Skip to content

fix: handle pool not ready on cron catch_up#24

Open
Taure wants to merge 1 commit into
mainfrom
fix/cron-pool-not-ready
Open

fix: handle pool not ready on cron catch_up#24
Taure wants to merge 1 commit into
mainfrom
fix/cron-pool-not-ready

Conversation

@Taure
Copy link
Copy Markdown
Owner

@Taure Taure commented Mar 28, 2026

Summary

  • shigoto_cron crashes with noproc on startup when the pgo pool isn't created yet (host app creates pool in its start/2, but shigoto starts first as a dependency)
  • Wraps pool access in safe_with_leader_lock/1 that catches exit:{noproc, _} and retries after 1 second
  • Prevents max_restart_intensity from taking down the entire shigoto supervision tree

Test plan

  • Start a Nova app with shigoto in applications list and pgo pool created in start/2 — verify no crash
  • Verify catch_up succeeds after retry once pool is ready
  • Run existing CT suites pass

@Taure
fix: handle pool not ready on cron catch_up
1cf3183 
shigoto_cron sends itself a catch_up message immediately on init, but
when shigoto starts as a dependency before the host app creates the
pgo pool, the catch_up handler crashes with noproc. This causes
max_restart_intensity and takes down the whole shigoto supervision tree.

Wrap the pool-accessing calls in safe_with_leader_lock/1 which catches
exit:{noproc, _} and retries after 1 second.
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 28, 2026

🟠 Code Coverage — 52.5%

634 of 1208 lines covered.

✅ ELP Lint

No diagnostics.

ℹ️ 11 OTP CVEs auto-ignored (already fixed in running version)

These CVEs are patched in the installed OTP version but NVD data
has not been updated to reflect this. They are excluded from the
scan via an auto-generated .trivyignore.

CVE Details
CVE-2026-23943 Fixed in 28.4.1, running 28.4.1 — Pre-auth SSH DoS via unbounded zlib inflate
CVE-2026-23942 Fixed in 28.4.1, running 28.4.1 — SFTP root escape via component-agnostic prefix check in ssh_sftpd
CVE-2026-23941 Fixed in 28.4.1, running 28.4.1 — Request smuggling via first-wins Content-Length parsing in inets httpd
CVE-2026-21620 Fixed in 28.3.2, running 28.4.1 — TFTP Path Traversal
CVE-2016-1000107 Fixed in 28.0.4, running 28.4.1 — Httpd CGI Scripts Environment Variable Pollution AKA "httpoxy"
CVE-2025-58050 Fixed in 28.0.3, running 28.4.1 — Buffer Read Overflow on Regular Expressions with (*scs:) and (*ACCEPT)
CVE-2025-48038 Fixed in 28.0.3, running 28.4.1 — SSH Unverified File Handles can Cause Excessive Use of System Resources
CVE-2025-48039 Fixed in 28.0.3, running 28.4.1 — SSH Unverified Paths can Cause Excessive Use of System Resources
CVE-2025-48040 Fixed in 28.0.3, running 28.4.1 — SSH Malicious Key Exchange Messages may Lead to Excessive Resource Consumption
CVE-2025-48041 Fixed in 28.0.3, running 28.4.1 — SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles
CVE-2025-4748 Fixed in 28.0.1, running 28.4.1 — Absolute Path in Zip Module

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Taure