From: Ruediger Pluem <rpluem@apache.org>
Date: Wed, 8 Oct 2008 13:32:07 +0000 (+0000)
Subject: * Recheck again if idle workers are still available when we are signaled that
X-Git-Tag: 2.3.0~277
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4f4fec46e7cf5ba7f3301bbb7b5e8b60465499bd;p=thirdparty%2Fapache%2Fhttpd.git

* Recheck again if idle workers are still available when we are signaled that
  they are. This is needed since it can happen that we are signaled by a
  worker thread that went idle but received a context switch before it could
  tell us. If it does signal us later once it is on CPU again there might be
  no idle worker left. See
  https://issues.apache.org/bugzilla/show_bug.cgi?id=45605#c4

PR: 45605
Submitted by: Denis Ustimenko <denusk gmail.com>
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@702867 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index eaf549230eb..88bdf81ab3d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) Worker MPM: Crosscheck that idle workers are still available before using
+     them and thus preventing an overflow of the worker queue which causes
+     a SegFault. PR 45605 [Denis Ustimenko <denusk gmail.com>]
+
   *) mod_proxy_ajp: Fix wrongly formatted requests where client
      sets Content-Length header, but doesn't provide a body.
      Servlet container always expects that next packet is
diff --git a/server/mpm/worker/fdqueue.c b/server/mpm/worker/fdqueue.c
index d46dd5361bd..dfbe8c47cfd 100644
--- a/server/mpm/worker/fdqueue.c
+++ b/server/mpm/worker/fdqueue.c
@@ -155,7 +155,15 @@ apr_status_t ap_queue_info_wait_for_idler(fd_queue_info_t *queue_info,
          * region, one of two things may have happened:
          *   - If the idle worker count is still zero, the
          *     workers are all still busy, so it's safe to
-         *     block on a condition variable.
+         *     block on a condition variable, BUT
+         *     we need to check for idle worker count again
+         *     when we are signaled since it can happen that
+         *     we are signaled by a worker thread that went idle
+         *     but received a context switch before it could
+         *     tell us. If it does signal us later once it is on
+         *     CPU again there might be no idle worker left.
+         *     See
+         *     https://issues.apache.org/bugzilla/show_bug.cgi?id=45605#c4
          *   - If the idle worker count is nonzero, then a
          *     worker has become idle since the first check
          *     of queue_info->idlers above.  It's possible
@@ -166,7 +174,7 @@ apr_status_t ap_queue_info_wait_for_idler(fd_queue_info_t *queue_info,
          *     now nonzero, it's safe for this function to
          *     return immediately.
          */
-        if (queue_info->idlers == 0) {
+        while (queue_info->idlers == 0) {
             rv = apr_thread_cond_wait(queue_info->wait_for_idler,
                                   queue_info->idlers_mutex);
             if (rv != APR_SUCCESS) {