Skip to content

[backport 3.5] box: forbid concurrent invocation of box_raft_try_promote#12046

Merged
sergepetrenko merged 1 commit intorelease/3.5from
backport/release/3.5/11882
Nov 24, 2025
Merged

[backport 3.5] box: forbid concurrent invocation of box_raft_try_promote#12046
sergepetrenko merged 1 commit intorelease/3.5from
backport/release/3.5/11882

Conversation

@TarantoolBot
Copy link
Collaborator

@TarantoolBot TarantoolBot commented Nov 20, 2025
edited
Loading

(This PR is a backport of #11882 to release/3.5 to a future 3.5.1 release.)

This patch fixes two bugs related to concurrent invocation of box_raft_try_promote.

Closes #11703
Closes #11708

@CuriousGeorgiy @github-actions
box: forbid concurrent invocation of box_raft_try_promote
9917982 
Currently, we allow concurrent invocation of `box_raft_try_promote`, since
we either disable the `is_in_promote` guard in `box_promote` or omit it in
`box_cfg_xc`, while `box_raft_try_promote` yields to write the raft state.

This leads to a race over the `diag` of the fiber executing the
`box_raft_try_promote_f` trigger, and can lead to more bugs.

Let's forbid concurrent execution of `box_raft_try_promote` by enabling the
`is_in_promote` guard while `box_raft_try_promote` is called.

One potential caveat is the concurrent execution of `box_promote_qsync`
which is also guarded by the `is_in_promote`. However, it is executed in
the raft worker fiber and can be retried until `box_raft_try_promote`
execution finishes.

To be on the safer side, let's:
1. Call `raft_restore` before setting the fiber's `diag` to prevent any
    potential tampering with it from `raft->on_update` triggers.
2. Set `is_box_configured` right before calling `box_raft_try_promote` to
   maintain the invariant that it is always called by `box.cfg` first. Also
   move `box_broadcast_ballot` for consistency.

The `raft_leader_promote` test from the gh-6033 test group should now test
that a concurrent promote fails rather than succeeds.

Closes #11703
Closes #11708

NO_DOC=<bugfix>

(cherry picked from commit b592845)
@TarantoolBot TarantoolBot requested a review from a team as a code owner November 20, 2025 07:46
@TarantoolBot TarantoolBot changed the title [Backport release/3.5] box: forbid concurrent invocation of box_raft_try_promote [backport 3.5] box: forbid concurrent invocation of box_raft_try_promote Nov 20, 2025
@TarantoolBot TarantoolBot mentioned this pull request Nov 20, 2025
Merged
@coveralls
Copy link

coveralls commented Nov 20, 2025

Coverage Status

coverage: 87.635% (+0.008%) from 87.627%
when pulling 9917982 on backport/release/3.5/11882
into 0b01ab2
on release/3.5.

AArdeev
AArdeev approved these changes Nov 21, 2025
View reviewed changes
Copy link

@AArdeev AArdeev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All good

@sergepetrenko sergepetrenko merged commit c3add35 into release/3.5 Nov 24, 2025
25 checks passed
@sergepetrenko sergepetrenko deleted the backport/release/3.5/11882 branch November 24, 2025 10:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AArdeev AArdeev AArdeev approved these changes

Assignees

@sergepetrenko sergepetrenko

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@TarantoolBot @coveralls @AArdeev @sergepetrenko @CuriousGeorgiy