Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HotSwapHandler race condition #8536

Closed
elipsion opened this issue Sep 2, 2022 · 2 comments
Closed

HotSwapHandler race condition #8536

elipsion opened this issue Sep 2, 2022 · 2 comments
Labels
Bug For general bugs on Jetty side

Comments

@elipsion
Copy link

elipsion commented Sep 2, 2022

Jetty version(s)
All current

Java version/vendor
N/A

OS type/version
N/A

Description
setHandler() in HotSwapHandler has a race condition where the current handler is stopped before the new one is bound, because it uses updateBean(). This could lead to requests being dropped during the swap operation. A less racy implementation would look something like this, more or less inlining updateBean():

oldHandler = _handler
if(handler == oldHandler)
  return
if(handler != null) {
  handler.setServer(getServer())
  addBean(handler, true)
  if(isStarted() && !handler.isRunning()) // ContainerLifecycle does not start our handler if we're fully started
    handler.start()
}
_handler = handler
if(oldHandler != null)
  removeBean(oldHandler)

How to reproduce?
Bug found through static analysis of HotSwapHandler and ContainerLifeCycle
@elipsion elipsion added the Bug For general bugs on Jetty side label Sep 2, 2022
@gregw
Copy link
Contributor

gregw commented Sep 3, 2022

Thanks, Good catch.

However, I'm wondering about if we should always start the swapped handler? Perhaps we start it only if the handler we are replacing was started?

gregw added a commit that referenced this issue Sep 3, 2022
@gregw
Fix #8536 HotSwap start race
7087dd0 
Don't stop until after new handler installed.
@elipsion
Copy link
Author

I think the child handler should always be started if the HotSwapHandler itself is started (or starting).

I'd rather err on the side of caution and have started one too many as opposed to dropping requests on the floor because we didn't.

@gregw gregw closed this as completed in 47c2891 Sep 23, 2022
@joakime joakime changed the title [jetty-server] HotSwapHandler race condition HotSwapHandler race condition Dec 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug For general bugs on Jetty side
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gregw @elipsion