[Tarantool-patches] [PATCH 1/1] iproto: don't destroy a session during disconnect
Konstantin Osipov
kostja.osipov at gmail.com
Sat Nov 16 14:54:21 MSK 2019
* Vladislav Shpilevoy <v.shpilevoy at tarantool.org> [19/11/16 12:48]:
> Binary session disconnect trigger yield could lead to use after
> free of the session object. That happened because iproto thread
> sent two requests to TX thread at disconnect:
>
> - Close the session and run its on disconnect triggers;
>
> - If all requests are handled, destroy the session.
>
> When a connection is idle, all requests are handled, so both these
> requests are sent. If the first one yielded in TX thread, the
> second one arrived and destroyed the session right under the feet
> of the first one.
>
> This can be solved in two ways - in TX thread, and in iproto
> thread.
>
> TX thread solution (which is chosen in the patch): add a flag
> which says whether disconnect is processed by TX. When destroy
> request arrives, it checks the flag. If disconnect is not done,
> the destroy request waits on a condition variable until it is.
>
> The solution is simple, but adds new members to iproto_connection
> struct, and requires lots of commenting.
>
> Iproto thread solution (alternative): just don't send destroy
> request until disconnect returns back to iproto thread.
I like this one more to be honest.
--
Konstantin Osipov, Moscow, Russia
More information about the Tarantool-patches
mailing list