RLQS: Improve timer lifetime management#44236
RLQS: Improve timer lifetime management#44236yanavlasov wants to merge 3 commits intoenvoyproxy:mainfrom
Conversation
Signed-off-by: Yan Avlasov <yavlasov@google.com>
|
@bsurber for review |
bsurber
left a comment
bsurber
left a comment
There was a problem hiding this comment.
LGTM once you have the last bit of coverage
|
Seems the coverage is broken. |
|
/gemini review |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request refactors the lifetime management of the rate limit quota filter's global client and associated resources by transitioning to shared_ptr and weak_ptr patterns. By introducing a TlsStore to anchor these resources, the changes ensure that the global client and thread-local bucket caches remain valid throughout the filter's lifecycle. Additionally, GlobalRateLimitClientImpl now utilizes std::enable_shared_from_this to safely handle asynchronous tasks on the main dispatcher. Review feedback suggests capturing the dispatcher by reference or retrieving it from the store object within the TlsStore deleter to enhance code clarity and safety.
| auto deleter = [main_dispatcher = &dispatcher](TlsStore* store) { | ||
| if (main_dispatcher->isThreadSafe()) { | ||
| delete store; | ||
| } else { | ||
| main_dispatcher->post([store]() { delete store; }); | ||
| } | ||
| }; |
There was a problem hiding this comment.
Capturing the dispatcher by pointer &dispatcher is safe here because the main thread dispatcher in Envoy is a long-lived object that outlives the filter factories and filters. However, for clarity and to avoid any potential issues with pointer validity if the context were different, it is recommended to capture the dispatcher by reference or retrieve it from the store object inside the deleter (since TlsStore holds a reference to it). This aligns with the repository guideline that in complex code, it is acceptable to keep cheap safety checks for added safety.
References
- In complex code, it is acceptable to keep cheap safety checks, even if they appear redundant, for added safety.
tyxia
left a comment
tyxia
left a comment
There was a problem hiding this comment.
Nice change! Thanks @yanavlasov ! Please fix the test coverage failure
✗ source/extensions/filters/http/rate_limit_quota: 96.5% (threshold: 96.6%)
Signed-off-by: Yan Avlasov <yavlasov@google.com>
|
/retest |
4 participants
Risk Level: medium
Testing: unit tests
Docs Changes: n/a
Release Notes: n/a
Platform Specific Features: n/a