Skip to content

chore(core): reimpl reconnect logic #1310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

chore(core): reimpl reconnect logic #1310

wants to merge 3 commits into from

Conversation

NathanFlurry
Copy link
Member

No description provided.

@vercel Vercel
Copy link

vercel bot commented Sep 26, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
rivetkit-serverless Error Error Sep 26, 2025 7:06am

@claude Claude
Copy link

claude bot commented Sep 26, 2025
edited
Loading

Claude finished @NathanFlurry's task —— View job

PR Review: Reconnection Logic Implementation

Todo List:

  • Read project guidelines from CLAUDE.md
  • Analyze core connection and actor instance changes
  • Review WebSocket handling and reconnection logic
  • Check error handling and logging patterns
  • Evaluate security considerations
  • Assess performance implications
  • Review test coverage considerations
  • Provide comprehensive feedback

📋 Summary

This PR implements a comprehensive reconnection logic for WebSocket connections in RivetKit. The changes span across 16 files and introduce socket ID tracking, stale disconnect event filtering, and improved connection state management.

✅ Positive Aspects

Well-Architected Reconnection Logic

  • Socket ID tracking: generateConnSocketId() provides unique identifiers to distinguish between different socket instances (conn-socket.ts:28, router-endpoints.ts:156)
  • Stale disconnect filtering: Prevents race conditions by ignoring disconnect events from old sockets (instance.ts:797-805)
  • Connection ID preservation: Supports reconnection with existing connection state by passing connId and connToken (router-endpoints.ts:168-181)

Robust Error Handling

  • Graceful cleanup: Proper socket cleanup on disconnect (conn.ts:234, instance.ts:822)
  • Connection validation: Token validation for reconnections (instance.ts:1032-1034)
  • Comprehensive logging: Good debug/warn logging throughout the reconnection flow

Client-Side Resilience

  • Automatic reconnection: Client implements retry logic with exponential backoff (actor-conn.ts:226-254)
  • State preservation: Connection ID and token stored for seamless reconnection (actor-conn.ts:419-427)
  • Message queuing: Messages are queued during reconnection attempts (actor-conn.ts:721-724)

⚠️ Issues and Concerns

Race Condition Potential

Location: instance.ts:1036-1043

// If there's an existing driver state, disconnect it first
if (existingConn.__driverState) {
    await existingConn.disconnect("Reconnecting with new driver state");
}
// Update with new driver state
existingConn.__socket = socket;

Issue: There's a potential race condition between disconnecting the old socket and setting the new one. If another disconnect event fires during this window, it could interfere with the reconnection.

Recommendation: Consider using atomic operations or locking mechanisms here.

Memory Leak Risk

Location: instance.ts:366-370

this.#checkConnLivenessInterval = setInterval(
    this.#checkConnectionsLiveness.bind(this),
    this.#config.options.connectionLivenessInterval,
);

Issue: If connection liveness cleanup fails or takes too long, dead connections might accumulate in memory.

Recommendation: Add maximum age limits and more aggressive cleanup policies.

Security Considerations

Location: router-endpoints.ts:301-303 & actor-websocket-client.ts:84-89

// Pass connection ID and token for reconnection if available
isReconnection ? this.#connectionId : undefined,
isReconnection ? this.#connectionToken : undefined,

Issue: Connection tokens are passed via WebSocket protocols, which may be logged in some environments.

Recommendation: Consider time-limited tokens or additional validation layers.

Error Handling Gaps

  1. Missing timeout handling: instance.ts:1018-1067 - Reconnection doesn't have explicit timeouts
  2. Incomplete cleanup: conn.ts:216-235 - Disconnect may not clean up all resources in error scenarios
  3. Silent failures: Some operations catch errors but don't propagate them appropriately

🚀 Performance Considerations

Positive

  • Efficient message queuing: Messages are queued during reconnection rather than dropped
  • Smart cleanup: Stale disconnect events are filtered out early
  • Proper resource management: Intervals and timeouts are cleared on actor stop

