ros2/rclcpp

Honor the user holding onto shared_ptrs during subscription callbacks

clalancette opened this issue · 4 comments

While debugging ros2/rmw_cyclonedds#469 , we found that loaned messages do not properly honor the user holding onto shared_ptrs. In particular, if you look at the code in

if (subscription->can_loan_messages()) {
// This is the case where a loaned message is taken from the middleware via
// inter-process communication, given to the user for their callback,
// and then returned.
void * loaned_msg = nullptr;
// TODO(wjwwood): refactor this into methods on subscription when LoanedMessage
// is extened to support subscriptions as well.
take_and_do_error_handling(
"taking a loaned message from topic",
subscription->get_topic_name(),
[&]()
{
rcl_ret_t ret = rcl_take_loaned_message(
subscription->get_subscription_handle().get(),
&loaned_msg,
&message_info.get_rmw_message_info(),
nullptr);
if (RCL_RET_SUBSCRIPTION_TAKE_FAILED == ret) {
return false;
} else if (RCL_RET_OK != ret) {
rclcpp::exceptions::throw_from_rcl_error(ret);
}
return true;
},
[&]() {subscription->handle_loaned_message(loaned_msg, message_info);});
if (nullptr != loaned_msg) {
rcl_ret_t ret = rcl_return_loaned_message_from_subscription(
subscription->get_subscription_handle().get(), loaned_msg);
if (RCL_RET_OK != ret) {
RCLCPP_ERROR(
rclcpp::get_logger("rclcpp"),
"rcl_return_loaned_message_from_subscription() failed for subscription on topic "
"'%s': %s",
subscription->get_topic_name(), rcl_get_error_string().str);
}
loaned_msg = nullptr;
}
, you can see that the executor always immediately returns the loan to the rmw layer, regardless of whether the user took a shared_ptr reference.

We have worked around this for now by disabling loans by default, but that is not an ideal solution. Instead, what we should do is make a custom destructor for the shared_ptr that we create, which is responsible for returning the loan to the rmw layer. With that in place, we could turn loans back on, and still be safe when users take shared_ptr references.

sgf201 commented

rmw_cyclonedds_cpp needs a deep refact to solve the allocator problem if making a custom destructor for the shared_ptr
eclipse-iceoryx/iceoryx#2159

This issue has been mentioned on ROS Discourse. There might be relevant details there:

https://discourse.ros.org/t/client-library-wg-meeting/37915/1

@sgf201 how is an allocator involved at this level? What @clalancette is mentioning is the logic in our loaned message wrapper in C++, which just wraps the rmw layer. I don't think an allocator needs to be passed from user space to the rmw impl or vice versa. The allocation of the loaned message's memory is completely up to the rmw implementation.

@wjwwood I agree with your point, this issue should indeed be handled at the RMW layer. I'm not very familiar with the other RMW implementations, but in rmw_cyclonedds_cpp, they have implemented the loan API using iceoryx. Additionally, for serialized messages within the same host, they also use iceoryx to pass the serialized messages. This means the subscribers may receive two types of messages - the loan messages that do not require deserialization, and the messages passed through iceoryx that need to be deserialized,and then stored in heap. The handling of message space release differs between these two types of messages when returning the shared pointers. This means that when fully implementing the shared pointer lifecycle, the issue of proper message space release needs to be carefully handle.
I thought that allowing iceoryx subscribers to loan buffer may have been a relatively simple way to simplify the implementation of rmw_cyclonedds_cpp. However, this approach indeed should not involve iceoryx considering it.
eclipse-iceoryx/iceoryx#2159