backend: skip *bolt.DB.Size call when nil #6662
Conversation
| defer cleanup(b, tmpPath) | ||
|
|
||
| // 2. call batchTx.commit(true) | ||
| b.batchTx.CommitAndStop() |
There was a problem hiding this comment.
this seems to be wrong. CommitAndStop only can be called by backend once it stopped. no other operation can be issued to backend after that. if you want to prevent bad caller that calls backend.X() after backend gets stopped, you should protect the backend side.
There was a problem hiding this comment.
I think ongoing Hash call before stopping would still trigger this panic.
I might be wrong. I will read mvcc, backend again to investigate more.
Thanks!
gyuho
changed the title
|
@xiang90 Added more test cases which all panic without this patch. To make it clear, this is only useful for projects embedding etcd servers. If a project embeds etcd server, this panic would shut down the whole application. And there's no way to know in advance because etcd server stop method returns after calling |
gyuho
force-pushed
the
db-panic
branch
2 times, most recently
from
f6b76f2
to
2e153a5
Compare
|
Why would an in-flight |
|
@heyitsanthony I think same thing can happen in other in-flight RPC calls like get, put. |
| @@ -159,6 +161,12 @@ func (t *batchTx) commit(stop bool) { | |||
| var err error | |||
| // commit the last tx | |||
| if t.tx != nil { | |||
| if t.stopped { | |||
There was a problem hiding this comment.
dropping a commit on the floor like this without an error and acting like it worked is kind of scary; what if the commit is important?
There was a problem hiding this comment.
agree. let me rethink on this. thanks.
|
@xiang90 @heyitsanthony How about checking if db is nil without adding --- a/mvcc/backend/batch_tx.go
+++ b/mvcc/backend/batch_tx.go
@@ -162,7 +162,9 @@ func (t *batchTx) commit(stop bool) {
if t.pending == 0 && !stop {
t.backend.mu.RLock()
defer t.backend.mu.RUnlock()
- atomic.StoreInt64(&t.backend.size, t.tx.Size())
+ if t.tx.DB() != nil {
+ atomic.StoreInt64(&t.backend.size, t.tx.Size())
+ }
return
}
start := time.Now() |
gyuho
changed the title
|
|
||
| // TestV3MaintenanceHash ensures concurrent Hash call to embedded EtcdServer | ||
| // that is being stopped does not panic. | ||
| func TestV3MaintenanceHash(t *testing.T) { |
There was a problem hiding this comment.
TestV3MaintenanceHashInflight?
| @@ -162,7 +162,9 @@ func (t *batchTx) commit(stop bool) { | |||
| if t.pending == 0 && !stop { | |||
| t.backend.mu.RLock() | |||
| defer t.backend.mu.RUnlock() | |||
| atomic.StoreInt64(&t.backend.size, t.tx.Size()) | |||
| if t.tx.DB() != nil { | |||
|
lgtm after fixing nits |
gyuho
changed the title
- Test etcd-io#7322. - Remove test case added in etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
Revert etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
- Test etcd-io#7322. - Remove test case added in etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
Revert etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
- Test etcd-io#7322. - Remove test case added in etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
Revert etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
- Test etcd-io#7322. - Remove test case added in etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
Revert etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
- Test etcd-io#7322. - Remove test case added in etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
Revert etcd-io#6662. Signed-off-by: Gyu-Ho Lee <[email protected]>
would panic because *bolt.Tx.Commit in batchTx.commit
initializes *bolt.Tx.db and *bolt.Tx.meta as nil,
and subsequent *bolt.Tx.Size() call refers to this nil
pointer (panic).
Fix etcd-io/etcdlabs#30.
/cc @xiang90