unicorn 5.0.1 → 6.1.0

data/README

@@ -10,10 +10,9 @@ both the the request and response in between unicorn and slow clients.
 
 * Designed for Rack, Unix, fast clients, and ease-of-debugging.  We
   cut out everything that is better supported by the operating system,
-  {nginx}[http://nginx.org/] or {Rack}[http://rack.github.io/].
+  {nginx}[https://nginx.org/] or {Rack}[https://rack.github.io/].
 
-* Compatible with Ruby 1.9.3 and later.
-  unicorn 4.8.x will remain supported for Ruby 1.8 users.
+* Compatible with Ruby 2.0.0 and later.
 
 * Process management: unicorn will reap and restart workers that
   die from broken apps.  There is no need to manage multiple processes
@@ -27,9 +26,6 @@ both the the request and response in between unicorn and slow clients.
   all run within their own isolated address space and only serve one
   client at a time for maximum robustness.
 
-* Supports all Rack applications, along with pre-Rack versions of
-  Ruby on Rails via a Rack wrapper.
-
 * Builtin reopening of all log files in your application via
   USR1 signal.  This allows logrotate to rotate files atomically and
   quickly via rename instead of the racy and slow copytruncate method.
@@ -40,12 +36,15 @@ both the the request and response in between unicorn and slow clients.
   You can upgrade unicorn, your entire application, libraries
   and even your Ruby interpreter without dropping clients.
 
+* transparent upgrades using systemd socket activation is
+  supported since unicorn 5.0
+
 * before_fork and after_fork hooks in case your application
   has special needs when dealing with forked processes.  These
   should not be needed when the "preload_app" directive is
   false (the default).
 
-* Can be used with copy-on-write-friendly memory management
+* Can be used with copy-on-write-friendly GC in Ruby 2.0+
   to save memory (by setting "preload_app" to true).
 
 * Able to listen on multiple interfaces including UNIX sockets,
@@ -54,13 +53,11 @@ both the the request and response in between unicorn and slow clients.
 
 * Simple and easy Ruby DSL for configuration.
 
-* Decodes chunked transfers on-the-fly, thus allowing upload progress
-  notification to be implemented as well as being able to tunnel
-  arbitrary stream-based protocols over HTTP.
+* Decodes chunked requests on-the-fly.
 
 == License
 
-unicorn is copyright 2009 by all contributors (see logs in git).
+unicorn is copyright 2009-2018 by all contributors (see logs in git).
 It is based on Mongrel 1.1.5.
 Mongrel is copyright 2007 Zed A. Shaw and contributors.
 
@@ -68,7 +65,7 @@ unicorn is licensed under (your choice) of the GPLv2 or later
 (GPLv3+ preferred), or Ruby (1.8)-specific terms.
 See the included LICENSE file for details.
 
-unicorn is 100% Free Software.
+unicorn is 100% Free Software (including all development tools used).
 
 == Install
 
@@ -82,14 +79,13 @@ You may install it via RubyGems on RubyGems.org:
 You can get the latest source via git from the following locations
 (these versions may not be stable):
 
-  git://bogomips.org/unicorn.git
-  git://repo.or.cz/unicorn.git (mirror)
+  https://yhbt.net/unicorn.git
+  https://repo.or.cz/unicorn.git (mirror)
 
-You may browse the code from the web and download the latest snapshot
-tarballs here:
+You may browse the code from the web:
 
-* http://bogomips.org/unicorn.git (cgit)
-* http://repo.or.cz/w/unicorn.git (gitweb)
+* https://yhbt.net/unicorn.git
+* https://repo.or.cz/w/unicorn.git (gitweb)
 
 See the HACKING guide on how to contribute and build prerelease gems
 from git.
@@ -102,12 +98,6 @@ In APP_ROOT, run:
 
   unicorn
 
-=== Ancient Rails 1.2 - 2.x versions
-
-In RAILS_ROOT, run:
-
-  unicorn_rails
-
 unicorn will bind to all interfaces on TCP port 8080 by default.
 You may use the +--listen/-l+ switch to bind to a different
 address:port or a UNIX socket.
@@ -134,17 +124,28 @@ unicorn is designed to only serve fast clients either on the local host
 or a fast LAN.  See the PHILOSOPHY and DESIGN documents for more details
 regarding this.
 
