From b8a335a6e80a40a69567b9f0899d2e01c1261e4d Mon Sep 17 00:00:00 2001
From: clockwork-labs-bot <clockwork-labs-bot@users.noreply.github.com>
Date: Fri, 6 Mar 2026 16:27:53 -0500
Subject: [PATCH] Fix shutdown race: abort background tasks before closing
 durability

The view_cleanup_task runs with_auto_commit() on a loop, which calls
request_durability(). If db.shutdown() closes the durability channel
before the task is aborted (in Host::drop), a request_durability()
call panics with 'durability actor vanished'. On Windows, this can
crash the server process.

Fix: abort all background tasks (view_cleanup, disk_metrics,
tx_metrics) before calling db.shutdown(), so they cannot race with
durability channel closure.

Fixes flaky test_all_templates failures on Windows CI.
---
 crates/core/src/host/host_controller.rs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/crates/core/src/host/host_controller.rs b/crates/core/src/host/host_controller.rs
index b5577c8e7e7..d8e994790ca 100644
--- a/crates/core/src/host/host_controller.rs
+++ b/crates/core/src/host/host_controller.rs
@@ -548,6 +548,12 @@ impl HostController {
 
             info!("replica={replica_id} database={database_identity} exiting module");
             module.exit().await;
+            // Abort background tasks before shutting down durability.
+            // These tasks may call `with_auto_commit`, which calls `request_durability`.
+            // If the durability channel is already closed, that panics.
+            host.view_cleanup_task.abort();
+            host.disk_metrics_recorder_task.abort();
+            host.tx_metrics_recorder_task.abort();
             let db = &module.replica_ctx().relational_db;
             info!("replica={replica_id} database={database_identity} exiting database");
             db.shutdown().await;