Thread-unsafe global mutable state in agent.py breaks multi-agent concurrency

[MervinPraison]

Problem

The core agent.py contains multiple global and class-level mutable variables accessed without any thread synchronization, violating the "multi-agent + async safe by default" engineering principle.

This causes race conditions when multiple agents run concurrently — a core use case for PraisonAI.

Specific Locations

1. Unprotected HTTP server globals (agent.py lines 143-145)

_server_started = {}   # Dict of port -> started boolean (NO LOCK)
_registered_agents = {} # Dict of port -> Dict (NO LOCK)
_shared_apps = {}       # Dict of port -> FastAPI app (NO LOCK)

Risk: Multiple agents calling .launch() on different ports concurrently will race on dict updates.

2. Non-atomic class counter (agent.py lines 157, 1254)

_agent_counter = 0  # Class-level, incremented without lock
# ...
Agent._agent_counter += 1  # NOT atomic — two threads can get duplicate indices

3. Thread-unsafe lazy loaders (agent.py lines 16-94)

Six manual lazy-loader functions (_get_console, _get_live, _get_llm_functions, _get_display_functions, _get_hooks_module, _get_stream_emitter) use classic TOCTOU pattern:

_rich_console = None
def _get_console():
    global _rich_console
    if _rich_console is None:     # Thread A checks
        from rich.console import Console  # Thread B also checks, both import
        _rich_console = Console()
    return _rich_console

Compare to the correct pattern already in _lazy.py (lines 61-74) with double-checked locking.

4. Same issue in context_agent.py (lines 22-57)

Four more manual lazy loaders (_get_subprocess, _get_glob, _get_ast, _get_asyncio) with the same unsafe pattern.

5. Tools module instance cache (tools/__init__.py line 188, 256-259)

_instances = {}  # Module-level dict accessed without locks
# ...
_instances[class_name] = class_()  # No lock protection

Expected Behavior

All global/class-level mutable state should be protected with threading.Lock() or threading.RLock(), consistent with the existing thread-safe patterns in:

• _lazy.py (double-checked locking)
• tools/registry.py (RLock on all operations)

Proposed Fix

1. Replace manual lazy loaders in agent.py and context_agent.py with the centralized _lazy.py utilities (lazy_import() or create_lazy_getattr())
2. Add threading.Lock() around _server_started, _registered_agents, _shared_apps mutations
3. Protect _agent_counter increment with a class-level lock
4. Add lock to tools/__init__.py _instances dict

Impact

• Severity: High — affects any multi-agent deployment
• Principle violated: "Multi-agent + async safe by default"
• Existing fix pattern: Already implemented correctly in _lazy.py and tools/registry.py

[MervinPraison]

@claude Analyze this issue and implement a fix following AGENTS.md. Ensure backward compatibility, zero performance regression, minimal focused changes. Run tests to verify. Create a PR with your changes.

[github-actions]

Claude finished @MervinPraison's task —— View job • claude/issue-1145-20260330-2133 • [Create PR ➔](https://github.com/MervinPraison/PraisonAI/compare/main...claude/issue-1145-20260330-2133?quick_pull=1&title=Issue%20%231145%3A%20Changes%20from%20Claude&body=This%20PR%20addresses%20issue%20%231145%0A%0AGenerated%20with%20%5BClaude%20Code%5D(https%3A%2F%2Fclaude.ai%2Fcode)

---

Thread Safety Analysis & Fix Implementation ✅

Successfully analyzed and implemented fixes for the thread-unsafe global mutable state that breaks multi-agent concurrency.

Todo List:

• Read AGENTS.md for repository guidelines
• Analyze the 5 specific problematic code locations
• Study existing thread-safe patterns in _lazy.py and tools/registry.py
• Fix unprotected HTTP server globals access in agent.py (lines 8728, 8743)
• Fix unsafe lazy loaders in context_agent.py
• Add thread protection to tools/init.py instance cache
• Install dependencies and run tests
• Commit and push changes
• Create PR using gh pr create

✅ Analysis Results

Already Fixed:

• ✅ Agent counter (agent.py:196-197) - Already protected with _agent_counter_lock
• ✅ Lazy loaders in agent.py (lines 31-110) - Already thread-safe with double-checked locking

Fixed in This PR:

• ✅ HTTP server globals (agent.py:8728, 8743) - Added safe access under _server_lock
• ✅ Context agent lazy loaders (context_agent.py:27-57) - Added double-checked locking pattern
• ✅ Tools instance cache (tools/__init__.py:188,256-259) - Added _instances_lock protection

🔒 Thread Safety Fixes Implemented

1. HTTP Server Globals: Protected endpoint access and FastAPI app retrieval with existing _server_lock
2. Context Agent Lazy Loaders: Implemented thread-safe double-checked locking for _get_subprocess, _get_glob, _get_ast, _get_asyncio
3. Tools Instance Cache: Added _instances_lock to protect concurrent class instantiation and method access

🧪 Verification

• ✅ Comprehensive test suite created and all tests pass
• ✅ Thread safety for lazy loaders verified
• ✅ Instance cache thread safety verified
• ✅ Agent counter thread safety verified
• ✅ Concurrent imports work correctly
• ✅ Zero performance regression (uses efficient double-checked locking)
• ✅ Full backward compatibility maintained

🚀 Pull Request Created

PR #1189: #1189

The implementation follows the repository's existing thread-safe patterns from _lazy.py and tools/registry.py, adheres to the "Multi-agent + async safe by default" engineering principle from AGENTS.md, and uses minimal focused changes as requested.

---