+Due to its ability to tolerate crashes and isolate clients, unicorn
+is unfortunately known to prolong the existence of bugs in applications
+and libraries which run on top of it.
+
 == Contact
 
 All feedback (bug reports, user/development dicussion, patches, pull
 requests) go to the mailing list/newsgroup.  See the ISSUES document for
-information on the {mailing list}[mailto:unicorn-public@bogomips.org].
+information on the {mailing list}[mailto:unicorn-public@yhbt.net].
+
+The mailing list is archived at https://yhbt.net/unicorn-public/
 
-The mailing list is archived at http://bogomips.org/unicorn-public/
 Read-only NNTP access is available at:
-nntp://news.public-inbox.org/inbox.comp.lang.ruby.unicorn and
-nntp://news.gmane.org/gmane.comp.lang.ruby.unicorn.general
+nntps://news.public-inbox.org/inbox.comp.lang.ruby.unicorn and
+nntp://news.gmane.io/gmane.comp.lang.ruby.unicorn.general
+
+Read-only IMAP access is also avaialble at:
+imaps://yhbt.net/inbox.comp.lang.ruby.unicorn.0 and
+imap://7fh6tueqddpjyxjmgtdiueylzoqt6pt7hec3pukyptlmohoowvhde4yd.onion/inbox.comp.lang.ruby.unicorn.0
+The AUTH=ANONYMOUS mechanism is supported, as is any username+password
+combination.
 
 For the latest on unicorn releases, you may also finger us at
-unicorn@bogomips.org or check our NEWS page (and subscribe to our Atom
+unicorn@yhbt.net or check our NEWS page (and subscribe to our Atom
 feed).

data/SIGNALS

@@ -8,7 +8,7 @@ should be possible to easily share process management scripts between
 Unicorn and nginx.
 
 One example init script is distributed with unicorn:
-http://unicorn.bogomips.org/examples/init.sh
+https://yhbt.net/unicorn/examples/init.sh
 
 === Master Process
 

data/Sandbox

@@ -3,7 +3,7 @@
 Since unicorn includes executables and is usually used to start a Ruby
 process, there are certain caveats to using it with tools that sandbox
 RubyGems installations such as
-{Bundler}[http://bundler.io/] or
+{Bundler}[https://bundler.io/] or
 {Isolate}[https://github.com/jbarnette/isolate].
 
 == General deployment
@@ -34,7 +34,7 @@ is the primary issue with sandboxing tools such as Bundler and Isolate.
 If you're bundling unicorn, use "bundle exec unicorn" (or "bundle exec
 unicorn_rails") to start unicorn with the correct environment variables
 
-ref: http://mid.gmane.org/9ECF07C4-5216-47BE-961D-AFC0F0C82060@internetfamo.us
+ref: https://yhbt.net/unicorn-public/9ECF07C4-5216-47BE-961D-AFC0F0C82060@internetfamo.us/
 
 Otherwise (if you choose to not sandbox your unicorn installation), we
 expect the tips for Isolate (below) apply, too.
@@ -43,7 +43,8 @@ expect the tips for Isolate (below) apply, too.
 
 This is no longer be an issue as of bundler 0.9.17
 
-ref: http://mid.gmane.org/8FC34B23-5994-41CC-B5AF-7198EF06909E@tramchase.com
+ref:
+https://yhbt.net/unicorn-public/8FC34B23-5994-41CC-B5AF-7198EF06909E@tramchase.com/
 
 === BUNDLE_GEMFILE for Capistrano users
 
@@ -63,9 +64,9 @@ before_exec hook as illustrated by https://gist.github.com/534668
 === Ruby 2.0.0 close-on-exec and SIGUSR2 incompatibility
 
 Ruby 2.0.0 enforces FD_CLOEXEC on file descriptors by default.  unicorn
-has been prepared for this behavior since unicorn 4.1.0, but we forgot
-to remind the Bundler developers.  This issue is being tracked here:
-https://github.com/bundler/bundler/issues/2628
+has been prepared for this behavior since unicorn 4.1.0, and bundler
+needs the "--keep-file-descriptors" option for "bundle exec":
+https://bundler.io/man/bundle-exec.1.html
 
