Fix the potential race condition in the BlobStore readhandler #12123
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -27,6 +27,7 @@ | |
| import java.util.concurrent.CompletableFuture; | ||
| import java.util.concurrent.ExecutorService; | ||
| import java.util.concurrent.ScheduledExecutorService; | ||
|
|
||
| import org.apache.bookkeeper.client.BKException; | ||
| import org.apache.bookkeeper.client.api.LastConfirmedAndEntry; | ||
| import org.apache.bookkeeper.client.api.LedgerEntries; | ||
|
|
@@ -54,6 +55,13 @@ public class BlobStoreBackedReadHandleImpl implements ReadHandle { | |
| private final DataInputStream dataStream; | ||
| private final ExecutorService executor; | ||
|
|
||
| enum State { | ||
| Opened, | ||
| Closed | ||
| } | ||
|
|
||
| private State state = null; | ||
|
|
||
| private BlobStoreBackedReadHandleImpl(long ledgerId, OffloadIndexBlock index, | ||
| BackedInputStream inputStream, | ||
| ExecutorService executor) { | ||
|
|
@@ -62,6 +70,7 @@ private BlobStoreBackedReadHandleImpl(long ledgerId, OffloadIndexBlock index, | |
| this.inputStream = inputStream; | ||
| this.dataStream = new DataInputStream(inputStream); | ||
| this.executor = executor; | ||
| state = State.Opened; | ||
| } | ||
|
|
||
| @Override | ||
|
|
@@ -81,6 +90,7 @@ public CompletableFuture<Void> closeAsync() { | |
| try { | ||
| index.close(); | ||
| inputStream.close(); | ||
| state = State.Closed; | ||
| promise.complete(null); | ||
| } catch (IOException t) { | ||
| promise.completeExceptionally(t); | ||
|
|
@@ -94,56 +104,73 @@ public CompletableFuture<LedgerEntries> readAsync(long firstEntry, long lastEntr | |
| log.debug("Ledger {}: reading {} - {}", getId(), firstEntry, lastEntry); | ||
| CompletableFuture<LedgerEntries> promise = new CompletableFuture<>(); | ||
| executor.submit(() -> { | ||
| List<LedgerEntry> entries = new ArrayList<LedgerEntry>(); | ||
| try { | ||
| if (firstEntry > lastEntry | ||
| || firstEntry < 0 | ||
| || lastEntry > getLastAddConfirmed()) { | ||
| promise.completeExceptionally(new BKException.BKIncorrectParameterException()); | ||
| return; | ||
| } | ||
| long entriesToRead = (lastEntry - firstEntry) + 1; | ||
| long nextExpectedId = firstEntry; | ||
|
|
||
| // seek the position to the first entry position, otherwise we will get the unexpected entry ID when doing | ||
| // the first read, that would cause read an unexpected entry id which is out of range between firstEntry | ||
| // and lastEntry | ||
| // for example, when we get 1-10 entries at first, then the next request is get 2-9, the following code | ||
| // will read the entry id from the stream and that is not the correct entry id, so it will seek to the | ||
| // correct position then read the stream as normal. But the entry id may exceed the last entry id, that | ||
| // will cause we are hardly to know the edge of the request range. | ||
| inputStream.seek(index.getIndexEntryForEntry(firstEntry).getDataOffset()); | ||
|
There was a problem hiding this comment. Because we have seek to the firstEntry before reading, we can simplify the following check logic. If the entryId read from dataStream not equal to There was a problem hiding this comment. This seek operation is being used to seeking to the first entry id position, and then do the original logic. This operation is only to make sure the read position is as we wanted. The following check logic is still needed to help us to seek to the right position if we met some unexpected data. Maybe we can set a limitation to avoid it into an infinite loop. |
||
|
|
||
| while (entriesToRead > 0) { | ||
| if (state == State.Closed) { | ||
| log.warn("Reading a closed read handler. Ledger ID: {}, Read range: {}-{}", ledgerId, firstEntry, lastEntry); | ||
| throw new BKException.BKUnexpectedConditionException(); | ||
| } | ||
| int length = dataStream.readInt(); | ||
| if (length < 0) { // hit padding or new block | ||
| inputStream.seek(index.getIndexEntryForEntry(nextExpectedId).getDataOffset()); | ||
| continue; | ||
| } | ||
| long entryId = dataStream.readLong(); | ||
|
|
||
| if (entryId == nextExpectedId) { | ||
| ByteBuf buf = PulsarByteBufAllocator.DEFAULT.buffer(length, length); | ||
| entries.add(LedgerEntryImpl.create(ledgerId, entryId, length, buf)); | ||
| int toWrite = length; | ||
| while (toWrite > 0) { | ||
| toWrite -= buf.writeBytes(dataStream, toWrite); | ||
| } | ||
| entriesToRead--; | ||
| nextExpectedId++; | ||
| } else if (entryId > nextExpectedId && entryId < lastEntry) { | ||
|
There was a problem hiding this comment. The two if check are lead to inputStream.seek(index.getIndexEntryForEntry(nextExpectedId).getDataOffset());
continue;can we merge them into one if check? |
||
| log.warn("The read entry {} is not the expected entry {} but in the range of {} - {}," | ||
| + " seeking to the right position", entryId, nextExpectedId, nextExpectedId, lastEntry); | ||
| inputStream.seek(index.getIndexEntryForEntry(nextExpectedId).getDataOffset()); | ||
| continue; | ||
| } else if (entryId < nextExpectedId | ||
| && !index.getIndexEntryForEntry(nextExpectedId).equals(index.getIndexEntryForEntry(entryId))) { | ||
| log.warn("Read an unexpected entry id {} which is smaller than the next expected entry id {}" | ||
| + ", seeking to the right position", entries, nextExpectedId); | ||
| inputStream.seek(index.getIndexEntryForEntry(nextExpectedId).getDataOffset()); | ||
| continue; | ||
| } else if (entryId > lastEntry) { | ||
| log.info("Expected to read {}, but read {}, which is greater than last entry {}", | ||
| nextExpectedId, entryId, lastEntry); | ||
| throw new BKException.BKUnexpectedConditionException(); | ||
| } else { | ||
| long ignore = inputStream.skip(length); | ||
| } | ||
| } | ||
|
|
||
| promise.complete(LedgerEntriesImpl.create(entries)); | ||
| } catch (Throwable t) { | ||
| promise.completeExceptionally(t); | ||
| entries.forEach(LedgerEntry::close); | ||
| } | ||
| }); | ||
| return promise; | ||
| } | ||
|
|
||
|
|
@@ -203,6 +230,12 @@ public static ReadHandle open(ScheduledExecutorService executor, | |
| versionCheck, | ||
| index.getDataObjectLength(), | ||
| readBufferSize); | ||
|
|
||
| return new BlobStoreBackedReadHandleImpl(ledgerId, index, inputStream, executor); | ||
| } | ||
|
|
||
| // for testing | ||
| State getState() { | ||
| return this.state; | ||
| } | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We'd better put it behind
we can save the list object apply when the (firstEntry, lastEntry) check failed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The array list will not allocate space until there is an element added to it. And it is used in the
catch, I think we can keep it.