fix: incomplete multi-part checkpoint handling when no hint is provided #641
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #641 +/- ##
==========================================
+ Coverage 83.48% 83.94% +0.46%
==========================================
Files 75 75
Lines 16919 17100 +181
Branches 16919 17100 +181
==========================================
+ Hits 14124 14355 +231
+ Misses 2141 2080 -61
- Partials 654 665 +11 ☔ View full report in Codecov by Sentry. |
kernel/src/log_segment.rs
Outdated
| .filter_map(|res| match res { | ||
| Ok(path) => Some(path), | ||
| Err(e) => { | ||
| warn!("Error processing path: {:?}", e); |
There was a problem hiding this comment.
skipping ParsedLogPath::try_from() errors here as we were already filtering them out
There was a problem hiding this comment.
Hmm I think it's dangerous to skip the errors here. It's best to try to return the error somehow. Does it work if you do something like chunk_by(|path| path.map(|x| x.version)).
The proposed approach tries chunking by DeltaResult<Version> instead of chunking by Version. The hope is to return the Err if we encounter it.
There was a problem hiding this comment.
The chunk_by function requires that the keys it uses for grouping implement the PartialEq trait so it can compare them, but the Error in the DeltaResult does not implement the trait so it doesn't work...
There was a problem hiding this comment.
We could use try_collect to handle errors before grouping.
let log_files = list_log_files(fs_client, log_root, start_version, end_version)?;
let log_files: Vec<ParsedLogPath> = log_files.try_collect()?;
for (version, files) in &log_files.into_iter().chunk_by(|path| path.version)
There was a problem hiding this comment.
This was rly tricky and I got nerdsniped thinking about the iterator stuff lol. But look into process_result.
I think I might've adapted your code right, but double check:
let mut checkpoint_parts = vec![];
let mut max_checkpoint_version = start_version;
let mut commit_files = Vec::with_capacity(10);
process_results(log_files, |iter| {
let log_files = iter.chunk_by(move |x| x.version);
for (version, files) in &log_files {
let mut new_checkpoint_parts = vec![];
for file in files {
if file.is_commit() {
commit_files.push(file);
} else if file.is_checkpoint() {
new_checkpoint_parts.push(file);
}
}
if validate_checkpoint_parts(version, &new_checkpoint_parts) {
max_checkpoint_version = Some(version);
checkpoint_parts = new_checkpoint_parts;
}
}
})?;
Ok((commit_files, checkpoint_parts))
There was a problem hiding this comment.
Note: With ordered listing, checkpoint files always come before commit files. So in theory, we know whether we have a complete checkpoint by the time we encounter the commit file of a given version. Not sure if that allows simpler code or not tho.
There was a problem hiding this comment.
I would use try collect and propagate the errors.
There was a problem hiding this comment.
Definitely agreed that we want to propagate errors. I wanted to avoid try_collect on all the log files because there could be a lot of them. process_results + chunky_by should only have 1 commit at a time in memory.
There was a problem hiding this comment.
nice find withprocess_results, it works nicely!
There was a problem hiding this comment.
clearing the commit files when encountering complete checkpoints makes sense, and thank you for the helpful context @scovich
kernel/src/log_segment.rs
Outdated
| .filter_map(|res| match res { | ||
| Ok(path) => Some(path), | ||
| Err(e) => { | ||
| warn!("Error processing path: {:?}", e); |
There was a problem hiding this comment.
Hmm I think it's dangerous to skip the errors here. It's best to try to return the error somehow. Does it work if you do something like chunk_by(|path| path.map(|x| x.version)).
The proposed approach tries chunking by DeltaResult<Version> instead of chunking by Version. The hope is to return the Err if we encounter it.
kernel/src/log_segment.rs
Outdated
| if validate_checkpoint_parts(version, &new_checkpoint_parts) | ||
| && (max_checkpoint_version.is_none() || Some(version) >= max_checkpoint_version) |
There was a problem hiding this comment.
I wonder if we can just validate. iirc the listing should be in order. So the latest checkpoint should always be greater.
There was a problem hiding this comment.
Hmm right, looks like we were assuming that to begin with as we returned commit files in the order given from list_log_files, and soon after require that they are ascending in version # here...
There was a problem hiding this comment.
This gets rid of max_checkpoint_version entirely :)
|
|
||
| match checkpoint_parts.last().map(|file| &file.file_type) { | ||
| Some(LogPathFileType::MultiPartCheckpoint { num_parts, .. }) => { | ||
| if *num_parts as usize != checkpoint_parts.len() { |
There was a problem hiding this comment.
I think it may be worth checking that:
- all the checkpoint parts are indeed of type
MultiPartCheckpoint - that the set of multi-part checkpoints has parts
0..n.
