Skip to content

Global variables not thread safe #2

gamemachine opened this Issue Nov 21, 2011 · 7 comments

4 participants


I'm pretty sure that the global special variables for the regex are the cause of errors I'm seeing on a rails app running under jruby/tomcat. I get random incorrect responses under load, and when I run the same input through in a single threaded sample script, it generates the correct response.


headius commented Nov 21, 2011

The "globals" for $~ and friends are not thread-local...they are frame-local (local to a given method activation). Normally this remains on one thread, but when a proc is captured and used across threads those variables can be updated in a concurrency-unfriendly way.

drbrain commented Nov 21, 2011

While it's OK to use regexp specials across threads, net-http-digest_auth is not thread safe.

For the current release you must wrap access to it with mutual exclusion due to @nonce_count.

I may be able to add a mutex around just incrementing the nonce_count, but I will need to check the RFC first.


Ya in our case that won't work, in a single rails instance we do around 2000 outgoing http requests per second across 100 or so threads. A mutex would not only be expensive, it would probably start blocking threads. Just creating a new instance for each requests works fine, I don't care about the nonce count.

@drbrain drbrain added a commit that referenced this issue Nov 23, 2011
@drbrain The client nonce count is now incremented in a syncronized method for…
… thread safety. Issue #2
drbrain commented Nov 23, 2011

1.2 is now thread safe. It should be fine performance-wise to use this across multiple threads as the synchronized section is small (only around +=)

@drbrain drbrain closed this Nov 23, 2011
dubek commented Oct 6, 2014

(revisiting this old one...)

I think there's a subtle thread-safety problem - on line 141 ( ) we access the instance var @nonce_count which might have already been incremented by another thread since it was fetched from next_nonce. I think this line should refer to the local var nonce_count, like in line 123.

drbrain commented Oct 6, 2014

Good catch, do you want to make a pull request?

@dubek dubek added a commit to dubek/net-http-digest_auth that referenced this issue Oct 7, 2014
@dubek dubek access nonce_count in a thread-safe way
The instance var @nonce_count is read and updated only once when
starting to generate the auth header value. Further accesses to the
nonce_count value are done using the local variable.

fixes #2
dubek commented Oct 7, 2014

@drbrain here it is in #12 . I added an entry in History.txt under "Upcoming". Let me know if anything else is needed or any fixes are needed. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.