[2862] Abort on bad segment reset

src/bin/auth/auth_messages.mes

@@ -147,19 +147,25 @@ the data source clients, and is now running with the new configuration.
 
 % AUTH_DATASRC_CLIENTS_BUILDER_SEGMENT_BAD_CLASS invalid RRclass %1 at segment update
 A memory segment update message was sent to the authoritative server. But the
-class contained there is no valid class, so the update is dropped. This is
-likely a bug in the code.
+class contained there is no valid class. This means the system is in
+inconsistent state and the authoritative server aborts to minimise the problem
+This is likely a bug in the code.
 
 % AUTH_DATASRC_CLIENTS_BUILDER_SEGMENT_ERROR error updating the memory segment: %1
 The authoritative server tried to update the memory segment. But the update
-failed. The update is dropped. This is likely a bug in the code.
+failed. The authoritative server aborts to avoid system inconsistency. This is
+likely a bug in the code.
+
+% AUTH_DATASRC_CLIENTS_BUILDER_SEGMENT_NO_DATASRC there's no data source named %2 in class %1
+The authoritative server was asked to update the memory segment of the given
+data source. The authoritative server aborts as this means the system is in
+inconsistent state. This is likely a bug in the code.
 
 % AUTH_DATASRC_CLIENTS_BUILDER_SEGMENT_UNKNOWN_CLASS unknown class %1 at segment update
 A memory segment update message was sent to the authoritative server. The class
 name for which the update should happen is valid, but no client lists are
-configured for that class. The update is dropped. This may be caused by a bug
-in the code or by a temporary inconsistancy between the memory manager and the
-authoritative server after change of configuration.
+configured for that class. The system is in inconsistent state and the
+authoritative server aborts. This may be caused by a bug in the code.
 
 % AUTH_DATASRC_CLIENTS_BUILDER_STARTED data source builder thread started
 A separate thread for maintaining data source clients has been started.

src/bin/auth/datasrc_clients_mgr.h

@@ -638,22 +638,29 @@ private:
             const boost::shared_ptr<isc::datasrc::ConfigurableClientList>&
                 list = (**clients_map_)[rrclass];
             if (!list) {
-                LOG_ERROR(auth_logger,
+                LOG_FATAL(auth_logger,
                           AUTH_DATASRC_CLIENTS_BUILDER_SEGMENT_UNKNOWN_CLASS)
                     .arg(rrclass);
-                return;
+                std::terminate();
+            }
+            if (!list->resetMemorySegment(name,
+                    isc::datasrc::memory::ZoneTableSegment::READ_ONLY,
+                    segment_params)) {
+                LOG_FATAL(auth_logger,
+                          AUTH_DATASRC_CLIENTS_BUILDER_SEGMENT_NO_DATASRC)
+                    .arg(rrclass).arg(name);
+                std::terminate();
             }
-            list->resetMemorySegment(name,
-                isc::datasrc::memory::ZoneTableSegment::READ_ONLY,
-                segment_params);
         } catch (const isc::dns::InvalidRRClass& irce) {
-            LOG_ERROR(auth_logger,
+            LOG_FATAL(auth_logger,
                       AUTH_DATASRC_CLIENTS_BUILDER_SEGMENT_BAD_CLASS)
                 .arg(arg->get("data-source-class"));
+            std::terminate();
         } catch (const isc::Exception& e) {
-            LOG_ERROR(auth_logger,
+            LOG_FATAL(auth_logger,
                       AUTH_DATASRC_CLIENTS_BUILDER_SEGMENT_ERROR)
                 .arg(e.what());
+            std::terminate();
         }
     }
 

src/bin/auth/tests/datasrc_clients_builder_unittest.cc

@@ -710,28 +710,37 @@ TEST_F(DataSrcClientsBuilderTest,
     const ElementPtr bad_name = Element::fromJSON(command_args->toWire());
     // Set bad name
     bad_name->set("data-source-name", Element::create("bad"));
-    // Nothing breaks
-    builder.handleCommand(Command(SEGMENT_INFO_UPDATE, bad_name,
-                                  FinishedCallback()));
+    EXPECT_DEATH_IF_SUPPORTED({
+        builder.handleCommand(Command(SEGMENT_INFO_UPDATE, bad_name,
+                                      FinishedCallback()));
+    }, "");
 
     // Another copy with wrong class
     const ElementPtr bad_class = Element::fromJSON(command_args->toWire());
     // Set bad class
     bad_class->set("data-source-class", Element::create("bad"));
-    // Nothing breaks
-    builder.handleCommand(Command(SEGMENT_INFO_UPDATE, bad_class,
-                                  FinishedCallback()));
+    // Aborts (we are out of sync somehow).
+    EXPECT_DEATH_IF_SUPPORTED({
+        builder.handleCommand(Command(SEGMENT_INFO_UPDATE, bad_class,
+                                      FinishedCallback()));
+    }, "");
 
     // Class CH is valid, but not present.
     bad_class->set("data-source-class", Element::create("CH"));
-    // Nothing breaks
-    builder.handleCommand(Command(SEGMENT_INFO_UPDATE, bad_class,
-                                  FinishedCallback()));
+    EXPECT_DEATH_IF_SUPPORTED({
+        builder.handleCommand(Command(SEGMENT_INFO_UPDATE, bad_class,
+                                      FinishedCallback()));
+    }, "");
 
     // And break the segment params
     const ElementPtr bad_params = Element::fromJSON(command_args->toWire());
     bad_params->set("segment-params",
                     Element::fromJSON("{\"mapped-file\": \"/bad/file\"}"));
+
+    EXPECT_DEATH_IF_SUPPORTED({
+        builder.handleCommand(Command(SEGMENT_INFO_UPDATE, bad_class,
+                                      FinishedCallback()));
+    }, "");
 }
 
 } // unnamed namespace