server/kv: Fix LRU list corruption under concurrent promotion#47
Merged
Conversation
DwyaneShi
reviewed
Mar 27, 2026
| static void priskv_lru_access(priskv_key *keynode, bool is_in_list) | ||
| { | ||
| priskv_kv *kv = keynode->kv; | ||
| (void)is_in_list; /* Kept for backward compatibility; logic no longer depends on it */ |
Collaborator
There was a problem hiding this comment.
- is removing
is_in_listnecessary to fix the issue? - let's keep it if not. otherwise, let's remove it from all the usages, keeping compatibility is not needed since it's a internal API.
Contributor
Author
There was a problem hiding this comment.
The current test case only covers concurrent seal, and the following fixes the issue of concurrent seal UAF. The problem here is that when Acquire/Seal is concurrent, list_add for the same node may have issues, but there is currently no such test case.
Contributor
Author
There was a problem hiding this comment.
I will supplement more comprehensive concurrent stress testing
Contributor
Author
There was a problem hiding this comment.
removing is_in_list is not to fix the issue, so I have reverted the commit about priskv_lru_access change.
yapple
force-pushed
the
fix-lru-access-race
branch
from
518a00d to
28eec0b
Compare
…ger transport UTs Fix a publish-window race where a new node becomes visible before LRU integration and could be observed by concurrent GET/UNPIN and reclaimed prematurely. Hold a temporary reference across the publish window and drop it after LRU join and old-node cleanup. Observability and robustness: - Count PIN on publish for parity with ACQUIRE+PIN. - Update pin/unpin/pin_failed counters via atomic increments. - Add warnings for potential stale handles and non-OK UNPIN statuses. Unit tests (transport): - Add a multithreaded combo test covering ALLOC+SEAL(PIN), concurrent ACQUIRE(PIN)/RELEASE(UNPIN), and verify both pin_count and delta counters. Use TLS slots to reliably capture per-thread status/token. - Fix concurrent SEAL+PIN test to unpin via the latest handle to avoid stale-handle issues. - Make transport tests accept nthreads/iters; run stress as "test-transport 8 200" from the test runner. Files: server/kv.c, server/test/test_transport.c, run_unit_test.py
yapple
force-pushed
the
fix-lru-access-race
branch
from
28eec0b to
b1593ef
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
list_del_initthenlist_addunder the LRU lock; ignoreis_in_listto avoid duplicate inserts when publish/SEAL and GET race on the same key.list_del_initso repeated deletions/touches remain safe.Impact: prevents doubly-linked list corruption and potential crashes; improves stability of LRU operations under concurrency.
Pull Request Description
[Please provide a clear and concise description of your changes here]
Related Issues
Resolves: #[Insert issue number(s)]
Important: Before submitting, please complete the description above and review the checklist below.
Contribution Guidelines (Expand for Details)
We appreciate your contribution to PrisKV! To ensure a smooth review process and maintain high code quality, please adhere to the following guidelines:
Pull Request Title Format
Your PR title should start with one of these prefixes to indicate the nature of the change:
[Bug]: Corrections to existing functionality[CI]: Changes to build process or CI pipeline[Docs]: Updates or additions to documentation[API]: Modifications to PrisKV's API or interface[CLI]: Changes or additions to the Command Line Interface[Misc]: For changes not covered above (use sparingly)Note: For changes spanning multiple categories, use multiple prefixes in order of importance.
Submission Checklist
By submitting this PR, you confirm that you've read these guidelines and your changes align with the project's contribution standards.