 == Isolate
 
@@ -86,7 +87,7 @@ For now workarounds include doing one of the following:
 
 3. Explicitly setting RUBYLIB or $LOAD_PATH to include any gem path
    where the unicorn gem is installed
-   (e.g. /usr/lib/ruby/gems/1.9.3/gems/unicorn-VERSION/lib)
+   (e.g. /usr/lib/ruby/gems/3.0.0/gems/unicorn-VERSION/lib)
 
 === RUBYOPT pollution from SIGUSR2 upgrades
 

data/TODO

@@ -1,5 +1,3 @@
 * Documentation improvements
 
 * improve test suite
-
-* Rack 2.x support (when Rack 2.x exists)

data/TUNING

@@ -72,10 +72,28 @@ See Unicorn::Configurator for details on the config file format.
   have them unbuffered (File#sync = true) or they are
   record(line)-buffered in userspace before any writes.
 
-== Kernel Parameters (Linux sysctl)
+== Kernel Parameters (Linux sysctl and sysfs)
 
 WARNING: Do not change system parameters unless you know what you're doing!
 
+* Transparent hugepages (THP) improves performance in many cases,
+  but can also increase memory use when relying on a
+  copy-on-write(CoW)-friendly GC (Ruby 2.0+) with "preload_app true".
+  CoW operates at the page level, so writing to a huge page would
+  trigger a 2 MB copy (x86-64), as opposed to a 4 KB copy on a
+  regular (non-huge) page.
+
+  Consider only allowing THP to be used when it is requested via the
+  madvise(2) syscall:
+
+	echo madvise >/sys/kernel/mm/transparent_hugepage/enabled
+
+  Or disabling it system-wide, via "never".
+
+  n.b. "page" in this context only applies to the OS kernel,
+  Ruby GC implementations also use this term for the same concept
+  in a way that is agnostic to the OS.
+
 * net.core.rmem_max and net.core.wmem_max can increase the allowed
   size of :rcvbuf and :sndbuf respectively. This is mostly only useful
   for UNIX domain sockets which do not have auto-tuning buffer sizes.

data/archive/slrnpull.conf

@@ -1,4 +1,4 @@
 # group_name                         max        expire     headers_only
 gmane.comp.lang.ruby.unicorn.general 1000000000 1000000000 0
 
-# usage: slrnpull -d $PWD -h news.gmane.org --no-post
+# usage: slrnpull -d $PWD -h news.gmane.io --no-post

data/bin/unicorn

@@ -6,6 +6,7 @@ require 'optparse'
 ENV["RACK_ENV"] ||= "development"
 rackup_opts = Unicorn::Configurator::RACKUP
 options = rackup_opts[:options]
+set_no_default_middleware = true
 
 op = OptionParser.new("", 24, '  ') do |opts|
   cmd = File.basename($0)
@@ -60,7 +61,7 @@ op = OptionParser.new("", 24, '  ') do |opts|
 
   opts.on("-N", "--no-default-middleware",
           "do not load middleware implied by RACK_ENV") do |e|
-    rackup_opts[:no_default_middleware] = true
+    rackup_opts[:no_default_middleware] = true if set_no_default_middleware
   end
 
   opts.on("-D", "--daemonize", "run daemonized in the background") do |d|
@@ -110,6 +111,7 @@ op = OptionParser.new("", 24, '  ') do |opts|
   opts.parse! ARGV
 end
 
+set_no_default_middleware = false
 app = Unicorn.builder(ARGV[0] || 'config.ru', op)
 op = nil
 

data/bin/unicorn_rails

@@ -132,11 +132,11 @@ def rails_builder(ru, op, daemonize)
 
   # this lambda won't run until after forking if preload_app is false
   # this runs after config file reloading
-  lambda do ||
+  lambda do |x, server|
     # Rails 3 includes a config.ru, use it if we find it after
     # working_directory is bound.
     ::File.exist?('config.ru') and
-      return Unicorn.builder('config.ru', op).call
+      return Unicorn.builder('config.ru', op).call(x, server)
 
