Skip to content

Fix task cancellation, session token expiry, and resource management#12

Merged
ashaffah merged 5 commits into
mainfrom
fix/modbus-slave-task-leak
Jun 26, 2026
Merged

Fix task cancellation, session token expiry, and resource management#12
ashaffah merged 5 commits into
mainfrom
fix/modbus-slave-task-leak

Conversation

@ashaffah

Copy link
Copy Markdown
Owner

This pull request introduces several improvements to resource management and safety across the codebase, including session expiration for authentication tokens, bounded resource usage in node channels, and improved handling of MQTT shared connections. It also adds tests to ensure correct behavior and prevent resource leaks.

Authentication improvements:

  • Session tokens in Auth now have an expiration time (SESSION_TTL) and are automatically pruned when expired, preventing unbounded memory usage from stale tokens. Validation now checks for expiry, and tests were added for session lifecycle. [1] [2] [3] [4] [5] [6]

Node/channel resource management:

  • Link channels in link.rs now use reference counting to track active users and automatically remove unused channels, preventing memory leaks over repeated deployments. Tests verify that channels are removed when no longer referenced. [1] [2] [3] [4] [5]

Delay node improvements:

  • The delay node now tracks and aborts in-flight delay tasks when stopped, ensuring no orphaned tasks remain. [1] [2] [3]

MQTT connection safety:

  • get_or_create in mqtt_shared.rs now avoids holding the global registry lock while building new connections (which could panic), and ensures only a single shared connection exists per key, aborting redundant drivers if necessary. [1] [2] [3]

JavaScript node safety:

  • The JS function node now enforces a maximum loop iteration limit to prevent runaway scripts, matching the safety of Rhai and WASM nodes. Tests were added for both normal operation and infinite loop handling. [1] [2] [3]

ashaffah added 5 commits June 26, 2026 12:44
Delay mode spawned a detached task per message; on stop they were not
cancelled (lingering up to the delay), and the handles were never
tracked. Hold them in AbortOnDrop guards (pruning finished ones so the
list stays bounded) so pending delays are aborted when the node stops.
Session tokens were kept in a set forever (removed only on logout), so
repeated logins grew it unbounded. Store each token with a 7-day expiry,
prune expired entries on login, and treat expired tokens as invalid.

Add a session issue/validate/revoke round-trip test.
get_or_create held the global registry mutex while calling build(), which
for tls/wss constructs a TLS config that can panic on unreadable platform
certs — poisoning the mutex and breaking all future MQTT connects. Build
outside the lock and double-check on insert (a concurrent task may have
created the same connection meanwhile, in which case the redundant one is
discarded). Confines a build panic to the one node.
The link registry kept a broadcast channel per name forever; over many
deploys with distinct names it grew unbounded. Refcount each name and
remove its channel when the last link-in/out using it stops (via an
RAII guard). Add a test that the entry is removed on last release.
The js function language had no execution cap, so a `while (true) {}`
script occupied a blocking thread forever (rhai is capped by operations,
WASM by fuel — only js was unbounded). Set boa's loop-iteration limit so
runaway loops error out. Add transform + runaway-loop tests.
@ashaffah ashaffah merged commit 13c7f8d into main Jun 26, 2026
1 check passed
@ashaffah ashaffah deleted the fix/modbus-slave-task-leak branch July 1, 2026 02:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant