mirror of
https://github.com/apache/httpd.git
synced 2025-08-15 23:27:39 +00:00
d9a3b78926
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1690137 13f79535-47bb-0310-9956-ffa450edef68
288 lines
13 KiB
XML
288 lines
13 KiB
XML
<?xml version="1.0" encoding="UTF-8" ?>
|
|
<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd">
|
|
<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
|
|
<!-- $LastChangedRevision$ -->
|
|
|
|
<!--
|
|
Licensed to the Apache Software Foundation (ASF) under one or more
|
|
contributor license agreements. See the NOTICE file distributed with
|
|
this work for additional information regarding copyright ownership.
|
|
The ASF licenses this file to You under the Apache License, Version 2.0
|
|
(the "License"); you may not use this file except in compliance with
|
|
the License. You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
-->
|
|
|
|
<manualpage metafile="thread_safety.xml.meta">
|
|
<parentdocument href="./">Developer Documentation</parentdocument>
|
|
|
|
<title>Apache HTTP Server 2.x Thread Safety Issues</title>
|
|
|
|
<summary>
|
|
<p>When using any of the threaded mpms in the Apache HTTP Server 2.x it is important
|
|
that every function called from Apache be thread safe. When linking in 3rd
|
|
party extensions it can be difficult to determine whether the resulting
|
|
server will be thread safe. Casual testing generally won't tell you this
|
|
either as thread safety problems can lead to subtle race conditions that
|
|
may only show up in certain conditions under heavy load.</p>
|
|
</summary>
|
|
|
|
<section id="variables"><title>Global and static variables</title>
|
|
<p>When writing your module or when trying to determine if a module or
|
|
3rd party library is thread safe there are some common things to keep in
|
|
mind.</p>
|
|
|
|
<p>First, you need to recognize that in a threaded model each individual
|
|
thread has its own program counter, stack and registers. Local variables
|
|
live on the stack, so those are fine. You need to watch out for any
|
|
static or global variables. This doesn't mean that you are absolutely not
|
|
allowed to use static or global variables. There are times when you
|
|
actually want something to affect all threads, but generally you need to
|
|
avoid using them if you want your code to be thread safe.</p>
|
|
|
|
<p>In the case where you have a global variable that needs to be global and
|
|
accessed by all threads, be very careful when you update it. If, for
|
|
example, it is an incrementing counter, you need to atomically increment
|
|
it to avoid race conditions with other threads. You do this using a mutex
|
|
(mutual exclusion). Lock the mutex, read the current value, increment it
|
|
and write it back and then unlock the mutex. Any other thread that wants
|
|
to modify the value has to first check the mutex and block until it is
|
|
cleared.</p>
|
|
|
|
<p>If you are using <a href="http://apr.apache.org/">APR</a>, have a look
|
|
at the <code>apr_atomic_<var>*</var></code> functions and the
|
|
<code>apr_thread_mutex_<var>*</var></code> functions.</p>
|
|
<!-- [would probably be a good idea to add an example here] -->
|
|
</section>
|
|
|
|
<section id="errno"><title>errno</title>
|
|
<p>This is a common global variable that holds the error number of the
|
|
last error that occurred. If one thread calls a low-level function that
|
|
sets errno and then another thread checks it, we are bleeding error
|
|
numbers from one thread into another. To solve this, make sure your
|
|
module or library defines <code>_REENTRANT</code> or is compiled with
|
|
<code>-D_REENTRANT</code>. This will make errno a per-thread variable
|
|
and should hopefully be transparent to the code. It does this by doing
|
|
something like this:</p>
|
|
|
|
<example>
|
|
#define errno (*(__errno_location()))
|
|
</example>
|
|
|
|
<p>which means that accessing errno will call
|
|
<code>__errno_location()</code> which is provided by the libc. Setting
|
|
<code>_REENTRANT</code> also forces redefinition of some other functions
|
|
to their <code><var>*</var>_r</code> equivalents and sometimes changes
|
|
the common <code>getc</code>/<code>putc</code> macros into safer function
|
|
calls. Check your libc documentation for specifics. Instead of, or in
|
|
addition to <code>_REENTRANT</code> the symbols that may affect this are
|
|
<code>_POSIX_C_SOURCE</code>, <code>_THREAD_SAFE</code>,
|
|
<code>_SVID_SOURCE</code>, and <code>_BSD_SOURCE</code>.</p>
|
|
</section>
|
|
|
|
<section id="functions"><title>Common standard troublesome functions</title>
|
|
<p>Not only do things have to be thread safe, but they also have to be
|
|
reentrant. <code>strtok()</code> is an obvious one. You call it the first
|
|
time with your delimiter which it then remembers and on each subsequent
|
|
call it returns the next token. Obviously if multiple threads are
|
|
calling it you will have a problem. Most systems have a reentrant version
|
|
of the function called <code>strtok_r()</code> where you pass in an
|
|
extra argument which contains an allocated <code>char *</code> which the
