[
https://issues.apache.org/jira/browse/KUDU-2011?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Todd Lipcon reopened KUDU-2011:
-------------------------------
> Request-side sidecars cannot be safely destroyed on timeout
> -----------------------------------------------------------
>
> Key: KUDU-2011
> URL: https://issues.apache.org/jira/browse/KUDU-2011
> Project: Kudu
> Issue Type: Bug
> Components: rpc
> Reporter: Henry Robinson
> Assignee: Michael Ho
> Fix For: 1.5.0
>
>
> If a timeout occurs while sending a request-side sidecar (see KUDU-1866), the
> RPC callback may be invoked before the outbound transfer has been completely
> written.
> This is the last notification from the RPC layer that the caller will get, so
> you might expect them to delete the sidecar payload at that point, but it's
> not safe to do so. In fact, with a slow sender there is no way for the caller
> to know when it's safe to delete the payload. There's no problem for the
> protobuf message data, as it's serialized during the blocking part of an
> async call, and that memory is tied to the lifetime of the outbound call,
> which is managed by the RPC layer.
> Ownership of the sidecar payloads should be shared between caller and the RPC
> layer, so really it's the new {{RpcSidecar::FromSlice}} API that causes the
> problems because ownership is not shared with the {{RpcSidecar}} which does
> have the correct lifetime. I propose removing {{FromSlice}} and having a
> {{FromFaststring(shared_ptr<faststring>)}} variant.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
