[BUG] Serialized Pids and Refs can cause crash after a restart
Reported by Rusty Klophaus | January 4th, 2009 @ 09:17 AM
Found by Dave Peticolas.
After a restart, a user may hit the site with a session cookie from an old run. Nitrogen will attempt to verify the session, and in the process send a {Pid, verify, Ref} message to the Pid.
If the Pid is now running some other process, it can choke on the message, potentially crashing the system.
This arises because Pids and Refs are re-used.
To solve, either:
1) Don't use a Pid to look up a session, use a Guid instead, and then have a Guid -> Pid lookup table. Potential bottlenecks here.
2) Find some way to check if the Pid is valid before sending a message to the Pid. One possibility is to generate a unique value each time Nitrogen starts up, serialize this in the session cookie, and then check to make sure that the two match. This presents challenges when we run more than one Nitrogen instance.
Comments and changes to this ticket
-
Joshua January 4th, 2009 @ 12:50 PM
The second way seems far more intelligent than the first. It would be trivial to share a per-run unique value that is shared across instances.
I haven't checked out the nitrogen code base deeply yet, let me know if I'm wrong.
-
Rusty Klophaus January 6th, 2009 @ 09:36 PM
(from [459ed83a703e27d16119c173bf0ce8f2e47ea0e1]) Turn Nitrogen into a supervised application. Apply changes by Dave Peticolas to turn session state into a supervised process. [#20 status:resolved] http://github.com/rklophaus/nitr...
-
Rusty Klophaus January 6th, 2009 @ 09:42 PM
- State changed from new to resolved
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile »
Nitrogen Web Framework for Erlang
People watching this ticket
Referenced by
- 20 [BUG] Serialized Pids and Refs can cause crash after a restart (from [459ed83a703e27d16119c173bf0ce8f2e47ea0e1]) Turn Ni...