAULT_MIN_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
max_spare_threads = DEFAULT_MAX_FREE_DAEMON * DEFAULT_THREADS_PER_CHILD;
+ server_limit = DEFAULT_SERVER_LIMIT;
+ thread_limit = DEFAULT_THREAD_LIMIT;
ap_daemons_limit = server_limit;
ap_threads_per_child = DEFAULT_THREADS_PER_CHILD;
+ max_clients = ap_daemons_limit * ap_threads_per_child;
ap_pid_fname = DEFAULT_PIDLOG;
ap_lock_fname = DEFAULT_LOCKFILE;
ap_max_requests_per_child = DEFAULT_MAX_REQUESTS_PER_CHILD;
ap_extended_status = 0;
+#ifdef AP_MPM_WANT_SET_MAX_MEM_FREE
+ ap_max_mem_free = APR_ALLOCATOR_MAX_FREE_UNLIMITED;
+#endif
apr_cpystrn(ap_coredump_dir, ap_server_root, sizeof(ap_coredump_dir));
return OK;
}
+static int worker_check_config(apr_pool_t *p, apr_pool_t *plog,
+ apr_pool_t *ptemp, server_rec *s)
+{
+ static int restart_num = 0;
+ int startup = 0;
+
+ /* the reverse of pre_config, we want this only the first time around */
+ if (restart_num++ == 0) {
+ startup = 1;
+ }
+
+ if (server_limit > MAX_SERVER_LIMIT) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ServerLimit of %d exceeds compile-time "
+ "limit of", server_limit);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " %d servers, decreasing to %d.",
+ MAX_SERVER_LIMIT, MAX_SERVER_LIMIT);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ServerLimit of %d exceeds compile-time limit "
+ "of %d, decreasing to match",
+ server_limit, MAX_SERVER_LIMIT);
+ }
+ server_limit = MAX_SERVER_LIMIT;
+ }
+ else if (server_limit < 1) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ServerLimit of %d not allowed, "
+ "increasing to 1.", server_limit);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ServerLimit of %d not allowed, increasing to 1",
+ server_limit);
+ }
+ server_limit = 1;
+ }
+
+ /* you cannot change ServerLimit across a restart; ignore
+ * any such attempts
+ */
+ if (!first_server_limit) {
+ first_server_limit = server_limit;
+ }
+ else if (server_limit != first_server_limit) {
+ /* don't need a startup console version here */
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "changing ServerLimit to %d from original value of %d "
+ "not allowed during restart",
+ server_limit, first_server_limit);
+ server_limit = first_server_limit;
+ }
+
+ if (thread_limit > MAX_THREAD_LIMIT) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ThreadLimit of %d exceeds compile-time "
+ "limit of", thread_limit);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " %d threads, decreasing to %d.",
+ MAX_THREAD_LIMIT, MAX_THREAD_LIMIT);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ThreadLimit of %d exceeds compile-time limit "
+ "of %d, decreasing to match",
+ thread_limit, MAX_THREAD_LIMIT);
+ }
+ thread_limit = MAX_THREAD_LIMIT;
+ }
+ else if (thread_limit < 1) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ThreadLimit of %d not allowed, "
+ "increasing to 1.", thread_limit);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ThreadLimit of %d not allowed, increasing to 1",
+ thread_limit);
+ }
+ thread_limit = 1;
+ }
+
+ /* you cannot change ThreadLimit across a restart; ignore
+ * any such attempts
+ */
+ if (!first_thread_limit) {
+ first_thread_limit = thread_limit;
+ }
+ else if (thread_limit != first_thread_limit) {
+ /* don't need a startup console version here */
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "changing ThreadLimit to %d from original value of %d "
+ "not allowed during restart",
+ thread_limit, first_thread_limit);
+ thread_limit = first_thread_limit;
+ }
+
+ if (ap_threads_per_child > thread_limit) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ThreadsPerChild of %d exceeds ThreadLimit "
+ "of", ap_threads_per_child);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " %d threads, decreasing to %d.",
+ thread_limit, thread_limit);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " To increase, please see the ThreadLimit "
+ "directive.");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ThreadsPerChild of %d exceeds ThreadLimit "
