Avoid sending EndStream after RST_STREAM with dedicated lock (#54552)

alnikola · web-flow · commit 5d29560a92ba · 2021-06-29T19:59:58.000+02:00
A race condition between sending RST_STREAM and checking conditions for sending EndStream was discovered during stress testing. It happens to be possible that in time after Http2Stream [checked the _responseCompletionState](https://github.com/dotnet/runtime/blob/183c4d100f68fb6c177a1fe71809d581aa25e47b/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/Http2Stream.cs#L275) and [actually send EndStream](https://github.com/dotnet/runtime/blob/183c4d100f68fb6c177a1fe71809d581aa25e47b/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/Http2Stream.cs#L288), a concurrent call to [Cancel method sends a RST_STREAM frame](https://github.com/dotnet/runtime/blob/183c4d100f68fb6c177a1fe71809d581aa25e47b/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/Http2Stream.cs#L389). Such reordering is disallowed by HTTP/2 protocol. Note: The issue and fix were verified manually under the debugger because currently it's not clear how to reliably simulate that situation. Fixes #42200
diff --git a/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/Http2Stream.cs b/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/Http2Stream.cs
@@ -245,9 +245,10 @@ public async Task SendRequestBodyAsync(CancellationToken cancellationToken)
 
                         _requestCompletionState = StreamCompletionState.Failed;
                         Complete();
+
+                        SendReset();
                     }
 
-                    SendReset();
                     if (signalWaiter)
                     {
                         _waitSource.SetResult(true);
@@ -275,17 +276,17 @@ public async Task SendRequestBodyAsync(CancellationToken cancellationToken)
                             sendReset = _responseCompletionState == StreamCompletionState.Failed;
                             Complete();
                         }
-                    }
 
-                    if (sendReset)
-                    {
-                        SendReset();
-                    }
-                    else
-                    {
-                        // Send EndStream asynchronously and without cancellation.
-                        // If this fails, it means that the connection is aborting and we will be reset.
-                        _connection.LogExceptions(_connection.SendEndStreamAsync(StreamId));
+                        if (sendReset)
+                        {
+                            SendReset();
+                        }
+                        else
+                        {
+                            // Send EndStream asynchronously and without cancellation.
+                            // If this fails, it means that the connection is aborting and we will be reset.
+                            _connection.LogExceptions(_connection.SendEndStreamAsync(StreamId));
+                        }
                     }
                 }
             }
@@ -325,7 +326,7 @@ public async ValueTask<bool> WaitFor100ContinueAsync(CancellationToken cancellat
 
             private void SendReset()
             {
-                Debug.Assert(!Monitor.IsEntered(SyncObject));
+                Debug.Assert(Monitor.IsEntered(SyncObject));
                 Debug.Assert(_requestCompletionState != StreamCompletionState.InProgress);
                 Debug.Assert(_responseCompletionState != StreamCompletionState.InProgress);
                 Debug.Assert(_requestCompletionState == StreamCompletionState.Failed || _responseCompletionState == StreamCompletionState.Failed,
@@ -336,6 +337,8 @@ private void SendReset()
                 // Don't send a RST_STREAM if we've already received one from the server.
                 if (_resetException == null)
                 {
+                    // If execution reached this line, it's guaranteed that
+                    // _requestCompletionState == StreamCompletionState.Failed or _responseCompletionState == StreamCompletionState.Failed
                     _connection.LogExceptions(_connection.SendRstStreamAsync(StreamId, Http2ProtocolErrorCode.Cancel));
                 }
             }
@@ -384,9 +387,12 @@ private void Cancel()
                 // When cancellation propagates, SendRequestBodyAsync will set _requestCompletionState to Failed
                 requestBodyCancellationSource?.Cancel();
 
-                if (sendReset)
+                lock (SyncObject)
                 {
-                    SendReset();
+                    if (sendReset)
+                    {
+                        SendReset();
+                    }
                 }
 
                 if (signalWaiter)

