* Add test demonstrating bug #4778 - nil pool causes panic
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4778: Add nil pool validation in newRefreshConnectionState
Add nil check immediately after retrieving pool from pluginManager
to prevent panic when pool is nil. This addresses the issue where
a nil pool would cause a segmentation fault when passed to
db_local.SetUserSearchPath().
The fix returns a descriptive error instead of panicking, allowing
calling code to handle the error gracefully.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Add test demonstrating bug #4781 - RunBatchSession blocks forever
Test currently skipped as it demonstrates the bug where RunBatchSession
blocks forever if initData.Loaded channel never closes, even when the
context is cancelled. This test will be unskipped after the bug is fixed.
Related to #4781🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4781: Add context cancellation check to RunBatchSession
Changes RunBatchSession to respect context cancellation when waiting for
initialization. Previously, the function would block forever on the
initData.Loaded channel if it never closed, even when the context was
cancelled. Now uses a select statement to also check ctx.Done().
Fixes#4781🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Add test demonstrating bug #4788 - ClosePrompt panics with nil
Adds TestClosePromptNilCancelPanic that reproduces the bug where
ClosePrompt() panics with a nil pointer dereference when cancelPrompt
is nil. This can happen if ClosePrompt is called before the prompt is
fully initialized.
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4788: Add nil check before calling cancelPrompt
Prevents panic in ClosePrompt() when cancelPrompt is nil.
This can happen if ClosePrompt is called before the prompt
is fully initialized.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Add test demonstrating bug #4786 - race in updateRateLimiterStatus
Test demonstrates the race condition when updateRateLimiterStatus reads
from the userLimiters map without holding a lock, while another goroutine
concurrently writes to the map.
Running with -race flag shows data races at:
- plugin_manager_rate_limiters.go:176 (read in getUserDefinedLimitersForPlugin)
- plugin_manager_rate_limiters.go:161 (read in updateRateLimiterStatus)
- rate_limiters_test.go:40 (concurrent write)
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4786: Protect updateRateLimiterStatus with RWMutex
Add RWMutex write lock protection to updateRateLimiterStatus to prevent
race conditions when the method reads from userLimiters map and writes to
pluginLimiter.Status fields while other goroutines concurrently modify these
data structures.
The fix uses m.mut.Lock() (not RLock) because the method modifies the
pluginLimiter.Status field, requiring exclusive write access.
Note: This fix assumes updateRateLimiterStatus is not called from within
a context that already holds the mutex. If it is, additional refactoring
will be needed to prevent deadlock.
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix deadlock in updateRateLimiterStatus
The previous fix introduced a deadlock where updateRateLimiterStatus() would:
1. Acquire m.mut.Lock()
2. Call getUserDefinedLimitersForPlugin()
3. Which tries to acquire m.mut.RLock() - deadlock!
Go mutexes cannot acquire RLock when the same goroutine already holds Lock.
Fix by refactoring into internal/public pattern:
- getUserDefinedLimitersForPlugin() - public, acquires RLock
- getUserDefinedLimitersForPluginInternal() - internal, no lock (caller must hold it)
- updateRateLimiterStatus() now calls internal version while holding lock
Test verification: TestPluginManager_UpdateRateLimiterStatus_NoOverride
- Before: Timeout after 28s
- After: Pass in 0.429s
Fixes#4786
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Add tests demonstrating bug #4793: Close() sets sessions=nil without mutex
These tests demonstrate the race condition where Close() sets c.sessions
to nil without holding the mutex, while AcquireSession() tries to access
the map with the mutex held.
Running with -race detects the data race and the test panics with
"assignment to entry in nil map".
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4793: Protect sessions map access with mutex in Close()
Acquire sessionsMutex before setting sessions to nil in Close() to prevent
data race with AcquireSession(). Also add nil check in AcquireSession() to
handle the case where Close() has been called.
This prevents the panic "assignment to entry in nil map" when Close() and
AcquireSession() are called concurrently.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Add test for #4811: query history should have bounded size
* Fix#4811: Enforce bounded size for query history
Add enforceLimit() helper that ensures history never exceeds HistorySize.
Call it from Get(), Push(), and load() to prevent unbounded memory growth
even when history is pre-populated from file or direct manipulation.
* Add test for #4808: Race condition on disableTiming field
Add test that verifies disableTiming field uses atomic.Bool instead of
plain bool to prevent race conditions.
The test checks that:
- disableTiming is declared as atomic.Bool
- shouldFetchTiming() uses atomic Load()
- getQueryTiming() uses atomic Store() operations
- Direct assignments that cause races are not present
This test will fail until the implementation is fixed.
