[PR] [fix](be) Fix shared delta writer state lifetime [doris]

Tue, 09 Jun 2026 20:52:16 -0700 


bobhan1 opened a new pull request, #64349:
URL: https://github.com/apache/doris/pull/64349

   ### What problem does this PR solve?
   
   Issue Number: None
   
   Problem Summary:
   
   Shared `DeltaWriterV2` instances can be reused by multiple local sinks from 
the same load. Before this change, the shared writer stored the `RuntimeState*` 
from the sink that first created it. If that creator sink finished and its 
`RuntimeState` was destroyed while another local sink continued to reuse the 
shared writer, `DeltaWriterV2::write()` could access the destroyed state in the 
memtable flush-limit cancellation path, causing a BE crash or ASAN 
use-after-free.
   
   This PR adds a BE unit test that reproduces the lifetime boundary:
   
   - one `VTabletWriterV2` creates the shared `DeltaWriterV2`;
   - the creator writer and its `RuntimeState` are destroyed without cancelling 
the shared writer;
   - a second writer reuses the shared writer and is forced into the 
`DeltaWriterV2::write()` flush-limit wait path;
   - the old code reads the destroyed creator state, while the fixed code 
observes the current writer's cancel state and exits cleanly.
   
   The fix removes the stored `RuntimeState*` from `DeltaWriterV2`. The shared 
writer now keeps only the stable `WorkloadGroup` shared pointer needed by 
`MemTableWriter` initialization, and `VTabletWriterV2` passes a per-call cancel 
checker into `DeltaWriterV2::write()` so cancellation is evaluated against the 
current sink.
   
   ### Release note
   
   Fix a possible BE crash when shared delta writers are reused by multiple 
local sinks.
   
   ### Check List (For Author)
   
   - Test: Unit Test
       - `./run-be-ut.sh --run 
--filter=TestVTabletWriterV2.shared_delta_writer_should_not_access_destroyed_creator_runtime_state
 -j 100`
       - `./run-be-ut.sh --run --filter=DeltaWriterV2PoolTest.* -j 100`
   - Behavior changed: Yes. Shared `DeltaWriterV2` cancellation now uses the 
current sink's state instead of the creator sink's state.
   - Does this need documentation: No
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to