Details
-
Bug
-
Status: Reopened
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
If a timeout occurs while sending a request-side sidecar (see KUDU-1866), the RPC callback may be invoked before the outbound transfer has been completely written.
This is the last notification from the RPC layer that the caller will get, so you might expect them to delete the sidecar payload at that point, but it's not safe to do so. In fact, with a slow sender there is no way for the caller to know when it's safe to delete the payload. There's no problem for the protobuf message data, as it's serialized during the blocking part of an async call, and that memory is tied to the lifetime of the outbound call, which is managed by the RPC layer.
Ownership of the sidecar payloads should be shared between caller and the RPC layer, so really it's the new RpcSidecar::FromSlice API that causes the problems because ownership is not shared with the RpcSidecar which does have the correct lifetime. I propose removing FromSlice and having a FromFaststring(shared_ptr<faststring>) variant.
Attachments
Issue Links
- is depended upon by
-
IMPALA-3380 Add TCP timeouts to all RPCs that don't block
-
- Resolved
-
- is related to
-
-
- Resolved
-
-
KUDU-2065 Support cancellation for outbound client RPC
-
- Resolved
-
- relates to
-
-
- Open
-