+ "of %d, decreasing to match",
+ ap_threads_per_child, thread_limit);
+ }
+ ap_threads_per_child = thread_limit;
+ }
+ else if (ap_threads_per_child < 1) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: ThreadsPerChild of %d not allowed, "
+ "increasing to 1.", ap_threads_per_child);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "ThreadsPerChild of %d not allowed, increasing to 1",
+ ap_threads_per_child);
+ }
+ ap_threads_per_child = 1;
+ }
+
+ if (max_clients < ap_threads_per_child) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: MaxClients of %d is less than "
+ "ThreadsPerChild of", max_clients);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " %d, increasing to %d. MaxClients must be at "
+ "least as large",
+ ap_threads_per_child, ap_threads_per_child);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " as the number of threads in a single server.");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "MaxClients of %d is less than ThreadsPerChild "
+ "of %d, increasing to match",
+ max_clients, ap_threads_per_child);
+ }
+ max_clients = ap_threads_per_child;
+ }
+
+ ap_daemons_limit = max_clients / ap_threads_per_child;
+
+ if (max_clients % ap_threads_per_child) {
+ int tmp_max_clients = ap_daemons_limit * ap_threads_per_child;
+
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: MaxClients of %d is not an integer "
+ "multiple of", max_clients);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " ThreadsPerChild of %d, decreasing to nearest "
+ "multiple %d,", ap_threads_per_child,
+ tmp_max_clients);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " for a maximum of %d servers.",
+ ap_daemons_limit);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "MaxClients of %d is not an integer multiple of "
+ "ThreadsPerChild of %d, decreasing to nearest "
+ "multiple %d", max_clients, ap_threads_per_child,
+ tmp_max_clients);
+ }
+ max_clients = tmp_max_clients;
+ }
+
+ if (ap_daemons_limit > server_limit) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: MaxClients of %d would require %d "
+ "servers and ", max_clients, ap_daemons_limit);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " would exceed ServerLimit of %d, decreasing to %d.",
+ server_limit, server_limit * ap_threads_per_child);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " To increase, please see the ServerLimit "
+ "directive.");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "MaxClients of %d would require %d servers and "
+ "exceed ServerLimit of %d, decreasing to %d",
+ max_clients, ap_daemons_limit, server_limit,
+ server_limit * ap_threads_per_child);
+ }
+ ap_daemons_limit = server_limit;
+ }
+
+ /* ap_daemons_to_start > ap_daemons_limit checked in ap_mpm_run() */
+ if (ap_daemons_to_start < 0) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: StartServers of %d not allowed, "
+ "increasing to 1.", ap_daemons_to_start);
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "StartServers of %d not allowed, increasing to 1",
+ ap_daemons_to_start);
+ }
+ ap_daemons_to_start = 1;
+ }
+
+ if (min_spare_threads < 1) {
+ if (startup) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ "WARNING: MinSpareThreads of %d not allowed, "
+ "increasing to 1", min_spare_threads);
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " to avoid almost certain server failure.");
+ ap_log_error(APLOG_MARK, APLOG_WARNING | APLOG_STARTUP, 0, NULL,
+ " Please read the documentation.");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
+ "MinSpareThreads of %d not allowed, increasing to 1",
+ min_spare_threads);
+ }
+ min_spare_threads = 1;
+ }
+
+ /* max_spare_threads < min_spare_threads + ap_threads_per_child
+ * checked in ap_mpm_run()
+ */
+
+ return OK;
+}
+
static void worker_hooks(apr_pool_t *p)
{
- /* The worker open_logs phase must run before the core's, or stderr
+ /* Our open_logs hook function must run before the core's, or stderr
* will be redirected to a file, and the messages won't print to the
* console.