     # Load Rails and (possibly) the private version of Rack it bundles.
     begin

data/examples/big_app_gc.rb

@@ -1,2 +1,2 @@
-# see {Unicorn::OobGC}[http://unicorn.bogomips.org/Unicorn/OobGC.html]
+# see {Unicorn::OobGC}[https://yhbt.net/unicorn/Unicorn/OobGC.html]
 # Unicorn::OobGC was broken in Unicorn v3.3.1 - v3.6.1 and fixed in v3.6.2

data/examples/init.sh

@@ -1,7 +1,16 @@
 #!/bin/sh
 set -e
+### BEGIN INIT INFO
+# Provides:          unicorn
+# Required-Start:    $local_fs $network
+# Required-Stop:     $local_fs $network
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start/stop unicorn Rack app server
+### END INIT INFO
+
 # Example init script, this can be used with nginx, too,
-# since nginx and unicorn accept the same signals
+# since nginx and unicorn accept the same signals.
 
 # Feel free to change any of the following variables for your app:
 TIMEOUT=${TIMEOUT-60}
@@ -9,21 +18,22 @@ APP_ROOT=/home/x/my_app/current
 PID=$APP_ROOT/tmp/pids/unicorn.pid
 CMD="/usr/bin/unicorn -D -c $APP_ROOT/config/unicorn.rb"
 INIT_CONF=$APP_ROOT/config/init.conf
+UPGRADE_DELAY=${UPGRADE_DELAY-2}
 action="$1"
 set -u
 
 test -f "$INIT_CONF" && . $INIT_CONF
 
-old_pid="$PID.oldbin"
+OLD="$PID.oldbin"
 
 cd $APP_ROOT || exit 1
 
 sig () {
-	test -s "$PID" && kill -$1 `cat $PID`
+	test -s "$PID" && kill -$1 $(cat $PID)
 }
 
 oldsig () {
-	test -s $old_pid && kill -$1 `cat $old_pid`
+	test -s "$OLD" && kill -$1 $(cat $OLD)
 }
 
 case $action in
@@ -45,18 +55,36 @@ restart|reload)
 	$CMD
 	;;
 upgrade)
-	if sig USR2 && sleep 2 && sig 0 && oldsig QUIT
+	if oldsig 0
+	then
+		echo >&2 "Old upgraded process still running with $OLD"
+		exit 1
+	fi
+
+	cur_pid=
+	if test -s "$PID"
+	then
+		cur_pid=$(cat $PID)
+	fi
+
+	if test -n "$cur_pid" &&
+			kill -USR2 "$cur_pid" &&
+			sleep $UPGRADE_DELAY &&
+			new_pid=$(cat $PID) &&
+			test x"$new_pid" != x"$cur_pid" &&
+			kill -0 "$new_pid" &&
+			kill -QUIT "$cur_pid"
 	then
 		n=$TIMEOUT
-		while test -s $old_pid && test $n -ge 0
+		while kill -0 "$cur_pid" 2>/dev/null && test $n -ge 0
 		do
 			printf '.' && sleep 1 && n=$(( $n - 1 ))
 		done
 		echo
 
-		if test $n -lt 0 && test -s $old_pid
+		if test $n -lt 0 && kill -0 "$cur_pid" 2>/dev/null
 		then
-			echo >&2 "$old_pid still exists after $TIMEOUT seconds"
+			echo >&2 "$cur_pid still running after $TIMEOUT seconds"
 			exit 1
 		fi
 		exit 0

data/examples/logrotate.conf

@@ -2,7 +2,10 @@
 # /etc/logrotate.d/unicorn_app on my Debian systems
 #
 # See the logrotate(8) manpage for more information:
-#    http://linux.die.net/man/8/logrotate
+#    https://linux.die.net/man/8/logrotate
+#
+# public logrotate-related discussion in our archives:
+#    https://yhbt.net/unicorn-public/?q=logrotate
 
