Conversation
…leanup # Conflicts: # go.sum
sjmiller609
changed the title
|
taking liberty to merge |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| // Skip cleanup when we don't have an authoritative running set. | ||
| // This avoids deleting TAPs created by other concurrent hypeman processes/tests. | ||
| if len(runningInstanceIDs) == 0 { | ||
| log.DebugContext(ctx, "skipping TAP cleanup (empty instance list)") |
There was a problem hiding this comment.
Empty slice now skips TAP cleanup breaking production intent
High Severity
Changing the guard from runningInstanceIDs == nil to len(runningInstanceIDs) == 0 breaks the production caller in cmd/api/main.go, which explicitly initializes preserveTAPs to []string{} (not nil) when there are no running VMs, with a comment stating "Initialize to empty slice (not nil) so cleanup runs even with no running VMs." The caller relies on the nil vs empty-slice distinction to differentiate "we don't know what's running, skip cleanup" from "nothing is running, clean up all orphaned TAPs." Now both cases skip cleanup, causing orphaned TAP devices to accumulate indefinitely.
There was a problem hiding this comment.
Risk assessment: Medium (review required).
Evidence from the code diff:
cmd/api/api/instances.go: instance network mapping changed from direct struct assignment tomap[string]any+json.Marshal/json.UnmarshalintooapiInst.Network, introducing behavioral/API-shape risk and a silent failure path if unmarshal fails.lib/network/bridge_linux.go: TAP cleanup semantics changed fromnil-only guard tolen(...) == 0, which changes cleanup behavior when the running-instance list is empty..github/workflows/test.yml: CI/toolchain verification updates (lower runtime risk, but still part of overall change set).
Decision:
- Not approving in this run because risk is Medium and production codepaths are modified.
- Reviewer requests placed for
@hiroTamadaand@rgarcia.
1 participant
Note
Medium Risk
Medium risk because it changes instance API serialization for the
networkfield and alters when orphaned TAP devices are cleaned up, which can affect runtime networking behavior. CI changes are low risk but may fail builds if the sudo PATH/toolchain differs on runners.Overview
CI: Adds a Linux workflow step to verify
mkfs.erofs,mkfs.ext4, andiptablesare available undersudoPATH before tests run, aiming to catch runner misconfiguration early.Runtime: Updates
instanceToOAPIto populateoapi.Instance.Networkvia JSON marshal/unmarshal (avoiding tight compile-time coupling to generated OpenAPI structs), and makesCleanupOrphanedTAPsskip cleanup when the running instance list is empty (not justnil) to avoid deleting TAPs from concurrent processes/tests.Written by Cursor Bugbot for commit f3b95a1. This will update automatically on new commits. Configure here.