Poison chain worker on cancelled save

afck · claude · afck · commit dae61d54e074 · 2026-04-21T14:45:24.000Z
If the caller's future is dropped between `write_batch` landing in
storage and `post_save` refreshing the in-memory register views, the
views' cached `stored_value` goes stale while storage has advanced.
Setting the poison flag up front and clearing it only after `save`
fully returns makes the poison sticky on both error and cancellation,
so the next access evicts and reloads from storage.

Co-Authored-By: Claude Opus 4.7 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/linera-core/src/chain_worker/state.rs b/linera-core/src/chain_worker/state.rs
@@ -2136,39 +2136,21 @@ where
 
     /// Stores the chain state in persistent storage.
     ///
-    /// If the save fails, the worker is marked as poisoned and must be reloaded.
+    /// Poisons the worker up front and clears the flag only after the underlying
+    /// `save()` has fully returned. This makes the poison sticky on both error
+    /// and cancellation: if the caller's future is dropped between the storage
+    /// write landing and `post_save()` refreshing the in-memory views, the flag
+    /// stays set and the next access will evict and reload from storage.
     #[instrument(skip_all, fields(
         chain_id = %self.chain_id()
     ))]
     async fn save(&mut self) -> Result<(), WorkerError> {
-        let chain_id = self.chain_id();
-        let tip_height = self.chain.tip_state.get().next_block_height;
-        let used_blobs_count = self
-            .chain
-            .execution_state
-            .system
-            .used_blobs
-            .indices()
-            .await
-            .map(|v| v.len())
-            .unwrap_or(usize::MAX);
-        warn!(
-            %chain_id, %tip_height, used_blobs_count,
-            "used_blobs_trace: save: START"
-        );
-        if let Err(error) = self.chain.save().await {
-            warn!(
-                %chain_id, %tip_height, %error,
-                "used_blobs_trace: save: FAILED"
-            );
-            tracing::error!(?error, "Chain save failed; marking worker as poisoned");
-            self.poisoned = true;
-            return Err(WorkerError::PoisonedWorker);
-        }
-        warn!(
-            %chain_id, %tip_height,
-            "used_blobs_trace: save: OK"
-        );
+        self.poisoned = true;
+        self.chain.save().await.map_err(|error| {
+            tracing::error!(?error, "Chain save failed; worker poisoned");
+            WorkerError::PoisonedWorker
+        })?;
+        self.poisoned = false;
         Ok(())
     }
 }