Areas for Improvement

  • Connection pooling: Consider implementing connection pooling for high-throughput scenarios
  • Batch operations: Connection liveness checks could be batched to reduce overhead
  • Memory usage: Large message queues during extended disconnections could consume significant memory

🧪 Test Coverage Recommendations

The changes would benefit from tests covering:

  1. Reconnection scenarios:

    • Normal reconnection after temporary disconnect
    • Multiple rapid reconnection attempts
    • Reconnection with stale tokens

  2. Race condition testing:

    • Concurrent disconnect/reconnect events
    • Socket ID conflicts
    • Connection state transitions

  3. Error scenarios:

    • Connection timeout during reconnection
    • Invalid tokens on reconnection
    • Network failures during message sending

  4. Performance testing:

    • Large message queue handling
    • Connection liveness under load
    • Memory usage during extended disconnections

📝 Minor Issues

  1. Typo in comment: router-endpoints.ts:212 - "enc" should be removed
  2. Magic numbers: Consider making SSE_PING_INTERVAL = 1000 and similar values configurable
  3. Inconsistent logging levels: Some debug messages might be better as trace level

🎯 Overall Assessment

This is a solid implementation of reconnection logic that addresses most of the complex scenarios in WebSocket connection management. The code follows the project's guidelines well and demonstrates good understanding of the actor system architecture.

Strengths: Comprehensive approach, good error handling, client resilience
Areas for improvement: Race condition handling, security hardening, test coverage

Recommendation: ✅ Approve with minor revisions - The implementation is production-ready with the suggested improvements for race conditions and additional testing.

This was referenced Sep 26, 2025
Closed
Closed
Closed
Closed
Closed
@NathanFlurry Graphite App
Copy link
Member Author

NathanFlurry commented Sep 26, 2025
edited
Loading

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

  • merge queue - adds this PR to the back of the merge queue
  • hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

This was referenced Sep 26, 2025
Closed
Closed
@NathanFlurry NathanFlurry changed the base branch from 09-25-chore_core_simplify_connection_handling_fix_graceful_reconnect to graphite-base/1310 September 26, 2025 07:02
@NathanFlurry NathanFlurry force-pushed the 09-25-chore_core_reimpl_reconnect_logic branch from 4595175 to 5364708 Compare September 26, 2025 07:02
@NathanFlurry NathanFlurry changed the base branch from graphite-base/1310 to 09-25-fix_core_fix_getters_on_actorconn_proxy September 26, 2025 07:02
@claude Claude
Copy link

claude bot commented Sep 26, 2025
edited
Loading

Claude finished @NathanFlurry's task —— View job

🔍 PR Review: Reconnection Logic Implementation

Todo List:

  • Read and analyze key changed files
  • Review reconnection logic implementation
  • Check code quality and best practices
  • Identify potential bugs or issues
  • Evaluate performance considerations
  • Assess security concerns
  • Review test coverage
  • Compare with previous review feedback
  • Provide comprehensive updated review

📋 Summary

This PR implements comprehensive WebSocket reconnection logic for RivetKit, spanning 25 files with socket ID tracking, stale disconnect filtering, and improved connection state management. The implementation addresses critical connection resilience requirements.

✅ Positive Aspects

Well-Architected Socket Management

  • Socket ID tracking: Clean implementation with generateConnSocketId() in conn-socket.ts:4 and usage in router-endpoints.ts:158
  • Stale disconnect filtering: Robust protection against race conditions in instance.ts:802-810
  • Connection preservation: Successful reconnection with existing connId and connToken in router-endpoints.ts:178-193

Client-Side Resilience

  • Exponential backoff: Smart retry logic in actor-conn.ts:226-254 with configurable timeouts
  • Message queuing: Proper handling during disconnection in actor-conn.ts:410-418
  • Connection state preservation: Maintains connection IDs for seamless reconnection

Comprehensive Testing

  • Dedicated test suite: New actor-reconnect.ts with non-clean vs clean disconnect scenarios
  • State preservation testing: Verifies connection state survives reconnection
  • Counter actor fixture: Good test actor with connection tracking in counter-conn.ts

