Socket.io wrong data being sent to socket (possible ID collisions)

[dvideby0]

We are currently experiencing an issue with our web application where the wrong data is being sent to a socket. Based on what we are seeing, it appears there might be socketID collisions because of our multiple server setup but we have not been able to confirm yet.

The behavior

Users that are joined to 1 room will start receiving messages from another room (that they have not been joined to) at random. When they refresh, they are back to getting the messages that they were supposed to be getting.

Our Configuration

var express = require('express')();
var api = require('http').createServer(express);

/*
 * Configure socket.io.
 */
var socketio = require('socket.io')(api, {
  serveClient: true,
  transports: ['websocket']
});
var redis = require('redis').createClient;
var adapter = require('socket.io-redis');
var pub = redis(appModules.config.redis.clients.socketio.port, appModules.config.redis.clients.socketio.host, {
  return_buffers: true,
  auth_pass: appModules.config.redis.password
});
var sub = redis(appModules.config.redis.clients.socketio.port, appModules.config.redis.clients.socketio.host, {
  return_buffers: true,
  auth_pass: appModules.config.redis.password
});
socketio.adapter(adapter({
  host: appModules.config.redis.clients.socketio.host,
  port: appModules.config.redis.clients.socketio.port,
  pubClient: pub,
  subClient: sub
}));
socketio.on('connection', function(socket) {
  socket.emit('connection-event', 'socket connection successful for socket: ' + socket.id);
  socket.on('disconnect', function() {
    require('../../main_socket/v1/disconnect')(this);
  });
  socket.on('reconnect', function() {
    require('../../main_socket/v1/reconnect')(this);
  });
  socket.on('client-event', function(data) {
    data = JSON.parse(data);
    appModules.shared.session.decryptToken(data.token)
      .then(function(jwt) {
        appModules.services.redis.clients.user_sessions.hgetallAsync(jwt.decodedToken.email)
          .then(function(session) {
            data.session = session;
            require('../../main_socket/' + data.apiVersion + '/' + data.context + '/' + data.action)(data, socket);
          })
          .catch(function(err) {
            logger.error(err);
          });
      })
      .catch(function(err) {
        logger.error(err);
      });
  });
});

Assumption

Since refreshing seems to fix the issue for a specific user, we assume it is a socketID collision since they will get a new one on refresh.

Additional Notes

We are hosting our app on Heroku and followed their instructions for session affinity (https://devcenter.heroku.com/articles/session-affinity) but this did not seem to make any impact on the issue.

[darrachequesne]

The usual questions:

• which version of socket.io (server and client)? Of socket.io-redis? Did you upgrade recently?
• how can we reproduce?

[dvideby0]

Sorry for that. The version is 1.4.4

As for steps to reproduce, I am unable to. This is partly why I think there is some socket.id collisions taking place. I can see it happen to users when I look at the console for their session (using fullstory). I will see data come in for a room they don't belong to.

[carpii]

You don't seem to have yet ruled out a collision in your redis keys? Is that possible?

I think the best step would be to add some logging, and determine exactly what your code/redis is instructing socket.io to do (compared to the end symptom you are seeing)

[dvideby0]

@carpii I am not sure you you mean by logging out my redis keys. It does not appear that any keys are created. Instead socket.io makes use of the pub/sub functionality based on socket and room info that is stored in-memory. If I should be seeing keys in my redis DB then that might be a good indicator that I have configured this incorrectly. Can someone here even confirm if socket ID collisions should be expected if I am using the redis adaptor to use socket.io across multiple processes (more specifically, multiple heroku dynos)

[darrachequesne]

@dvideby0 You're right, there should be no key created (the redis adapter only relies on pub/sub mechanism).

As far as I know, ID collisions have never been reported. What is the frequency of that event? Does it happen for a given user? Would you be able to detect when such events occurs, and log everything (especially the socket rooms)?

You'll understand that without a proper way to reproduce, it's a bit like trying to find a needle in a haystack.

[darrachequesne]

Closed due to inactivity, please reopen if needed.

[mesutyigit]

It sends wrong messages to the wrong sockets when socket.io is under load. Interestingly, that message goes to the person who should not go. I thought ID conflict but I overrided the IDs myself, the problem is not solved.