Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cel: patch thread safety issue #13739

Merged
merged 3 commits into from
Oct 28, 2020
Merged

cel: patch thread safety issue #13739

merged 3 commits into from
Oct 28, 2020

Conversation

kyessenov
Copy link
Contributor

Signed-off-by: Kuat Yessenov kuat@google.com

Commit Message: Disable fast-path in CEL protobuf wrapper. The fast path uses internal protobuf methods via a private friend. These methods are not thread-safe, and cause an assertion failure when applied to protobufs shared across workers, such as cluster metadata. The fast path will be enabled again once both protobuf and CEL are updated.
Risk Level: low, switches to a different implementation
Testing: none added
Docs Changes: none
Release Notes: none
Reference: istio/istio#28175

@repokitteh-read-only repokitteh-read-only bot added the deps Approval required for changes to Envoy's external dependencies label Oct 23, 2020
@repokitteh-read-only
Copy link

CC @envoyproxy/dependency-shepherds: Your approval is needed for changes made to (bazel/.*repos.*\.bzl)|(bazel/dependency_imports\.bzl)|(api/bazel/.*\.bzl)|(.*/requirements\.txt)|(.*\.patch).

🐱

Caused by: #13739 was opened by kyessenov.

see: more, trace.

@kyessenov
cel: patch thread safety issue
3f4bad0 
Signed-off-by: Kuat Yessenov <kuat@google.com>
@moderation
Copy link
Contributor

If @lizan can resolve the test issues with #13712, is this PR necessary? Would be good to minimize patches if possible

@kyessenov
Copy link
Contributor Author

kyessenov commented Oct 23, 2020
edited
Loading

@moderation yes. Internal fix is not ready. I'll follow up with updates once it's all ready and published. It requires a very recent protobuf that I think hasn't been released.

@kyessenov
Copy link
Contributor Author

/retest

@repokitteh-read-only
Copy link

Retrying Azure Pipelines.

🐱

Caused by: a #13739 (comment) was created by @kyessenov.

see: more, trace.

@PiotrSikora
Copy link
Contributor

@kyessenov RBE cache is busted, you need to merge master to re-kick the macOS test.

@lizan
Copy link
Member

lizan commented Oct 27, 2020

@moderation or @htuch are you ok with this?

moderation
moderation suggested changes Oct 27, 2020
View reviewed changes
Copy link
Contributor

@moderation moderation left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A TODO explaining this patch is required until the new protobuf is released would be good, but otherwise looks OK

bazel/repositories.bzl Outdated
Comment on lines 351 to 356
external_http_archive(
"com_google_cel_cpp",
patch_args = ["-p1"],
# Patches to remove "fast" protobuf-internal access
patches = ["@envoy//bazel:cel-cpp.patch"],
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a TODO explaining when / how the patch can be removed upon protobuf and cel-cpp update?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added an explanation.

@kyessenov
explanation
b168d80 
Signed-off-by: Kuat Yessenov <kuat@google.com>
@moderation
Copy link
Contributor

/lgtm deps

@repokitteh-read-only repokitteh-read-only bot removed the deps Approval required for changes to Envoy's external dependencies label Oct 27, 2020
@lizan lizan self-assigned this Oct 27, 2020
kyessenov added a commit to istio/envoy that referenced this pull request Oct 27, 2020
@kyessenov
cherry-pick of envoyproxy#13739
f18fa4c 
Signed-off-by: Kuat Yessenov <kuat@google.com>
istio-testing pushed a commit to istio/envoy that referenced this pull request Oct 28, 2020
@kyessenov
cherry-pick of envoyproxy#13739 (#279)
cdbfe70 
Signed-off-by: Kuat Yessenov <kuat@google.com>
@mattklein123 mattklein123 merged commit b80c68b into envoyproxy:master Oct 28, 2020
mpuncel added a commit to mpuncel/envoy that referenced this pull request Oct 30, 2020
@mpuncel
Merge branch 'master' into mpuncel/http2-hc-goaway
0d57547 
* master: (83 commits)
  tls: Typesafe tls slots (envoyproxy#13789)
  docs(example): Correct URL for caching example page (envoyproxy#13810)
  [fuzz] Made health check fuzz more efficient (envoyproxy#13747)
  rtds: properly scope rtds stats (envoyproxy#13764)
  http: fixing a bug with IPv6 hosts (envoyproxy#13798)
  connection: Remember transport socket read resumption requests and replay them when re-enabling read. (envoyproxy#13772)
  network: adding some accessors for ALPN work. (envoyproxy#13785)
  docs: added a step about how to handle platform specific extensions (envoyproxy#13759)
  Fix identation in ip transparency code snippet (envoyproxy#13743)
  wasm: enable WAVM's stack unwinding feature (envoyproxy#13792)
  log: set route name for direct response (envoyproxy#13683)
  Use nghttp2 as external dependsncy in protocol_constraints_lib (envoyproxy#13763)
  [Windows] Update windows dev docs (envoyproxy#13741)
  cel: patch thread safety issue (envoyproxy#13739)
  Windows: Fix ssl_socket_test (envoyproxy#13264)
  apple dns: add fake api test suite (envoyproxy#13780)
  overload: scale selected timers in response to load (envoyproxy#13475)
  examples: Add dynamic configuration (control plane) sandbox (envoyproxy#13746)
  Removed exception in getResponseStatus() (envoyproxy#13314)
  network: add timeout for transport connect (envoyproxy#13610)
  ...

Signed-off-by: Michael Puncel <mpuncel@squareup.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moderation moderation moderation requested changes

@lizan lizan lizan approved these changes

Assignees

@lizan lizan

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@kyessenov @moderation @PiotrSikora @lizan @mattklein123