Fix ReadBuffer canceled assertion in TCPHandler idle loop#100536
Closed
nerve-bot wants to merge 1 commit intoClickHouse:masterfrom
Closed
Fix ReadBuffer canceled assertion in TCPHandler idle loop#100536nerve-bot wants to merge 1 commit intoClickHouse:masterfrom
nerve-bot wants to merge 1 commit intoClickHouse:masterfrom
Conversation
|
|
nerve-bot
force-pushed
the
fix-readbuffer-canceled-exception-swallowed
branch
from
2aa7f64 to
494f746
Compare
Contributor
|
Workflow [PR], commit [95e1ecd] Summary: ❌
AI ReviewSummaryThis PR fixes an exception path where ClickHouse Rules
Final Verdict
|
clickhouse-gh
bot
added
the
pr-bugfix
![clickhouse-gh[bot]](https://avatars.githubusercontent.com/in/928874?s=60&v=4){kind=small}
| #include <string> | ||
| #include <IO/ReadBuffer.h> | ||
| #include <IO/ReadBufferFromString.h> | ||
| #include <IO/ReadHelpers.h> |
Contributor
There was a problem hiding this comment.
Unused include: #include <IO/ReadHelpers.h> does not appear to be used in this test file.
Please remove it to keep dependencies minimal and avoid unnecessary transitive includes in test targets.
TCPHandler::runImpl() idle loop called in->eof() on a ReadBuffer that had been canceled by a previous query's pipeline callback. In debug and sanitizer builds, ReadBuffer::next() has chassert(!isCanceled()) which aborts the server process. This was observed as recurring "Logical error: ReadBuffer is canceled" crashes in stress tests (amd_tsan, amd_msan, amd_debug) — STID 2508-2913, 2508-25af. Add ReadBuffer::eofOrCanceled() which checks isCanceled() before eof(), preventing the assertion. TCPHandler idle loop now uses eofOrCanceled(). Also add explicit rethrowExceptionIfHas() after cancel() in PullingAsyncPipelineExecutor::pull() as a defensive measure for the is_execution_finished path. Co-Authored-By: Claude Opus 4.6 <[email protected]>
nerve-bot
force-pushed
the
fix-readbuffer-canceled-exception-swallowed
branch
from
494f746 to
95e1ecd
Compare
clickhouse-gh
bot
added
pr-ci
and removed
pr-bugfix
Contributor
LLVM Coverage Report
PR changed lines: PR changed-lines coverage: 100.00% (43/43, 0 noise lines excluded) |
This was referenced Mar 25, 2026
1 task
Member
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When a pipeline callback (e.g.
ClusterFunctionReadTaskCallbackviaurlCluster) readsfrom the TCP
ReadBufferand the read fails,ReadBuffer::next()catches the exceptionand calls
cancel(), setting thecanceledflag permanently. If the exception is handledbut the connection is not closed, the
TCPHandler::runImpl()idle loop callsin->eof()on the canceled buffer. In debug/sanitizer builds this triggers
chassert(!isCanceled())insideReadBuffer::next(), aborting the server.Observed as recurring stress test crashes on master (amd_tsan, amd_msan, amd_debug):
TCPHandler::runImpl()at idle loopin->eof()Changes:
ReadBuffer::eofOrCanceled()— checksisCanceled()beforeeof(), so theassertion is never reached on a canceled buffer.
TCPHandler::runImpl()idle loop now callsin->eofOrCanceled()instead ofin->eof().rethrowExceptionIfHas()aftercancel()inPullingAsyncPipelineExecutor::pull()as a defensive measure.gtest_read_buffer_cancel): callseofOrCanceled()on a canceledbuffer — crashes without the fix, passes with it.
Previous fix attempts (#98955, #100400) addressed related race conditions but did not
cover this idle-loop path.
Closes #100581
Changelog category (leave one):
Changelog entry (a user-readable short description of the changes that goes into CHANGELOG.md):
...
Documentation entry for user-facing changes