fix: replace abort() with cooperative wait in wait_for_run_task

xdustinface · xdustinface · commit fabbdadbfb38 · 2026-03-23T12:50:57.000+07:00
`abort()` can interrupt the cleanup sequence in `DashSpvClient::run()`
(the `monitor_shutdown.cancel()` + `tokio::join!`), leaving monitor
tasks running after FFI callback pointers are freed. Use cooperative
wait with a timeout fallback instead.
diff --git a/dash-spv-ffi/src/client.rs b/dash-spv-ffi/src/client.rs
@@ -110,23 +110,35 @@ pub unsafe extern "C" fn dash_spv_ffi_client_new(
     }
 }
 
+/// Maximum time to wait for the run task to exit cooperatively before aborting.
+const RUN_TASK_SHUTDOWN_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(5);
+
 impl FFIDashSpvClient {
-    /// Cancel the run task and wait for it to finish.
-    fn cancel_run_task(&self) {
+    /// Wait for the run task to finish cooperatively, aborting only on timeout.
+    ///
+    /// The caller must cancel `shutdown_token` before calling this so that
+    /// `DashSpvClient::run()` exits its loop and cleans up monitor tasks.
+    /// Only falls back to `abort()` if the task doesn't exit within the timeout.
+    fn wait_for_run_task(&self) {
         let task = self.run_task.lock().unwrap().take();
         if let Some(task) = task {
-            task.abort();
-            self.runtime.block_on(async {
-                let _ = task.await;
-            });
+            let finished = self
+                .runtime
+                .block_on(async { tokio::time::timeout(RUN_TASK_SHUTDOWN_TIMEOUT, task).await });
+            if finished.is_err() {
+                tracing::warn!(
+                    "Run task did not exit within {:?}, aborting",
+                    RUN_TASK_SHUTDOWN_TIMEOUT
+                );
+            }
         }
     }
 }
 
 fn stop_client_internal(client: &mut FFIDashSpvClient) -> Result<(), dash_spv::SpvError> {
     client.shutdown_token.cancel();
 
-    client.cancel_run_task();
+    client.wait_for_run_task();
 
     let result = client.runtime.block_on(async { client.inner.stop().await });
 
@@ -342,8 +354,8 @@ pub unsafe extern "C" fn dash_spv_ffi_client_destroy(client: *mut FFIDashSpvClie
             let _ = client.inner.stop().await;
         });
 
-        // Abort and await the run task
-        client.cancel_run_task();
+        // Wait for the run task to finish (cooperative, with timeout fallback)
+        client.wait_for_run_task();
 
         tracing::info!("FFI client destroyed and all tasks cleaned up");
     }