⚠️ Critical Issues

Race Condition in Connection Replacement

Location: instance.ts:889-895 (likely in the reconnection logic)

// If there's an existing driver state, disconnect it first
if (existingConn.__driverState) {
    await existingConn.disconnect("Reconnecting with new driver state");
}
// Update with new driver state
existingConn.__socket = socket;

Issue: Gap between disconnecting old socket and setting new one creates race condition window.
Risk: High - Could cause connection state corruption
Recommendation: Use atomic swap or connection locking mechanism

Token Security Vulnerability

Location: Connection tokens passed via WebSocket parameters
Issue: Connection tokens transmitted in potentially logged protocols
Risk: Medium - Token exposure in logs/network traces
Recommendation: Implement time-limited tokens or additional validation layers

Memory Leak Risk

Location: Connection cleanup in instance.ts:366-370 (liveness checking)
Issue: Failed cleanup could accumulate dead connections
Risk: Medium - Memory exhaustion under high connection churn
Recommendation: Add maximum connection age limits and aggressive cleanup policies

🚀 Performance Analysis

Efficient Design

  • Smart filtering: Early rejection of stale disconnects reduces processing overhead
  • Proper resource management: Connection liveness intervals cleared on actor stop
  • Message batching: Queued messages flushed efficiently on reconnection

Potential Bottlenecks

  • Connection liveness checks: Could be optimized with batching for high-connection scenarios
  • Large message queues: Extended disconnections could consume significant memory
  • Synchronous connection operations: Some operations could benefit from async patterns

🔒 Security Considerations

Good Practices

  • Token validation: Proper token checking for reconnections in instance.ts:932-940
  • Connection isolation: Socket IDs prevent cross-connection interference
  • Clean state management: Proper cleanup on disconnection

Areas for Improvement

  • Token lifetime: No visible expiration mechanism for connection tokens
  • Request validation: Limited validation of reconnection parameters
  • Rate limiting: No apparent protection against rapid reconnection attempts

🧪 Test Coverage Assessment

Strong Coverage

  • Reconnection scenarios: Both clean and non-clean disconnects tested
  • State preservation: Verifies connection state survives reconnection
  • Connection counting: Proper tracking validation

Missing Test Cases

  • Race conditions: Concurrent disconnect/reconnect scenarios
  • Token expiration: Invalid/expired token handling
  • Network timeouts: Connection timeout during reconnection
  • Memory pressure: Large message queue handling
  • Multiple rapid reconnects: Stress testing reconnection logic

📝 Code Quality Issues

Minor Issues

  1. Inconsistent logging levels: Some debug messages might be better as trace
  2. Magic numbers: Hard-coded intervals could be configurable
  3. Error propagation: Some caught errors not properly bubbled up

Best Practices Compliance

  • ✅ Follows RivetKit coding standards
  • ✅ Proper structured logging usage
  • ✅ Good TypeScript typing
  • ✅ Consistent error handling patterns

🎯 Comparison with Previous Review

The implementation has addressed several concerns from the previous review:

  • Added comprehensive testing with actor-reconnect.ts
  • Improved error handling with better logging patterns
  • Better documentation of reconnection flow
  • ⚠️ Race condition concerns persist and need attention
  • ⚠️ Security considerations around token handling remain

🚨 Blockers for Production

  1. Race Condition Fix: Must address connection replacement race condition
  2. Token Security: Implement secure token handling
  3. Memory Safety: Add connection cleanup safeguards

✅ Recommendations

High Priority

  1. Fix race condition in connection replacement logic
  2. Add token expiration mechanism
  3. Implement connection cleanup safeguards
  4. Add timeout handling for reconnection operations

Medium Priority

  1. Add stress testing for rapid reconnections
  2. Implement rate limiting for reconnection attempts
  3. Optimize connection liveness checks for scale
  4. Add monitoring/metrics for reconnection success rates

Low Priority

  1. Make intervals configurable
  2. Improve logging consistency
  3. Add more detailed error messages

🎭 Overall Assessment

This is a well-architected implementation that demonstrates solid understanding of WebSocket connection management complexities. The code quality is high and follows project conventions well.