Original file line number	Diff line number	Diff line change
`@@ -245,9 +245,10 @@ public async Task SendRequestBodyAsync(CancellationToken cancellationToken)`
`245`	`245`
`246`	`246`	`_requestCompletionState = StreamCompletionState.Failed;`
`247`	`247`	`Complete();`
	`248`	`+`
	`249`	`+ SendReset();`
`248`	`250`	`}`
`249`	`251`
`250`		`- SendReset();`
`251`	`252`	`if (signalWaiter)`
`252`	`253`	`{`
`253`	`254`	`_waitSource.SetResult(true);`
`@@ -275,17 +276,17 @@ public async Task SendRequestBodyAsync(CancellationToken cancellationToken)`
`275`	`276`	`sendReset = _responseCompletionState == StreamCompletionState.Failed;`
`276`	`277`	`Complete();`
`277`	`278`	`}`
`278`		`- }`
`279`	`279`
`280`		`- if (sendReset)`
`281`		`- {`
`282`		`- SendReset();`
`283`		`- }`
`284`		`- else`
`285`		`- {`
`286`		`- // Send EndStream asynchronously and without cancellation.`
`287`		`- // If this fails, it means that the connection is aborting and we will be reset.`
`288`		`- _connection.LogExceptions(_connection.SendEndStreamAsync(StreamId));`
	`280`	`+ if (sendReset)`
	`281`	`+ {`
	`282`	`+ SendReset();`
	`283`	`+ }`
	`284`	`+ else`
	`285`	`+ {`
	`286`	`+ // Send EndStream asynchronously and without cancellation.`
	`287`	`+ // If this fails, it means that the connection is aborting and we will be reset.`
	`288`	`+ _connection.LogExceptions(_connection.SendEndStreamAsync(StreamId));`
	`289`	`+ }`
`289`	`290`	`}`
`290`	`291`	`}`
`291`	`292`	`}`
`@@ -325,7 +326,7 @@ public async ValueTask<bool> WaitFor100ContinueAsync(CancellationToken cancellat`
`325`	`326`
`326`	`327`	`private void SendReset()`
`327`	`328`	`{`
`328`		`- Debug.Assert(!Monitor.IsEntered(SyncObject));`
	`329`	`+ Debug.Assert(Monitor.IsEntered(SyncObject));`
`329`	`330`	`Debug.Assert(_requestCompletionState != StreamCompletionState.InProgress);`
`330`	`331`	`Debug.Assert(_responseCompletionState != StreamCompletionState.InProgress);`
`331`	`332`	`Debug.Assert(_requestCompletionState == StreamCompletionState.Failed \|\| _responseCompletionState == StreamCompletionState.Failed,`
`@@ -336,6 +337,8 @@ private void SendReset()`
`336`	`337`	`// Don't send a RST_STREAM if we've already received one from the server.`
`337`	`338`	`if (_resetException == null)`
`338`	`339`	`{`
	`340`	`+ // If execution reached this line, it's guaranteed that`
	`341`	`+ // _requestCompletionState == StreamCompletionState.Failed or _responseCompletionState == StreamCompletionState.Failed`
`339`	`342`	`_connection.LogExceptions(_connection.SendRstStreamAsync(StreamId, Http2ProtocolErrorCode.Cancel));`
`340`	`343`	`}`
`341`	`344`	`}`
`@@ -384,9 +387,12 @@ private void Cancel()`
`384`	`387`	`// When cancellation propagates, SendRequestBodyAsync will set _requestCompletionState to Failed`
`385`	`388`	`requestBodyCancellationSource?.Cancel();`
`386`	`389`
`387`		`- if (sendReset)`
	`390`	`+ lock (SyncObject)`
`388`	`391`	`{`
`389`		`- SendReset();`
	`392`	`+ if (sendReset)`
	`393`	`+ {`
	`394`	`+ SendReset();`
	`395`	`+ }`
`390`	`396`	`}`
`391`	`397`
`392`	`398`	`if (signalWaiter)`