 # Modify the following glob to match the logfiles your app writes to:
 /var/log/unicorn_app/*.log {
@@ -22,7 +25,19 @@
 	# config.  Unicorn supports the USR1 signal and we send it
 	# as our "lastaction" action:
 	lastaction
-		# assuming your pid file is in /var/run/unicorn_app/pid
+		# For systemd users, assuming you use two services
+		# (as recommended) to allow zero-downtime upgrades.
+		# Only one service needs to be started, but signaling
+		# both here is harmless as long as they're both enabled
+		systemctl kill -s SIGUSR1 unicorn@1.service
+		systemctl kill -s SIGUSR1 unicorn@2.service
+
+		# Examples for other process management systems appreciated
+		# Mail us at unicorn-public@yhbt.net
+		# (see above for archives)
+
+		# If you use a pid file and assuming your pid file
+		# is in /var/run/unicorn_app/pid
 		pid=/var/run/unicorn_app/pid
 		test -s $pid && kill -USR1 "$(cat $pid)"
 	endscript

data/examples/nginx.conf

@@ -56,7 +56,8 @@ http {
   # to configure it all in one place here for static files and also
   # to disable gzip for clients who don't get gzip/deflate right.
   # There are other gzip settings that may be needed used to deal with
-  # bad clients out there, see http://wiki.nginx.org/NginxHttpGzipModule
+  # bad clients out there, see
+  # https://nginx.org/en/docs/http/ngx_http_gzip_module.html
   gzip on;
   gzip_http_version 1.0;
   gzip_proxied any;
@@ -112,12 +113,12 @@ http {
     # try_files directive appeared in in nginx 0.7.27 and has stabilized
     # over time.  Older versions of nginx (e.g. 0.6.x) requires
     # "if (!-f $request_filename)" which was less efficient:
-    # http://bogomips.org/unicorn.git/tree/examples/nginx.conf?id=v3.3.1#n127
+    # https://yhbt.net/unicorn.git/tree/examples/nginx.conf?id=v3.3.1#n127
     try_files $uri/index.html $uri.html $uri @app;
 
     location @app {
       # an HTTP header important enough to have its own Wikipedia entry:
-      #   http://en.wikipedia.org/wiki/X-Forwarded-For
+      #   https://en.wikipedia.org/wiki/X-Forwarded-For
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
       # enable this if you forward HTTPS traffic to unicorn,

data/examples/unicorn.conf.minimal.rb

@@ -1,9 +1,9 @@
 # Minimal sample configuration file for Unicorn (not Rack) when used
 # with daemonization (unicorn -D) started in your working directory.
 #
-# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete
+# See https://yhbt.net/unicorn/Unicorn/Configurator.html for complete
 # documentation.
-# See also http://unicorn.bogomips.org/examples/unicorn.conf.rb for
+# See also https://yhbt.net/unicorn/examples/unicorn.conf.rb for
 # a more verbose configuration using more features.
 
 listen 2007 # by default Unicorn listens on port 8080

data/examples/unicorn.conf.rb

@@ -2,10 +2,10 @@
 #
 # This configuration file documents many features of Unicorn
 # that may not be needed for some applications. See
-# http://unicorn.bogomips.org/examples/unicorn.conf.minimal.rb
+# https://yhbt.net/unicorn/examples/unicorn.conf.minimal.rb
 # for a much simpler configuration file.
 #
-# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete
+# See https://yhbt.net/unicorn/Unicorn/Configurator.html for complete
 # documentation.
 
 # Use at least one worker per core if you're on a dedicated server,

data/examples/unicorn@.service

@@ -11,8 +11,17 @@ Wants = unicorn.socket
 After = unicorn.socket
 
 [Service]
+# bundler users must use the "--keep-file-descriptors" switch, here:
+# ExecStart = bundle exec --keep-file-descriptors unicorn -c ...
 ExecStart = /usr/bin/unicorn -c /path/to/unicorn.conf.rb /path/to/config.ru
+
+# NonBlocking MUST be true if using socket activation with unicorn.
+# Otherwise, there's a small window in-between when the non-blocking
+# flag is set by us and our accept4 call where systemd can momentarily
+# make the socket blocking, causing us to block on accept4:
+NonBlocking = true
 Sockets = unicorn.socket
+
 KillSignal = SIGQUIT
 User = nobody
 Group = nogroup
@@ -22,5 +31,10 @@ ExecReload = /bin/kill -HUP $MAINPID
 # adding a few seconds for scheduling differences:
 TimeoutStopSec = 62
 