*/
static const char *const aszSucc[] = {"core.c", NULL};
one_process = 0;
- ap_hook_open_logs(worker_open_logs, NULL, aszSucc, APR_HOOK_MIDDLE);
- ap_hook_pre_config(worker_pre_config, NULL, NULL, APR_HOOK_MIDDLE);
+ ap_hook_open_logs(worker_open_logs, NULL, aszSucc, APR_HOOK_REALLY_FIRST);
+ /* we need to set the MPM state before other pre-config hooks use MPM query
+ * to retrieve it, so register as REALLY_FIRST
+ */
+ ap_hook_pre_config(worker_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
+ ap_hook_check_config(worker_check_config, NULL, NULL, APR_HOOK_MIDDLE);
}
static const char *set_daemons_to_start(cmd_parms *cmd, void *dummy,
- const char *arg)
+ const char *arg)
{
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
}
min_spare_threads = atoi(arg);
- if (min_spare_threads <= 0) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: detected MinSpareThreads set to non-positive.");
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "Resetting to 1 to avoid almost certain Apache failure.");
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "Please read the documentation.");
- min_spare_threads = 1;
- }
-
return NULL;
}
}
static const char *set_max_clients (cmd_parms *cmd, void *dummy,
- const char *arg)
+ const char *arg)
{
- int max_clients;
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
- /* It is ok to use ap_threads_per_child here because we are
- * sure that it gets set before MaxClients in the pre_config stage. */
max_clients = atoi(arg);
- if (max_clients < ap_threads_per_child) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: MaxClients (%d) must be at least as large",
- max_clients);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " large as ThreadsPerChild (%d). Automatically",
- ap_threads_per_child);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " increasing MaxClients to %d.",
- ap_threads_per_child);
- max_clients = ap_threads_per_child;
- }
- ap_daemons_limit = max_clients / ap_threads_per_child;
- if ((max_clients > 0) && (max_clients % ap_threads_per_child)) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: MaxClients (%d) is not an integer multiple",
- max_clients);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " of ThreadsPerChild (%d), lowering MaxClients to %d",
- ap_threads_per_child,
- ap_daemons_limit * ap_threads_per_child);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " for a maximum of %d child processes,",
- ap_daemons_limit);
- max_clients = ap_daemons_limit * ap_threads_per_child;
- }
- if (ap_daemons_limit > server_limit) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: MaxClients of %d would require %d servers,",
- max_clients, ap_daemons_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " and would exceed the ServerLimit value of %d.",
- server_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " Automatically lowering MaxClients to %d. To increase,",
- server_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " please see the ServerLimit directive.");
- ap_daemons_limit = server_limit;
- }
- else if (ap_daemons_limit < 1) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: Require MaxClients > 0, setting to 1");
- ap_daemons_limit = 1;
- }
return NULL;
}
static const char *set_threads_per_child (cmd_parms *cmd, void *dummy,
- const char *arg)
+ const char *arg)
{
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
}
ap_threads_per_child = atoi(arg);
- if (ap_threads_per_child > thread_limit) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: ThreadsPerChild of %d exceeds ThreadLimit "
- "value of %d", ap_threads_per_child,
- thread_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "threads, lowering ThreadsPerChild to %d. To increase, please"
- " see the", thread_limit);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " ThreadLimit directive.");
- ap_threads_per_child = thread_limit;
- }
- else if (ap_threads_per_child < 1) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: Require ThreadsPerChild > 0, setting to 1");
- ap_threads_per_child = 1;
- }
return NULL;
}