|
|
function will use instead of its own static storage for maintaining
|
|
the tokenizing state. If you are using <a href="http://apr.apache.org/"
|
|
>APR</a> you can use <code>apr_strtok()</code>.</p>
|
|
|
|
<p><code>crypt()</code> is another function that tends to not be reentrant,
|
|
so if you run across calls to that function in a library, watch out. On
|
|
some systems it is reentrant though, so it is not always a problem. If
|
|
your system has <code>crypt_r()</code> chances are you should be using
|
|
that, or if possible simply avoid the whole mess by using md5 instead.</p>
|
|
<!-- [I don't see an apr_crypt() function.] -->
|
|
</section>
|
|
|
|
<section id="commonlibs"><title>Common 3rd Party Libraries</title>
|
|
<p>The following is a list of common libraries that are used by 3rd party
|
|
Apache modules. You can check to see if your module is using a potentially
|
|
unsafe library by using tools such as <code>ldd(1)</code> and
|
|
<code>nm(1)</code>. For <a href="http://www.php.net/">PHP</a>, for example,
|
|
try this:</p>
|
|
|
|
<example>
|
|
% ldd libphp4.so<br />
|
|
libsablot.so.0 => /usr/local/lib/libsablot.so.0 (0x401f6000)<br />
|
|
libexpat.so.0 => /usr/lib/libexpat.so.0 (0x402da000)<br />
|
|
libsnmp.so.0 => /usr/lib/libsnmp.so.0 (0x402f9000)<br />
|
|
libpdf.so.1 => /usr/local/lib/libpdf.so.1 (0x40353000)<br />
|
|
libz.so.1 => /usr/lib/libz.so.1 (0x403e2000)<br />
|
|
libpng.so.2 => /usr/lib/libpng.so.2 (0x403f0000)<br />
|
|
libmysqlclient.so.11 => /usr/lib/libmysqlclient.so.11 (0x40411000)<br />
|
|
libming.so => /usr/lib/libming.so (0x40449000)<br />
|
|
libm.so.6 => /lib/libm.so.6 (0x40487000)<br />
|
|
libfreetype.so.6 => /usr/lib/libfreetype.so.6 (0x404a8000)<br />
|
|
libjpeg.so.62 => /usr/lib/libjpeg.so.62 (0x404e7000)<br />
|
|
libcrypt.so.1 => /lib/libcrypt.so.1 (0x40505000)<br />
|
|
libssl.so.2 => /lib/libssl.so.2 (0x40532000)<br />
|
|
libcrypto.so.2 => /lib/libcrypto.so.2 (0x40560000)<br />
|
|
libresolv.so.2 => /lib/libresolv.so.2 (0x40624000)<br />
|
|
libdl.so.2 => /lib/libdl.so.2 (0x40634000)<br />
|
|
libnsl.so.1 => /lib/libnsl.so.1 (0x40637000)<br />
|
|
libc.so.6 => /lib/libc.so.6 (0x4064b000)<br />
|
|
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)
|
|
</example>
|
|
|
|
<p>In addition to these libraries you will need to have a look at any
|
|
libraries linked statically into the module. You can use <code>nm(1)</code>
|
|
to look for individual symbols in the module.</p>
|
|
</section>
|
|
|
|
<section id="liblist"><title>Library List</title>
|
|
<p>Please drop a note to <a
|
|
href="http://httpd.apache.org/lists.html#http-dev">dev@httpd.apache.org</a>
|
|
if you have additions or corrections to this list.</p>
|
|
|
|
<table style="zebra" border="1">
|
|
<tr><th>Library</th><th>Version</th><th>Thread Safe?</th><th>Notes</th></tr>
|
|
<tr><td><a href="http://aspell.sourceforge.net/">ASpell/PSpell</a></td>
|
|
<td> </td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.sleepycat.com/">Berkeley DB</a></td>
|
|
<td>3.x, 4.x</td>
|
|
<td>Yes</td>
|
|
<td>Be careful about sharing a connection across threads.</td></tr>
|
|
<tr><td><a href="http://sources.redhat.com/bzip2/index.html">bzip2</a></td>
|
|
<td> </td>
|
|
<td>Yes</td>
|
|
<td>Both low-level and high-level APIs are thread-safe. However,
|
|
high-level API requires thread-safe access to errno.</td></tr>
|
|
<tr><td><a href="http://cr.yp.to/cdb.html">cdb</a></td>
|
|
<td> </td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.washington.edu/imap/">C-Client</a></td>
|
|
<td> </td>
|
|
<td>Perhaps</td>
|
|
<td>c-client uses <code>strtok()</code> and
|
|
<code>gethostbyname()</code> which are not thread-safe on most C
|
|
library implementations. c-client's static data is meant to be shared
|
|
across threads. If <code>strtok()</code> and
|
|
<code>gethostbyname()</code> are thread-safe on your OS, c-client
|
|
<em>may</em> be thread-safe.</td></tr>
|
|
<tr><td><a href="http://www.ijg.org/files/">libcrypt</a></td>
|
|
<td> </td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://expat.sourceforge.net/">Expat</a></td>
|
|
<td> </td>
|
|
<td>Yes</td>
|
|
<td>Need a separate parser instance per thread</td></tr>
|
|
<tr><td><a href="http://www.freetds.org/">FreeTDS</a></td>
|
|
<td> </td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.freetype.org/">FreeType</a></td>
|
|
<td> </td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.boutell.com/gd/">GD 1.8.x</a></td>
|
|
<td> </td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.boutell.com/gd/">GD 2.0.x</a></td>
|
|
<td> </td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.gnu.org/software/gdbm/gdbm.html">gdbm</a></td>
|
|
<td> </td>
|
|
<td>No</td>
|
|
<td>Errors returned via a static <code>gdbm_error</code>
|
|
variable</td></tr>
|
|
<tr><td><a href="http://www.imagemagick.org/">ImageMagick</a></td>
|
|
<td>5.2.2</td>
|
|
<td>Yes</td>
|
|
<td>ImageMagick docs claim it is thread safe since version 5.2.2 (see <a
|
|
href="http://www.imagemagick.com/www/changelog.html"
|
|
>Change log</a>).