* Fix#4808: Use atomic.Bool for disableTiming to prevent race condition
* Add test for #4812: Autocomplete suggestions should have size limits
This test verifies that autocomplete suggestion maps enforce size limits
to prevent unbounded memory growth. The test calls setTablesForSchema()
and setQueriesForMod() methods that should enforce:
- Maximum 100 schemas in tablesBySchema
- Maximum 500 tables per schema
- Maximum 100 mods in queriesByMod
- Maximum 500 queries per mod
This test will fail until the size limiting implementation is added.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4812: Add size limits to autocomplete suggestions maps
Implements bounded size for autocomplete suggestion maps to prevent
unbounded memory growth with large schemas:
- Added constants for max schemas (100) and max tables per schema (500)
- Created setTablesForSchema() and setQueriesForMod() methods that enforce
limits using LRU-style eviction when limits are exceeded
- Updated interactive_client_autocomplete.go to use the new bounded setter
This prevents excessive memory consumption when dealing with databases
that have hundreds of connections with many tables each.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Add test for #4808: Race condition on disableTiming field
Add test that verifies disableTiming field uses atomic.Bool instead of
plain bool to prevent race conditions.
The test checks that:
- disableTiming is declared as atomic.Bool
- shouldFetchTiming() uses atomic Load()
- getQueryTiming() uses atomic Store() operations
- Direct assignments that cause races are not present
This test will fail until the implementation is fixed.
* Fix#4808: Use atomic.Bool for disableTiming to prevent race condition
* Unskip test demonstrating bug #4805: Concurrent read and close may race
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4805: Add synchronization for concurrent StreamRow and Close
The sync.Once in Close() only prevents multiple Close() calls, but
doesn't coordinate with StreamRow() operations. Added a mutex and
closed flag to prevent race conditions when one goroutine streams
rows while another closes the result.
The fix:
- Added mutex (mu) and closed flag to Result struct
- StreamRow checks closed flag before streaming (with RLock)
- Close sets closed flag (with Lock) before closing channel
This prevents "send on closed channel" panics and data races.
Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Add test for #4803: Race condition in initialisationComplete flag
Add TestInitialisationComplete_RaceCondition to demonstrate the data race
that occurs when the initialisationComplete boolean flag is accessed
concurrently by multiple goroutines without synchronization.
The test simulates:
- Init goroutine writing to the flag
- Query executor reading via isInitialised()
- Notification handler reading the flag directly
This test will fail when run with the -race flag, exposing the bug.
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4803: Use atomic.Bool for initialisationComplete flag
Replace the plain boolean initialisationComplete field with atomic.Bool
to prevent data races when accessed concurrently by multiple goroutines.
Changes:
- Change field type from bool to atomic.Bool
- Use .Store(true) for writes
- Use .Load() for reads in isInitialised() and handleConnectionUpdateNotification()
- Update test to use atomic operations
The test now passes with -race flag, confirming the race condition is fixed.
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Add test for #4799: Race condition in rate limiter map access
This test demonstrates the race condition in getUserDefinedLimitersForPlugin
where the userLimiters map is read without mutex protection while being
concurrently written by other goroutines.
Run with: go test -race -v -run TestPluginManager_ConcurrentRateLimiterMapAccess ./pkg/pluginmanager_service
* Fix#4799: Add mutex protection for rate limiter map access
Protected all accesses to m.userLimiters map with RWMutex:
- getUserDefinedLimitersForPlugin: Added RLock for map read
- getPluginsWithChangedLimiters: Added RLock for map iteration
- handleUserLimiterChanges: Added Lock for map write
- refreshRateLimiterTable: Added RLock for map iteration
- setRateLimiters: Added RLock for map read
This prevents data races when the map is concurrently read and written
by multiple goroutines.
* Add test for #4814: Logic error in IdentifyMissingComments
Demonstrates the bug where the function uses OR (||) instead of AND (&&)
on line 426, causing connections being deleted to be incorrectly added
to MissingComments.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* Fix#4814: Change OR to AND in IdentifyMissingComments logic
Corrects the logic error on line 426 where OR (||) was incorrectly used
instead of AND (&&). The condition should be "if NOT updating AND NOT
deleting" to properly exclude connections being updated or deleted from
the MissingComments list.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
---------
Co-authored-by: Claude <noreply@anthropic.com>
Changes:
1. Renamed TestQueryContextLeakage -> TestContextCancellationTiming
- The test was checking cancellation timing, not memory leaks
- Updated comments to reflect actual purpose
2. Increased timeout from 1ms to 100ms
- 1ms is too aggressive for CI runners under load
- 100ms still catches real deadlocks while avoiding flakiness
- Added detailed comments explaining the timeout choice
3. Added TestNoGoroutineLeaks using goleak
- Properly tests for actual resource leaks (goroutines)
- More reliable than memory-based leak detection
- Uses industry-standard goleak library
The original 1ms timeout caused intermittent CI failures on slower
runners, as context cancellation involves goroutine scheduling that
has no guaranteed sub-millisecond timing.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-authored-by: Claude <noreply@anthropic.com>
