Skip to content

Error if requested nics aren't all created.#9885

Open
jmcarp wants to merge 1 commit intomainfrom
jmcarp/next-item-check
Open

Error if requested nics aren't all created.#9885
jmcarp wants to merge 1 commit intomainfrom
jmcarp/next-item-check

Conversation

@jmcarp
Copy link
Contributor

@jmcarp jmcarp commented Feb 19, 2026

This patch fixes a subtle and rare bug in instance creation. If the user requests an instance with a v4-only nic or a v6-only nic and there isn't an available address in the subet, the request will fail due to a sql constraint requiring at least one of ip and ipv6 to be not null. However, if the user requests a dual-stack nic and one address type (but not the other) is exhausted, the sql constraint is satisfied, and the request succeeds. But the created nic won't have both requested address types.

This patch adds a check after the query runs to ensure that all requested address types were created, and fail if they weren't.

Note: this is a nit-picky follow-up to #9880. This bug would be pretty hard to tickle in real life, but I wanted to submit the fix for completeness.

@jmcarp jmcarp requested a review from bnaecker February 19, 2026 18:43
let missing_v6 = wants_v6 && nic.ipv6.is_none();
if missing_v4 || missing_v6 {
Err(TransactionError::CustomError(
network_interface::InsertError::NoAvailableIpAddresses {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we add the IP version to this error variant, and include it in the external error we emit? It'd be nice to know which as a client.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, added this.

Copy link
Collaborator

@bnaecker bnaecker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, thanks. One suggestion, but otherwise fire when ready

This patch fixes a subtle and rare bug in instance creation. If the user
requests an instance with a v4-only nic or a v6-only nic and there isn't an
available address in the subnet, the request will fail due to a sql constraint
requiring at least one of ip and ipv6 to be not null. However, if the user
requests a dual-stack nic and one address type (but not the other) is
exhausted, the sql constraint is satisfied, and the request succeeds. But the
created nic won't have both requested address types.

This patch adds a check after the query runs to ensure that all requested
address types were created, and fail if they weren't.
@jmcarp jmcarp force-pushed the jmcarp/next-item-check branch from 7cf1f73 to 93bf8c4 Compare February 23, 2026 16:01
@jmcarp jmcarp enabled auto-merge (squash) February 23, 2026 16:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants