HPCC-31130 Handle MP accept connection negotiations asynchronously

[jakesmith]

And handoff slow/blocking connection negotiations to separate dedicated thread.

Type of change:

• This change is a bug fix (non-breaking change which fixes an issue).
• This change is a new feature (non-breaking change which adds functionality).
• This change improves the code (refactor or other change that does not change the functionality)
• This change fixes warnings (the fix does not alter the functionality or the generated code)
• This change is a breaking change (fix or feature that will cause existing behavior to change).
• This change alters the query API (existing queries will have to be recompiled)

Checklist:

• My code follows the code style of this project.
  • My code does not create any new warnings from compiler, build system, or lint.
• The commit message is properly formatted and free of typos.
  • The commit message title makes sense in a changelog, by itself.
  • The commit is signed.
• My change requires a change to the documentation.
  • I have updated the documentation accordingly, or...
  • I have created a JIRA ticket to update the documentation.
  • Any new interfaces or exported functions are appropriately commented.
• I have read the CONTRIBUTORS document.
• The change has been fully tested:
  • I have added tests to cover my changes.
  • All new and existing tests passed.
  • I have checked that this change does not introduce memory leaks.
  • I have used Valgrind or similar tools to check for potential issues.
• I have given due consideration to all of the following potential concerns:
  • Scalability
  • Performance
  • Security
  • Thread-safety
  • Cloud-compatibility
  • Premature optimization
  • Existing deployed queries will not be broken
  • This change fixes the problem, not just the symptom
  • The target branch of this pull request is appropriate for such a change.
• There are no similar instances of the same problem that should be addressed
  • I have addressed them here
  • I have raised JIRA issues to address them separately
• This is a user interface / front-end modification
  • I have tested my changes in multiple modern browsers
  • The component(s) render as expected

Smoketest:

• Send notifications about my Pull Request position in Smoketest queue.
• Test my draft Pull Request.

Testing:

[jakesmith]

@mckellyln - please review.
It is worth noting, that the code in handleAcceptedSocket is an almost wholesale move of the code that used to be in CMPConnectThread::run()

[github-actions]

https://track.hpccsystems.com/browse/HPCC-31130
This pull request is already registered

[mckellyln]

Should stopped be std::atomic ?

[jakesmith]

probably, I'll change it.

[mckellyln]

Why try for 5000 ms before handing off to async thread(s) ? Why not just always use async thread(s) ?
Maybe almost same thing if we change 5000 ms here to 100 ms or something very short ..

[jakesmith]

It does always use an async thread - this code is in in CMPConnectionThread::threadmain (a thread in the pool).

What it's doing here (within a thread of the pool), is handing this connection off, to outside the thread pool, to a separate 'slow' handler, so pool doesn't clog up.

[jakesmith]

@mckellyln - made 'stopped' an atomic, and see reply re. other question.

[mckellyln]

I've done some testing and this PR looks good, but I can still get some bad behavior when a rogue client connects to Thor and sends in various amounts of garbage data. I have created https://track.hpccsystems.com/browse/HPCC-31251 for additional work on this.

[mckellyln]

I approve this PR.

[ghalliday]

@jakesmith please can you add a summary of the solution to the jira.

[jakesmith]

@jakesmith please can you add a summary of the solution to the jira.

Added. Also noticed a problem with the way the optional config. option was being picked up in k8s. Addressed in new commit.
@ghalliday

[ghalliday]

@jakesmith A couple of problems and a few minor other comments.

[ghalliday]

This needs to be protected within the critical section - otherwise it could get an invalid item. Theoretically the empty() call needs to be as well - on a chip with a very weak memory model..

[jakesmith]

I will put both in crit block.

[ghalliday]

Is it safe to call close() on a socket that is currently being listened to on another thread? (If stop is called while waiting for a slow response). From memory it can be complicated.

[jakesmith]

it will potentially currently being read from (CSocket::readtms) at this point, and on a ::poll call.

I think socket::close() will cause the poll to quit (I did test this scenario).
I thought it was a used technique elsewhere.

@mckellyln - what are your thoughts on this/interrupting the read?

[jakesmith]

reading up, I think it is unsafe, also, the handling of getting slowClientsSocks.back() in crit, then later calling pop_back() is unsafe is new items are being added.

I am going to remove the socket from the slowClientsSocks before calling handleAcceptedSocket.
It will mean it can't be interrupted and will timeout, but that's not really a problem, just a theoretical slightly longer delay during shutdown if happens to be on a stalling socket.

[ghalliday]

This will leak sock.
I'm not sure what is the cleanest pattern to implement this. Possibly pass an Owned or link the socket....

[jakesmith]

I think it's safe to assume it will get to the emplace_back once past this point (and thus own).
So a specific sock->Release here if stopped is a reasonable resolution.

[ghalliday]

Worth commenting that stop the listening threads first in case any get added to the stop processor?

[jakesmith]

I'll move the join for this (CMPConnectThread) accept thread ahead of this, and add a comment.

[ghalliday]

CFactory: The name could be more descriptive - what is it a factory for?

[jakesmith]

Will rename to CMPConnectThreadFactory.
I do tend to use generic names if inline classes are used and therefore implicitly relevant to the surrounding code.

[ghalliday]

threadPool could be null if the pool size is set to 0

[jakesmith]

yes, will add a check.

[ghalliday]

spurious (almost) copy of the next line on the end of the comment.

[jakesmith]

ah yes, couldn't even spot it in vscode at first!
Will remove.

[ghalliday]

Not worth changing, but it is counter-intuitive that a function called handleAcceptedSocket() returns true if it fails to handle it.

[jakesmith]

agree, and pondered this, but really true|false is insufficient. As it stands returning false means it did not timeout, but it doesn't mean it succeeded. Various failure conditions also return false.
So really it should return a state, but I only care about 1 of them (timeout).

[jakesmith]

@ghalliday - please see new commit.

[ghalliday]

@jakesmith please squash

[jakesmith]

@jakesmith please squash

@ghalliday - done