From e5ab365322cd6ef16b63e26288f170aebbc31132 Mon Sep 17 00:00:00 2001 From: Jeff Trawick Date: Fri, 24 Sep 2010 11:25:25 +0000 Subject: [PATCH] Fix crash accessing pollset on worker thread when child process is exiting. The timeout mutex and pollset were allocated from the listener thread pool. During child process shutdown, the listener thread exits first while any outstanding requests finish. These objects need to be allocated from pchild since the lifetime extends until the last worker thread has finished. Switch to pchild, and move init of these objects to the same place as other thread-independent objects. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1000814 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ server/mpm/event/event.c | 39 +++++++++++++++++++++------------------ 2 files changed, 24 insertions(+), 18 deletions(-) diff --git a/CHANGES b/CHANGES index 2c64dcb58f..647727f284 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.3.9 + *) Event MPM: Fix crash accessing pollset on worker thread when child + process is exiting. [Jeff Trawick] + *) core: For process invocation (cgi, fcgid, piped loggers and so forth) pass the system library path (LD_LIBRARY_PATH or platform-specific variables) along with the system PATH, by default. Both should be diff --git a/server/mpm/event/event.c b/server/mpm/event/event.c index 371eb6620d..452a67b773 100644 --- a/server/mpm/event/event.c +++ b/server/mpm/event/event.c @@ -826,30 +826,12 @@ static apr_status_t init_pollset(apr_pool_t *p) #if HAVE_SERF s_baton_t *baton = NULL; #endif - apr_status_t rv; ap_listen_rec *lr; listener_poll_type *pt; - rv = apr_thread_mutex_create(&timeout_mutex, APR_THREAD_MUTEX_DEFAULT, p); - if (rv != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf, - "creation of the timeout mutex failed."); - return rv; - } - APR_RING_INIT(&timeout_head, conn_state_t, timeout_list); APR_RING_INIT(&keepalive_timeout_head, conn_state_t, timeout_list); - /* Create the main pollset */ - rv = apr_pollset_create(&event_pollset, - threads_per_child, - p, APR_POLLSET_THREADSAFE | APR_POLLSET_NOCOPY); - if (rv != APR_SUCCESS) { - ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf, - "apr_pollset_create with Thread Safety failed."); - return rv; - } - for (lr = ap_listeners; lr != NULL; lr = lr->next) { apr_pollfd_t *pfd = apr_palloc(p, sizeof(*pfd)); pt = apr_pcalloc(p, sizeof(*pt)); @@ -1507,6 +1489,27 @@ static void *APR_THREAD_FUNC start_threads(apr_thread_t * thd, void *dummy) clean_child_exit(APEXIT_CHILDFATAL); } + /* Create the timeout mutex and main pollset before the listener + * thread starts. + */ + rv = apr_thread_mutex_create(&timeout_mutex, APR_THREAD_MUTEX_DEFAULT, + pchild); + if (rv != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf, + "creation of the timeout mutex failed."); + clean_child_exit(APEXIT_CHILDFATAL); + } + + /* Create the main pollset */ + rv = apr_pollset_create(&event_pollset, + threads_per_child, + pchild, APR_POLLSET_THREADSAFE | APR_POLLSET_NOCOPY); + if (rv != APR_SUCCESS) { + ap_log_error(APLOG_MARK, APLOG_ERR, rv, ap_server_conf, + "apr_pollset_create with Thread Safety failed."); + clean_child_exit(APEXIT_CHILDFATAL); + } + worker_sockets = apr_pcalloc(pchild, threads_per_child * sizeof(apr_socket_t *)); -- 2.40.0