Strengths: Comprehensive approach, good testing, client resilience, proper state management
Critical Issues: Race conditions, security considerations, potential memory leaks

Recommendation: ✅ Approve with critical fixes required - The implementation is solid but needs the race condition and security issues addressed before production deployment.

Risk Level: Medium-High - Core functionality works but critical issues could cause production problems

@claude Claude
Copy link

claude bot commented Sep 26, 2025
edited
Loading

Claude finished @NathanFlurry's task —— View job

PR Review: Reconnection Logic Implementation

Todo List:

  • Read project guidelines from CLAUDE.md
  • Analyze core connection and actor instance changes
  • Review WebSocket handling and reconnection logic
  • Check error handling and logging patterns
  • Evaluate security considerations
  • Assess performance implications
  • Review test coverage considerations
  • Provide comprehensive feedback

📋 Summary

This PR implements comprehensive reconnection logic for WebSocket connections in RivetKit. The changes span across 25 files and introduce socket ID tracking, stale disconnect event filtering, improved connection state management, and client-side automatic reconnection with exponential backoff.

✅ Positive Aspects

Well-Architected Reconnection Logic

  • Socket ID tracking: generateConnSocketId() provides unique identifiers to distinguish between different socket instances (conn.ts:30, router-endpoints.ts:158)
  • Stale disconnect filtering: Prevents race conditions by ignoring disconnect events from old sockets (instance.ts:802-810)
  • Connection ID preservation: Supports reconnection with existing connection state by passing connId and connToken (router-endpoints.ts:168-181, actor-conn.ts:287-303)

Robust Error Handling

  • Graceful cleanup: Proper socket cleanup on disconnect (conn.ts:234, instance.ts:822)
  • Connection validation: Token validation for reconnections (instance.ts:902)
  • Comprehensive logging: Good debug/warn logging throughout the reconnection flow

Client-Side Resilience

  • Automatic reconnection: Client implements retry logic with exponential backoff (actor-conn.ts:226-254)
  • State preservation: Connection ID and token stored for seamless reconnection (actor-conn.ts:442-444)
  • Message queuing: Messages are queued during reconnection attempts (actor-conn.ts:785-794)

Strong Test Coverage

  • Comprehensive test suite: New test file covers multiple reconnection scenarios (tests/actor-reconnect.ts)
  • Clean vs unclean disconnect: Tests verify different disconnect behaviors
  • Multiple reconnection cycles: Tests handle repeated disconnect/reconnect scenarios
  • State preservation validation: Tests confirm connection state is maintained across reconnections

⚠️ Issues and Concerns

Race Condition Potential

Location: instance.ts:909-927

// If there's an existing driver state, clean it up without marking as clean disconnect
if (existingConn.__driverState) {
    // ... driver cleanup logic
}
// Update with new driver state
existingConn.__socket = socket;

Issue: There's a potential race condition between disconnecting the old socket and setting the new one. If another disconnect event fires during this window, it could interfere with the reconnection.

Recommendation: Consider using atomic operations or connection state locks here.

Memory Leak Risk

Location: instance.ts:371-375

this.#checkConnLivenessInterval = setInterval(
    this.#checkConnectionsLiveness.bind(this),
    this.#config.options.connectionLivenessInterval,
);

Issue: If connection liveness cleanup fails or takes too long, dead connections might accumulate in memory. The liveness check logic at instance.ts:1209-1239 removes dead connections but relies on timing-based cleanup.

Recommendation: Add maximum connection limits and more aggressive cleanup policies.

Security Considerations

Location: actor-conn.ts:301-303 & actor-websocket-client.ts:84-89

// Pass connection ID and token for reconnection if available
isReconnection ? this.#connectionId : undefined,
isReconnection ? this.#connectionToken : undefined,

Issue: Connection tokens are passed via WebSocket URLs and headers, which may be logged in some environments.

