feat(stream): wait committed epoch in state table init_epoch #19223
Conversation
wenym1
force-pushed
the
yiming/init-epoch-await
branch
from
7fd5a68 to
18a7f90
Compare
|
Hints for reviewers: In storage side, the major changes are as followed.
In streaming side, the major changes are as followed.
|
| let mut latest_version = if let Some(CacheRefillerEvent { | ||
| pinned_version, | ||
| new_pinned_version, | ||
| }) = self.refiller.clear() |
There was a problem hiding this comment.
Just a note: after this PR, the refiller buffer won't get cleared on handle_clear. This won't affect correctness but may slightly delay future version update because a new version update needs to wait for previous refiller events to complete before it can be effective.
There was a problem hiding this comment.
How come we no longer need to clear refiller?
There was a problem hiding this comment.
The refiller was previously clear for the logic of waiting for receiving the latest hummock version. The event handler should wait for receiving the latest hummock in meta node, so that the newly spawned actors can see the latest hummock version after recovery. However, after this PR, the spawned actors will explicitly wait for the committed_epoch of the state table to bump up to the prev_epoch in init_epoch, so that we don't need to wait for the latest hummock version globally during recovery.
| let first_barrier = expect_first_barrier(&mut input_stream).await?; | ||
| let mut state = self.state; | ||
| state.init(first_barrier.epoch).await?; | ||
| let first_epoch = first_barrier.epoch; | ||
| yield Message::Barrier(first_barrier); | ||
| let mut state = self.state; | ||
| state.init(first_epoch).await?; |
There was a problem hiding this comment.
Is it possible to have a declmacro to enforce the order of yielding and using the first barrier? Like
handle_first_barrier!(&mut input_stream, |barrier| {
self.state.init(barrier.epoch).await?;
});which internally calls expect_first_barrier + yield Barrier + the provided init block.
There was a problem hiding this comment.
It's difficult, because yield barrier in the custom macro will fail to compile in the try_stream proc macro.
Although in this PR we seem correctly changed all occurrences, it looks still dangerous to me that some other developer can easily break the order.
I think it's fine, because if the order is not followed, deadlock must happen. As long as the newly developed features are covered in CI test, which we are supposed to do, we can be confident that the order is correctly handled, and otherwise something must be wrong.
There was a problem hiding this comment.
OK, then maybe we can add some notes on this in the doc of init_epoch.
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
I hereby agree to the terms of the RisingWave Labs, Inc. Contributor License Agreement.
What's changed and what's your intention?
The
init_epochpart of #18312.It is required that after
init_epochreturns, we can always read the consistent data onprev_epoch, and otherwise, we will read inconsistent data and pollute the downstream.init_epochis called during recovery and configuration. Previously, in recovery, this is ensured by CN waiting the latest hummock version, and in configuration change, this is ensured by pausing the barrier injection and do a CN-widetry_wait_epochcall in theWaitEpochCommitstreaming service rpc to wait for the committed epoch bumping up globally..In this PR, in the
init_epochofStateTable, we will change to wait for thecommitted_epochof the state table to bump up to theprev_epoch. With this PR, during recovery there is no need for CN to wait for the latest hummock version, and for configuration change without update vnode bitmap (replace table, sink into table, not including scale), there is no need to do the pause-wait-resume barrier injection.Deadlock can easily happen. Bumping up
committed_epochdepends on collecting barriers from all actors, but ifinit_epochblocks the handling of initial barrier, wheninit_epochwaits for bumping upcommitted_epoch, it blocks barrier handling, and causescommitted_epochnever bump up, and cause deadlock.To avoid deadlock, we should strictly follow the order when handling the initial barrier. The order should be, receive first barrier, yield first barrier, and then
StateTable::init_epoch. In this PR, we just ensure that all usages ofStateTable::init_epochwill be included in the changed code so that we can carefully review the code. TheStateTable::init_epochmethod will become async, and therefore all direct usages on it will be included in the changed code. Some non-async utils method that callsStateTable::init_epochis required to be async as well, and therefore will be included in the changed code as well. There are two utils methods, both namedinit_epoch, that were already async, and callStateTable::init_epoch. To include the usages of these two methods in the changed code, the two methods are both renamed toinit_epoch_after_yield_barrier, so that the usage can also be included in the changed code. Moreover, if the handling order is incorrect, deadlock must happen if the problematic code is reached. Hence, if we can pass all the CI tests, we can be confident that the correctness is fulfilled.Checklist
./risedev check(or alias,./risedev c)Documentation
Release note
If this PR includes changes that directly affect users or other significant modifications relevant to the community, kindly draft a release note to provide a concise summary of these changes. Please prioritize highlighting the impact these changes will have on users.