Skip to content

CASSANDRA-21072: Prevent TombstoneOverwhelmingException from being swallowed when tracking warnings #4607

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
arnav-chakraborty wants to merge 1 commit into
base: trunk
Choose a base branch
from
Open

CASSANDRA-21072: Prevent TombstoneOverwhelmingException from being swallowed when tracking warnings #4607

arnav-chakraborty wants to merge 1 commit into from
+52 −1

Conversation

@arnav-chakraborty
Copy link

@arnav-chakraborty arnav-chakraborty commented Feb 8, 2026
edited
Loading

PR Description:

Prevent TombstoneOverwhelmingException from being swallowed when tracking warnings

Summary

In ReadCommandVerbHandler.doVerb(), when trackWarnings=true, all RejectException subclasses are caught and swallowed — an empty success response is sent with failure info in MessageParams. While the coordinator eventually
recognizes the failure via the side-channel params, TombstoneOverwhelmingException is a hard abort that should propagate as a proper failure response, not masquerade as a success.

The fix adds || e instanceof TombstoneOverwhelmingException to the catch block so it is always re-thrown. Other RejectException subclasses (LocalReadSizeTooLargeException, QueryReferencingTooManyIndexesException) continue
using the MessageParams path since they're designed for WarningContext aggregation.

Related datastax commit pr --> datastax@f1223ec

patch by Arnav Chakraborty; for CASSANDRA-21072

Co-authored-by: Arnav Chakraborty arnav251035@gmail.com

@arnav-chakraborty @claude
CASSANDRA-21072: Prevent TombstoneOverwhelmingException from being sw…
2150119 
…allowed when tracking warnings

When trackWarnings is enabled, ReadCommandVerbHandler catches all
RejectException subclasses and sends an empty success response with
failure info in MessageParams. TombstoneOverwhelmingException is a hard
abort that should propagate as a proper failure, not masquerade as
success. Re-throw it regardless of warning tracking state.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@bschoening bschoening requested a review from Copilot February 10, 2026 21:13
Copilot AI reviewed Feb 10, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR ensures TombstoneOverwhelmingException is not swallowed when TRACK_WARNINGS is enabled in ReadCommandVerbHandler, so the exception propagates as a proper failure instead of being turned into an “empty success” response with side-channel MessageParams.

Changes:

  • Update ReadCommandVerbHandler.doVerb() to rethrow TombstoneOverwhelmingException even when warning tracking is enabled.
  • Add unit tests verifying TombstoneOverwhelmingException propagates both with and without TRACK_WARNINGS.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
src/java/org/apache/cassandra/db/ReadCommandVerbHandler.java Prevents TombstoneOverwhelmingException from being swallowed in the warning-tracking RejectException handling path.
test/unit/org/apache/cassandra/db/ReadCommandVerbHandlerTest.java Adds regression tests ensuring tombstone aborts propagate regardless of warning tracking.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

src/java/org/apache/cassandra/db/ReadCommandVerbHandler.java
Comment on lines 90 to 94
catch (RejectException e)
{
if (!command.isTrackingWarnings())
if (!command.isTrackingWarnings() || e instanceof TombstoneOverwhelmingException)
throw e;

Copy link

Copilot AI Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new special-casing for TombstoneOverwhelmingException is covered by tests, but there is still no unit test asserting the opposite branch: when TRACK_WARNINGS is enabled and a different RejectException (e.g., LocalReadSizeTooLargeException / QueryReferencingTooManyIndexesException) is thrown, doVerb should swallow it and send an empty success response with the corresponding MessageParams populated. Adding a test for this would protect against future regressions in the warning-tracking path.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@arnav-chakraborty