[RELEASE] ScyllaDB 2025.1.12

Release Notes
, ,
1

The ScyllaDB team announces ScyllaDB 2025.1.12, a bug-fix production-ready patch release for ScyllaDB 2025.1 LTS Release.

Note there is a new Long Term Support (LTS) release 2026.1. You are welcome to upgrade to it for the latest and greatest features.

More information on ScyllaDB’s Long Term Support (LTS) policy is available here.

Related Links

Bug Fixes

Cluster Management

  • Concurrent modification of internal cluster topology data (known as Group 0) could occur during a keyspace drop operation when a replica node was concurrently restarting and leaving the cluster during a cleanup routine. The fix ensures the driver reconnects after a restart and correctly handles topology changes during concurrent operations. This improves the robustness of topology changes and administrative cleanup operations on the cluster.
    scylladb#28670, scylladb#25938

  • An assertion failure (crash) could occur when a node was placed into maintenance mode because the storage service did not correctly set up the system topology, leading to a failed and redundant read-replica validation check. The fix ensures the storage service properly sets up the topology and skips unnecessary validation checks when entering maintenance mode. This prevents unexpected node crashes during administrative tasks like repair, ensuring more stable and reliable cluster administration.
    scylladb#28496, scylladb#27988

  • Removing a node that violates the Rack-Aware Replication Factor (RF) could fail with a TimeoutError, causing node removal to stall. The fix ensures the system waits for token ring and Group 0 consistency before attempting removenode. This improves the stability and predictability of cluster scale-down operations by allowing the node removal process to complete reliably even in complex RF configurations.
    scylladb#29206, scylladb#28359

Consistency

  • A Materialized View (MV) could be incorrectly marked as fully built if the data reader used during the build process did not produce any partitions when processing a partial range, potentially leading to missing data in the view. The fix ensures the MV is only marked as built once the reader successfully processes all required partitions across the full range. This guarantees that all base table data is reliably propagated to the MV, maintaining data consistency and integrity for materialized data access patterns.
    scylladb#26880, scylladb#26523

  • An issue involving incorrect coroutine usage was observed in the asynchronous hint delivery logic (known as a “lambda-coroutine fiasco” in hint_endpoint_manager.cc), which could lead to unexpected behavior during hint delivery. The fix corrects the underlying coroutine implementation to ensure proper asynchronous execution flow within the hint management code. This repair is critical for the reliable delivery of hints, ensuring the cluster maintains eventual consistency, especially when nodes are temporarily unavailable.
    scylladb#27727, scylladb#27520

Monitoring

  • Refreshing internal load_stats metrics could result in a no_such_column_family exception if a table was concurrently dropped while the refresh process was underway. This issue is resolved by implementing graceful logic to reliably handle and skip references to dropped tables during the refresh cycle. This guarantees uninterrupted monitoring functionality by preventing unexpected exceptions from interfering with metric collection.
    scylladb#28468

Reliability

  • Creating an internal reader could result in a critical crash if the memory kill threshold was exceeded, which was caused by the memory allocation path failing to catch critical exceptions. The fix ensures the memory allocation path correctly handles exceptions related to memory pressure, ensuring they are properly handled instead of causing a crash. This allows the process to gracefully fail rather than crashing, significantly improving system stability under high memory pressure.
    scylladb#27475

  • A race condition could occur during commitlog shutdown if the internal reserve replenish process completed immediately before the system attempted a new memory allocation call, potentially leading to a crash. This issue is resolved by implementing logic that ensures the commitlog always aborts the replenish queue upon exiting the commitlog processing loop. This guarantees correct and safe shutdown behavior, preventing a potential crash or data corruption risk in concurrent environments.
    scylladb#28689, scylladb#28678

  • Several functions within the internal storage group component were incorrectly marked with the noexcept specification, which suppressed memory allocation exceptions and prevented graceful handling of memory pressure. The fix removes the noexcept declaration from storage group functions like compaction_groups(). This ensures exceptions are handled correctly, allowing for graceful failure and improving overall system stability.
    scylladb#29271

  • Under certain stress conditions, internal write operations could intermittently fail, causing read failures at QUORUM. These issues, influenced by timing, topology changes, or consistency edge cases, are addressed by adding retries and logging improving the robustness of internal writes and ensuring critical cluster operations like tablet migration, node removal, and node replacement complete reliably.
    scylladb#28827

Security

  • Encryption key management via GCP’s Key Management Service (KMS) could intermittently fail with an exception when operating as an impersonated user, which blocked proper access to data encrypted at rest. This issue is addressed by adding an exponential retry mechanism to handle transient server errors encountered by the encryption::gcp_host component. The fix improves the robustness and availability of data protected by encryption-at-rest using GCP KMS, preventing intermittent connection failures from causing application interruptions.
    scylladb#27437, scylladb#27242