-
Type: Task
-
Resolution: Won't Fix
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Storage
-
None
-
Storage Execution
Query code and background validation both hold pointers to IndexCatalogEntrys outside of locks, via the IndexCatalog::getEntryShared() function.
This leads to problems when the index is either dropped or the catalog recreated for the restartCatalog cmd (open/closeCatalog), where the IndexCatalogEntry becomes unsafe, for example because it has IndexDescriptors pointing to memory that has been released with the catalog destruction.
Query currently holds a weak_ptr to the IndexCatalogEntry, and depends upon no other callers to getSharedEntry, which is a very fragile dependency with no safeguards. With background validation, we now we have an isDropped function on the IndexCatalogEntry, along with a catalog generation number saved on the ServiceContext, in order to detect when an IndexCatalogEntry shared_ptr is no longer safe.
Instead of the difficulties and subtleties above, I suggest a Future-Promise solution, wherein callers can get a Promise that notifies them when the IndexCatalogEntry is destructed for any reason, along with the appropriate error code.