Skip to content

Cheaper logcontext debug logs (pseudo_random_string(...)) #19094

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Cheaper logcontext debug logs (pseudo_random_string(...)) #19094

wants to merge 2 commits into from
+22 −4

Conversation

@MadLittleMods
Copy link
Contributor

@MadLittleMods MadLittleMods commented Oct 23, 2025
edited
Loading

Cheaper logcontext debug logs (pseudo_random_string(...))

Follow-up to #18966

During the weekly Backend team meeting, it was mentioned that random_string(...) was taking a significant amount of CPU on matrix.org. This makes sense as it relies on secrets.choice(...), a cryptographically secure function that is inherently computationally expensive. And since #18966, we're calling random_string(...) as part of a bunch of logcontext utilities.

Since we don't need cryptographically secure random strings for our debug logs, this PR is introducing a new pseudo_random_string(...) function that uses random.choice(...) which uses pseudo-random numbers that are "both fast and threadsafe".

Dev notes

Pull Request Checklist

  • Pull request is based on the develop branch
  • Pull request includes a changelog file. The entry should:
    • Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from EventStore to EventWorkerStore.".
    • Use markdown where necessary, mostly for code blocks.
    • End with either a period (.) or an exclamation mark (!).
    • Start with a capital letter.
    • Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
  • Code style is correct (run the linters)

MadLittleMods
MadLittleMods commented Oct 23, 2025
View reviewed changes
synapse/util/stringutils.py
return "".join(secrets.choice(_string_with_symbols) for _ in range(length))


def pseudo_random_string(length: int) -> str:
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also considered naming this random_string_insecure_fast

🤷

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should call this insecure_random_string. Being pseudo-random doesn't necessarily imply insecure, that's what CSPRNGs are for, after all.

It's maybe not a huge deal, but given the sheer hazard of using the wrong type of random in the wrong place, I much prefer the clear and simple insecure label, because it brings your attention to an important (negative) caveat. In theory that could raise some alarm bells at a critical time during review.

On the other hand, I don't think it's important to say fast — if someone consciously thinks about the speed at PR review time, they can look it up. (But I'm also not against calling it 'fast', to be fair!)

MadLittleMods
MadLittleMods commented Oct 23, 2025
View reviewed changes
synapse/logging/context.py
Comment on lines 862 to 866
instance_id = pseudo_random_string(5)
calling_context = current_context()
logcontext_debug_logger.debug(
"run_in_background(%s): called with logcontext=%s", instance_id, calling_context
)
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As another alternative, we could gate the random string creation behind if logcontext_debug_logger.isEnabledFor(logging.DEBUG)

@MadLittleMods MadLittleMods marked this pull request as ready for review October 23, 2025 18:38
@MadLittleMods MadLittleMods requested a review from a team as a code owner October 23, 2025 18:39
reivilibre
reivilibre approved these changes Oct 30, 2025
View reviewed changes
synapse/util/stringutils.py
return "".join(secrets.choice(_string_with_symbols) for _ in range(length))


def pseudo_random_string(length: int) -> str:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should call this insecure_random_string. Being pseudo-random doesn't necessarily imply insecure, that's what CSPRNGs are for, after all.

It's maybe not a huge deal, but given the sheer hazard of using the wrong type of random in the wrong place, I much prefer the clear and simple insecure label, because it brings your attention to an important (negative) caveat. In theory that could raise some alarm bells at a critical time during review.

On the other hand, I don't think it's important to say fast — if someone consciously thinks about the speed at PR review time, they can look it up. (But I'm also not against calling it 'fast', to be fair!)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@reivilibre reivilibre reivilibre approved these changes

Assignees

No one assigned

Labels

A-Logging

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MadLittleMods @reivilibre