|
|
</td></tr>
|
|
<tr><td><a href="http://www.enlightenment.org/p.php?p=about/efl&l=en"
|
|
>Imlib2</a></td>
|
|
<td> </td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.ijg.org/files/">libjpeg</a></td>
|
|
<td>v6b</td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://mysql.com">libmysqlclient</a></td>
|
|
<td> </td>
|
|
<td>Yes</td>
|
|
<td>Use mysqlclient_r library variant to ensure thread-safety. For
|
|
more information, please read <a
|
|
href="http://dev.mysql.com/doc/mysql/en/Threaded_clients.html"
|
|
>http://dev.mysql.com/doc/mysql/en/Threaded_clients.html</a>.</td></tr>
|
|
<tr><td><a href="http://www.opaque.net/ming/">Ming</a></td>
|
|
<td>0.2a</td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://net-snmp.sourceforge.net/">Net-SNMP</a></td>
|
|
<td>5.0.x</td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.openldap.org/">OpenLDAP</a></td>
|
|
<td>2.1.x</td>
|
|
<td>Yes</td>
|
|
<td>Use <code>ldap_r</code> library variant to ensure
|
|
thread-safety.</td></tr>
|
|
<tr><td><a href="http://www.openssl.org/">OpenSSL</a></td>
|
|
<td>0.9.6g</td>
|
|
<td>Yes</td>
|
|
<td>Requires proper usage of <code>CRYPTO_num_locks</code>,
|
|
<code>CRYPTO_set_locking_callback</code>,
|
|
<code>CRYPTO_set_id_callback</code></td></tr>
|
|
<tr><td><a href="http://www.oracle.com/">liboci8 (Oracle 8+)</a></td>
|
|
<td>8.x,9.x</td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://pdflib.com/">pdflib</a></td>
|
|
<td>5.0.x</td>
|
|
<td>Yes</td>
|
|
<td>PDFLib docs claim it is thread safe; changes.txt indicates it
|
|
has been partially thread-safe since V1.91: <a
|
|
href="http://www.pdflib.com/products/pdflib-family/pdflib/"
|
|
>http://www.pdflib.com/products/pdflib-family/pdflib/</a>.</td></tr>
|
|
<tr><td><a href="http://www.libpng.org/pub/png/libpng.html">libpng</a></td>
|
|
<td>1.0.x</td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a href="http://www.libpng.org/pub/png/libpng.html">libpng</a></td>
|
|
<td>1.2.x</td>
|
|
<td>?</td>
|
|
<td> </td></tr>
|
|
<tr><td><a
|
|
href="http://www.postgresql.org/docs/8.4/static/libpq-threading.html"
|
|
>libpq (PostgreSQL)</a></td>
|
|
<td>8.x</td>
|
|
<td>Yes</td>
|
|
<td>Don't share connections across threads and watch out for
|
|
<code>crypt()</code> calls</td></tr>
|
|
<tr><td><a href="http://www.gingerall.com/charlie/ga/xml/p_sab.xml"
|
|
>Sablotron</a></td>
|
|
<td>0.95</td>
|
|
<td>?</td>
|
|
<td></td></tr>
|
|
<tr><td><a href="http://www.gzip.org/zlib/">zlib</a></td>
|
|
<td>1.1.4</td>
|
|
<td>Yes</td>
|
|
<td>Relies upon thread-safe zalloc and zfree functions Default is to
|
|
use libc's calloc/free which are thread-safe.</td></tr>
|
|
</table>
|
|
</section>
|
|
</manualpage>
|