@zachschuermann what do you think?
There was a problem hiding this comment.
nit: it's actually 1..=n. And yes, we should check. Also have to be careful because technically there could be two incomplete checkpoints with different num_parts for the same version. Also, we MUST accept at most one checkpoint -- even if multiple complete checkpoints are available -- so this function needs to filter, not just check.
Unfortunately, the poorly-chosen naming convention for multi-part checkpoint files means they interleave:
00000000000000000010.checkpoint.0000000001.0000000003.parquet
00000000000000000010.checkpoint.0000000001.0000000004.parquet
00000000000000000010.checkpoint.0000000002.0000000003.parquet
00000000000000000010.checkpoint.0000000002.0000000004.parquet
00000000000000000010.checkpoint.0000000003.0000000003.parquet
00000000000000000010.checkpoint.0000000003.0000000004.parquet
00000000000000000010.checkpoint.0000000004.0000000004.parquet
... which makes it a lot harder to identify the files of a given checkpoint and also means we can't just return a subslice in case there were multiple checkpoints to choose from.
We'd probably need to build a hash map keyed by number of parts:
let mut checkpoints = HashMap::new();
for part_file in checkpoint_parts {
use LogPathFileType::*;
match &file.file_type {
SinglePartCheckpoint
| UuidCheckpoint(_)
| MultiPartCheckpoint { part_num: 1, num_parts: 1 } =>
{
// All single-file checkpoints are equivalent, just keep one
checkpoints.insert(1, vec![part_file]);
}
MultiPartCheckpoint { part_num: 1, num_parts } => {
// Start a new multi-part checkpoint with at least 2 parts
checkpoints.insert(num_parts, vec![part_file]);
}
MultiPartCheckpoint { part_num, num_parts } => {
// Continue a new multi-part checkpoint with at least 2 parts
if let Some(part_files) = checkpoints.get_mut(num_parts) {
if part_num == 1 + part_files.size() {
// Safe to append because all previous parts exist
part_files.append(part_file);
}
}
}
Commit | CompactedCommit { .. } | Unknown => {} // invalid file type => do nothing
}
}
checkpoints
.into_iter()
.find(|(num_parts, part_files)| part_files.len() == num_parts)
.map_or(vec![], |(_, part_files)| part_files)There was a problem hiding this comment.
this reminds me to use match statements to their full power in the future. Thx for the example Ryan!
There was a problem hiding this comment.
ah yes, did not consider the multiple incomplete checkpoints. I'll introduce tests to cover some of these scenarios. And thanks a lot for the example!
kernel/src/log_segment.rs
Outdated
| } | ||
| } | ||
| // TODO: Include UuidCheckpoint once we actually support v2 checkpoints | ||
| _ => {} |
There was a problem hiding this comment.
I think uuidcheckpoint should return false, since we can't read that checkpoint. In general, beware catchall cases in match statements
I also wonder if we should panic/error if we ever get a commit file here, since that should not be happening.
There was a problem hiding this comment.
Right, good catch. I think returning an Error in the catchall case would be a good idea as we really should not get anything other than LogPathFileType::SinglePartCheckpoint or LogPathFileType::MultiPartCheckpoint here.
There was a problem hiding this comment.
I'd say handle the Uuid case separately from the catchall. Leave a comment that says this case will be supported in CheckpointV2.
There was a problem hiding this comment.
+10 avoid catchall in match statements. Better to enumerate the known-invalid cases, so that when a new case shows up the compiler forces us to categorize it.
sebastiantia
changed the title
kernel/src/log_segment.rs
Outdated
| .filter_map(|res| match res { | ||
| Ok(path) => Some(path), | ||
| Err(e) => { | ||
| warn!("Error processing path: {:?}", e); |
There was a problem hiding this comment.
Note: We only need to keep commit files after (**) the latest complete checkpoint, so we should probably commit_files.clear() whenever we find a complete checkpoint.
(**) Delta spark also keeps the commit that corresponds to the checkpoint, in order to assign the file's timestamp as the snapshot timestamp. However:
- All actual timestamp-based time travel is resolved to an actual version, by a different code path called the Delta history manager, before requesting the snapshot by that version.
- The file timestamp is not always the snapshot timestamp, because clock skew could mean an earlier commit has a later timestamp. The Delta history manager includes logic to "adjust" the timestamp forward as needed in such cases, to ensure monotonicity.
- When in-commit timestamps are enabled, the file timestamp isn't even meaningful. Delta history manager also has logic to handle that case.
