shreemaan-abhishek opened a new pull request, #13592:
URL: https://github.com/apache/apisix/pull/13592

   ### Description
   
   `ai-proxy-multi`'s `construct_upstream` returns `nil, err` on its normal 
failure path (unresolvable endpoint, missing host/port, nil instance) and can 
also raise a Lua error. The two healthcheck-manager timers called it without a 
`pcall` or a nil check:
   
   ```lua
   upstream = plugin.construct_upstream(upstream_constructor_config)
   upstream.resource_key = resource_path
   ```
   
   When `construct_upstream` returned `nil` (or threw), the following 
`upstream.resource_key = ...` / `upstream._nodes_ver` access raised `attempt to 
index a nil value` inside the timer callback that iterates **all** healthcheck 
resources. A single malformed `ai-proxy-multi` instance could therefore abort 
checker creation/refresh for every resource in that worker, not just the 
offending one.
   
   This wraps both call sites in `pcall`. On failure the timer logs and skips 
the resource (creation path) or keeps the existing checker (refresh path) 
instead of crashing.
   
   The fix landed in API7 EE first (panic in construct upstream). This 
backports it to `apache/apisix`.
   
   ### Tests
   
   Adds `t/plugin/ai-proxy-multi-construct-upstream-panic.t` covering both 
timer paths: a `construct_upstream` override that raises a Lua error during 
checker creation and during the working-pool check. Proxying stays unaffected 
and the guarded message is logged instead of the worker timer dying.
   
   ### Checklist
   
   - [x] I have explained the need for this PR and the problem it solves
   - [x] I have explained the changes or the new features added to this PR
   - [x] I have added tests corresponding to this change
   - [x] I have updated the documentation to reflect this change (N/A: internal 
robustness fix, no user-facing behavior change)
   - [x] I have verified that this change is backward compatible
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to