Symbols garbage collector in Ruby1.9, fixed?

Hi, in Ruby 1.8 there is an issue when adding more and more Symbols
since they remain in memory and are never removed.

I'm doing a server in Ruby that receives messages with headers (From,
To, Subject, X-Custom-Header-1...) and after parsing I store the
headers in a hash using symbols as keys:

  headers = {
    :from => "alice@aaa.com",
    :to => "bob@bbb.com",
    :"x-custom-header-1" => "Hi there"
  }

I could use strings as keys instead of symbols, but I've checked that
getting a Hash entry is ~25% faster using Symbols.

The problem is that I could receive custom headers so for each one a
new Symbol would be created. An attacker could send lots of custom
headers to fill the server memory and cause a denial of service.

Perhaps this is solved in Ruby 1.9? any suggestion on it? Thanks a lot.

Is there any way to check if a Symbol already exist before creating it?

It depends on what exactly you are trying to do with your hash. If you
need to access to a few well known headers in your code, use symbols for
those and add another pseudo-header for the rest of the info :

USEFUL_HEADERS = [ :from, :to, :"x-mailer" ]

headers = {
  :from => "alice@aaa.com",
  :to => "bob@bbb.com",
  :"x-mailer" => "Pegasus Mail for Windows (4.50 PB1)",
  :"_custom" => {
    "x-custom-header-1" => "Hi there",
    "x-spam-scanned" => "Of course"
  }
}

(Now, you'll lose time at the parse step. Again, depending on what
you're trying to do, it may be efficient if each mail is parsed one time
and, then, each header is accessed a lot of times.)

Fred

Which is why Rails (actually activesupport) which implements a
HashWithIndifferentAccess to allows using strings and symbols equivalently
for hash access, uses the string form in the actual hash forgoing the access
performance in favor of safety.

Iñaki Baz Castillo wrote:

I could use strings as keys instead of symbols, but I've checked that
getting a Hash entry is ~25% faster using Symbols.

The problem is that I could receive custom headers so for each one a
new Symbol would be created. An attacker could send lots of custom
headers to fill the server memory and cause a denial of service.

Perhaps this is solved in Ruby 1.9? any suggestion on it? Thanks a lot.

It's not "solved" in 1.9, because this is intentional and necessary
behaviour.

The important property of a symbol is that it has the same id wherever
and whenever it is used in your program, and hence it can never be
garbage-collected. This is so that it can be used for looking up method
names - foo.bar is a shortcut for foo.send(:bar)

Using symbols for hash keys is a common idiom, but arguably is abuse of
the symbol table. It's fine as long as all the keys are fixed symbol
constants in your program, but as you've observed, it causes huge
problems if your symbols are generated dynamically in response to user
data (especially from untrusted or potentially malicious sources)

The solution: use strings as keys, and beware premature optimisation.
Whilst you may have measured that "getting a Hash entry is 25% faster
using Symbols", does this really make your whole application 25% faster?
I suspect not. Maybe it makes your whole application 0.25% faster. Maybe
it makes your application slower, as each incoming String has to be
converted into a Symbol.

In any case, although we all want things to go "as fast as possible",
few applications have a specific acceptance criteria for CPU utilisation
or response time. If your application *does* have a specific performance
criterion that you must meet, then it might be better to consider a
different language, rather than mis-using what Ruby offers. Or including
all things like development costs, it may be more cost-effective to
choose faster hardware to meet the performance goal.

Regards,

Brian.

Use symbols... FOR SPEED! Unfortunately that speed comes at a price... you
really want to globally internalize arbitrary input? Symbols are
effectively a freeform enumeration... the reason you're running into
problems is because you're trying to enumerate arbitrary inputs.

Is this really an important bottleneck in your application? If not, use
strings and move on.

Thanks, but I prefer to store all the headers in a transparent way so
accessing to a core and well known header is the same as accesing to a
custom and never seen header:
  headers[:from]
  header[:"x-custom-headers"]

This is, in the transport/parsing layer I cannot know which headers
will be important or not in the "application" layer.

A way to check if a Symbol already exist would be enought for me, but
it doesn't work:
To know all the current Symbols I can inspect Symbol.all_symbols, but
if I want to check a Symbol:
  Symbol.all_symbols.include?(:new_symbol)
this will always return true since :new_symbol is automatically added XDDD

Thanks.

Ok, thanks for your explanation.

Dave Thomas seems to have thought this was going away:

http://pragdave.blogs.pragprog.com/pragdave/2008/05/ruby-symbols-in.html

James Edward Gray II

Hi,

Use symbols... FOR SPEED! Unfortunately that speed comes at a price... you
really want to globally internalize arbitrary input? Symbols are
effectively a freeform enumeration... the reason you're running into
problems is because you're trying to enumerate arbitrary inputs.

Yes. It's a parser so custom headers could arrive. I want to store them in a
hash like:

  headers = { :from => "alice@qweeq", ":to => "bob@qweqwe }

So after parsing the message I create these entries. The problem is that any
custom header would create a Symbol.

Is this really an important bottleneck in your application?

I think it's important since after parsing hte main task of the server will be
accessing some headers to read their content. But since it's just in a very
early stage I cannot sure it.

Thanks.