+# Only kill the master process, it may be harmful to signal
+# workers via default "control-group" setting since some
+# Ruby extensions and applications misbehave on interrupts
+KillMode = process
+
 [Install]
 WantedBy = multi-user.target

data/ext/unicorn_http/c_util.h

@@ -8,23 +8,15 @@
 
 #include <unistd.h>
 #include <assert.h>
+#include <limits.h>
 
 #define MIN(a,b) (a < b ? a : b)
 #define ARRAY_SIZE(x) (sizeof(x)/sizeof(x[0]))
 
-#ifndef SIZEOF_OFF_T
-#  define SIZEOF_OFF_T 4
-#  warning SIZEOF_OFF_T not defined, guessing 4.  Did you run extconf.rb?
-#endif
-
-#if SIZEOF_OFF_T == 4
-#  define UH_OFF_T_MAX 0x7fffffff
-#elif SIZEOF_OFF_T == 8
-#  if SIZEOF_LONG == 4
-#    define UH_OFF_T_MAX 0x7fffffffffffffffLL
-#  else
-#    define UH_OFF_T_MAX 0x7fffffffffffffff
-#  endif
+#if SIZEOF_OFF_T == SIZEOF_INT
+#  define UH_OFF_T_MAX INT_MAX
+#elif SIZEOF_OFF_T == SIZEOF_LONG_LONG
+#  define UH_OFF_T_MAX LLONG_MAX
 #else
 #  error off_t size unknown for this platform!
 #endif /* SIZEOF_OFF_T check */

data/ext/unicorn_http/common_field_optimization.h

@@ -58,6 +58,23 @@ static struct common_field common_http_fields[] = {
 
 #define HTTP_PREFIX "HTTP_"
 #define HTTP_PREFIX_LEN (sizeof(HTTP_PREFIX) - 1)
+static ID id_uminus;
+
+/* this dedupes under Ruby 2.5+ (December 2017) */
+static VALUE str_dd_freeze(VALUE str)
+{
+  if (STR_UMINUS_DEDUPE)
+    return rb_funcall(str, id_uminus, 0);
+
+  /* freeze,since it speeds up older MRI slightly */
+  OBJ_FREEZE(str);
+  return str;
+}
+
+static VALUE str_new_dd_freeze(const char *ptr, long len)
+{
+  return str_dd_freeze(rb_str_new(ptr, len));
+}
 
 /* this function is not performance-critical, called only at load time */
 static void init_common_fields(void)
@@ -65,19 +82,19 @@ static void init_common_fields(void)
   int i;
   struct common_field *cf = common_http_fields;
   char tmp[64];
+
   memcpy(tmp, HTTP_PREFIX, HTTP_PREFIX_LEN);
 
   for(i = ARRAY_SIZE(common_http_fields); --i >= 0; cf++) {
     /* Rack doesn't like certain headers prefixed with "HTTP_" */
     if (!strcmp("CONTENT_LENGTH", cf->name) ||
         !strcmp("CONTENT_TYPE", cf->name)) {
-      cf->value = rb_str_new(cf->name, cf->len);
+      cf->value = str_new_dd_freeze(cf->name, cf->len);
     } else {
       memcpy(tmp + HTTP_PREFIX_LEN, cf->name, cf->len + 1);
-      cf->value = rb_str_new(tmp, HTTP_PREFIX_LEN + cf->len);
+      cf->value = str_new_dd_freeze(tmp, HTTP_PREFIX_LEN + cf->len);
     }
-    cf->value = rb_obj_freeze(cf->value);
-    rb_global_variable(&cf->value);
+    rb_gc_register_mark_object(cf->value);
   }
 }
 
@@ -105,7 +122,7 @@ static VALUE uncommon_field(const char *field, size_t flen)
   memcpy(RSTRING_PTR(f) + HTTP_PREFIX_LEN, field, flen);
   assert(*(RSTRING_PTR(f) + RSTRING_LEN(f)) == '\0' &&
          "string didn't end with \\0"); /* paranoia */
-  return rb_obj_freeze(f);
+  return HASH_ASET_DEDUPE ? f : str_dd_freeze(f);
 }
 
 #endif /* common_field_optimization_h */