Fix potential lock on context cancel #391
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rvagg
approved these changes
Jul 12, 2022
jacobheun
pushed a commit
that referenced
this pull request
Mar 8, 2023
gammazero
added a commit
that referenced
this pull request
Mar 28, 2023
rvagg
pushed a commit
that referenced
this pull request
Mar 29, 2023
hannahhoward
added a commit
that referenced
this pull request
Apr 7, 2023
This reverts commit d4f0517.
hannahhoward
added a commit
that referenced
this pull request
Aug 1, 2023
a previous fix #391, attempted to address a lock that occurred on context cancel. however in doing so, it introduced a new lock. essentially, if a message was not sent to the requestmanager/responsemanager go routine, waiting for a response to that message could last indefinitely. the previous fix therefore stopped waiting when the calling context cancelled. However once a message reaches the go routine of the requestmanager/responsemanager, it's important that it's processed to completion, so that the the message loop doesn't lock. The proper fix is to detect when the message is sent successfully, and if so, wait for it to be processed. If it isn't sent, we can safely abort the go routine immediately.
hannahhoward
added a commit
that referenced
this pull request
Aug 1, 2023
a previous fix #391, attempted to address a lock that occurred on context cancel. however in doing so, it introduced a new lock. essentially, if a message was not sent to the requestmanager/responsemanager go routine, waiting for a response to that message could last indefinitely. the previous fix therefore stopped waiting when the calling context cancelled. However once a message reaches the go routine of the requestmanager/responsemanager, it's important that it's processed to completion, so that the the message loop doesn't lock. The proper fix is to detect when the message is sent successfully, and if so, wait for it to be processed. If it isn't sent, we can safely abort the go routine immediately.
hannahhoward
added a commit
that referenced
this pull request
Aug 2, 2023
* fix(cancellation): handle message cancellation properly a previous fix #391, attempted to address a lock that occurred on context cancel. however in doing so, it introduced a new lock. essentially, if a message was not sent to the requestmanager/responsemanager go routine, waiting for a response to that message could last indefinitely. the previous fix therefore stopped waiting when the calling context cancelled. However once a message reaches the go routine of the requestmanager/responsemanager, it's important that it's processed to completion, so that the the message loop doesn't lock. The proper fix is to detect when the message is sent successfully, and if so, wait for it to be processed. If it isn't sent, we can safely abort the go routine immediately. * fix(race): resolve race condition with test responses
hannahhoward
added a commit
to filecoin-project/boost-graphsync
that referenced
this pull request
Aug 15, 2023
* fix(cancellation): handle message cancellation properly a previous fix ipfs#391, attempted to address a lock that occurred on context cancel. however in doing so, it introduced a new lock. essentially, if a message was not sent to the requestmanager/responsemanager go routine, waiting for a response to that message could last indefinitely. the previous fix therefore stopped waiting when the calling context cancelled. However once a message reaches the go routine of the requestmanager/responsemanager, it's important that it's processed to completion, so that the the message loop doesn't lock. The proper fix is to detect when the message is sent successfully, and if so, wait for it to be processed. If it isn't sent, we can safely abort the go routine immediately. * fix(race): resolve race condition with test responses
hannahhoward
added a commit
to filecoin-project/boost-graphsync
that referenced
this pull request
Aug 15, 2023
* fix(cancellation): handle message cancellation properly a previous fix ipfs#391, attempted to address a lock that occurred on context cancel. however in doing so, it introduced a new lock. essentially, if a message was not sent to the requestmanager/responsemanager go routine, waiting for a response to that message could last indefinitely. the previous fix therefore stopped waiting when the calling context cancelled. However once a message reaches the go routine of the requestmanager/responsemanager, it's important that it's processed to completion, so that the the message loop doesn't lock. The proper fix is to detect when the message is sent successfully, and if so, wait for it to be processed. If it isn't sent, we can safely abort the go routine immediately. * fix(race): resolve race condition with test responses
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Goals
Fix an identified potential lock on imperative public function calls that take a context that can be cancelled.
Why
The graphsync RequestManager and ResponseManager run an internal run loop in a seperate go-routine. Public function calls access communicate with this run loop via a message queue channel. Sometimes these public function calls wait for a response on a channel, in order to return a value to the caller. When this is done, the message send into the run loop can abort if the calling context passed to the public method is cancelled. However, we were failing to account for this context when reading back out the response, which could cause a hang if the context passed into the public function is already cancelled at the time of calling. We found this did crop up in the wild.
Implementation
Add a calling context cancel check on the select statements in every place where we read a return value
For discussion
Contexts and channels suck and boy this code is verbose when can we use generics.
This is PR'd against a 0.13.3 release branch forked from v0.13.2 to avoid 0.14.x changes that are for go-data-transfer v2