Mercurial > hg
view tests/test-hgweb-csp.t @ 38732:be4984261611
merge: mark file gets as not thread safe (issue5933)
In default installs, this has the effect of disabling the thread-based
worker on Windows when manifesting files in the working directory. My
measurements have shown that with revlog-based repositories, Mercurial
spends a lot of CPU time in revlog code resolving file data. This ends
up incurring a lot of context switching across threads and slows down
`hg update` operations when going from an empty working directory to
the tip of the repo.
On mozilla-unified (246,351 files) on an i7-6700K (4+4 CPUs):
before: 487s wall
after: 360s wall (equivalent to worker.enabled=false)
cpus=2: 379s wall
Even with only 2 threads, the thread pool is still slower.
The introduction of the thread-based worker (02b36e860e0b) states that
it resulted in a "~50%" speedup for `hg sparse --enable-profile` and
`hg sparse --disable-profile`. This disagrees with my measurement
above. I theorize a few reasons for this:
1) Removal of files from the working directory is I/O - not CPU - bound
and should benefit from a thread pool (unless I/O is insanely fast
and the GIL release is near instantaneous). So tests like `hg sparse
--enable-profile` may exercise deletion throughput and aren't good
benchmarks for worker tasks that are CPU heavy.
2) The patch was authored by someone at Facebook. The results were
likely measured against a repository using remotefilelog. And I
believe that revision retrieval during working directory updates with
remotefilelog will often use a remote store, thus being I/O and not
CPU bound. This probably resulted in an overstated performance gain.
Since there appears to be a need to enable the thread-based worker with
some stores, I've made the flagging of file gets as thread safe
configurable. I've made it experimental because I don't want to formalize
a boolean flag for this option and because this attribute is best
captured against the store implementation. But we don't have a proper
store API for this yet. I'd rather cross this bridge later.
It is possible there are revlog-based repositories that do benefit from
a thread-based worker. I didn't do very comprehensive testing. If there
are, we may want to devise a more proper algorithm for whether to use
the thread-based worker, including possibly config options to limit the
number of threads to use. But until I see evidence that justifies
complexity, simplicity wins.
Differential Revision: https://phab.mercurial-scm.org/D3963
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Wed, 18 Jul 2018 09:49:34 -0700 |
parents | 3e3acf5d6a07 |
children | 7e5be4a7cda7 |
line wrap: on
line source
#require serve $ cat > web.conf << EOF > [paths] > / = $TESTTMP/* > EOF $ hg init repo1 $ cd repo1 $ touch foo $ hg -q commit -A -m initial $ cd .. $ hg serve -p $HGPORT -d --pid-file=hg.pid --web-conf web.conf $ cat hg.pid >> $DAEMON_PIDS repo index should not send Content-Security-Policy header by default $ get-with-headers.py --headeronly localhost:$HGPORT '' content-security-policy etag 200 Script output follows static page should not send CSP by default $ get-with-headers.py --headeronly localhost:$HGPORT static/mercurial.js content-security-policy etag 200 Script output follows repo page should not send CSP by default, should send ETag $ get-with-headers.py --headeronly localhost:$HGPORT repo1 content-security-policy etag 200 Script output follows etag: W/"*" (glob) $ killdaemons.py Configure CSP without nonce $ cat >> web.conf << EOF > [web] > csp = script-src https://example.com/ 'unsafe-inline' > EOF $ hg serve -p $HGPORT -d --pid-file=hg.pid --web-conf web.conf $ cat hg.pid > $DAEMON_PIDS repo index should send Content-Security-Policy header when enabled $ get-with-headers.py --headeronly localhost:$HGPORT '' content-security-policy etag 200 Script output follows content-security-policy: script-src https://example.com/ 'unsafe-inline' static page should send CSP when enabled $ get-with-headers.py --headeronly localhost:$HGPORT static/mercurial.js content-security-policy etag 200 Script output follows content-security-policy: script-src https://example.com/ 'unsafe-inline' $ get-with-headers.py --twice --headeronly localhost:$HGPORT repo1/static/style.css content-security-policy 200 Script output follows content-security-policy: script-src https://example.com/ 'unsafe-inline' 304 Not Modified content-security-policy: script-src https://example.com/ 'unsafe-inline' repo page should send CSP by default, include etag w/o nonce $ get-with-headers.py --headeronly localhost:$HGPORT repo1 content-security-policy etag 200 Script output follows content-security-policy: script-src https://example.com/ 'unsafe-inline' etag: W/"*" (glob) nonce should not be added to html if CSP doesn't use it $ get-with-headers.py localhost:$HGPORT repo1/graph/tip | egrep 'content-security-policy|<script' <script type="text/javascript" src="/repo1/static/mercurial.js"></script> <script type="text/javascript"> <script type="text/javascript"> Configure CSP with nonce $ killdaemons.py $ cat >> web.conf << EOF > csp = image-src 'self'; script-src https://example.com/ 'nonce-%nonce%' > EOF $ hg serve -p $HGPORT -d --pid-file=hg.pid --web-conf web.conf $ cat hg.pid > $DAEMON_PIDS nonce should be substituted in CSP header $ get-with-headers.py --headeronly localhost:$HGPORT '' content-security-policy etag 200 Script output follows content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob) nonce should be included in CSP for static pages $ get-with-headers.py --headeronly localhost:$HGPORT static/mercurial.js content-security-policy etag 200 Script output follows content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob) repo page should have nonce, no ETag $ get-with-headers.py --headeronly localhost:$HGPORT repo1 content-security-policy etag 200 Script output follows content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob) nonce should be added to html when used $ get-with-headers.py localhost:$HGPORT repo1/graph/tip content-security-policy | egrep 'content-security-policy|<script' content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob) <script type="text/javascript" src="/repo1/static/mercurial.js"></script> <script type="text/javascript" nonce="*"> (glob) <script type="text/javascript" nonce="*"> (glob) hgweb_mod w/o hgwebdir works as expected $ killdaemons.py $ hg serve -R repo1 -p $HGPORT -d --pid-file=hg.pid --config "web.csp=image-src 'self'; script-src https://example.com/ 'nonce-%nonce%'" $ cat hg.pid > $DAEMON_PIDS static page sends CSP $ get-with-headers.py --headeronly localhost:$HGPORT static/mercurial.js content-security-policy etag 200 Script output follows content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob) nonce included in <script> and headers $ get-with-headers.py localhost:$HGPORT graph/tip content-security-policy | egrep 'content-security-policy|<script' content-security-policy: image-src 'self'; script-src https://example.com/ 'nonce-*' (glob) <script type="text/javascript" src="/static/mercurial.js"></script> <script type="text/javascript" nonce="*"> (glob) <script type="text/javascript" nonce="*"> (glob)