Skip to content

Commit 113a166

Browse files
authored
Merge pull request #29508 from andrwng/ct-l1-lsm-domain-manager-crash
ct/l1/lsm: avoid segfault after opening fails
2 parents f3e4736 + 5928881 commit 113a166

File tree

2 files changed

+11
-4
lines changed

2 files changed

+11
-4
lines changed

src/v/cloud_topics/level_one/domain/db_domain_manager.cc

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -903,6 +903,9 @@ db_domain_manager::gate_and_open_reads() {
903903
// Shutting down.
904904
co_return std::unexpected(rpc::errc::not_leader);
905905
}
906+
if (!db_ || db_->needs_reopen()) {
907+
co_return std::unexpected(rpc::errc::not_leader);
908+
}
906909
co_return gate_read_lock{
907910
.gate = std::move(*gate_res),
908911
.db_lock = std::move(fut.get()),
@@ -1087,7 +1090,7 @@ db_domain_manager::restore_domain(rpc::restore_domain_request req) {
10871090
};
10881091
}
10891092
// No-op, we're already restored!
1090-
if (db_->get_domain_uuid() == req.new_uuid) {
1093+
if (db_ && db_->get_domain_uuid() == req.new_uuid) {
10911094
co_return rpc::restore_domain_reply{
10921095
.ec = rpc::errc::ok,
10931096
};
@@ -1101,6 +1104,11 @@ db_domain_manager::restore_domain(rpc::restore_domain_request req) {
11011104
.ec = rpc::errc::not_leader,
11021105
};
11031106
}
1107+
if (!db_ || db_->needs_reopen()) {
1108+
co_return rpc::restore_domain_reply{
1109+
.ec = rpc::errc::not_leader,
1110+
};
1111+
}
11041112
// Check again for the no-op case a restore finished while we were waiting
11051113
// for the lock.
11061114
if (db_->get_domain_uuid() == req.new_uuid) {

src/v/cloud_topics/level_one/domain/db_domain_manager.h

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -87,9 +87,8 @@ class db_domain_manager final : public domain_manager {
8787
// reopening it if needed (e.g. the underlying Raft term has changed since
8888
// the last open).
8989
//
90-
// Once called, callers should expect that db_ is at least set, though it
91-
// is possible that it will still need to be reopened (e.g. because of a
92-
// domain restore).
90+
// Even upon success, callers should check the database is still opened
91+
// with the database lock.
9392
ss::future<std::expected<void, rpc::errc>> maybe_open_db();
9493

9594
// Should be called and held when resetting the database instance to ensure

0 commit comments

Comments
 (0)