-static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
+static const char *set_server_limit (cmd_parms *cmd, void *dummy, const char *arg)
{
- int tmp_server_limit;
-
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
- tmp_server_limit = atoi(arg);
- /* you cannot change ServerLimit across a restart; ignore
- * any such attempts
- */
- if (first_server_limit &&
- tmp_server_limit != server_limit) {
- /* how do we log a message? the error log is a bit bucket at this
- * point; we'll just have to set a flag so that ap_mpm_run()
- * logs a warning later
- */
- changed_limit_at_restart = 1;
- return NULL;
- }
- server_limit = tmp_server_limit;
-
- if (server_limit > MAX_SERVER_LIMIT) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: ServerLimit of %d exceeds compile time limit "
- "of %d servers,", server_limit, MAX_SERVER_LIMIT);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " lowering ServerLimit to %d.", MAX_SERVER_LIMIT);
- server_limit = MAX_SERVER_LIMIT;
- }
- else if (server_limit < 1) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: Require ServerLimit > 0, setting to 1");
- server_limit = 1;
- }
+ server_limit = atoi(arg);
return NULL;
}
-static const char *set_thread_limit (cmd_parms *cmd, void *dummy, const char *arg)
+static const char *set_thread_limit (cmd_parms *cmd, void *dummy, const char *arg)
{
- int tmp_thread_limit;
-
const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
if (err != NULL) {
return err;
}
- tmp_thread_limit = atoi(arg);
- /* you cannot change ThreadLimit across a restart; ignore
- * any such attempts
- */
- if (first_thread_limit &&
- tmp_thread_limit != thread_limit) {
- /* how do we log a message? the error log is a bit bucket at this
- * point; we'll just have to set a flag so that ap_mpm_run()
- * logs a warning later
- */
- changed_limit_at_restart = 1;
- return NULL;
- }
- thread_limit = tmp_thread_limit;
-
- if (thread_limit > MAX_THREAD_LIMIT) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: ThreadLimit of %d exceeds compile time limit "
- "of %d servers,", thread_limit, MAX_THREAD_LIMIT);
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- " lowering ThreadLimit to %d.", MAX_THREAD_LIMIT);
- thread_limit = MAX_THREAD_LIMIT;
- }
- else if (thread_limit < 1) {
- ap_log_error(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, NULL,
- "WARNING: Require ThreadLimit > 0, setting to 1");
- thread_limit = 1;
- }
+ thread_limit = atoi(arg);
return NULL;
}
AP_INIT_TAKE1("StartServers", set_daemons_to_start, NULL, RSRC_CONF,
"Number of child processes launched at server startup"),
AP_INIT_TAKE1("MinSpareThreads", set_min_spare_threads, NULL, RSRC_CONF,
- "Minimum number of idle children, to handle request spikes"),
+ "Minimum number of idle threads, to handle request spikes"),
AP_INIT_TAKE1("MaxSpareThreads", set_max_spare_threads, NULL, RSRC_CONF,
- "Maximum number of idle children"),
+ "Maximum number of idle threads"),
AP_INIT_TAKE1("MaxClients", set_max_clients, NULL, RSRC_CONF,
- "Maximum number of children alive at the same time"),
+ "Maximum number of threads alive at the same time"),
AP_INIT_TAKE1("ThreadsPerChild", set_threads_per_child, NULL, RSRC_CONF,
"Number of threads each child creates"),
AP_INIT_TAKE1("ServerLimit", set_server_limit, NULL, RSRC_CONF,
- "Maximum value of MaxClients for this run of Apache"),
+ "Maximum number of child processes for this run of Apache"),
AP_INIT_TAKE1("ThreadLimit", set_thread_limit, NULL, RSRC_CONF,
- "Maximum worker threads in a server for this run of Apache"),
+ "Maximum number of worker threads per child process for this run of Apache - Upper limit for ThreadsPerChild"),
+AP_GRACEFUL_SHUTDOWN_TIMEOUT_COMMAND,
{ NULL }
};
module AP_MODULE_DECLARE_DATA mpm_worker_module = {
MPM20_MODULE_STUFF,
- NULL, /* hook to run before apache parses args */
+ ap_mpm_rewrite_args, /* hook to run before apache parses args */
NULL, /* create per-directory config structure */
NULL, /* merge per-directory config structures */
NULL, /* create per-server config structure */
projects / apache / blobdiff