Skip to content

Transfer daemon socket ownership on spawn.#652

Merged
hidmic merged 4 commits intomasterfrom
hidmic/transfer-daemon-socket-ownership
Jul 15, 2021
Merged

Transfer daemon socket ownership on spawn.#652
hidmic merged 4 commits intomasterfrom
hidmic/transfer-daemon-socket-ownership

Conversation

@hidmic
Copy link
Copy Markdown

@hidmic hidmic commented Jul 12, 2021
edited
Loading

This patch is an alternative to #632, transferring socket ownership on spawn to preclude the TOCTOU races that running daemon checks induce.

This patch is functional in my local Linux environment. Let's see what CI (and Windows) have to say:

  • Linux Build Status
  • Linux-aarch64 Build Status
  • macOS Build Status
  • Windows Build Status

@hidmic
Transfer daemon socket ownership on spawn.
85503fe 
Signed-off-by: Michel Hidalgo <michel@ekumenlabs.com>
@hidmic hidmic requested a review from ivanpauno July 12, 2021 14:57
@hidmic hidmic mentioned this pull request Jul 12, 2021
Closed
@hidmic
Copy link
Copy Markdown
Author

hidmic commented Jul 12, 2021

Once CI goes green, I'll document things better.

@hidmic
Fix daemonize() on Windows
9fe2438 
Signed-off-by: Michel Hidalgo <michel@ekumenlabs.com>
@hidmic hidmic requested review from audrow and clalancette July 12, 2021 22:08
@hidmic
Copy link
Copy Markdown
Author

hidmic commented Jul 12, 2021

Alright, it looks like this is working like a charm 😃

@hidmic hidmic mentioned this pull request Jul 12, 2021
Closed
ivanpauno
ivanpauno reviewed Jul 14, 2021
View reviewed changes
Copy link
Copy Markdown
Member

@ivanpauno ivanpauno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have some comments and questions.
The refactor sounds good to me, but the code is a bit tricky.

@hidmic
Improve patch and its documentation.
4ceb6fe 
Signed-off-by: Michel Hidalgo <michel@ekumenlabs.com>
@hidmic
Copy link
Copy Markdown
Author

hidmic commented Jul 14, 2021
edited
Loading

CI up to ros2cli:

  • Linux Build Status
  • Linux-aarch64 Build Status
  • macOS Build Status
  • Windows Build Status

@hidmic hidmic requested a review from ivanpauno July 14, 2021 22:41
@hidmic
Stick to OSError, BrokenPipeError is Unix specific.
4aefe30 
Signed-off-by: Michel Hidalgo <michel@ekumenlabs.com>
@hidmic
Copy link
Copy Markdown
Author

hidmic commented Jul 15, 2021

Alright, all green. Going in !

@hidmic hidmic merged commit 1e3f1a0 into master Jul 15, 2021
@delete-merged-branch delete-merged-branch bot deleted the hidmic/transfer-daemon-socket-ownership branch July 15, 2021 15:24
@Crola1702 Crola1702 mentioned this pull request Nov 1, 2022
Merged
@ivanpauno ivanpauno mentioned this pull request Dec 15, 2022
Merged
@fujitatomoya fujitatomoya mentioned this pull request Feb 13, 2023
Merged
@iuhilnehc-ynos iuhilnehc-ynos mentioned this pull request Sep 8, 2023
Merged
@clalancette clalancette mentioned this pull request Nov 19, 2024
Merged
clalancette added a commit that referenced this pull request Nov 20, 2024
@clalancette
Fix instability in the ros2 daemon. (#947)
e998af3 
The original problem here is that running the test_strategy.py test
in the nightly repeated jobs "sometimes" fails.

There have been a few attempts to fix flakiness in the ros2 daemon in the past.
These include #620 , 
#622 , and
#652 .
These all changed things in various ways, but the key PR was #652, which made
spawning the daemon a reliable operation.

#622 made some changes to change the sockets to add SO_LINGER with a zero timeout.
That improved, but did not totally solve the situation. It also has its own downsides, as
SO_LINGER doesn't gracefully terminate connections and instead just sends RST on the
socket and terminates it.

To fix this for real requires 3 parts in this commit, though one of the parts is platform-dependent:

1.  When the daemon is exiting cleanly, it should explicitly shutdown the socket that it was using
for the XMLRPC server. That will cleanly shutdown the socket, and tell the kernel it can start the
cleanup. On its own, this does not completely solve the problem, but it reduces the amount of time
that things are hanging about waiting for the Python interpreter and/or the kernel to implicitly
clean things up.
2.  We should not specify SO_LINGER on the daemon sockets. As mentioned above, this is actually
something of an anti-pattern and does not properly terminate connections with FIN (it just sends RST).
3.  We should specify SO_REUSEADDR, but only on Unix. On Unix, SO_REUSEADDR essentially means
"allow binding to an address/port that is in TCP TIME_WAIT (but not that is otherwise in use)".
This is exactly the behavior we want. On Windows, SO_REUSEADDR causes undefined behavior, as
it can cause a socket to bind even if there is something else bound already. Because of that, we want
to set SO_REUSEADDR on Unix, but not Windows.

Finally, while testing here I had to add in one bugfix to make things reliable on Windows, which is to
also catch ConnectionResetError. That arises because we can attempt to "connect" to a daemon that
is in the process of shutting down. In that case, we should also consider the daemon not "connected".

Signed-off-by: Chris Lalancette <clalancette@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ivanpauno ivanpauno ivanpauno approved these changes

@clalancette clalancette Awaiting requested review from clalancette

@audrow audrow Awaiting requested review from audrow audrow is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hidmic @ivanpauno