-
Notifications
You must be signed in to change notification settings - Fork 551
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Information exposure bug: response leaking to wrong requests in uvicorn
-based server under heavy load
#645
Comments
Is this duplicated of #631 ? |
I dont know, that seems to be about |
I hope eg |
I have been experiencing failures when under heavy load. This started with the aiohttp/aiohappyeyeballs changes in that projects 3.10.0 release. After some deep-diving I think the key change was that project's switch from allowing I'm guessing there is a problem with socket ownership, especially when an exception happens during the
and the failures have gone away. |
Interesting. We'll get this PR merged likely in a week. Thanks for the thorough investigation and good issue full of details. |
FWIW: I suspect we got bit by the same underlying issue in a production system under heavy load. Eventually, it looks like there is inconsistency with regards to transports / file descriptor reuse?
The issue does not occur in our staging environment which is iso-production except for the load being handled. Reverting to The environment is containerized (AWS Fargate for arm64) with CPython 3.12.8 and all relevant dependencies being up-to-date. |
uname_result(system='Linux', node='xxx', release='6.1.109', version='#1 SMP PREEMPT_DYNAMIC Thu Sep 19 22:28:35 UTC 2024', machine='x86_64')
PYTHONASYNCIODEBUG
in env?: NoWe encountered a very nasty data leakage bug with
uvloop
. It is leaking responses to incorrect HTTP requests in auvicorn
based server under a heavy load. This caused some users data to leak into requests of other users leading to a incorrect information exposure.This issue is caused solely by
uvloop
as removal of it fixed the issue. Relying on vanilla asyncio does not have the same issue.The issue happened under high load situations. The service processes some 800 million requests per day but 100 requests in a day had the wrong responses from other concurrently happening requests. It seemed to happen in a situations when there is a higher load. Also the issue sometimes correlated with other issues we experienced with
uvloop
:Sometimes we observed these strange and bad looking
RuntimeError
s coming from depths ofuvloop
at about same time as we saw the incorrect responses coming from requests. But this did not happen always in correlation. (The above errors also got fixed by removal ofuvloop
).I haven't been able to reproduce this as it seems to only happen under heavy load situations and rarely enough (but still bad to leak information).
It seems
uvloop
might have some major issues in its TCP/socket/stream implementation that it tries to some times use incorrect already used socket like the RuntimeErrors would hint. Not sure is it actually related to the data leakage issue.The text was updated successfully, but these errors were encountered: