fix(console): prevent panics if subscriber reports out-of-order times #295

thombles · 2022-02-20T11:15:37Z

Changes duration_since and unchecked subtractions to assume
Duration::ZERO (via Default) if the alternative would be a crash.

If the subscriber reports nonsensical data this can result in negative
Durations in console's calculations, leading to panics. This has already
happened inadvertently. All changed code relates directly to received
protobuf data whose validity isn't guaranteed.

Relates to #266 (crash) and #289 (fix for root cause)

There are a handful of other unwraps/expects I'm not so sure about. These ones looked like pretty clear-cut cases where panicking is possible, undesirable, and clamping to zero is a reasonable response.

tokio-console is now at v0.1.2.

Changes duration_since and unchecked subtractions to assume Duration::ZERO (via Default) if the alternative would be a crash. If the subscriber reports nonsensical data this can result in negative Durations in console's calculations, leading to panics. This has already happened inadvertently. All changed code relates directly to received protobuf data whose validity isn't guaranteed. Relates to tokio-rs#266 (crash) and tokio-rs#289 (fix for root cause)

hawkw

overall, this looks good to me --- i left some minor style suggestions, but it's up to you whether you think my suggested code is more readable or not. thanks!

tokio-console/src/state/async_ops.rs

hawkw · 2022-03-04T17:46:10Z

tokio-console/src/state/resources.rs

+        self.stats.total.unwrap_or_else(|| {
+            since
+                .duration_since(self.stats.created_at)
+                .unwrap_or_default()
+        })


nit, take it or leave it: consider

Suggested change

self.stats.total.unwrap_or_else(|| {

since

.duration_since(self.stats.created_at)

.unwrap_or_default()

})

self.stats

.total

.or_else(|| since.duration_since(self.stats.created_at).ok())

.unwrap_or_default()

tokio-console/src/state/tasks.rs

## 0.1.3 (2022-03-09) #### Bug Fixes * exit crossterm before printing panic messages (#307) ([43606b9](43606b9)) * prevent panics if subscriber reports out-of-order times (#295) ([80d7f42](80d7f42)) #### Features * add icon representing column sorting state (#301) ([b9e0a22](b9e0a22))

thombles added 2 commits February 20, 2022 21:24

chore: update internal lock file

8734f16

tokio-console is now at v0.1.2.

thombles force-pushed the tk/reducing-panics branch from ff48887 to 15e1618 Compare February 20, 2022 11:17

hawkw approved these changes Mar 4, 2022

View reviewed changes

Apply suggestions from code review

8eae691

hawkw enabled auto-merge (squash) March 7, 2022 17:47

Merge branch 'main' into tk/reducing-panics

fc40fba

hawkw merged commit 80d7f42 into tokio-rs:main Mar 7, 2022

hawkw mentioned this pull request Mar 9, 2022

chore(console): prepare to release v0.1.3 #309

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(console): prevent panics if subscriber reports out-of-order times #295

fix(console): prevent panics if subscriber reports out-of-order times #295

thombles commented Feb 20, 2022

hawkw left a comment

hawkw Mar 4, 2022

fix(console): prevent panics if subscriber reports out-of-order times #295

fix(console): prevent panics if subscriber reports out-of-order times #295

Conversation

thombles commented Feb 20, 2022

hawkw left a comment

Choose a reason for hiding this comment

hawkw Mar 4, 2022

Choose a reason for hiding this comment