[jira] [Commented] (THRIFT-3768) TThreadedServer may crash if it is destroyed immediately after it returns from serve()

Thu, 31 Mar 2016 13:24:39 -0700 

    [ 
https://issues.apache.org/jira/browse/THRIFT-3768?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15220607#comment-15220607
 ] 

Ted Wang commented on THRIFT-3768:
----------------------------------

I had considered that as well, which I think would make TThreadedServer act 
sort of like an unbounded TThreadPoolServer. However, I am not sure when 
threads would be removed from an internal vector that TThreadedServer is 
keeping around. It cannot be in onClientDisconnected (at least not for the 
thread that initiated this, for obvious reasons), and leaving it around to grow 
unbounded doesn't seem like a good idea.

So maybe we need a "live client" list and a "pending removal" list? Maybe join 
with a timeout of 0 on the pending removal list during onClientConnected or 
onClientDisconnected?

> TThreadedServer may crash if it is destroyed immediately after it returns 
> from serve()
> --------------------------------------------------------------------------------------
>
>                 Key: THRIFT-3768
>                 URL: https://issues.apache.org/jira/browse/THRIFT-3768
>             Project: Thrift
>          Issue Type: Bug
>          Components: C++ - Library
>    Affects Versions: 0.9.3
>            Reporter: Ted Wang
>            Priority: Minor
>
> Here's a sequence that shows the race:
> Thread-1 (Users of TThreadedServer): Calls TThreadedServer::stop(), which 
> calls interruptChildren and initiates the tearing down of client connections.
> Thread-2: In TServerFramework::serve(), broke out of accept, and now blocks 
> in TThreadedServer::serve() waiting to drain all the clients.
> Thread-3 (The connected client thread created by TThreadedServer): In 
> disposeConnectedClient, running because the server is shutting down and the 
> shared_ptr specified this function to be the cleanup function for the client. 
> This thread just returned from onClientDisconnected and now context switches.
> Thread-2: TThreadedServer::serve() is notified that all of the clients have 
> disconnected and completes.
> Thread-1: Joins on Thread-2 and destroys the server object because it is done.
> Thread-3: Finally gets a chance to run, but now encounters undefined behavior 
> because it is still executing a member function of an object that has been 
> destroyed.
> You can force this race in action if you put sleep(1) before 
> onClientDisconnected() in disposeConnectedClient



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to