Checkout Tools
  • last updated 6 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Follow up to r1874055: fix typo.

Avoid UBSan exception calling memcpy(,NULL,0) at startup.

Follow-up to r1874011 which did the same for the event MPM.

Fix spelling errors found by codespell. [skip ci]

  1. … 100 more files in changeset.
MPMs unix: bind the bucket number of each child to its slot number

We need not remember each child's bucket number in SHM for restarts, for the

lifetime of the httpd main process the bucket number can be bound to the slot

number such that: bucket = slot % num_buckets.

This both simplifies the logic and helps children maintenance per bucket in

threaded MPMs, where previously perform_idle_server_maintenance() could create

or kill children processes for the buckets it was not in charge of.

  1. … 5 more files in changeset.
MPMs: early initialize scoreboard's child generation number.

Since [mpm]_note_child_killed uses the scoreboard's generation number for

child_status hook (MPM_CHILD_EXITED), we must initialize it early (i.e. in

[mpm]_note_child_started where MPM_CHILD_STARTED is set) to avoid race

conditions on restart (e.g. storm/loop of restarts) leading to AH00546.

PR 62658.

  1. … 5 more files in changeset.
event, worker: follow up to r1835845, r1837354: pruntime is global now.

  1. … 1 more file in changeset.
event, worker: initialize the objects used by signal_threads() first.

Follow up to r1835845.

If a signal is received early when the MPM children start, signal_threads() may

be called concurrently with start_streads() thus before the latter (or its

underlying threads like the listener_thread) had a chance to create and init

the queues, mutexes, pollset and sockets array used by the former.

So move those initializations to a new setup_threads_runtime() function called

before start_threads(), where the pruntime pool is also created.

  1. … 1 more file in changeset.
event, worker: runtime pool.

MPMs event and worker both need a dedicated pool to handle the creation of

the threads (listener, workers) and synchronization objects (queues, pollset,

mutexes...) in the start_threads() thread, with at least the lifetime of

the connections they handle, and thus survive pchild destruction (notably

in ONE_PROCCESS mode, but SIG_UNGRACEFUL is concerned too).

For instance, without this fix, the below backtrace can happen in ONE_PROCCESS

mode and a signal/^C is received (with active connections):

Thread 1 "httpd" received signal SIGSEGV, Segmentation fault.

(gdb) bt

#0 <BOOM>

#1 0x00007ffff7c7e016 in apr_file_write (thefile=0x0, ...)

^ NULL (cleared)

at file_io/unix/readwrite.c:230

#2 0x00007ffff7c7e4a7 in apr_file_putc (ch=1 '\001', thefile=0x0)

^ NULL (cleared)

at file_io/unix/readwrite.c:377

#3 0x00007ffff7c8da4a in apr_pollset_wakeup (pollset=0x55555568b870)

^ already destroyed by pchild

at poll/unix/pollset.c:224

#4 0x00007ffff7fc16c7 in decrement_connection_count (cs_=0x7fff08000ea0)

at event.c:811

#5 0x00007ffff7c83e15 in run_cleanups (cref=0x7fffe4002b78)

at memory/unix/apr_pools.c:2672

#6 0x00007ffff7c82c2f in apr_pool_destroy (pool=0x7fffe4002b58)

^ master_conn

at memory/unix/apr_pools.c:1007

#7 0x00007ffff7c82c12 in apr_pool_destroy (pool=0x7fff08000c28)

^ ptrans

at memory/unix/apr_pools.c:1004

#8 0x00007ffff7c82c12 in apr_pool_destroy (pool=0x555555638698)

^ pconf

at memory/unix/apr_pools.c:1004

#9 0x00007ffff7c82c12 in apr_pool_destroy (pool=0x555555636688)

^ pglobal

at memory/unix/apr_pools.c:1004

#10 0x00005555555f4709 in ap_terminate ()

at unixd.c:522

#11 0x00007ffff6dbc8f1 in __run_exit_handlers (...)

at exit.c:108

#12 0x00007ffff6dbc9ea in __GI_exit (status=<optimized out>)

at exit.c:139

#13 0x00007ffff7fc1616 in clean_child_exit (code=0)

at event.c:774

^ pchild already destroyed here

#14 0x00007ffff7fc5ae4 in child_main (child_num_arg=0, child_bucket=0)

at event.c:2869

...

While at it, add comments about the lifetimes of MPMs pools and their objects,

and give each pool a tag (e.g. "pchild" accordingly to other MPMs).

(follow up for event_pollset in r1835846).

  1. … 3 more files in changeset.
Revert r1814112, it does not work for threaded MPMs.

