JAVA-5949 preserve connection pool on backpressure errors when establishing connections

[nhachicha]

Original PR #1854 accidentally closed, and had no outstanding review comments.

• This current PR depends on [JAVA-6033] ServerHeartbeatSucceededEvent is not fired for initial POLL monitoring #1856:
  Update: This PR no longer depends on [JAVA-6033] ServerHeartbeatSucceededEvent is not fired for initial POLL monitoring #1856. Spec PR DRIVERS-3367: Fix racy backpressure-network-* tests specifications#1880 rewrote the backpressure-network-*-fail.yml tests to wait on serverDescriptionChangedEvent instead of serverHeartbeatSucceededEvent.

we should merge the latter into main, then merge this PR in backpressure, and leave the necessary TODO comments in #1918 related to the dependency on #1856.

• then, when there are no outstanding PRs for the backpressure branch, rebase backpressure on top of main to include the changes from the main (see Merge main into backpressure #1917 (comment) for more context on this process).
• then address the aforementioned TODO comments.

Specification changes:

• DRIVERS-3218 Avoid clearing the connection pool when the server connection rate limiter triggers (#1855)
• DRIVERS-3218: update SDAM error handling tests to ignore handshake failures (#1860)
• DRIVERS-3218 Clarify interaction between TLS errors and backpressure (#1879) - the change has not yet been addressed in this PR, because it was introduced after creation of the PR.
• DRIVERS-3218 clarify label handling (#1892) - the change has not yet been addressed in this PR, because it was introduced after creation of the PR.
• DRIVERS-3367: Fix racy backpressure-network-* tests (#1880) - just a unified spec tests (JSON) update; the change has not yet been addressed in this PR, because it was introduced after creation of the PR.
• DRIVERS-1785 Add test that PoolClearedEvent is emitted before ConnectionCheckedInEvent/ConnectionCheckOutFailedEvent

Note that there was a change in the description of one of the tests that belong to this PR, but I closed the corresponding JAVA-6095 (see this comment): DRIVERS-3394: adjust spec test description (#1894).

JAVA-5949, JAVA-6056, JAVA-5664

[codeowners-service-app]

Assigned stIncMale for team dbx-java because vbabanin is out of office.

[stIncMale]

Added the following to the description of the PR (a new piece of work to be done within the PR): DRIVERS-3394: adjust spec test description (#1894)(JAVA-6095).

[vbabanin]

Do we need this comment? The assertion message already explains the intent (e.g., “Expected at least 10 ConnectionCheckOutFailedEvents, but got …”).

[nhachicha]

Fixed

[vbabanin]

The same as in: https://github.com/mongodb/mongo-java-driver/pull/1900/changes#r2908976631

[nhachicha]

Fixed

[vbabanin]

This cleanup is currently conditional on the code above completing successfully. If an assertion or exception happens earlier, this teardown won’t run, which can leak state into subsequent tests.

We should move it this cleanup into @AfterEach/afterEach so it runs reliably regardless of how the test exits.

[nhachicha]

It's wrapped under a finally block now

[vbabanin]

Instead of introducing a new anonymous listener with counters, we can reuse the existing test listener:

TestConnectionPoolListener connectionPoolListener = new TestConnectionPoolListener();

It already provides await helpers that double as assertions and helpers to assert that zero PoolClearedEvents happened, e.g.:

connectionPoolListener.waitForEvent(ConnectionPoolClearedEvent.class, 1, 110, SECONDS);

This keeps the test more concise and reuses established utilities for clarity/consistency.

[nhachicha]

Fixed

[vbabanin]

Currently we attach SystemOverloadedError and RetryableError labels in the SDAM error-handling path (effectively only for DefaultServer). In load-balanced mode, SDAM isn’t involved: the LB code path invalidates the pool directly (e.g., connectionPool.invalidate(serviceId, generation)), so the labeling logic is bypassed.

This means users running the driver in LB mode (behind an NLB) can still hit network errors, TLS handshake failures, timeouts during connection establishment or hello, but won’t get the labels.

However, these labels are a CMAP requirement, not SDAM. The CMAP spec states: “The pool MUST add the error labels SystemOverloadedError and RetryableError to network errors or network timeouts it encounters during the connection establishment or the hello message.”

Since this is defined as a pool behavior (topology-agnostic), it seems we should implement the labeling in the connection pool layer so it applies consistently in both default and load-balanced modes.

[nhachicha]

Fixed

[vbabanin]

Currently we don’t distinguish DNS lookup failures (UnknownHostException) from other connection-establishment network errors. As a result, a DNS failure goes through the generic path (same as connection reset/timeout) and gets SystemOverloadedError/RetryableError labels.

The CMAP spec excludes DNS failures from backpressure labeling: `“For errors that the driver can distinguish as never occurring due to server overload, such as DNS lookup failures […] the driver MUST NOT add backpressure error labels for these error types.”.

Proposed change: detect DNS failure by walking the exception cause chain for UnknownHostException (it’s wrapped as MongoSocketException from ServerAddressHelper.getSocketAddresses()), and when present, skipping backpressure label attachment so SDAM follows the normal path (clear the pool and mark the server Unknown).

In that case, we should add coverage to assert that labeling and pool clearing behaviour. If the driver ever changes the wrapper exception type MongoSocketException (or stops wrapping UnknownHostException this way) and starts adding labels the test should fail.

[nhachicha]

Fixed

[Copilot]

Pull request overview

This PR updates SDAM/backpressure handling so that connection-establishment failures caused by server-side backpressure do not clear the connection pool, and adds/updates tests and matchers to align with the SDAM spec test expectations.

Changes:

• Adjust SDAM exception handling to avoid invalidating the pool on certain pre-handshake network failures, and add TLS-configuration-error classification.
• Add new error label constants (SystemOverloadedError, RetryableError) and apply them for backpressure-related failures.
• Extend unified event matching for additional server types and add a prose test for connection pool backpressure behavior.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
driver-sync/src/test/functional/com/mongodb/client/unified/EventMatcher.java	Extends server type matching for SDAM serverDescriptionChangedEvent expectations.
driver-sync/src/test/functional/com/mongodb/client/ServerDiscoveryAndMonitoringProseTests.java	Adds a prose test intended to validate connection pool backpressure behavior via server rate limiter parameters.
driver-core/src/test/unit/com/mongodb/internal/connection/DefaultServerSpecification.groovy	Updates unit tests to expect pool preservation on network errors during connection establishment (sync/async).
driver-core/src/main/com/mongodb/internal/connection/SdamServerDescriptionManager.java	Adds TLS configuration error detection helper on SDAM issues.
driver-core/src/main/com/mongodb/internal/connection/DefaultSdamServerDescriptionManager.java	Changes SDAM exception handling to preserve pool/server description for certain pre-handshake failures and apply labels.
driver-core/src/main/com/mongodb/MongoException.java	Introduces new public error label constants used by the backpressure handling path.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[stIncMale]

I introduced these constants in #1918. There is more to this than the change do in the current PR. Let's revert the change in the current PR to resolve the conflict with backpressure.

[nhachicha]

Fixed

[stIncMale]

We don't usually copy the specification prose into code as comments. I suspect, this comment was left by the AI.

Let's remove this comment, unless there is a good reason to leave it, which was not applicable to the rest of the code in this file that existed before the current PR.

[nhachicha]

Fixed

[stIncMale]

We don't usually copy the specification prose into code as comments. I suspect, this comment was left by the AI.

Let's remove this comment, unless there is a good reason to leave it, which was not applicable to the rest of the code in this file that existed before the current PR.

[nhachicha]

Fixed

[stIncMale]

[this comment is left on a file, but has nothing to do with the file; this is done so that we could reply to the comment; commenting on a PR does not allow replies - horrendous GitHub functionality]

The current PR seemingly depends on #1856 (see the description of the current PR). We need to decide what to do with that.

P.S. I originally left my thoughts in the description of this PR, but I don't know if that's what we are going to do.

[nhachicha]

We no longer depend on this PR see #1900 (comment)

[stIncMale]

[this comment is left on a file, but has nothing to do with the file; this is done so that we could reply to the comment; commenting on a PR does not allow replies - horrendous GitHub functionality]

@nhachicha

• Could you please confirm that all the specification changes listed in the "Specification changes" part of the description of the current PR have been addressed in the PR?
• If they have been addressed, let's update the description correspondingly.

[nhachicha]

Description updated. All specs are implemented

[stIncMale]

[this comment is left on a file, but has nothing to do with the file; this is done so that we could reply to the comment; commenting on a PR does not allow replies - horrendous GitHub functionality]

JAVA-5949 has an old comment, which instructs to re-enable some tests that were previously disabled when we updated the testing/resources/specifications submodule in main. Those tests were not enabled. Let's enable them and make sure they pass.

[nhachicha]

This PR no longer depends on #1856. Spec PR mongodb/specifications#1880 rewrote the backpressure-network-*-fail.yml tests to wait on serverDescriptionChangedEvent instead of serverHeartbeatSucceededEvent.