sql: add safety gates for pausable portal cleanup and flow invalidation #155669
Conversation
|
It looks like your PR touches production code but doesn't add or edit any test code. Did you consider adding tests to your PR? 🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf. |
|
This change is |
There was a problem hiding this comment.
@yuzefovich reviewed 4 of 4 files at r1, all commit messages.
Reviewable status:complete! 0 of 0 LGTMs obtained (waiting on @ZhouXing19)
-- commits line 23 at r1:
nit: I'd probably omit a release note here given that we cannot explain well to users which conditions were necessary for the bug to happen.
pkg/sql/conn_executor_exec.go line 1201 at r1 (raw file):
updateRetErrAndPayload(retErr, retPayload) portal.pauseInfo.resumableFlow.cleanup.run(ctx) portal.pauseInfo.resumableFlow.flow = nil
nit: rather than unsetting flow after each time cleanup runs, we should modify the cleanup function itself, this will be more bullet-proof.
ZhouXing19
force-pushed
the
portal-gate
branch
2 times, most recently
from
8c70293 to
7abf219
Compare
There was a problem hiding this comment.
Reviewable status:
Previously, yuzefovich (Yahor Yuzefovich) wrote…
nit: I'd probably omit a release note here given that we cannot explain well to users which conditions were necessary for the bug to happen.
Done.
pkg/sql/conn_executor_exec.go line 1201 at r1 (raw file):
Previously, yuzefovich (Yahor Yuzefovich) wrote…
nit: rather than unsetting
flowafter each timecleanupruns, we should modify the cleanup function itself, this will be more bullet-proof.
Good idea! Done.
yuzefovich
added
backport-25.3.x
There was a problem hiding this comment.
Nice! 
@yuzefovich reviewed 3 of 3 files at r2, all commit messages.
Reviewable status:
Epic: None Informs: cockroachlabs/support#3463 When a pausable portal encounters an error during execution, two issues can lead to panics on subsequent resume attempts: 1. The underlying FlowBase gets reset to nil during cleanup, but the portal's flow reference remains non-nil, causing hasFlowForPausablePortal() to incorrectly return true. 2. Errored portals are not removed from the portal map because deletion only occurs when execStmt() returns a non-nil fsm.Event. This change adds two defensive checks: - Nil the whole flow object hanging off the portalInfo while cleaning up the flow. - Ensure errored portals are properly cleaned up regardless of event state These gates prevent nil pointer dereferences when resuming portals that have been partially cleaned up due to errors. Release note: None
ZhouXing19
force-pushed
the
portal-gate
branch
from
7abf219 to
9a13f8e
Compare
ZhouXing19
requested review from
mgartner
and removed request for
a team and
mgartner
3 participants
Informs: https://github.com/cockroachlabs/support/issues/3463
When a pausable portal encounters an error during execution, two issues can lead to panics on subsequent resume attempts:
The underlying FlowBase gets reset to nil during cleanup, but the portal's flow reference remains non-nil, causing hasFlowForPausablePortal() to incorrectly return true.
Errored portals are not removed from the portal map because deletion only occurs when execStmt() returns a non-nil fsm.Event.
This change adds two defensive checks:
portalInfowhile cleaning up the flow.These gates prevent nil pointer dereferences when resuming portals that have been partially cleaned up due to errors.
Release note: None