Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix for data race on acknowledgedIncomingBytes in class BinderTransport #11981

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix for data race on acknowledgedIncomingBytes in class BinderTransport #11981

wants to merge 1 commit into from
+2 −2

Conversation

raulpardo
Copy link

There is a data race on the field acknowledgedIncomingBytes in class BinderTransport. As a consequence, if two threads execute handleAcknowledgedBytes concurrently the following execution could occur:

  1. One thread writes reading the field acknowledgedIncomingBytes when executing this line
  2. The other executing thread reads a stale/outdated value of acknowledgedIncomingBytes when executing this line.

Furthermore, this data race shows a violation of the @GuardedBy("this") annotation for the field acknowledgedIncomingBytes in class BinderTransport. The reason is that the read is not guarded by lock.

This PR proposes to solve the problem by including the read in this line within the synchronized block. This prevents the data race and ensuring that reads always read the latest written value on the field.

@linux-foundation-easycla Linux Foundation: EasyCLA
Copy link

CLA Not Signed

@ejona86 ejona86 requested a review from jdcormie March 27, 2025 22:36
jdcormie
jdcormie reviewed Mar 27, 2025
View reviewed changes
Copy link
Member

@jdcormie jdcormie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps this should be clearer in the code but all incoming binder transactions are FLAG_ONEWAY so Android guarantees only one thread (from the process' binder thread pool) is calling handleTransaction() at a time.

https://github.com/grpc/grpc-java/blob/master/binder/src/main/java/io/grpc/binder/internal/LeakSafeOneWayBinder.java#L49-L51

So every read and write of acknowledgedIncomingBytes "happens-before" the last.

Given this context, do you still believe there is a race?

@raulpardo
Copy link
Author

Thanks for the pointer! Indeed, if handleTransaction() cannot be executed concurrently, then there is no data race.

However, it is a bit misleading that the class is marked as @ThreadSafe, as this should imply that the class must safely handle multiple concurrent calls to handleTransaction().

@jdcormie
Copy link
Member

However, it is a bit misleading that the class is marked as @ThreadSafe, as this should imply that the class must safely handle multiple concurrent calls to handleTransaction().

I agree with you. I haven't thought about this deeply but one idea for improvement could be to have BinderTransport stop implementing TransactionHandler directly. Instead, it could have a private inner class implement TransactionHandler (not marked @threadsafe) and pass that to the LeakSafeOnewayBinder constructor instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jdcormie jdcormie jdcormie left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@raulpardo @jdcormie