  1. … 2 more files in changeset.
mpm_fdqueue: follow up to r1821624.

Export ap_queue_*() fonctions, so that they are accessible from MPMs, but

don't provide "mpm_fdqueue.h" in the API (include/).

  1. … 4 more files in changeset.
mpm_fdqueue: follow up to r1821624.

Make the allocation and zero-ing in ap_queue_init() => ap_queue_create().

  1. … 3 more files in changeset.
mpm_fdqueue: follow up to r1821624.

Be explicit in the naming about what's push/pop-ed.

  1. … 3 more files in changeset.
mpm_worker: follow up to r1821624.

Free idle pools while stopping.

mpm_worker: follow up to r1821624.

Use common [mpm_]fdqueue.

Revert r1821526, r1821527, r1821534, r1821538, r1821539, r1821541, r1821605, r1821607, r1821608.

Instead of copying event/fdqueue.c code into existing mpm_unix.c, losing all

contributors (blame, since r105919...), will restart the series by svn-moving

event/fdqueue.[ch] to server/mpm_fdqueue.[ch] first.

The code is not really unix specific either, so this sounds better.

  1. … 6 more files in changeset.
mpm_worker: Follow up to r1821526.

Use common fdqueue.

[Reverted by r1821619]

mpm_{event,worker}: Mask signals for threads created by modules in child init.

PR 62009, so that they don't receive (implicitely) the ones meant for the MPM.

Inspired by: Armin Abfalterer <a.abfalterer gmail.com>

Proposed by: Yann Ylavic

  1. … 2 more files in changeset.
Revert r1821499, will re-commit the right change.
  1. … 2 more files in changeset.
mpm_event,worker: Mask signals for threads created by modules in child init.

PR 62009, so that they don't receive (implicitely) the ones meant for the MPM.

Inspired by: Armin Abfalterer <a.abfalterer gmail com>

Proposed by: Yann Ylavic

[Reverted by r1821503]

  1. … 2 more files in changeset.
Add "AcceptErrorsNonFatal" directive

This tweaks accept() failure processing by having ap_unixd_accept

pass more errors up, and having the MPM's check against a macro

to see if they are in a whitelist of non ENETDOWN/EMFILE kind

of potential process-wide errors.

Default behavior is still to exit.

edit: MMN bump in 1820099.

  1. … 8 more files in changeset.
mpm_unix(es): cleanup properly on exit in one_process mode.

We can't destroy ap_pglobal because clean_child_exit() runs in DSO which would

be unloaded under us, so use atexit() to defer the final apr_terminate().

[Reverted by 1822535]

  1. … 2 more files in changeset.
core, MPMs unix: follow up to r1809881.

Deregister all hooks first (in pre_cleanup), by doing it last we could still

have had them run when DSOs were unloaded.

Likewise, avoid double faults when handling fatal signals by restoring the

default handler before pconf is cleared (we can't ap_log_error there).

Finally, we need to ignore sig_term/restart (do nothing) when the main

process is exiting (i.e. ap_pglobal is destroyed), since retained_data are

freed.

Aimed to fix all faults in PR 61558.

  1. … 6 more files in changeset.
mpm_worker: no mutex needed at ptrans' allocator level.

(reverts r1783808)

  1. … 1 more file in changeset.
MPMs unix: Place signals handlers and helpers out of DSOs to avoid

a possible crash if a signal is caught during (graceful) restart.

PR 60487.

  1. … 8 more files in changeset.
mpm_worker: follow up to r1783755.

Use a mutex for ptrans' allocator to be safe with concurrent

creation and destruction of its subpools, like with mod_http2.

  1. … 1 more file in changeset.
check: merge warning fixes from feature branch
  1. … 27 more files in changeset.
check: merge MPM-DSO fixes from feature branch
  1. … 27 more files in changeset.
Fix spelling in comments and text files.

No functional change.

PR 59990

  1. … 69 more files in changeset.
Follow up to r1737447: fix max_spare_threads lower bound.

Suggested by: Rick Houser <rick.houser jackson.com>

  1. … 1 more file in changeset.

Ensure http2 follows http in the meaning of

status WRITE (meaning 'in the request processing

phase' even if still consuming the request body,

not literally in a 'now writing' state).

Ensure a number of MPMs and the h2 connection io

no longer clobber the request status line during

state-only changes. While at it, clean up some

very ugly formatting and unnecessary decoration,

and avoid the wordy _from_conn() flavor when we

are not passing a connection_rec.

Ensure the useragent_ip is only used in the case

where it has been initialized, fall back on the

connection's remote_ip if the status is accidently

updated from an uninitialized request_rec.

  1. … 8 more files in changeset.