Avoid using futures' block_on in the request database guard

shepmaster · shepmaster · commit 24decf1d8fcb · 2024-11-18T16:31:04.000-05:00
The request guard works by sending on a channel when it is
dropped. Since we can't do async code in `Drop::drop`, I was using
`futures::executor::block_on` under the (false!) impression that
this *specific* usecase would not be a problem as we are always
pulling from that channel. However, sending on a channel can result in
`Pending` when the Tokio worker's cooperative budget is exhausted,
even if the queue is completely empty!

A simple example:

```rust
// Drain the budget
while task::consume_budget().now_or_never().is_some() {}

// Try to use more budget than we have and block forever
futures::executor::block_on(tx.send(42u8)).unwrap();
```

This `Pending` will never resolve because we are no longer running the
Tokio runtime so it will never see an `.await` and replenish the
budget. With enough bad luck, all the worker threads get stuck like
this and the entire system becomes unavailable.

There are a number of possible workarounds, but the least invasive is
to punt the final logging off to a Tokio task and let it happen
out-of-band. Technically this will make the timing a little bit less
accurate, but I was never worried about exact nanoseconds anyway.
diff --git a/ui/src/request_database.rs b/ui/src/request_database.rs
@@ -215,7 +215,7 @@ impl Handle {
         let g = self
             .attempt_start_request(category, payload)
             .await
-            .map(|id| EndGuardInner(id, How::Abandoned, self));
+            .map(|id| EndGuardInner(id, How::Abandoned, Some(self)));
         EndGuard(g)
     }
 }
@@ -238,12 +238,16 @@ impl EndGuard {
     }
 }
 
-struct EndGuardInner(Id, How, Handle);
+struct EndGuardInner(Id, How, Option<Handle>);
 
 impl Drop for EndGuardInner {
     fn drop(&mut self) {
-        let Self(id, how, ref handle) = *self;
-        futures::executor::block_on(handle.attempt_end_request(id, how))
+        let Self(id, how, ref mut handle) = *self;
+        if let Ok(h) = tokio::runtime::Handle::try_current() {
+            if let Some(handle) = handle.take() {
+                h.spawn(async move { handle.attempt_end_request(id, how).await });
+            }
+        }
     }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -215,7 +215,7 @@ impl Handle {`
`215`	`215`	`let g = self`
`216`	`216`	`.attempt_start_request(category, payload)`
`217`	`217`	`.await`
`218`		`- .map(\|id\| EndGuardInner(id, How::Abandoned, self));`
	`218`	`+ .map(\|id\| EndGuardInner(id, How::Abandoned, Some(self)));`
`219`	`219`	`EndGuard(g)`
`220`	`220`	`}`
`221`	`221`	`}`
`@@ -238,12 +238,16 @@ impl EndGuard {`
`238`	`238`	`}`
`239`	`239`	`}`
`240`	`240`
`241`		`-struct EndGuardInner(Id, How, Handle);`
	`241`	`+struct EndGuardInner(Id, How, Option<Handle>);`
`242`	`242`
`243`	`243`	`impl Drop for EndGuardInner {`
`244`	`244`	`fn drop(&mut self) {`
`245`		`- let Self(id, how, ref handle) = *self;`
`246`		`- futures::executor::block_on(handle.attempt_end_request(id, how))`
	`245`	`+ let Self(id, how, ref mut handle) = *self;`
	`246`	`+ if let Ok(h) = tokio::runtime::Handle::try_current() {`
	`247`	`+ if let Some(handle) = handle.take() {`
	`248`	`+ h.spawn(async move { handle.attempt_end_request(id, how).await });`
	`249`	`+ }`
	`250`	`+ }`
`247`	`251`	`}`
`248`	`252`	`}`
`249`	`253`