Fix a very rare case of corruption in compression used for internal cluster communication.

[rjernst]

See CorruptedCompressorTests for details on how this bug can be hit.

[javanna]

missing @Test annotation

[rmuir]

@test doesnt do anything :)

[javanna]

I know if the method starts with test we are good anyway but why do we use the annotation all over the place then :) Either we remove it everywhere or we stick to it I'd say...

[rjernst]

I don't use @Test unless someone makes me, for the exact reason Robert pointed out. It is just extra characters with no benefit.

[rmuir]

Please disable unsafe encode/decode complete.

• This may crash machines that don't allow unaligned reads: Fatal error in Java Runtime Environment with LZF 0.9.5 Library in Solaris 11 on sparc ning/compress#18
• if (SUNOS) does not imply its safe to do such unaligned reads.
• This may corrupt data on bigendian systems: Incorrect de-serialization leading to stream corruption in Big Endian systems ning/compress#37
• We do not test such situations.

[imotov]

Historically, we were using "X" prefix to designate temporary implementations like this one. So, a more traditional name would be XVanillaChunkEncoder. For example 2edde35

[rjernst]

Ok, changed to XVanillaChunkEncoder.

[rjernst]

Ok, I think I addressed all the comments. The only unchanged thing is the license file, because I don't know which license to put in there (the original file had no license header).

[rjernst]

The PR to the compress-lzf project was merged, and a 1.0.2 release was made. I removed the X encoder and made the upgrade to 1.0.2.

[kimchy]

do we still need this with 1.0.2?

[rjernst]

Good catch. Removed.

[rmuir]

looks good, thanks Ryan.

[jpountz]

+1 as well

[rjernst]

Thanks. Pushed.

[taf2]

Upgrading from 1.1.1 to 1.6.0 and noticing this output from our cluster

insertOrder timeInQueue priority source
      37659        27ms HIGH     shard-failed ([callers][2], node[Ko3b9KsESN68lTkPtVrHKw], relocating [4mcZCKvBRoKQJS_StGNPng], [P], s[INITIALIZING]), reason [shard failure [failed recovery][RecoveryFailedException[[callers][2]: Recovery failed from [aws_el1][4mcZCKvBRoKQJS_StGNPng][ip-10-55-11-210][inet[/10.55.11.210:9300]]{rack=useast1, master=true, zone=zonea} into [aws_el1a][Ko3b9KsESN68lTkPtVrHKw][ip-10-55-11-211][inet[/10.55.11.211:9300]]{rack=useast1, zone=zonea, master=true} (unexpected error)]; nested: ElasticsearchIllegalStateException[Can't recovery from node [aws_el1][4mcZCKvBRoKQJS_StGNPng][ip-10-55-11-210][inet[/10.55.11.210:9300]]{rack=useast1, master=true, zone=zonea} with [indices.recovery.compress : true] due to compression bugs -  see issue #7210 for details]; ]]```

what do we do?

[rjernst]

@taf2 Turn off compression before upgrading.

[taf2]

@rjernst thanks! which kind of compression do we disable...

is it this option in

/etc/elasticsearch/elasticsearch.yml
#transport.tcp.compress: true

?

or another option?

[taf2]

okay sorry it looks like we need to disable indices.recovery.compress - but is this something that needs to be disabled on all nodes in the cluster or just the new 1.6.0 node we're starting up now?

[rjernst]

All nodes in the cluster, before starting the upgrade. The problem is old nodes with this setting enabled would use the old buggy code, which can then cause data copied between and old and new node to become corrupted.

[taf2]

excellent thank you - we have run the following on the existing cluster:

curl -XPUT localhost:9200/_cluster/settings -d '{"transient" : {"indices.recovery.compress" : false }}'

[taf2]

Thank you that did the trick!