Based on all of the above, the snapshot may not even need a timestamp value. Even if it does, the value should be the adjusted (or ICT) value from a history manager component (not yet existing in kernel) -- not the "raw" timestamp from the file.
kernel/src/log_segment.rs
Outdated
| .filter_map(|res| match res { | ||
| Ok(path) => Some(path), | ||
| Err(e) => { | ||
| warn!("Error processing path: {:?}", e); |
There was a problem hiding this comment.
Note: With ordered listing, checkpoint files always come before commit files. So in theory, we know whether we have a complete checkpoint by the time we encounter the commit file of a given version. Not sure if that allows simpler code or not tho.
|
|
||
| match checkpoint_parts.last().map(|file| &file.file_type) { | ||
| Some(LogPathFileType::MultiPartCheckpoint { num_parts, .. }) => { | ||
| if *num_parts as usize != checkpoint_parts.len() { |
There was a problem hiding this comment.
nit: it's actually 1..=n. And yes, we should check. Also have to be careful because technically there could be two incomplete checkpoints with different num_parts for the same version. Also, we MUST accept at most one checkpoint -- even if multiple complete checkpoints are available -- so this function needs to filter, not just check.
Unfortunately, the poorly-chosen naming convention for multi-part checkpoint files means they interleave:
00000000000000000010.checkpoint.0000000001.0000000003.parquet
00000000000000000010.checkpoint.0000000001.0000000004.parquet
00000000000000000010.checkpoint.0000000002.0000000003.parquet
00000000000000000010.checkpoint.0000000002.0000000004.parquet
00000000000000000010.checkpoint.0000000003.0000000003.parquet
00000000000000000010.checkpoint.0000000003.0000000004.parquet
00000000000000000010.checkpoint.0000000004.0000000004.parquet
... which makes it a lot harder to identify the files of a given checkpoint and also means we can't just return a subslice in case there were multiple checkpoints to choose from.
We'd probably need to build a hash map keyed by number of parts:
let mut checkpoints = HashMap::new();
for part_file in checkpoint_parts {
use LogPathFileType::*;
match &file.file_type {
SinglePartCheckpoint
| UuidCheckpoint(_)
| MultiPartCheckpoint { part_num: 1, num_parts: 1 } =>
{
// All single-file checkpoints are equivalent, just keep one
checkpoints.insert(1, vec![part_file]);
}
MultiPartCheckpoint { part_num: 1, num_parts } => {
// Start a new multi-part checkpoint with at least 2 parts
checkpoints.insert(num_parts, vec![part_file]);
}
MultiPartCheckpoint { part_num, num_parts } => {
// Continue a new multi-part checkpoint with at least 2 parts
if let Some(part_files) = checkpoints.get_mut(num_parts) {
if part_num == 1 + part_files.size() {
// Safe to append because all previous parts exist
part_files.append(part_file);
}
}
}
Commit | CompactedCommit { .. } | Unknown => {} // invalid file type => do nothing
}
}
checkpoints
.into_iter()
.find(|(num_parts, part_files)| part_files.len() == num_parts)
.map_or(vec![], |(_, part_files)| part_files)
Thanks for this! |
What changes are proposed in this pull request?
Problem behavior:
When constructing a
LogSegment, we scan the_delta_logdirectory for checkpoints and commits. The most recent checkpoint is collected from the log, but the kernel does not check that it has collected a full multi-part checkpoint. Thus, the checkpoint returned may be incomplete. More context can be found here #497Expected behavior:
Keep track of the most recent complete checkpoint when iterating through the
_delta_logdirectory and warn the user when incomplete checkpoints are encountered.build_snapshot_with_out_of_date_last_checkpointshowcases the expected behavior, which now passes ✅ .build_snapshot_with_unsupported_uuid_checkpointverifying that currently unsupportedUuidCheckpoints are not considered valid checkpoints.How was this change tested?
build_snapshot_with_out_of_date_last_checkpointis the intended behavior of scenario described in Log file listing should handle incomplete multi-part checkpoints #497build_snapshot_with_out_of_date_last_checkpoint_and_incomplete_recent_checkpoint. Prior to this PR, when an out of date checkpoint hint is provided, AND there is a more recent incomplete checkpoint, the more recent incomplete checkpoint would be taken and assumed to be complete - resulting in errors building the snapshot. Now, the more recent incomplete checkpoint is ignored.build_snapshot_with_unsupported_uuid_checkpointverifies that currently unsupportedUuidCheckpoints are not considered valid checkpoints.build_snapshot_with_multiple_incomplete_multipart_checkpointsverifies that multiple incomplete multi-part checkpoints that interleave are validated appropriately, more context here: fix: incomplete multi-part checkpoint handling when no hint is provided #641 (comment)resolves #497