samod-core: fix DontAnnounce policy drops documents synced by clients#85
Closed
shikokuchuo wants to merge 1 commit intoalexjg:mainfrom
Closed
samod-core: fix DontAnnounce policy drops documents synced by clients#85shikokuchuo wants to merge 1 commit intoalexjg:mainfrom
shikokuchuo wants to merge 1 commit intoalexjg:mainfrom
Conversation
Contributor
|
To give a bit more context, Charlie works on Quarto Hub, the collaborative editor for Quarto docs we started to work on. We found this while using samod as a sync server, and this specifically was triggered when creating a large number of automerge documents quickly in succession (this happens when we create a new Quarto project, which involves the creation of more than one automerge documents at once). |
alexjg
added a commit
that referenced
this pull request
Mar 13, 2026
Problem: when we receive a sync message for a document which we don't have in storage and for whom the AnnouncePolicy returns DontAnnounce then we erroneously decide that the document is unavailable even if the incoming sync message contains data about the document. This is because we fail to process pending sync messages once the load has completed if we don't have the document available or any connected peers who we could request from. Solution: process pending sync messages before deciding that the document is unavailable. Whilst I'm here I also cleaned up the logic around the phase transition during load to make it more consistent with the rest of the phase transitions and easier to read. Fixes: #85 Co-authored-by: 285675+cscheid@users.noreply.github.com Co-authored-by: 53399081+shikokuchuo@users.noreply.github.com
alexjg
added a commit
that referenced
this pull request
Mar 13, 2026
Problem: when we receive a sync message for a document which we don't have in storage and for whom the AnnouncePolicy returns DontAnnounce then we erroneously decide that the document is unavailable even if the incoming sync message contains data about the document. This is because we fail to process pending sync messages once the load has completed if we don't have the document available or any connected peers who we could request from. Solution: process pending sync messages before deciding that the document is unavailable. Whilst I'm here I also cleaned up the logic around the phase transition during load to make it more consistent with the rest of the phase transitions and easier to read. Fixes: #85 Co-authored-by: Carlos Scheidegger <285675+cscheid@users.noreply.github.com> Co-authored-by: shikokuchuo <53399081+shikokuchuo@users.noreply.github.com>
alexjg
added a commit
that referenced
this pull request
Mar 13, 2026
Problem: when we receive a sync message for a document which we don't have in storage and for whom the AnnouncePolicy returns DontAnnounce then we erroneously decide that the document is unavailable even if the incoming sync message contains data about the document. This is because we fail to process pending sync messages once the load has completed if we don't have the document available or any connected peers who we could request from. Solution: process pending sync messages before deciding that the document is unavailable. Whilst I'm here I also cleaned up the logic around the phase transition during load to make it more consistent with the rest of the phase transitions and easier to read. One important improvement is that if the document state changes mutliple times in one turn of a document actor, we only notify of the last status. This is important because it means that if a document transitions from loading through not found and into requesting in the same turn (which can happen if a load completes after receiving a sync message) then we don't notify the hub of the not found state. This is in turn important because notifying the hub of a not found state causes any outstanding find commands to complete with `None`. Fixes: #85 Co-authored-by: Carlos Scheidegger <285675+cscheid@users.noreply.github.com> Co-authored-by: shikokuchuo <53399081+shikokuchuo@users.noreply.github.com>
Owner
|
Thanks for the PR! I fixed this in a slightly different way but I've included you both as co-authors on the commit. |
shikokuchuo
added a commit
to shikokuchuo/samod
that referenced
this pull request
Mar 13, 2026
Problem: when we receive a sync message for a document which we don't have in storage and for whom the AnnouncePolicy returns DontAnnounce then we erroneously decide that the document is unavailable even if the incoming sync message contains data about the document. This is because we fail to process pending sync messages once the load has completed if we don't have the document available or any connected peers who we could request from. Solution: process pending sync messages before deciding that the document is unavailable. Whilst I'm here I also cleaned up the logic around the phase transition during load to make it more consistent with the rest of the phase transitions and easier to read. One important improvement is that if the document state changes mutliple times in one turn of a document actor, we only notify of the last status. This is important because it means that if a document transitions from loading through not found and into requesting in the same turn (which can happen if a load completes after receiving a sync message) then we don't notify the hub of the not found state. This is in turn important because notifying the hub of a not found state causes any outstanding find commands to complete with `None`. Fixes: alexjg#85 Co-authored-by: Carlos Scheidegger <285675+cscheid@users.noreply.github.com> Co-authored-by: shikokuchuo <53399081+shikokuchuo@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #84.
We've cherry-picked the commit from our repro to target main.
If you have any questions just let us know, thanks!
Root cause
In
samod-core/src/actors/document/doc_state.rs,handle_load():Loadingphase and queues the client's sync message inpending_sync_messages.DontAnnounce(the server's policy is|_, _| false).handle_loadchecks:doc.get_heads().is_empty()is true, andeligible_conns(connections with non-DontAnnouncepolicy) is false.NotFound, dropping allpending_sync_messages— the client's document data is lost.The pending sync messages contain the actual document data from the client, but they are never processed.
Fix
NotFound, check whether there are pending sync messages. If there are, process them first — they may contain the document data. Only transition toNotFoundwhen there are no pending messages AND no eligible connections.cc. @cscheid