The Fix
pip install redis==7.1.0
Based on closed redis/redis-py issue #1178 · PR/commit linked
@@ -20,6 +20,14 @@
* Slightly optimized command packing. Thanks @Deneby67. #1255
* Added support for the TYPE argument to SCAN. Thanks @netocp. #1220
+ * Better thread and fork safety in ConnectionPool and
+ BlockingConnectionPool. Added better locking to synchronize critical
+ sections rather than relying on CPython-specific implementation details
Option A — Upgrade to fixed release\npip install redis==7.1.0\nWhen NOT to use: This fix should not be applied if the application relies on non-thread-safe connections intentionally.\n\n
Why This Fix Works in Production
- Trigger: So when one thread in on_connect() call `read_response`, it maybe get another thread's response, then raise the error.
- Mechanism: Connection class lacks thread safety, leading to potential data corruption when accessed by multiple threads
- Why the fix works: Implements better thread safety for ConnectionPool, addressing the issue of thread safety in connections. (first fixed release: 7.1.0).
- If left unfixed, this can cause silent data inconsistencies that propagate (bad cache entries, incorrect downstream decisions).
Why This Breaks in Prod
- Shows up under Python 3.7 in real deployments (not just unit tests).
- Connection class lacks thread safety, leading to potential data corruption when accessed by multiple threads
- Production symptom (often without a traceback): So when one thread in on_connect() call `read_response`, it maybe get another thread's response, then raise the error.
Proof / Evidence
- GitHub issue: #1178
- Fix PR: https://github.com/redis/redis-py/pull/1270
- First fixed release: 7.1.0
- Reproduced locally: No (not executed)
- Last verified: 2026-02-09
- Confidence: 0.85
- Did this fix it?: Yes (upstream fix exists)
- Own content ratio: 0.69
Discussion
High-signal excerpts from the issue thread (symptoms, repros, edge-cases).
“Connections are not meant to be threadsafe. ConnectionPools are threadsafe.”
“@andymccurdy https://github.com/andymccurdy/redis-py/issues/906 it seems the default connectionpool is not threading safe.”
Failure Signature (Search String)
- So when one thread in on_connect() call `read_response`, it maybe get another thread's response, then raise the error.
- raise AuthenticationError('Invalid Password')
Copy-friendly signature
Failure Signature
-----------------
So when one thread in on_connect() call `read_response`, it maybe get another thread's response, then raise the error.
raise AuthenticationError('Invalid Password')
Error Message
Signature-only (no traceback captured)
Error Message
-------------
So when one thread in on_connect() call `read_response`, it maybe get another thread's response, then raise the error.
raise AuthenticationError('Invalid Password')
Environment
- Python: 3.7
What Broke
Threads may receive incorrect responses, causing unexpected errors and application instability.
Why It Broke
Connection class lacks thread safety, leading to potential data corruption when accessed by multiple threads
Fix Options (Details)
Option A — Upgrade to fixed release Safe default (recommended)
pip install redis==7.1.0
Use when you can deploy the upstream fix. It is usually lower-risk than long-lived workarounds.
Fix reference: https://github.com/redis/redis-py/pull/1270
First fixed release: 7.1.0
Last verified: 2026-02-09. Validate in your environment.
When NOT to Use This Fix
- This fix should not be applied if the application relies on non-thread-safe connections intentionally.
Did This Fix Work in Your Case?
Quick signal helps us prioritize which fixes to verify and improve.
Prevention
- Track RSS + object counts after deployments; alert on monotonic growth and GC pressure.
- Add a long-running test that repeats the failing call path and asserts stable memory.
Version Compatibility Table
| Version | Status |
|---|---|
| 7.1.0 | Fixed |
Related Issues
No related fixes found.
Sources
We don’t republish the full GitHub discussion text. Use the links above for context.