gRPC: fix bugs found during testing (#2039)

All in `GrpcStream`:
* make sure there are no pending completions when "finish" operation is enqueued;
* always finish gRPC calls;
* when connectivity changes, reset not just the calls, but the underlying channel as well.

Author: var-const

Firestore/Example/Firestore.xcodeproj/xcshareddata/xcschemes/Firestore_IntegrationTests_iOS.xcscheme

@@ -26,6 +26,8 @@
       buildConfiguration = "Debug"
       selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      enableASanStackUseAfterReturn = "YES"
+      enableThreadSanitizer = "YES"
       shouldUseLaunchSchemeArgsEnv = "YES">
       <Testables>
          <TestableReference

Firestore/Example/Firestore.xcodeproj/xcshareddata/xcschemes/Firestore_Tests_iOS.xcscheme

@@ -26,6 +26,8 @@
       buildConfiguration = "Debug"
       selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+      enableASanStackUseAfterReturn = "YES"
+      enableThreadSanitizer = "YES"
       shouldUseLaunchSchemeArgsEnv = "YES">
       <Testables>
          <TestableReference

Firestore/core/src/firebase/firestore/remote/grpc_connection.mm

@@ -227,6 +227,11 @@ bool HasSpecialConfig(const std::string& host) {
           call->FinishAndNotify(Status{FirestoreErrorCode::Unavailable,
                                        "Network connectivity changed"});
         }
+        // The old channel may hang for a long time trying to reestablish
+        // connection before eventually failing. Note that gRPC Objective-C
+        // client does the same thing:
+        // https://github.com/grpc/grpc/blob/fe11db09575f2dfbe1f88cd44bd417acc168e354/src/objective-c/GRPCClient/private/GRPCHost.m#L309-L314
+        grpc_channel_.reset();
       });
 }
 

Firestore/core/src/firebase/firestore/remote/grpc_stream.cc

@@ -175,27 +175,20 @@ void GrpcStream::FinishAndNotify(const Status& status) {
 void GrpcStream::Shutdown() {
   MaybeUnregister();
   if (completions_.empty()) {
-    // Nothing to cancel.
+    // Nothing to cancel -- either the call was already finished, or it has
+    // never been started.
     return;
   }
 
   // Important: since the stream always has a pending read operation,
   // cancellation has to be called, or else the read would hang forever, and
   // finish operation will never get completed.
-  //
   // (on the other hand, when an operation fails, cancellation should not be
   // called, otherwise the real failure cause will be overwritten by status
   // "canceled".)
   context_->TryCancel();
-
-  // The observer is not interested in this event -- since it initiated the
-  // finish operation, the observer must know the reason.
-  GrpcCompletion* completion = NewCompletion(Type::Finish, {});
-  // TODO(varconst): is issuing a finish operation necessary in this case? We
-  // don't care about the status, but perhaps it will make the server notice
-  // client disconnecting sooner?
-  call_->Finish(completion->status(), completion);
-
+  FinishCall({});
+  // Wait until "finish" is off the queue.
   FastFinishCompletionsBlocking();
 }
 
@@ -206,6 +199,14 @@ void GrpcStream::MaybeUnregister() {
   }
 }
 
+void GrpcStream::FinishCall(const OnSuccess& callback) {
+  // All completions issued by this call must be taken off the queue before
+  // finish operation can be enqueued.
+  FastFinishCompletionsBlocking();
+  GrpcCompletion* completion = NewCompletion(Type::Finish, callback);
+  call_->Finish(completion->status(), completion);
+}
+
 void GrpcStream::FastFinishCompletionsBlocking() {
   // TODO(varconst): reset buffered_writer_? Should not be necessary, because it
   // should never be called again after a call to Finish.
@@ -276,29 +277,10 @@ void GrpcStream::OnWrite() {
 }
 
 void GrpcStream::OnOperationFailed() {
-  if (is_finishing_) {
-    // `Finish` itself cannot fail. If another failed operation already
-    // triggered `Finish`, there's nothing to do.
-    return;
-  }
-
-  is_finishing_ = true;
-
-  if (observer_) {
-    GrpcCompletion* completion =
-        NewCompletion(Type::Finish, [this](const GrpcCompletion* completion) {
-          OnFinishedByServer(*completion->status());
-        });
-    call_->Finish(completion->status(), completion);
-  } else {
-    // The only reason to finish would be to get the status; if the observer is
-    // no longer interested, there is no need to do that.
-    Shutdown();
-  }
-}
-
-void GrpcStream::OnFinishedByServer(const grpc::Status& status) {
-  FinishAndNotify(ConvertStatus(status));
+  FinishCall([this](const GrpcCompletion* completion) {
+    Status status = ConvertStatus(*completion->status());
+    FinishAndNotify(status);
+  });
 }
 
 void GrpcStream::RemoveCompletion(const GrpcCompletion* to_remove) {
@@ -315,7 +297,9 @@ GrpcCompletion* GrpcStream::NewCompletion(Type tag,
         RemoveCompletion(completion);
 
         if (ok) {
-          on_success(completion);
+          if (on_success) {
+            on_success(completion);
+          }
         } else {
           // Use the same error-handling for all operations; all errors are
           // unrecoverable.

Firestore/core/src/firebase/firestore/remote/grpc_stream.h

@@ -191,12 +191,16 @@ class GrpcStream : public GrpcCall {
   void OnRead(const grpc::ByteBuffer& message);
   void OnWrite();
   void OnOperationFailed();
-  void OnFinishedByServer(const grpc::Status& status);
   void RemoveCompletion(const GrpcCompletion* to_remove);
 
   using OnSuccess = std::function<void(const GrpcCompletion*)>;
   GrpcCompletion* NewCompletion(GrpcCompletion::Type type,
                                 const OnSuccess& callback);
+  // Finishes the underlying gRPC call. Must always be invoked on any call that
+  // was started. Presumes that any pending completions will quickly come off
+  // the queue and will block until they do, so this must only be invoked when
+  // the current call either failed (`OnOperationFailed`) or canceled.
+  void FinishCall(const OnSuccess& callback);
 
   // Blocks until all the completions issued by this stream come out from the
   // gRPC completion queue. Once they do, it is safe to delete this `GrpcStream`
@@ -227,8 +231,6 @@ class GrpcStream : public GrpcCall {
   internal::BufferedWriter buffered_writer_;
 
   std::vector<GrpcCompletion*> completions_;
-
-  bool is_finishing_ = false;
 };
 
 }  // namespace remote

Firestore/core/test/firebase/firestore/remote/grpc_stream_test.cc

@@ -149,6 +149,11 @@ class GrpcStreamTest : public testing::Test {
     return {states};
   }
 
+  void UnexpectedType(GrpcCompletion* completion) {
+    ADD_FAILURE() << "Unexpected completion type "
+                  << static_cast<int>(completion->type());
+  }
+
   AsyncQueue worker_queue;
 
   std::unique_ptr<ConnectivityMonitor> connectivity_monitor;
@@ -239,8 +244,7 @@ TEST_F(GrpcStreamTest, CanAddSeveralWrites) {
         completion->Complete(true);
         break;
       default:
-        ADD_FAILURE() << "Unexpected completion type "
-                      << static_cast<int>(completion->type());
+        UnexpectedType(completion);
         break;
     }
 
@@ -316,28 +320,31 @@ TEST_F(GrpcStreamTest, ErrorOnWrite) {
   });
 
   bool failed_write = false;
-  ForceFinish([&](GrpcCompletion* completion) {
+  auto future = tester.ForceFinishAsync([&](GrpcCompletion* completion) {
     switch (completion->type()) {
       case Type::Read:
-        completion->Complete(true);
-        break;
+        // After a write is failed, fail the read too.
+        completion->Complete(!failed_write);
+        return false;
 
       case Type::Write:
         failed_write = true;
         completion->Complete(false);
-        break;
+        return false;
+
+      case Type::Finish:
+        EXPECT_TRUE(failed_write);
+        *completion->status() = grpc::Status{grpc::ABORTED, ""};
+        completion->Complete(true);
+        return true;
 
       default:
-        ADD_FAILURE() << "Unexpected completion type "
-                      << static_cast<int>(completion->type());
-        break;
+        UnexpectedType(completion);
+        return false;
     }
-
-    return failed_write;
   });
-
-  ForceFinish(
-      {{Type::Read, Error}, {Type::Finish, grpc::Status{grpc::ABORTED, ""}}});
+  future.wait();
+  worker_queue.EnqueueBlocking([] {});
 
   EXPECT_EQ(observed_states().back(), "OnStreamFinish(Aborted)");
 }
@@ -351,25 +358,27 @@ TEST_F(GrpcStreamTest, ErrorWithPendingWrites) {
   });
 
   bool failed_write = false;
-  ForceFinish([&](GrpcCompletion* completion) {
+  auto future = tester.ForceFinishAsync([&](GrpcCompletion* completion) {
     switch (completion->type()) {
       case Type::Read:
-        completion->Complete(true);
-        break;
+        completion->Complete(!failed_write);
+        return false;
       case Type::Write:
         failed_write = true;
         completion->Complete(false);
-        break;
+        return false;
+      case Type::Finish:
+        EXPECT_TRUE(failed_write);
+        *completion->status() = grpc::Status{grpc::UNAVAILABLE, ""};
+        completion->Complete(true);
+        return true;
       default:
-        ADD_FAILURE() << "Unexpected completion type "
-                      << static_cast<int>(completion->type());
-        break;
+        UnexpectedType(completion);
+        return false;
     }
-
-    return failed_write;
   });
-  ForceFinish({{Type::Read, Error},
-               {Type::Finish, grpc::Status{grpc::UNAVAILABLE, ""}}});
+  future.wait();
+  worker_queue.EnqueueBlocking([] {});
 
   EXPECT_EQ(observed_states().back(), "OnStreamFinish(Unavailable)");
 }

Firestore/core/test/firebase/firestore/remote/grpc_streaming_reader_test.cc

@@ -214,31 +214,33 @@ TEST_F(GrpcStreamingReaderTest, ErrorOnWrite) {
   StartReader();
 
   bool failed_write = false;
-  // Callback is used because it's indeterminate whether one or two read
-  // operations will have a chance to succeed.
-  ForceFinish([&](GrpcCompletion* completion) {
+  auto future = tester.ForceFinishAsync([&](GrpcCompletion* completion) {
     switch (completion->type()) {
       case Type::Read:
-        completion->Complete(true);
-        break;
+        // After a write is failed, fail the read too.
+        completion->Complete(!failed_write);
+        return false;
 
       case Type::Write:
         failed_write = true;
         completion->Complete(false);
-        break;
+        return false;
+
+      case Type::Finish:
+        EXPECT_TRUE(failed_write);
+        *completion->status() = grpc::Status{grpc::RESOURCE_EXHAUSTED, ""};
+        completion->Complete(true);
+        return true;
 
       default:
         ADD_FAILURE() << "Unexpected completion type "
                       << static_cast<int>(completion->type());
-        break;
+        return false;
     }
-
-    return failed_write;
   });
+  future.wait();
+  worker_queue.EnqueueBlocking([] {});
 
-  ForceFinish(
-      {{Type::Read, Error},
-       {Type::Finish, grpc::Status{grpc::StatusCode::RESOURCE_EXHAUSTED, ""}}});
   ASSERT_TRUE(status.has_value());
   EXPECT_EQ(status.value().code(), FirestoreErrorCode::ResourceExhausted);
   EXPECT_TRUE(responses.empty());

Firestore/core/test/firebase/firestore/remote/stream_test.mm

@@ -461,31 +461,32 @@ void StartStream() {
   worker_queue.EnqueueBlocking([&] { firestore_stream->WriteEmptyBuffer(); });
 
   bool failed_write = false;
-  // Callback is used because it's indeterminate whether one or two read
-  // operations will have a chance to succeed.
-  ForceFinish([&](GrpcCompletion* completion) {
+  auto future = tester.ForceFinishAsync([&](GrpcCompletion* completion) {
     switch (completion->type()) {
       case Type::Read:
-        completion->Complete(true);
-        break;
+        // After a write is failed, fail the read too.
+        completion->Complete(!failed_write);
+        return false;
 
       case Type::Write:
         failed_write = true;
         completion->Complete(false);
-        break;
+        return false;
+
+      case Type::Finish:
+        EXPECT_TRUE(failed_write);
+        *completion->status() = grpc::Status{grpc::UNAUTHENTICATED, ""};
+        completion->Complete(true);
+        return true;
 
       default:
         ADD_FAILURE() << "Unexpected completion type "
                       << static_cast<int>(completion->type());
-        break;
+        return false;
     }
-
-    return failed_write;
   });
-
-  ForceFinish(
-      {{Type::Read, Error},
-       {Type::Finish, grpc::Status{grpc::StatusCode::UNAUTHENTICATED, ""}}});
+  future.wait();
+  worker_queue.EnqueueBlocking([] {});
 
   worker_queue.EnqueueBlocking([&] {
     EXPECT_FALSE(firestore_stream->IsStarted());