You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The following is a minimal streaming server that waits for a random interval between sending lines of text.
#!/usr/bin/perl
use Modern::Perl '2013';
use AnyEvent;
my $writers = {};
my $timer;
sub generate_log {
$_->write("foo\n") for (values %$writers);
$timer = AE::timer rand(1), 0, \&generate_log;
}
sub {
my $env = shift;
$timer = AE::timer rand(1), 0, \&generate_log;
return sub {
my $responder = shift;
my $writer = $responder->([200, ['Content-Type', 'text/csv']]);
$writers->{$writer} = $writer;
$writer->{handle}->on_error(sub {delete($writers->{$writer}); warn "client closed connection\n"});
return;
}
}
The problem with it is that when too many clients (>1017) are connected, the server becomes unresponsive and begins to consume 100% CPU. This can be demonstrated with the following command:
for i in {1..1024}; do curl -s localhost:6000 > /dev/null & done
The specific number of connections can be explained by it being close to the default maximum number of file descriptors on Linux, so it is not a bug that the server can't serve more connections than this. However, the high CPU usage arguably is a bug, because an attacker can easily trigger it by simply starting many clients, potentially denying resources from other services running on the same machine.
The text was updated successfully, but these errors were encountered:
The following is a minimal streaming server that waits for a random interval between sending lines of text.
The problem with it is that when too many clients (>1017) are connected, the server becomes unresponsive and begins to consume 100% CPU. This can be demonstrated with the following command:
The specific number of connections can be explained by it being close to the default maximum number of file descriptors on Linux, so it is not a bug that the server can't serve more connections than this. However, the high CPU usage arguably is a bug, because an attacker can easily trigger it by simply starting many clients, potentially denying resources from other services running on the same machine.
The text was updated successfully, but these errors were encountered: