static void master_status_event(int event, char *context)
{
const char *myname = "master_status_event";
MASTER_SERV *serv = (MASTER_SERV *) context;
MASTER_STATUS stat;
MASTER_PROC *proc;
MASTER_PID pid;
int n;
if (event == 0) /* XXX Can this happen? */
return;
/*
* We always keep the child end of the status pipe open, so an EOF read
* condition means that we're seriously confused. We use non-blocking
* reads so that we don't get stuck when someone sends a partial message.
* Messages are short, so a partial read means someone wrote less than a
* whole status message. Hopefully the next read will be in sync again...
* We use a global child process status table because when a child dies
* only its pid is known - we do not know what service it came from.
*/
switch (n = read(serv->status_fd[0], (char *) &stat, sizeof(stat))) {
case -1:
msg_warn("%s: read: %m", myname);
return;
case 0:
msg_panic("%s: read EOF status", myname);
/* NOTREACHED */
default:
msg_warn("service %s(%s): child (pid %d) sent partial status update (%d bytes)",
serv->ext_name, serv->name, stat.pid, n);
return;
case sizeof(stat):
pid = stat.pid;
if (msg_verbose)
msg_info("%s: pid %d gen %u avail %d",
myname, stat.pid, stat.gen, stat.avail);
}
/*
* Sanity checks. Do not freak out when the child sends garbage because
* it is confused or for other reasons. However, be sure to freak out
* when our own data structures are inconsistent. A process not found
* condition can happen when we reap a process before receiving its
* status update, so this is not an error.
*/
if ((proc = (MASTER_PROC *) binhash_find(master_child_table,
(char *) &pid, sizeof(pid))) == 0) {
if (msg_verbose)
msg_info("%s: process id not found: %d", myname, stat.pid);
return;
}
if (proc->gen != stat.gen) {
msg_info("ignoring status update from child pid %d generation %u",
pid, stat.gen);
return;
}
if (proc->serv != serv)
msg_panic("%s: pointer corruption: %p != %p",
myname, (void *) proc->serv, (void *) serv);
/*
* Update our idea of the child process status. Allow redundant status
* updates, because different types of events may be processed out of
* order. Otherwise, warn about weird status updates but do not take
* action. It's all gossip after all.
*/
if (proc->avail == stat.avail)
return;
switch (stat.avail) {
case MASTER_STAT_AVAIL:
proc->use_count++;
master_avail_more(serv, proc);
break;
case MASTER_STAT_TAKEN:
master_avail_less(serv, proc);
break;
default:
msg_warn("%s: ignoring unknown status: %d allegedly from pid: %d",
myname, stat.pid, stat.avail);
break;
}
}
void master_spawn(MASTER_SERV *serv)
{
const char *myname = "master_spawn";
MASTER_PROC *proc;
MASTER_PID pid;
int n;
static unsigned master_generation = 0;
static VSTRING *env_gen = 0;
if (master_child_table == 0)
master_child_table = binhash_create(0);
if (env_gen == 0)
env_gen = vstring_alloc(100);
/*
* Sanity checks. The master_avail module is supposed to know what it is
* doing.
*/
if (!MASTER_LIMIT_OK(serv->max_proc, serv->total_proc))
msg_panic("%s: at process limit %d", myname, serv->total_proc);
if (serv->avail_proc > 0)
msg_panic("%s: processes available: %d", myname, serv->avail_proc);
if (serv->flags & MASTER_FLAG_THROTTLE)
msg_panic("%s: throttled service: %s", myname, serv->path);
/*
* Create a child process and connect parent and child via the status
* pipe.
*/
master_generation += 1;
switch (pid = fork()) {
/*
* Error. We're out of some essential resource. Best recourse is to
* try again later.
*/
case -1:
msg_warn("%s: fork: %m -- throttling", myname);
master_throttle(serv);
return;
/*
* Child process. Redirect child stdin/stdout to the parent-child
* connection and run the requested command. Leave child stderr
* alone. Disable exit handlers: they should be executed by the
* parent only.
*
* When we reach the process limit on a public internet service, we
* create stress-mode processes until the process count stays below
* the limit for some amount of time. See master_avail_listen().
*/
case 0:
msg_cleanup((void (*) (void)) 0); /* disable exit handler */
closelog(); /* avoid filedes leak */
if (master_flow_pipe[0] <= MASTER_FLOW_READ)
msg_fatal("%s: flow pipe read descriptor <= %d",
myname, MASTER_FLOW_READ);
if (DUP2(master_flow_pipe[0], MASTER_FLOW_READ) < 0)
msg_fatal("%s: dup2: %m", myname);
if (close(master_flow_pipe[0]) < 0)
msg_fatal("close %d: %m", master_flow_pipe[0]);
if (master_flow_pipe[1] <= MASTER_FLOW_WRITE)
msg_fatal("%s: flow pipe read descriptor <= %d",
myname, MASTER_FLOW_WRITE);
if (DUP2(master_flow_pipe[1], MASTER_FLOW_WRITE) < 0)
msg_fatal("%s: dup2: %m", myname);
if (close(master_flow_pipe[1]) < 0)
msg_fatal("close %d: %m", master_flow_pipe[1]);
close(serv->status_fd[0]); /* status channel */
if (serv->status_fd[1] <= MASTER_STATUS_FD)
msg_fatal("%s: status file descriptor collision", myname);
if (DUP2(serv->status_fd[1], MASTER_STATUS_FD) < 0)
msg_fatal("%s: dup2 status_fd: %m", myname);
(void) close(serv->status_fd[1]);
for (n = 0; n < serv->listen_fd_count; n++) {
if (serv->listen_fd[n] <= MASTER_LISTEN_FD + n)
msg_fatal("%s: listen file descriptor collision", myname);
if (DUP2(serv->listen_fd[n], MASTER_LISTEN_FD + n) < 0)
msg_fatal("%s: dup2 listen_fd %d: %m",
myname, serv->listen_fd[n]);
(void) close(serv->listen_fd[n]);
}
vstring_sprintf(env_gen, "%s=%o", MASTER_GEN_NAME, master_generation);
if (putenv(vstring_str(env_gen)) < 0)
msg_fatal("%s: putenv: %m", myname);
if (serv->stress_param_val && serv->stress_expire_time > event_time())
serv->stress_param_val[0] = CONFIG_BOOL_YES[0];
execvp(serv->path, serv->args->argv);
msg_fatal("%s: exec %s: %m", myname, serv->path);
/* NOTREACHED */
/*
* Parent. Fill in a process member data structure and set up links
* between child and process. Say this process has become available.
* If this service has a wakeup timer that is turned on only when the
* service is actually used, turn on the wakeup timer.
*/
default:
if (msg_verbose)
msg_info("spawn command %s; pid %d", serv->path, pid);
proc = (MASTER_PROC *) mymalloc(sizeof(MASTER_PROC));
proc->serv = serv;
proc->pid = pid;
proc->gen = master_generation;
proc->use_count = 0;
proc->avail = 0;
binhash_enter(master_child_table, (void *) &pid,
sizeof(pid), (void *) proc);
serv->total_proc++;
master_avail_more(serv, proc);
if (serv->flags & MASTER_FLAG_CONDWAKE) {
serv->flags &= ~MASTER_FLAG_CONDWAKE;
master_wakeup_init(serv);
if (msg_verbose)
msg_info("start conditional timer for %s", serv->name);
}
return;
}
}
