Merge pull request #2443 from gpalmer-latai/iox-2440-chunk-management-race

elBoberido · web-flow · commit f3ccf20ab53d · 2025-04-01T17:33:11.000+02:00
iox-#2440 Fix race condition that can cause failed chunk management a…
diff --git a/doc/website/release-notes/iceoryx-unreleased.md b/doc/website/release-notes/iceoryx-unreleased.md
@@ -156,6 +156,7 @@
 - Fix windows performance issue [#2377](https://github.com/eclipse-iceoryx/iceoryx/issues/2377)
 - Max Client and Server cannot be configured independently of Max Publisher and Subscriber [#2394](https://github.com/eclipse-iceoryx/iceoryx/issues/2394)
 - Fix call to non-existing `getService` in channel.inl [#2426](https://github.com/eclipse-iceoryx/iceoryx/issues/2426)
+- Fix chunk management race condition causing failed management allocation [#2440](https://github.com/eclipse-iceoryx/iceoryx/issues/2440)
 
 **Refactoring:**
 
diff --git a/iceoryx_posh/include/iceoryx_posh/internal/mepoo/memory_manager.hpp b/iceoryx_posh/include/iceoryx_posh/internal/mepoo/memory_manager.hpp
@@ -1,5 +1,6 @@
 // Copyright (c) 2019 - 2020 by Robert Bosch GmbH. All rights reserved.
 // Copyright (c) 2021 - 2022 by Apex.AI Inc. All rights reserved.
+// Copyright (c) 2025 by Latitude AI. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -72,6 +73,10 @@ class MemoryManager
     /// @return a SharedChunk if successful, otherwise a MemoryManager::Error
     expected<SharedChunk, Error> getChunk(const ChunkSettings& chunkSettings) noexcept;
 
+    /// @brief Release a chunk back to the mempools
+    /// @param[in] chunkManagement Management for the chunk
+    static void freeChunk(ChunkManagement& chunkManagement) noexcept;
+
     uint32_t getNumberOfMemPools() const noexcept;
 
     MemPoolInfo getMemPoolInfo(const uint32_t index) const noexcept;
diff --git a/iceoryx_posh/include/iceoryx_posh/internal/mepoo/shared_chunk.hpp b/iceoryx_posh/include/iceoryx_posh/internal/mepoo/shared_chunk.hpp
@@ -1,5 +1,6 @@
 // Copyright (c) 2019 by Robert Bosch GmbH. All rights reserved.
 // Copyright (c) 2021 - 2022 by Apex.AI Inc. All rights reserved.
+// Copyright (c) 2025 by Latitude AI. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -64,7 +65,6 @@ class SharedChunk
   private:
     void decrementReferenceCounter() noexcept;
     void incrementReferenceCounter() noexcept;
-    void freeChunk() noexcept;
 
   private:
     ChunkManagement* m_chunkManagement{nullptr};
diff --git a/iceoryx_posh/source/mepoo/memory_manager.cpp b/iceoryx_posh/source/mepoo/memory_manager.cpp
@@ -1,5 +1,6 @@
 // Copyright (c) 2019 - 2020 by Robert Bosch GmbH. All rights reserved.
 // Copyright (c) 2020 - 2022 by Apex.AI Inc. All rights reserved.
+// Copyright (c) 2025 by Latitude AI. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -206,6 +207,19 @@ expected<SharedChunk, MemoryManager::Error> MemoryManager::getChunk(const ChunkS
     }
 }
 
+void MemoryManager::freeChunk(ChunkManagement& chunkManagement) noexcept
+{
+    const auto* chunkHeader = static_cast<void*>(chunkManagement.m_chunkHeader.get());
+    const auto mempool = chunkManagement.m_mempool;
+
+    // Here the chunk management must be freed before the chunk itself to maintain
+    // the invariant that there are always at least as many chunk management chunks available as payload chunks
+    chunkManagement.m_chunkManagementPool->freeChunk(&chunkManagement);
+    // NOTE: chunkManagement is a dangling reference from here on out
+
+    mempool->freeChunk(chunkHeader);
+}
+
 std::ostream& operator<<(std::ostream& stream, const MemoryManager::Error value) noexcept
 {
     stream << asStringLiteral(value);
diff --git a/iceoryx_posh/source/mepoo/shared_chunk.cpp b/iceoryx_posh/source/mepoo/shared_chunk.cpp
@@ -1,5 +1,6 @@
 // Copyright (c) 2019 by Robert Bosch GmbH. All rights reserved.
 // Copyright (c) 2021 - 2022 by Apex.AI Inc. All rights reserved.
+// Copyright (c) 2025 by Latitude AI. All rights reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -16,6 +17,7 @@
 // SPDX-License-Identifier: Apache-2.0
 
 #include "iceoryx_posh/internal/mepoo/shared_chunk.hpp"
+#include "iceoryx_posh/internal/mepoo/memory_manager.hpp"
 
 namespace iox
 {
@@ -54,17 +56,11 @@ void SharedChunk::decrementReferenceCounter() noexcept
     if ((m_chunkManagement != nullptr)
         && (m_chunkManagement->m_referenceCounter.fetch_sub(1U, std::memory_order_relaxed) == 1U))
     {
-        freeChunk();
+        MemoryManager::freeChunk(*m_chunkManagement);
+        m_chunkManagement = nullptr;
     }
 }
 
-void SharedChunk::freeChunk() noexcept
-{
-    m_chunkManagement->m_mempool->freeChunk(static_cast<void*>(m_chunkManagement->m_chunkHeader.get()));
-    m_chunkManagement->m_chunkManagementPool->freeChunk(m_chunkManagement);
-    m_chunkManagement = nullptr;
-}
-
 SharedChunk& SharedChunk::operator=(const SharedChunk& rhs) noexcept
 {
     if (this != &rhs)
