Closed LasseBlaauwbroek closed 9 months ago
We have encountered what seems to be a related issue. We develop a C++ library that links statically to capnproto. This library can be used in Python as well through Python bindings. It seems that when we import our library before pycapnp, the event loop is not created and pycanp encounters a null point dereference when getting the event loop.
Having an explicit context instead of relying on global thread variables (as it seems to be the case for the event loop), would probably help us.
After getting a ping from @tobiasah: I believe that this is ready for review/merging. After this is merged, and https://github.com/capnproto/pycapnp/issues/323 is fixed, I'd suggest making a 2.0~beta release.
This is me trying some things out. I'm aware that @haata hasn't signed off on #316 yet.
The main goal of this PR is to program defenses into Pycapnp such that a segfault can never be triggered from Python code. To achieve this, I've used the following strategy:
async with capnp.kj_loop():
.AsyncIoStream
's, (2) openTwoPartyServer
's andTwoPartyClient
's and (3) ongoing capability method calls.RpcSystem
andVatNetwork
associated with any servers and clients (without actually killing the python-level server and client objects, but they do become unusable). This is because when you destroy these C++ objects, they schedule a task in the KJ loop. So we have to destroy these objects before destroying the loop.CapabilityClient
objects around that are backed by a closedTwoPartyClient
. We need to guard any method call on those to ensure we don't segfault.I've added a bunch of tests that used to segfault. Most likely there are more, but my theory is that with the current approach, we can solve all of those.
Feedback from @haata and @kentonv is appreciated on the validity of this approach.
Fixes #316