mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-28 15:42:30 +00:00
1c306aa84d
As mentioned in previous patch, the random number generator was never
made thread-safe, which used not to be a problem for health checks
spreading, until the uuid sample fetch function appeared. Currently
it is possible for two threads or processes to produce exactly the
same UUID. In fact it's extremely likely that this will happen for
processes, as can be seen with this config:
global
nbproc 8
frontend f
bind :4445
mode http
log stdout daemon format raw
log-format "%[uuid] %pid"
redirect location /
It typically produces this log:
551ce567-0bfb-4bbd-9b58-cdc7e9365325 30645
551ce567-0bfb-4bbd-9b58-cdc7e9365325 30641
551ce567-0bfb-4bbd-9b58-cdc7e9365325 30644
551ce567-0bfb-4bbd-9b58-cdc7e9365325 30639
551ce567-0bfb-4bbd-9b58-cdc7e9365325 30646
07764439-c24d-4e6f-a5a6-0138be59e7a8 30645
07764439-c24d-4e6f-a5a6-0138be59e7a8 30639
551ce567-0bfb-4bbd-9b58-cdc7e9365325 30643
07764439-c24d-4e6f-a5a6-0138be59e7a8 30646
b6773fdd-678f-4d04-96f2-4fb11ad15d6b 30646
551ce567-0bfb-4bbd-9b58-cdc7e9365325 30642
07764439-c24d-4e6f-a5a6-0138be59e7a8 30642
What this patch does is to use a distinct per-thread and per-process
seed to make sure the same sequences will not appear, and will then
extend these seeds by "burning" a number of randoms that depends on
the global random seed, the thread ID and the process ID. This adds
roughly 20 extra bits of randomness, resulting in 52 bits total per
thread and per process.
It only takes a few milliseconds to burn these randoms and given
that threads start with a different seed, we know they will not
catch each other. So these random extra bits are essentially added
to ensure randomness between boots and cluster instances.
This replaces all uses of random() with ha_random() which uses the
thread-local state.
This must be backported as far as 2.0 or any version having the
UUID sample-fetch function since it's the main victim here.
It's important to note that this patch, in addition to depending on
the previous one "BUG/MEDIUM: init: initialize the random pool a bit
better", also depends on the preceeding build fixes to address a
circular dependency issue in the include files that prevented it
from building. Part or all of these patches may need to be backported
or adapted as well.
|
||
|---|---|---|
| .. | ||
| accept4.h | ||
| base64.h | ||
| buf.h | ||
| buffer.h | ||
| cfgparse.h | ||
| chunk.h | ||
| compat.h | ||
| compiler.h | ||
| config.h | ||
| debug.h | ||
| defaults.h | ||
| epoll.h | ||
| errors.h | ||
| fcgi.h | ||
| h1.h | ||
| h2.h | ||
| hash.h | ||
| hathreads.h | ||
| hpack-dec.h | ||
| hpack-enc.h | ||
| hpack-huff.h | ||
| hpack-tbl.h | ||
| http-hdr.h | ||
| http.h | ||
| htx.h | ||
| initcall.h | ||
| ist.h | ||
| istbuf.h | ||
| memory.h | ||
| mini-clist.h | ||
| namespace.h | ||
| net_helper.h | ||
| openssl-compat.h | ||
| regex.h | ||
| splice.h | ||
| standard.h | ||
| syscall.h | ||
| template.h | ||
| ticks.h | ||
| time.h | ||
| tools.h | ||
| uri_auth.h | ||
| version.h | ||
| xref.h | ||