Hardening and defensive fixes across REST, workload, SDK, and task manager layers

- TaskRequest: Add null checks before submitting tasks to prevent NPE on missing task names
- TaskRequest: Wrap getTaskResult() calls in try/catch to prevent unhandled exceptions bubbling up
- TaskRequest: Remove redundant reset_sdk_client_pool() from init_taskmanager() (already called in shutdown_taskmanager)
- WorkLoadGenerate: Omit durability field when level is NONE to let server enforce bucket-level durability
- WorkLoadGenerate: Bound get_client_for_bucket retry loop to 30 retries to prevent infinite wait
- WorkLoadGenerate: Catch exceptions from get_client_for_bucket inside the retry loop
- WorkLoadGenerate: Add catch-all exception handler around actual_run() and guard release_client on null sdk
- SDKClient: Remove unused static env1/env2 ClusterEnvironment fields (now managed by SharedClusterManager)
- SharedClusterManager: Replace per-connection non-TLS environment with shared sharedNonTLSEnvironment
- SharedClusterManager: Add separate TLS/non-TLS environment lifecycle tracking and shutdown guards
- TaskManager: Add null check for missing Future in getTaskResult() and abortTask()
- TaskManager: Remove task from map on ExecutionException to prevent stale entries

Co-authored-by: factory-droid[bot] <138933559+factory-droid[bot]@users.noreply.github.com>

Author: ashwin2002

src/main/java/RestServer/TaskRequest.java

@@ -386,7 +386,8 @@ private void reset_mongo_sdk_client_pool() {
     private void init_taskmanager() {
         TaskRequest.taskManager = new TaskManager(this.num_workers);
         System.out.println("Init TaskManager workers=" + this.num_workers);
-        this.reset_sdk_client_pool();
+        // Note: SDK client pool is already reset in shutdown_taskmanager(),
+        // no need to reset again here (avoid double shutdownAll() call)
         this.reset_mongo_sdk_client_pool();
     }
 
@@ -501,7 +502,13 @@ public ResponseEntity<Map<String, Object>> reset_task_manager() {
     public ResponseEntity<Map<String, Object>> submit_task() {
         Map<String, Object> body = new HashMap<>();
         try {
-            TaskRequest.taskManager.submit(TaskRequest.loader_tasks.get(this.taskName));
+            WorkLoadGenerate task = TaskRequest.loader_tasks.get(this.taskName);
+            if (task == null) {
+                body.put("status", false);
+                body.put("error", "Task " + this.taskName + " does not exist in loader_tasks");
+                return new ResponseEntity<>(body, HttpStatus.OK);
+            }
+            TaskRequest.taskManager.submit(task);
             TimeUnit.MILLISECONDS.sleep(5);
             body.put("status", true);
         } catch (Exception e) {
@@ -514,7 +521,13 @@ public ResponseEntity<Map<String, Object>> submit_task() {
     public ResponseEntity<Map<String, Object>> submit_task_mongo() {
         Map<String, Object> body = new HashMap<>();
         try {
-            TaskRequest.taskManager.submit(TaskRequest.mongo_loader_tasks.get(this.taskName));
+            mongo.loadgen.WorkLoadGenerate task = TaskRequest.mongo_loader_tasks.get(this.taskName);
+            if (task == null) {
+                body.put("status", false);
+                body.put("error", "Task " + this.taskName + " does not exist in mongo_loader_tasks");
+                return new ResponseEntity<>(body, HttpStatus.OK);
+            }
+            TaskRequest.taskManager.submit(task);
             TimeUnit.MILLISECONDS.sleep(5);
             body.put("status", true);
         } catch (Exception e) {
@@ -529,7 +542,12 @@ public ResponseEntity<Map<String, Object>> get_task_result_mongo() {
         try {
             mongo.loadgen.WorkLoadGenerate task = TaskRequest.mongo_loader_tasks.get(this.taskName);
         if (task != null) {
-            boolean okay = TaskRequest.taskManager.getTaskResult(task);
+            boolean okay = false;
+            try {
+                okay = TaskRequest.taskManager.getTaskResult(task);
+            } catch (Exception e) {
+                body.put("error", "Exception during getTaskResult: " + e.toString());
+            }
             body.put("status", okay);
         } else {
             body.put("error", "Task " + this.taskName + " does not exists");
@@ -548,7 +566,12 @@ public ResponseEntity<Map<String, Object>> get_task_result() {
         WorkLoadGenerate task = TaskRequest.loader_tasks.get(this.taskName);
         if (task != null) {
             Map<String, Object> failures = new HashMap<>();
-            boolean okay = TaskRequest.taskManager.getTaskResult(task);
+            boolean okay = false;
+            try {
+                okay = TaskRequest.taskManager.getTaskResult(task);
+            } catch (Exception e) {
+                body.put("error", "Exception during getTaskResult: " + e.toString());
+            }
             TaskRequest.loader_tasks.remove(this.taskName);
             for (HashMap.Entry<String, List<Result>> optype : task.failedMutations.entrySet()) {
                 optype.getValue().forEach(