A way to check if a Symbol already exist would be enought for me, but
it doesn't work:
To know all the current Symbols I can inspect Symbol.all_symbols, but
if I want to check a Symbol:
  Symbol.all_symbols.include?(:new_symbol)
this will always return true since :new_symbol is automatically added XDDD

potential_new_symbol = "xyzzy"
Symbol.all_symbols.map {|s| s.to_s}.include? potential_new_symbol

?

Regards,

Bil

Symbol.all_symbols.find { |s| s.to_s == "string" }

But, now, you're creating strings instead...

Fred

That article looks like pure speculation.

Alright, yes, #to_i and #id2name and similar are gone. That makes sense --
encapsulate things the average user really doesn't need. Theoretically, these
could allow Symbols to be implemented in the heap, if needed. Or it would
allow them to be implemented in some way that looks nothing like the current
concept of an integer.

However, the purpose of symbols, I would think, remains the same.

And given the purpose of symbols, and the dynamic nature of Ruby (it has
eval!), there's really no way you could ever garbage collect symbols.

You could implement symbols as immutable strings on the heap, and do string
comparisons between them, but that would defeat the purpose of symbols, at
least in every program I've ever wrote -- to avoid string comparisons, and to
be generally much faster than strings.

And for that matter, if you really, really want to be digging around at that
low level, you still can:

irb(main):001:0> :foo.object_id
=> 351848
irb(main):002:0> ObjectSpace._id2ref 351848
=> :foo

Unfortunately, symbols are still not garbage-collected at the moment.
It seems that the only difference comparing to 1.8 is that symbols are
backed by real frozen string objects instead of arrays of chars.

Is the garbage collection in 1.9 better than 1.8?

Blog: http://random8.zenunit.com/
Learn rails: http://sensei.zenunit.com/

Just key the hash with Strings:
  headers = { 'from' => "alice@qweeq", 'to' => "bob@qweeq" }

If you really need to use symbols, perhaps add methods to a subclass of Hash like the HashWithIndifferentAccess from Rails which mostly eliminates the need to care whether you actually stored against a Symbol or a String key.

There's also nothing stopping you from having both kinds of keys at once:
  headers = { :from => "alice@qweeq", :to => "bob@qweeq", 'snack' => "raisins" }

but then you might have to "worry" about having both :to and 'to' as keys.

Symbols are only faster because they are immutable and don't get garbage collected. But I'd go with Tony and just use String all the time.

-Rob

Rob Biedenharn http://agileconsultingllc.com
Rob@AgileConsultingLLC.com

Iñaki Baz Castillo wrote:

Use symbols... FOR SPEED! Unfortunately that speed comes at a price...
you
really want to globally internalize arbitrary input? Symbols are
effectively a freeform enumeration... the reason you're running into
problems is because you're trying to enumerate arbitrary inputs.

Yes. It's a parser so custom headers could arrive. I want to store them in
a hash like:

  headers = { :from => "alice@qweeq", ":to => "bob@qweqwe }

I'd figure out what very common headers are and make them freezed constants,
like:

  FROM = "From".freeze
  TO = "To".freeze

and put references to those string "constants" as keys into the Hash. I
assume that this will be as fast as symbols when accessing the hash with
those constants, as equality testing just needs to tests for object identity
(object_id) and not for the equality of the content.

  headers = {}
  headers[FROM] = "alice@qweeq"
  headers[TO] = "bob@qweqwe"

  ...

  p headers[TO]
  p headers["To"] # works as well, but should be slower

Would you like to benchmark this against using symbols?

Btw, this is the approach that for example Mongrel uses.

Regards,

  Michael

I'd figure out what very common headers are and make them freezed constants,
like:

FROM = "From".freeze
TO = "To".freeze

and put references to those string "constants" as keys into the Hash. I
assume that this will be as fast as symbols when accessing the hash with
those constants, as equality testing just needs to tests for object identity
(object_id) and not for the equality of the content.

headers = {}
headers[FROM] = "alice@qweeq"
headers[TO] = "bob@qweqwe"

Very interesting solution, but I would have some issues with it:

a) I receive a request with various headers, most of them are well
kwnown but others can be custom.
When I extract the header name (after parsing) I get "From" and
"Custom-Header" strings, and I need to check if these strings belongs
to well known headers or not before storing them as FROM and
"Custom-Header". Wouldn't this check be inneficient?

b) Some wellk wnown headers have a name like "Record-Route". The "-"
symbol is of course dissallowed as Ruby Constant. Using Symbols I can
use it as :"record-route".

Well, I have to think about it. Thanks a lot for all the received help. Regards.

Btw, this is the approach that for example Mongrel uses.

Then I must investigate how it handles case b).

From: "Iñaki Baz Castillo" <ibc@aliax.net>

A way to check if a Symbol already exist would be enought for me, but
it doesn't work:
To know all the current Symbols I can inspect Symbol.all_symbols, but
if I want to check a Symbol:
Symbol.all_symbols.include?(:new_symbol)
this will always return true since :new_symbol is automatically added
XDDD

potential_new_symbol = "xyzzy"
Symbol.all_symbols.map {|s| s.to_s}.include? potential_new_symbol

Thanks but it is too slow:

Benchmark.realtime{ Symbol.all_symbols.map {|s| s.to_s}.include? "qwe" }
=> 0.00371980667114258

I cannot do this test for each header in each received message.

Thanks.