1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
APACHE COMMONS: serf -*-indented-text-*-
TOPICS
1. Introduction
2. Thread Safety
3. Pool Usage
4. Bucket Read Functions
5. Versioning
6. Bucket lifetimes
-----------------------------------------------------------------------------
1. INTRODUCTION
This document details various design choices for the serf library. It
is intended to be a guide for serf developers. Of course, these design
principles, choices made, etc are a good source of information for
users of the serf library, too.
-----------------------------------------------------------------------------
2. THREAD SAFETY
The serf library should contain no mutable globals, making it is safe
to use in a multi-threaded environment.
Each "object" within the system does not need to be used from multiple
threads at a time. Thus, they require no internal mutexes, and can
disable mutexes within APR objects where applicable (e.g. pools that
are created).
The objects should not have any thread affinity (i.e. don't use
thread-local storage). This enables an application to use external
mutexes to guard entry to the serf objects, which then allows the
objects to be used from multiple threads.
-----------------------------------------------------------------------------
3. POOL USAGE
For general information on the proper use of pools, please see:
http://cvs.apache.org/viewcvs/*checkout*/apr/docs/pool-design.html
Within serf itself, the buckets introduce a significant issue related
to pools. Since it is very possible to end up creating *many* buckets
within a transaction, and that creation could be proportional to an
incoming or outgoing data stream, a lot of care must be take to avoid
tying bucket allocations to pools. If a bucket allocated any internal
memory against a pool, and if that bucket is created an unbounded
number of times, then the pool memory could be exhausted.
Thus, buckets are allocated using a custom allocator which allows the
memory to be freed when that bucket is no longer needed. This
contrasts with pools where the "free" operation occurs over a large
set of objects, which is problematic if some are still in use.
### need more explanation of strategy/solution ...
-----------------------------------------------------------------------------
4. BUCKET READ FUNCTIONS
The bucket reading and peek functions must not block. Each read
function should return (up to) the specified amount of data. If
SERF_READ_ALL_AVAIL is passed, then the function should provide
whatever is immediately available, without blocking.
The peek function does not take a requested length because it is
non-destructive. It is not possible to "read past" any barrier with a
peek function. Thus, peek should operate like SERF_READ_ALL_AVAIL.
The return values from the read functions should follow this general
pattern:
APR_SUCCESS Some data was returned, and the caller can
immediately call the read function again to read
more data.
NOTE: when bucket behavior tracking is enabled,
then you must read more data from this bucket
before returning to the serf context loop. If a
bucket is not completely drained first, then it is
possible to deadlock (the server might not read
anything until you read everything it has already
given to you).
APR_EAGAIN Some data was returned, but no more is available
for now. The caller must "wait for a bit" or wait
for some event before attempting to read again
(basically, this simply means re-run the serf
context loop). Though it shouldn't be done, reading
again will, in all likelihood, return zero length
data and APR_EAGAIN again.
NOTE: when bucket behavior tracking is enabled,
then it is illegal to immediately read a bucket
again after it has returned APR_EAGAIN. You must
run the serf context loop again to (potentially)
fetch more data for the bucket.
APR_EOF Some data was returned, and this bucket has no more
data available and should not be read again. If you
happen to read it again, then it will return zero
length data and APR_EOF.
NOTE: when bucket behavior tracking is enabled,
then it is illegal to read this bucket ever again.
other An error has occurred. No data was returned. The
returned length is undefined.
In the above paragraphs, when it says "some data was returned", note
that this could be data of length zero.
If a length of zero is returned, then the caller should not attempt to
dereference the data pointer. It may be invalid. Note that there is no
reason to dereference that pointer, since it doesn't point to any
valid data.
Any data returned by the bucket should live as long as the bucket, or
until the next read or peek occurs.
The read_bucket function falls into a very different pattern. See its
doc string for more information.
-----------------------------------------------------------------------------
5. VERSIONING
The serf project uses the APR versioning guidelines described here:
http://apr.apache.org/versioning.html
-----------------------------------------------------------------------------
6. BUCKET LIFETIMES
### flesh out. basically: if you hold a bucket pointer, then you own
### it. passing a bucket into another transfers ownership. use barrier
### buckets to limit destruction of a tree of buckets.
-----------------------------------------------------------------------------
|