src/main/java/couchbase/loadgen/WorkLoadGenerate.java

@@ -17,6 +17,7 @@
 import com.couchbase.client.core.deps.com.fasterxml.jackson.annotation.PropertyAccessor;
 import com.couchbase.client.core.deps.com.fasterxml.jackson.core.JsonProcessingException;
 import com.couchbase.client.core.deps.com.fasterxml.jackson.databind.ObjectMapper;
+import com.couchbase.client.core.msg.kv.DurabilityLevel;
 import com.couchbase.client.core.error.DocumentExistsException;
 import com.couchbase.client.core.error.DocumentNotFoundException;
 import com.couchbase.client.core.error.ServerOutOfMemoryException;
@@ -179,31 +180,50 @@ public void actual_run() {
         this.dg.ws.setDurabilityLevel(this.durability);
         this.dg.ws.setRetryStrategy(this.retryStrategy);
 
-        upsertOptions = UpsertOptions.upsertOptions()
+        // When DurabilityLevel.NONE is explicitly set, the SDK sends durability_level=0
+        // in the KV protocol frame, which tells the server "client explicitly wants no
+        // durability" and may override the bucket-level durability setting.
+        // To let the server enforce bucket-level durability, we must NOT call
+        // .durability() when the level is NONE - this omits the durability field
+        // from the request entirely, allowing the server to apply its own level.
+        boolean useClientDurability = this.dg.ws.durability != null
+                && this.dg.ws.durability != DurabilityLevel.NONE;
+
+        UpsertOptions upsertOpts = UpsertOptions.upsertOptions()
                 .timeout(this.dg.ws.timeout)
-                .durability(this.dg.ws.durability)
                 .retryStrategy(this.dg.ws.retryStrategy);
-        expiryOptions = InsertOptions.insertOptions()
+        if (useClientDurability) upsertOpts = upsertOpts.durability(this.dg.ws.durability);
+        upsertOptions = upsertOpts;
+
+        InsertOptions expiryOpts = InsertOptions.insertOptions()
                 .timeout(this.dg.ws.timeout)
-                .durability(this.dg.ws.durability)
                 .expiry(this.dg.ws.getDuration(this.exp, this.exp_unit))
                 .retryStrategy(this.dg.ws.retryStrategy);
-        setOptions = InsertOptions.insertOptions()
+        if (useClientDurability) expiryOpts = expiryOpts.durability(this.dg.ws.durability);
+        expiryOptions = expiryOpts;
+
+        InsertOptions setOpts = InsertOptions.insertOptions()
                 .timeout(this.dg.ws.timeout)
-                .durability(this.dg.ws.durability)
                 .retryStrategy(this.dg.ws.retryStrategy);
-        removeOptions = RemoveOptions.removeOptions()
+        if (useClientDurability) setOpts = setOpts.durability(this.dg.ws.durability);
+        setOptions = setOpts;
+
+        RemoveOptions removeOpts = RemoveOptions.removeOptions()
                 .timeout(this.dg.ws.timeout)
-                .durability(this.dg.ws.durability)
                 .retryStrategy(this.dg.ws.retryStrategy);
+        if (useClientDurability) removeOpts = removeOpts.durability(this.dg.ws.durability);
+        removeOptions = removeOpts;
+
         getOptions = GetOptions.getOptions()
                 .timeout(this.dg.ws.timeout)
                 .retryStrategy(this.dg.ws.retryStrategy);
-        mutateInOptions = MutateInOptions.mutateInOptions()
+
+        MutateInOptions mutateOpts = MutateInOptions.mutateInOptions()
                 .expiry(this.dg.ws.getDuration(this.exp, this.exp_unit))
                 .timeout(this.dg.ws.timeout)
-                .durability(this.dg.ws.durability)
                 .retryStrategy(this.dg.ws.retryStrategy);
+        if (useClientDurability) mutateOpts = mutateOpts.durability(this.dg.ws.durability);
+        mutateInOptions = mutateOpts;
         lookupInOptions = LookupInOptions.lookupInOptions();
 