Recommendation: Consider time-limited tokens or additional validation layers. The current implementation uses generateConnToken() with 32-byte secure random tokens, which is good, but token rotation could enhance security.

Error Handling Gaps

  1. Missing timeout handling: instance.ts:895-961 - Reconnection doesn't have explicit timeouts
  2. Silent failures: Some operations catch errors but don't propagate them appropriately (actor-conn.ts:757-766)
  3. Incomplete cleanup: Edge cases in cleanup logic may not handle all resource cleanup scenarios

Code Quality Issues

  1. Typo in comment: actor-conn.ts:212 - "enc" should be removed
  2. Magic numbers: Consider making retry intervals and timeouts configurable
  3. Complex nested conditionals: The reconnection logic could benefit from extraction into smaller methods

🚀 Performance Considerations

Positive

  • Efficient message queuing: Messages are queued during reconnection rather than dropped (actor-conn.ts:785-794)
  • Smart cleanup: Stale disconnect events are filtered out early (instance.ts:802-810)
  • Proper resource management: Intervals and timeouts are cleared on actor stop

Areas for Improvement

  • Connection pooling: Consider implementing connection pooling for high-throughput scenarios
  • Batch operations: Connection liveness checks could be batched to reduce overhead (instance.ts:1209-1239)
  • Memory usage: Large message queues during extended disconnections could consume significant memory

🧪 Test Coverage Assessment

The new test suite is excellent and covers:

Covered scenarios:

  • Normal reconnection after unclean disconnect
  • Clean disconnect behavior (connection removal)
  • Multiple reconnection cycles
  • State preservation across reconnections
  • Connection counting accuracy

⚠️ Missing test scenarios:

  1. Concurrent reconnection attempts: Multiple clients reconnecting simultaneously
  2. Token validation failures: Invalid or expired tokens during reconnection
  3. Network timeout scenarios: Connection attempts that timeout
  4. Large message queue handling: Behavior with many queued messages during reconnection
  5. Actor sleep/wake during reconnection: Actor state changes during reconnection attempts

📝 Minor Issues

  1. Comment cleanup: actor-conn.ts:212 has leftover "enc" text
  2. Logging consistency: Some debug messages could be trace level for less verbosity
  3. Type casting: Several as any casts could be made more type-safe

🎯 Overall Assessment

This is a solid, production-ready implementation of reconnection logic that addresses the complex scenarios in WebSocket connection management. The code follows RivetKit's guidelines well and demonstrates good understanding of the actor system architecture.

Strengths: Comprehensive approach, good error handling, client resilience, excellent test coverage
Areas for improvement: Race condition handling, security hardening, performance optimization

Recommendation: ✅ Approve with minor revisions - The implementation is well-architected and ready for production with the suggested improvements for race conditions and additional edge case testing.

The reconnection logic successfully handles:

  • Socket ID tracking to prevent stale events
  • Connection state preservation
  • Automatic client-side retry with exponential backoff
  • Proper cleanup and resource management
  • Comprehensive test coverage for core scenarios

This is a valuable addition to RivetKit that will significantly improve connection reliability in production environments.

@NathanFlurry NathanFlurry mentioned this pull request Sep 26, 2025
Closed
@graphite-app Graphite App
Copy link

graphite-app bot commented Sep 26, 2025
edited
Loading

Merge activity

  • Sep 26, 7:06 AM UTC: NathanFlurry added this pull request to the Graphite merge queue.
  • Sep 26, 7:06 AM UTC: CI is running for this pull request on a draft pull request (#1312) due to your merge queue CI optimization settings.
  • Sep 26, 7:07 AM UTC: Merged by the Graphite merge queue via draft PR: #1312.

graphite-app bot pushed a commit that referenced this pull request Sep 26, 2025
@NathanFlurry
chore(core): reimpl reconnect logic (#1310)
ee988e1
@graphite-app graphite-app bot closed this Sep 26, 2025
@graphite-app graphite-app bot deleted the 09-25-chore_core_reimpl_reconnect_logic branch September 26, 2025 07:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@NathanFlurry