[ANN] unicorn 3.6.0 - small fixes, PRNG workarounds

Eric Wong normalperson at yhbt.net
Tue Apr 26 19:01:05 EDT 2011

ghazel at gmail.com wrote:
> On Wednesday, April 20, 2011, Eric Wong <normalperson at yhbt.net> wrote:
> > Changes:
> >
> > Mainly small fixes, improvements, and workarounds for fork() issues
> > with pseudo-random number generators shipped with Ruby (Kernel#rand,
> > OpenSSL::Random (used by SecureRandom and also by Rails).
> >
> > The PRNG issues are documented in depth here (and links to Ruby Redmine):
> >
> >   http://bogomips.org/unicorn.git/commit?id=1107ede7
> >   http://bogomips.org/unicorn.git/commit?id=b3241621
(top-posting corrected)
> Is it possible there is a problem with this change? Since I upgraded
> to 3.6.0 I have encountered two collisions on
> ActiveSupport::SecureRandom.hex(64), which seems very unlikely, since
> it has never happened in the history of my app otherwise.

Oops, the return value of srand shouldn't be relied on, I need to call
Kernel#rand instead.  My attempt to fix things actually made the problem
worse (which is why I pushed upstream Ruby to fix the problem, first :).
The following should fix it (3.6.1 release coming):

diff --git a/lib/unicorn/http_server.rb b/lib/unicorn/http_server.rb
index d70de45..3077b95 100644
--- a/lib/unicorn/http_server.rb
+++ b/lib/unicorn/http_server.rb
@@ -492,11 +492,11 @@ class Unicorn::HttpServer
   def after_fork_internal
     @ready_pipe.close if @ready_pipe
     self.ready_pipe = nil # XXX Rainbows! compat, change for Unicorn 4.x
-    tmp = srand # http://redmine.ruby-lang.org/issues/4338
+    srand # http://redmine.ruby-lang.org/issues/4338
     # The OpenSSL PRNG is seeded with only the pid, and apps with frequently
     # dying workers can recycle pids
-    OpenSSL::Random.seed(tmp.to_s) if defined?(OpenSSL::Random)
+    OpenSSL::Random.seed(rand.to_s) if defined?(OpenSSL::Random)
   def spawn_missing_workers
Eric Wong

More information about the mongrel-unicorn mailing list