New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pre-receive timeout is not precise enough #417
Comments
The timeout is enforced by the class The behavior can be reproduced with this small script: import time
from concurrent.futures import ThreadPoolExecutor, as_completed
from ggshield.cmd.secret.scan.prereceive import ExitAfter
def sleep_fn(s, x):
for i in range(x):
print(f"thread#{s} sleep#{i}")
time.sleep(1)
if __name__ == "__main__":
start_at = time.time()
try:
with ExitAfter(2):
with ThreadPoolExecutor(max_workers=2) as executor:
fs = [executor.submit(sleep_fn, i, 4) for i in range(3)]
print(list(as_completed(fs)))
finally:
print(f"took {time.time() - start_at}") Output:
The timeout after 2 seconds is not respected and the threads are allowed to run to completion. Possible solutionWe can share a |
Sounds like a good idea. This would be less intrusive than my idea of using processes instead of threads. |
…curately enforce the timeout threads cannot be killed, a solution is to move them in a separate process which can be killed
…curately enforce the timeout threads cannot be killed, a solution is to move them in a separate process which can be killed
…curately enforce the timeout threads cannot be killed, a solution is to move them in a separate process which can be killed
…curately enforce the timeout threads cannot be killed, a solution is to move them in a separate process which can be killed
…curately enforce the timeout threads cannot be killed, a solution is to move them in a separate process which can be killed
…curately enforce the timeout threads cannot be killed, a solution is to move them in a separate process which can be killed
…curately enforce the timeout threads cannot be killed, a solution is to move them in a separate process which can be killed
…curately enforce the timeout threads cannot be killed, a solution is to move them in a separate process which can be killed
…ot-precise-enough fix(pre-receive): #417 Execute pre-receive within a sub-process to accurately enforce the timeout
Environment
Describe the bug
ggshield secret scan pre-receive
is supposed to stop after a predefined timeout, which defaults to 4.5s by default. However it can sometimes take more than twice this time to stop.Steps to reproduce:
Actual result:
It took 10s for the hook to stop on my machine.
Expected result:
The difference between the defined timeout and the actual delay should be less than 1s.
Possible explanation
I suspect this is because the timeout is implemented using a thread, and Python GIL gets in the way. If this is the case, then that bug can be solved by running the scan in a different process.
The text was updated successfully, but these errors were encountered: