Colm MacCarthaigh wrote:
Is there anything we can do in 2.4/3.0 that will help gain that trust?
It's not Apache's fault. It's not even PHP's fault. It's a much
bigger problem with the open source libraries that people link into
PHP, Perl, Python and the like.
The problem is particularly perceived as a PHP problem because (1)
PHP is the market leader, and (2) the PHP developers are a lot more
responsible than, say, the Python developers, who tell you to go
ahead and write threaded apps in Python anyway.
I suppose that the PHP developers could set up some system where
extensions are marked as being threadsafe or not, and there's a lock on
every untrusted module, then do a program of certifying modules as
safe, but that's a ~big~ project: race conditions and deadlocks are a
bitch to debug, particularly when the problems are in somebody else's code.
PHP's market position is as a product that any idiot can download
and install, just following the instructions, and get a system with
good reliability and performance -- a painful phase of shaking out
threading bugs would endanger that perception.
The best thing I can see Apache doing is some kind of hybrid model
which works like mod_event for static pages, and passes off (some or
all) dynamic requests to something like prefork. Dynamic requests would
eat more memory than worker, but you don't have the problem of using a
heavyweight mod_perl or mod_php process spending two hours blasting bits
out of a file to somebody on dialup.
A process-based model is always going to be more reliable than a
thread-based model. A hand grenade can go off in an server process, a
server process can hemorage memory terribly, and nobody gets hurt. The
user on the other end just hits 'reload' and goes on hs way.
