Skip to content

Fix destroy handler race#141

Merged
jjeffcaii merged 1 commit intorsocket:masterfrom
echistyakov:fix-destroy-handler
Jan 20, 2025
Merged

Fix destroy handler race#141
jjeffcaii merged 1 commit intorsocket:masterfrom
echistyakov:fix-destroy-handler

Conversation

@echistyakov
Copy link
Copy Markdown
Contributor

@echistyakov echistyakov commented Jan 15, 2025

Fixes a race in destroyHandler w.r.t. dc.messages sync.Map

Motivation:

This PR is meant to fix a contributing factor to the following race PR: jjeffcaii/reactor-go#45

In the current implementation of destroyHandler - it's possible to call stopWithError on a callback that has already been unregistered. This can affect a completely unrelated Duplex object (because global pools are used for processor objects - and an already "disposed" processor can receive an error).

The race (for example) can occur between the following pieces of code:

rsocket-go/internal/socket/duplex.go

Lines 163 to 173 in 099cb5b

func (dc *DuplexConnection) destroyHandler(err error) {
// TODO: optimize callback map
var callbacks []callback
dc.messages.Range(func(_, value interface{}) bool {
callbacks = append(callbacks, value.(callback))
return true
})
for _, next := range callbacks {
next.stopWithError(err)
}
}

rsocket-go/internal/socket/duplex.go

Lines 257 to 266 in 099cb5b

onFinally := func(s reactor.SignalType, d reactor.Disposable) {
common.TryRelease(handler.cache)
if s == reactor.SignalTypeCancel {
dc.sendFrame(framing.NewWriteableCancelFrame(sid))
}
// Unregister handler w/sink (processor).
dc.unregister(sid)
// Dispose sink (processor).
d.Dispose()
}

They both access dc.messages. destroyHandler - for reading (iteration), onFinally - for writing (inside unregister method).

In the existing version of destroyHandler - by the time iteration (Range()) over dc.messages is complete - some of the messages may have already been unregistered and removed from the map. This is where the race comes from.

As per documentation: https://pkg.go.dev/sync#Map.Range

Range does not block other methods on the receiver

-> Meaning that it's totally safe to invoke every callback from inside Range - no need to store callbacks in a slice beforehand.

Modifications:

Perform callback stopWithError invocations directly during Range iteration, without creating a slice of callbacks beforehand.

Result:

The issue described in jjeffcaii/reactor-go#45 goes away.

jjeffcaii
jjeffcaii approved these changes Jan 20, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@jjeffcaii jjeffcaii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jjeffcaii jjeffcaii merged commit 28d7b65 into rsocket:master Jan 20, 2025
@echistyakov echistyakov deleted the fix-destroy-handler branch March 2, 2026 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jjeffcaii jjeffcaii jjeffcaii approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@echistyakov @jjeffcaii