Closed Bug 1547085 Opened 5 years ago Closed 5 years ago

Discard messages sent to dead actors

Categories

(Core :: IPC, enhancement, P2)

Product:
Core
Component:
IPC
Type:
enhancement

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla69
Tracking Flags:
Tracking Status
firefox69 --- fixed

People

(Reporter: nika, Assigned: nika)

References

Details

Attachments

(1 file)

Bug 1547085 - Discard messages sent to dead actors,
47 bytes, text/x-phabricator-request
Details | Review

Historically we've failed very loudly when receiving a message which was destined for an actor which had already been destroyed. This had the effect of requiring manual teardown for most actors, as work would need to be done to ensure messages weren't sent when the target actor might be about to tear itself down.

In addition, due to this teardown work being done outside of IPDL, this work would have to manually be checked in subactors, and involved the addition of new flags, such as mIPCOpen, in order to track whether IPC had begun to be shut down, and discard messages manually if it had.

It is an ongoing issue that we occasionally miss places where we need to discard messages, and it is easy to not remember to perform async destruction when building a new actor, meaning that extra work is required to correctly discard messages when the actor is being torn down. Due to the correct decision, almost all of the time, being to discard the message, this patch takes the approach of transforming the crash which was previously performed into a message discard.

The hope is that this will reduce the burden on actor implementors, by allowing the use of Send__delete__ without first synchronizing with the remote actor, as well as reduce unintentional crashes.

Historically we've failed very loudly when receiving a message which was
destined for an actor which had already been destroyed. This had the
effect of requiring manual teardown for most actors, as work would need
to be done to ensure messages weren't sent when the target actor might
be about to tear itself down.

In addition, due to this teardown work being done outside of IPDL, this
work would have to manually be checked in subactors, and involved the
addition of new flags, such as mIPCOpen, in order to track whether IPC
had begun to be shut down, and discard messages manually if it had.

It is an ongoing issue that we occasionally miss places where we need to
discard messages, and it is easy to not remember to perform async
destruction when building a new actor, meaning that extra work is
required to correctly discard messages when the actor is being torn
down. Due to the correct decision, almost all of the time, being to
discard the message, this patch takes the approach of transforming the
crash which was previously performed into a message discard.

The hope is that this will reduce the burden on actor implementors, by
allowing the use of Send__delete__ without first synchronizing with
the remote actor, as well as reduce unintentional crashes.

There's a r+ patch which didn't land and no activity in this bug for 2 weeks.
:Nika, could you have a look please?
For more information, please visit auto_nag documentation.

Flags: needinfo?(nika)
Pushed by nlayzell@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/969f29e56fa1
Discard messages sent to dead actors, r=jld
Flags: needinfo?(nika)

https://hg.mozilla.org/mozilla-central/rev/969f29e56fa1

Status: NEW → RESOLVED
Closed: 5 years ago
status-firefox69: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla69
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: