kvcoord: assert that the txn is clean after commit#46399
Open
andreimatei wants to merge 1 commit intocockroachdb:masterfrom
Open
kvcoord: assert that the txn is clean after commit#46399andreimatei wants to merge 1 commit intocockroachdb:masterfrom
andreimatei wants to merge 1 commit intocockroachdb:masterfrom
Conversation
Member
|
This change is |
nvb
approved these changes
Mar 23, 2020
Contributor
nvb
left a comment
nvb
left a comment
There was a problem hiding this comment.
LGTM once the one comment is addressed. However, could you run a set of the following three roachtests 3x each before merging this:
- tpcc/mixed-headroom/n5cpu16
- version/mixed/nodes=3
- version/mixed/nodes=5
Reviewed 1 of 1 files at r1.
Reviewable status:complete! 0 of 0 LGTMs obtained (waiting on @andreimatei)
pkg/kv/kvclient/kvcoord/txn_interceptor_committer.go, line 227 at r1 (raw file):
// highest read timestamp, the response from the EndTxn sub-batch gets to // dictate the wto flag of the combined response (see Transaction.Update()). if br.Txn.WriteTooOld {
Why do we have the same assertions twice? Why don't we just use txn.Status in assertTxnCleanWhenCommitted and call that from here?
This patch adds a couple of assertions about the state in which a txn proto can be after a successful commit (explicit commit or implicit). The assertions are about how the multiple updates to a txn done by sub-batches of the commit batch (as split by the DistSender) must have been collapsed in a sane way when merging their responses together. I spent the morning thinking that we have a problem with the WriteTooOld flag being set on the result for an implicitly-committed txn. The scenario that I was worried about is that the EndTxn(CanCommitAtHigherTimestamp:true) batch gets split into two, and both halves get pushed. The EndTxn half gets pushed higher than the other half (otherwise, we wouldn't end up in an implicit commit state), but it performs a server-side refresh and succeeds. I was worried that the other half can still return a WriteTooOld flag, which would make it into the combined response, and would trick the span refresher into retrying. This would be bad, since retrying after an implicit commit is problematic. However, I believe this situation is not possible. We're saved by the fact that combining the transaction updates (Transaction.Update()) is smart enough to not treat the WriteTooOld flag as cummulative; instead, the response with the highest read timestamp gets to dictate the wto, and the EndTxn response should not have it set. Release note: None Release justification: Only an assertion. It would be indicative of a dangerous bug if it fires.
andreimatei
force-pushed
the
txn.assert-clean-after-commit
branch
from
de7921a to
3c9e2c8
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This patch adds a couple of assertions about the state in which a txn
proto can be after a successful commit (explicit commit or implicit).
The assertions are about how the multiple updates to a txn done by
sub-batches of the commit batch (as split by the DistSender) must have
been collapsed in a sane way when merging their responses together.
I spent the morning thinking that we have a problem with the WriteTooOld
flag being set on the result for an implicitly-committed txn. The
scenario that I was worried about is that the
EndTxn(CanCommitAtHigherTimestamp:true) batch gets split
into two, and both halves get pushed. The EndTxn half gets pushed higher
than the other half (otherwise, we wouldn't end up in an implicit commit
state), but it performs a server-side refresh and succeeds. I was
worried that the other half can still return a WriteTooOld flag, which
would make it into the combined response, and would trick the span
refresher into retrying. This would be bad, since retrying after an
implicit commit is problematic.
However, I believe this situation is not possible. We're saved by the
fact that combining the transaction updates (Transaction.Update()) is
smart enough to not treat the WriteTooOld flag as cummulative; instead,
the response with the highest read timestamp gets to dictate the wto,
and the EndTxn response should not have it set.
Release note: None
Release justification: Only an assertion. It would be indicative of a
dangerous bug if it fires.