         if(dg.ws.expiry == 0) {
@@ -454,9 +474,15 @@ else if(ops < dg.ws.ops/dg.ws.workers && flag) {
     @Override
     public void run() {
         if (this.sdkClientPool != null) {
-            while (this.sdk == null) {
-                this.sdk = this.sdkClientPool.get_client_for_bucket(
-                    this.bucket_name, this.scope, this.collection);
+            int retries = 0;
+            while (this.sdk == null && retries < 30) {
+                try {
+                    this.sdk = this.sdkClientPool.get_client_for_bucket(
+                        this.bucket_name, this.scope, this.collection);
+                } catch (Exception e) {
+                    logger.error("Error getting SDK client from pool for bucket "
+                            + this.bucket_name + ": " + e.getMessage());
+                }
                 if (this.sdk == null) {
                     try {
                         TimeUnit.SECONDS.sleep(1);
@@ -466,14 +492,25 @@ public void run() {
                         this.result = false;
                         return;
                     }
+                    retries++;
                 }
             }
+            if (this.sdk == null) {
+                logger.error("Failed to acquire SDK client for bucket "
+                        + this.bucket_name + " after " + retries + " retries");
+                this.result = false;
+                return;
+            }
         }
         try {
             this.actual_run();
         }
+        catch (Exception e) {
+            logger.error("Unhandled exception in task " + this.taskName + ": " + e.getMessage(), e);
+            this.result = false;
+        }
         finally{
-            if (this.sdkClientPool != null)
+            if (this.sdkClientPool != null && this.sdk != null)
                 this.sdkClientPool.release_client(this.sdk);
         }
     }

src/main/java/couchbase/sdk/SDKClient.java

@@ -1,21 +1,14 @@
 package couchbase.sdk;
 
 import java.time.Duration;
-import java.util.Properties;
 
 import org.apache.log4j.LogManager;
 import org.apache.log4j.Logger;
 
-import com.couchbase.client.core.deps.io.netty.handler.ssl.util.InsecureTrustManagerFactory;
-import com.couchbase.client.core.env.IoConfig;
-import com.couchbase.client.core.env.SecurityConfig;
-import com.couchbase.client.core.env.TimeoutConfig;
 import com.couchbase.client.core.error.AuthenticationFailureException;
 import com.couchbase.client.java.Bucket;
 import com.couchbase.client.java.Cluster;
-import com.couchbase.client.java.ClusterOptions;
 import com.couchbase.client.java.Collection;
-import com.couchbase.client.java.env.ClusterEnvironment;
 
 public class SDKClient {
     static Logger logger = LogManager.getLogger(SDKClient.class);
@@ -30,19 +23,6 @@ public class SDKClient {
 
     public Collection connection;
 
