Checksum's usage of a native hash algorithm resulting in thread starvation #67995
Comments
dotnet-issue-labeler
bot
added
the
untriaged
|
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label. |
|
@stephentoub any suggestions on a good way to utilize this api while avoiding this problem? |
|
Based on the time shown above and the fact that this is already correctly performing on a background thread, I'm OK with leaving this unchanged if any of the following is true:
|
|
On .NET 5+ you can use the one-shot methods... zero allocation (finalizable or otherwise): If you're stuck on .NET Framework, you can at least use SHA256.Create(), which unless FIPS is enabled will create a SHA256Managed instance and, while there will be a lot of allocation: It looks like IncrementalHash is being used by Roslyn. IncrementalHash is just a thin wrapper around the underlying HashAlgorithm instance, and it's choosing the CNG implementations provided by the OS: |
|
@CyrusNajmabadi Sounds like |
|
Yup. I'll work on this today. |
On .NET Framework, IncrementalHash uses the OS's implementation of SHA-256, which results in several safe handles being created. These handles are finalizable and can cause lock contention in the CLR if created rapidly, which Razor does. This change adjusts the Checksum.Builder to use the SHA256 class directly on .NET Framework (and netstandard2.0), which causes the managed implementation of SHA256 to be used (if FIPS isn't enabled). That implementation avoids the creation of finalizable safe handles. See dotnet/roslyn#67995 for more detail.
On .NET Framework, IncrementalHash uses the OS's implementation of SHA-256, which results in several safe handles being created. These handles are finalizable and can cause lock contention in the CLR if created rapidly, which Razor does. This change adjusts the Checksum.Builder to use the SHA256 class directly on .NET Framework (and netstandard2.0), which causes the managed implementation of SHA256 to be used (if FIPS isn't enabled). That implementation avoids the creation of finalizable safe handles. See dotnet/roslyn#67995 for more detail. Many thanks to @sharwell for pointing out this issue along with the fix.
Version Used:
Investigating thread starvation in Speedometer's CopyRichNotAccurate, I see Checksum's usage of CAPI SHA256 hash algorithm is one of the cause of the starvations. It appears the following code path instantiates large number of finalizable objects (ie the underlying SafeHandle) on multiple threads at the same in a short burst. This hits a lock in the CLR's CFinalize::RegisterForFinalization causing contention and resulting in a lot of blocked time on the thread pool, 10% of the blocked time on these threads is this bug.
Steps to Reproduce:
I had a look at SHA265Cng and it has a similar path so is likely not the path forward. Maybe the managed version of the algorithm? Or alternative, a custom wrapper around CNG that avoids creating a finalizable safe handle over and over again?
The text was updated successfully, but these errors were encountered: