The mongod service entry point will stash a TransactionParticipant::Participant (effectively a pointer to the transaction state that decorates a Session from the SessionCatalog) and on command errors use it to clean up the transaction. If during the command the Session associated with that participant is yielded and the command is interrupted, the clean up code may run without the session checked out, so it's unsafe to access the participant.

This is an existing issue, but before PM-2210, very few operations yielded a session (only certain aggregation stages in a transaction and the logic that waits for an ongoing prepared transaction to complete before starting a transaction with a higher txnNumber).

Instead, the clean up code should get the participant via TransactionParticipant::get() to ensure the session is still checked out.