-    public static ClusterEnvironment env1 = ClusterEnvironment.builder()
-            .timeoutConfig(TimeoutConfig.builder().kvTimeout(Duration.ofSeconds(10)))
-            .securityConfig(SecurityConfig.enableTls(true)
-            .trustManagerFactory(InsecureTrustManagerFactory.INSTANCE))
-            .ioConfig(IoConfig.enableDnsSrv(true))
-            .ioConfig(IoConfig.numKvConnections(5))
-            .build();
-
-    public static ClusterEnvironment env2 = ClusterEnvironment.builder()
-            .timeoutConfig(TimeoutConfig.builder().kvTimeout(Duration.ofSeconds(10)))
-            .ioConfig(IoConfig.enableDnsSrv(true)).ioConfig(IoConfig.numKvConnections(5))
-            .build();
-
     public SDKClient(Server master, String bucket, String scope, String collection) {
         super();
         this.master = master;

src/main/java/couchbase/sdk/SharedClusterManager.java

@@ -28,26 +28,30 @@ public class SharedClusterManager {
     // Increased from default 5 to 500 to support 5,000 collections loading in parallel
     private static final int DEFAULT_KV_CONNECTIONS = 5;
 
-    // Shared ClusterEnvironment with optimized connection settings
+    // Shared ClusterEnvironment for TLS connections
     private static ClusterEnvironment sharedEnvironment;
 
-    // Track whether environment has been shutdown
-    private static volatile boolean environmentShutdown = false;
+    // Shared ClusterEnvironment for non-TLS connections
+    private static ClusterEnvironment sharedNonTLSEnvironment;
+
+    // Track whether environments have been shutdown
+    private static volatile boolean tlsEnvironmentShutdown = false;
+    private static volatile boolean nonTlsEnvironmentShutdown = false;
 
     private static final Object environmentLock = new Object();
 
     // Store cluster instances per server connection string
     private static ConcurrentHashMap<String, ClusterWrapper> clusterMap = new ConcurrentHashMap<>();
 
-    // Initialize the shared environment (lazy initialization with recreation)
+    // Initialize the shared TLS environment (lazy initialization with recreation)
     private static void initializeSharedEnvironment() {
-        if (sharedEnvironment == null || environmentShutdown) {
+        if (sharedEnvironment == null || tlsEnvironmentShutdown) {
             synchronized (environmentLock) {
                 // Double-check under lock
-                if (sharedEnvironment == null || environmentShutdown) {
+                if (sharedEnvironment == null || tlsEnvironmentShutdown) {
                     try {
-                        if (sharedEnvironment != null && environmentShutdown) {
-                            logger.info("Shared Cluster Environment was shutdown, recreating");
+                        if (sharedEnvironment != null && tlsEnvironmentShutdown) {
+                            logger.info("Shared TLS Cluster Environment was shutdown, recreating");
                         }
 
                         sharedEnvironment = ClusterEnvironment.builder()
@@ -57,10 +61,36 @@ private static void initializeSharedEnvironment() {
                                 .ioConfig(IoConfig.enableDnsSrv(true))
                                 .ioConfig(IoConfig.numKvConnections(DEFAULT_KV_CONNECTIONS))
                                 .build();
-                        environmentShutdown = false;
-                        logger.info("Shared Cluster Environment initialized with " + DEFAULT_KV_CONNECTIONS + " KV connections for massively parallel collection loads");
+                        tlsEnvironmentShutdown = false;
+                        logger.info("Shared TLS Cluster Environment initialized with " + DEFAULT_KV_CONNECTIONS + " KV connections");
                     } catch (Exception e) {
-                        logger.error("Failed to initialize shared Cluster Environment", e);
+                        logger.error("Failed to initialize shared TLS Cluster Environment", e);
+                    }
+                }
+            }
+        }
+    }
+
+    // Initialize the shared non-TLS environment (lazy initialization with recreation)
+    private static void initializeSharedNonTLSEnvironment() {
+        if (sharedNonTLSEnvironment == null || nonTlsEnvironmentShutdown) {
+            synchronized (environmentLock) {
+                // Double-check under lock
+                if (sharedNonTLSEnvironment == null || nonTlsEnvironmentShutdown) {
+                    try {
+                        if (sharedNonTLSEnvironment != null && nonTlsEnvironmentShutdown) {
+                            logger.info("Shared non-TLS Cluster Environment was shutdown, recreating");
+                        }
+                        
+                        sharedNonTLSEnvironment = ClusterEnvironment.builder()
+                                .timeoutConfig(TimeoutConfig.builder().kvTimeout(Duration.ofSeconds(10)))
+                                .ioConfig(IoConfig.enableDnsSrv(true))
+                                .ioConfig(IoConfig.numKvConnections(DEFAULT_KV_CONNECTIONS))
+                                .build();
+                        nonTlsEnvironmentShutdown = false;
+                        logger.info("Shared non-TLS Cluster Environment initialized with " + DEFAULT_KV_CONNECTIONS + " KV connections");
+                    } catch (Exception e) {
+                        logger.error("Failed to initialize shared non-TLS Cluster Environment", e);
                     }
                 }
             }
@@ -110,33 +140,54 @@ public static synchronized void releaseCluster(Server server) {
     }
 
