Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Global variables not thread safe #2

Closed
gamemachine opened this Issue · 7 comments

4 participants

@gamemachine

I'm pretty sure that the global special variables for the regex are the cause of errors I'm seeing on a rails app running under jruby/tomcat. I get random incorrect responses under load, and when I run the same input through in a single threaded sample script, it generates the correct response.

Chris

@headius

The "globals" for $~ and friends are not thread-local...they are frame-local (local to a given method activation). Normally this remains on one thread, but when a proc is captured and used across threads those variables can be updated in a concurrency-unfriendly way.

@drbrain
Owner

While it's OK to use regexp specials across threads, net-http-digest_auth is not thread safe.

For the current release you must wrap access to it with mutual exclusion due to @nonce_count.

I may be able to add a mutex around just incrementing the nonce_count, but I will need to check the RFC first.

@gamemachine

Ya in our case that won't work, in a single rails instance we do around 2000 outgoing http requests per second across 100 or so threads. A mutex would not only be expensive, it would probably start blocking threads. Just creating a new instance for each requests works fine, I don't care about the nonce count.

@drbrain
Owner

1.2 is now thread safe. It should be fine performance-wise to use this across multiple threads as the synchronized section is small (only around +=)

@drbrain drbrain closed this
@dubek

(revisiting this old one...)

I think there's a subtle thread-safety problem - on line 141 ( https://github.com/drbrain/net-http-digest_auth/blob/master/lib/net/http/digest_auth.rb#L141 ) we access the instance var @nonce_count which might have already been incremented by another thread since it was fetched from next_nonce. I think this line should refer to the local var nonce_count, like in line 123.

@drbrain
Owner

Good catch, do you want to make a pull request?

@dubek dubek referenced this issue from a commit in dubek/net-http-digest_auth
@dubek dubek access nonce_count in a thread-safe way
The instance var @nonce_count is read and updated only once when
starting to generate the auth header value. Further accesses to the
nonce_count value are done using the local variable.

fixes #2
483ac2a
@dubek

@drbrain here it is in #12 . I added an entry in History.txt under "Upcoming". Let me know if anything else is needed or any fixes are needed. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.