Skip to content

gh-134698: Hold a lock when the thread state is detached in ssl #134724

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

gh-134698: Hold a lock when the thread state is detached in ssl #134724

wants to merge 8 commits into from

Conversation

ZeroIntensity
Copy link
Member

@ZeroIntensity ZeroIntensity commented May 26, 2025
edited by bedevere-app bot
Loading

Inside of Py_BEGIN_ALLOW_THREADS blocks, OpenSSL calls need to be synchronized to prevent crashes. I'm doing this with a per-object mutex that is only held inside when the GIL or critical section is released.

@bedevere-app bedevere-app bot mentioned this pull request May 26, 2025
Open
@ZeroIntensity
Copy link
Member Author

@Conobi Would you mind pointing me to the downstream FastAPI issue?

@Conobi
Copy link

Conobi commented May 26, 2025
edited
Loading

@Conobi Would you mind pointing me to the downstream FastAPI issue?

Didn't find any. Howewer, here are the issues probably linked to this:

@ZeroIntensity
Copy link
Member Author

FastAPI was having problems with this in their test suite, right? Is there someone I should CC?

gpshead
gpshead reviewed May 26, 2025
View reviewed changes
Modules/_ssl.c Outdated

/* Make sure the SSL error state is initialized */
ERR_clear_error();

PySSL_BEGIN_ALLOW_THREADS
Py_BEGIN_ALLOW_THREADS
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use PySSL_BEGIN_ALLOW_THREADS(ssl->ctx) here. The PySSLContext's ctx is being accessed by SSL_new so we should lock it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would probably be good to add a test creating ssl contexts in multiple threads as well.

Copy link
Member Author

@ZeroIntensity ZeroIntensity May 26, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's nothing too special about this function, though. I'm not sure it's worth the effort to add a test for every single function fixed here.

emmatyping
emmatyping reviewed May 26, 2025
View reviewed changes
emmatyping
emmatyping approved these changes May 26, 2025
View reviewed changes
Copy link
Member

@emmatyping emmatyping left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great to see the improved thread safety! 🚀

picnixz
picnixz reviewed May 26, 2025
View reviewed changes
Modules/_ssl.c Outdated
self->ssl = SSL_new(ctx);
PySSL_END_ALLOW_THREADS
PySSL_END_ALLOW_THREADS(sslctx)
_PySSL_FIX_ERRNO;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This one shouldn't be needed, or am I wrong?

Modules/_ssl/debughelpers.c
BIO_free_all(bio);
PySSL_END_ALLOW_THREADS
Py_END_ALLOW_THREADS
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're missing a call to _PySSL_FIX_ERRNO here

kumaraditya303
kumaraditya303 requested changes May 26, 2025
View reviewed changes
Copy link
Contributor

@kumaraditya303 kumaraditya303 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See the discussion on issue, I am not convinced that adding more locks is the solution, it will degrade performance in multi threaded "safe" workloads which work today.

@bedevere-app
Copy link

bedevere-app bot commented May 26, 2025

A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated.

Once you have made the requested changes, please leave a comment on this pull request containing the phrase I have made the requested changes; please review again. I will then notify any core developers who have left a review that you're ready for them to take another look at this pull request.

@ZeroIntensity
Copy link
Member Author

See the discussion on issue, I am not convinced that adding more locks is the solution, it will degrade performance in multi threaded "safe" workloads which work today.

Wait a minute, there shouldn't be any multithreaded workloads that get hit by this, right? They'll all crash right now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gpshead gpshead gpshead left review comments

@picnixz picnixz picnixz left review comments

@kumaraditya303 kumaraditya303 kumaraditya303 requested changes

@emmatyping emmatyping emmatyping approved these changes

Assignees
No one assigned
Labels
awaiting changes topic-SSL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@ZeroIntensity @Conobi @gpshead @emmatyping @picnixz @kumaraditya303