     /**
-     * Shutdown all cluster instances and the shared environment
+     * Shutdown all cluster instances and the shared environments
      */
     public static synchronized void shutdownAll() {
         logger.info("Shutting down all shared Cluster instances");
         for (ClusterWrapper wrapper : clusterMap.values()) {
             if (wrapper.cluster != null) {
-                wrapper.cluster.disconnect();
+                try {
+                    wrapper.cluster.disconnect();
+                } catch (Exception e) {
+                    logger.warn("Error disconnecting cluster: " + e.getMessage());
+                }
             }
         }
         clusterMap.clear();
 
-        if (sharedEnvironment != null) {
-            sharedEnvironment.shutdown();
-            environmentShutdown = true;
-            logger.info("Shared Cluster Environment shutdown complete");
+        if (sharedEnvironment != null && !tlsEnvironmentShutdown) {
+            try {
+                sharedEnvironment.shutdown();
+            } catch (Exception e) {
+                logger.warn("Error shutting down TLS environment: " + e.getMessage());
+            }
+            tlsEnvironmentShutdown = true;
+            logger.info("Shared TLS Cluster Environment shutdown complete");
+        }
+
+        if (sharedNonTLSEnvironment != null && !nonTlsEnvironmentShutdown) {
+            try {
+                sharedNonTLSEnvironment.shutdown();
+            } catch (Exception e) {
+                logger.warn("Error shutting down non-TLS environment: " + e.getMessage());
+            }
+            nonTlsEnvironmentShutdown = true;
+            logger.info("Shared non-TLS Cluster Environment shutdown complete");
         }
     }
 
     private static Cluster createCluster(Server server) throws AuthenticationFailureException {
+        initializeSharedEnvironment();
+        initializeSharedNonTLSEnvironment();
+
         ClusterOptions clusterOptions;
         try {
             if (server.memcached_port.equals("11207")) {
                 clusterOptions = ClusterOptions.clusterOptions(server.rest_username, server.rest_password)
                         .environment(sharedEnvironment);
             } else {
                 clusterOptions = ClusterOptions.clusterOptions(server.rest_username, server.rest_password)
-                        .environment(createNonTLSEnvironment());
+                        .environment(sharedNonTLSEnvironment);
             }
 
             Cluster cluster = Cluster.connect(server.ip, clusterOptions);
@@ -152,14 +203,6 @@ private static Cluster createCluster(Server server) throws AuthenticationFailure
         }
     }
 
-    private static ClusterEnvironment createNonTLSEnvironment() {
-        return ClusterEnvironment.builder()
-                .timeoutConfig(TimeoutConfig.builder().kvTimeout(Duration.ofSeconds(10)))
-                .ioConfig(IoConfig.enableDnsSrv(true))
-                .ioConfig(IoConfig.numKvConnections(DEFAULT_KV_CONNECTIONS))
-                .build();
-    }
-
     private static String getClusterKey(Server server) {
         return server.ip + ":" + server.memcached_port;
     }