Fix: don’t send a verification cancel request if the session is closed

[nimau]

This PR fixes:

• a crash in DEBUG when the app tries to send a cancel verification request while the session is closed.
• 2 retain cycles preventing MXCrypto from being properly released

[codecov]

Codecov Report

Base: 17.52% // Head: 37.38% // Increases project coverage by +19.85% 🎉

Coverage data is based on head (d306d8c) compared to base (7d59096).
Patch coverage: 73.91% of modified lines in pull request are covered.

Additional details and impacted files

@@             Coverage Diff              @@
##           develop    #1716       +/-   ##
============================================
+ Coverage    17.52%   37.38%   +19.85%     
============================================
  Files          612      612               
  Lines        95983    96133      +150     
  Branches     40286    41556     +1270     
============================================
+ Hits         16823    35939    +19116     
+ Misses       78649    59146    -19503     
- Partials       511     1048      +537     

Impacted Files	Coverage Δ
...SDK/Crypto/Verification/MXKeyVerificationManager.m	53.98% <68.42%> (+53.98%)	⬆️
.../Crypto/KeyBackup/Engine/MXNativeKeyBackupEngine.m	66.21% <100.00%> (+66.21%)	⬆️
MatrixSDK/Crypto/MXCrypto.m	64.19% <100.00%> (+62.12%)	⬆️
...o/Algorithms/RoomEvent/MXRoomEventDecryption.swift	53.27% <0.00%> (-2.07%)	⬇️
...ypto/Verification/MXKeyVerificationManagerV2.swift	20.73% <0.00%> (-0.56%)	⬇️
MatrixSDK/Background/MXBackgroundSyncService.swift	0.00% <0.00%> (ø)
MatrixSDK/Utils/Media/MXMediaManager.m	1.88% <0.00%> (+0.47%)	⬆️
MatrixSDK/Contrib/Swift/MXResponse.swift	43.58% <0.00%> (+0.73%)	⬆️
MatrixSDK/Contrib/Swift/MXRestClient.swift	2.22% <0.00%> (+0.74%)	⬆️
...gations/LocationSharing/MXBeaconAggregations.swift	4.44% <0.00%> (+1.26%)	⬆️
... and 193 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

[Anderas]

Does this actually fix the problem? What if the first if branch is evaluated first, we never get to check session being closed. Maybe better to put this at the very start of the cancelVerificationRequest?

I would also be curious to know why cancelVerificationRequest is called in the first place when session is already closed, and perhaps the isClosed check really belongs in the caller of the cancelVerificationRequest. This is because if "cancel" can cause troubles, than so could the other methods in this manager, such as cancelTransaction or sendToOtherInRequest. Do you have reliable steps to reproduce this crash?

[nimau]

Hi @Anderas, thanks for the feedback.
I moved the check at the very start of the cancelVerificationRequest
cancelVerificationRequest is called by MXKeyVerificationManager when the timeout (5 minutes by default) is fired.
So, if a user logs into the app, uses the recovery key to validate the session, then logs out or clears the cache (anything that invalidates the session), the app will try to send a verification cancel request even if the session is closed.
In DEBUG, this will crash because of the assertion in sendToOtherInRequest, but in practice, it may prevent some completion handler from being called.

[Anderas]

The thing is that when the session is closed (say via the close method), this will also close session.crypto, which will in turn close crypto.keyVerificationManager, even though by nillifying it. In other words when a session is closed no other objects should continue to function, and in the case of MXKeyVerificationManager it should cancel its timeout once closed. The reason this does not work at the moment is that even if crypto nillifies the manager, some other object keeps it in memory (not necessarily as a memory leak).

Whilst your solution does solve this particular problem, I fear this is merely one of many symptoms of the manager continuing its work after a session is closed. I would instead propose this solution:

• add new close method in the MXLegacyKeyVerificationManager header file
• implement the close method by clearing any timeouts that we have scheduled
• call the method just before self->_keyVerificationManager = nil is called from MXLegacyCrypto close

[nimau]

@Anderas, Ok, thanks. The verification manager was retained by its timers. So I removed my previous "fix", change the way we create the timers to prevent them to retain the manager, and finally, properly invalidate the timer on dealloc. It should be better and safer now.

[Anderas]

Nice find on the retain cycles

[Anderas]

Thats great, thanks for the change