-
Notifications
You must be signed in to change notification settings - Fork 82
Conversation
It is undefined behavior to keep a reference to the database while modifying it, we were keeping references in the database and also feeding the heed put_current methods with keys referenced inside the database itself. meilisearch/heed#108
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tell me if I'm wrong, but we should totally fix these lines too, no?
https://github.com/meilisearch/milli/blob/main/milli/src/update/index_documents/mod.rs#L157
https://github.com/meilisearch/milli/blob/main/milli/src/update/index_documents/mod.rs#L219
The |
I obviously have no right to impose anything here, but I'd just suggest that when you make subtle changes like this, you leave a comment in the source code that at least briefly explains that this was a deliberate choice, and possibly links to an issue with more details. That reduces the risk of someone, in 2 years, going "ah I can eliminate some copies here" and re-introducing the bug. ;) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes you're right, thank you!
And thanks again everyone 😄
Thank you @RalfJung, I am changing the heed functions to be unsafe, make a PR to this repo using the new version, and will add little comments above the functions in this PR. It will be just above an unsafe block, I hope this comment will be visible enough in 2 years 😄 |
FWIW, you don't need to make the |
Thank you @Diggsey, I just opened an issue about your proposal, not sure if it will work but will try it out. I didn't publish the new v0.12 version of heed on crates.io so I can change anything. Anyway, we will merge this PR for now as it fixes the bug and will use the potentially safe new version of heed if we update it! |
266: Bump LMDB to the latest version (v0.9.70) r=Kerollmops a=Kerollmops By bumping to a new version of heed (from git, v0.12.0 unpublished yet), this PR fixes Windows disk reservation problems. This new version of heed changes the `del/put_current`, and `append` iterator methods signature by declaring them unsafe. This PR also bumps milli itself into v0.7.0 as it is breaking due to the heed/LMDB bump. This PR must be merged after #264. Co-authored-by: Clément Renault <clement@meilisearch.com>
@Kerollmops just a heads up that without implementing my proposal, you might have to worry about race conditions, since one thread might be reading a key from the DB while another thread tries to write to the DB. (I'm not sure, maybe everything is already forced to be single-threaded) |
@Diggsey, Yeah LMDB already ensures that there can be only one mutable transaction at a time. Thank you anyway! |
I think that have to move around a ref mut to the db is too much constraint, since we won't be able to clone it and use references to it anymore. This is redundant to lmdb's locking mechanism. As soon as we get GATs, which so not be too long now, we should be able to create a |
291: Fix a bug about zero bytes in the inputs r=irevoire a=Kerollmops Ok, good news, after a little session of debugging with `@irevoire` we found out that the bug seems to be related to zeroes in the input update. The engine wasn't designed to accept those. The chosen solution is to update the tokenizer to remove those zeroes. We are waiting on meilisearch/charabia#52 to be merged and a new version to be released. It is not an undefined behavior, I repeat: it is a "normal" bug 🎉 👏 ---- This PR tries to fix a bug where we use LMDB in the wrong way, leading to panic due to an undefined behavior on the Rust side. I thought [we fixed it in a previous PR](#264) but we found out that _a similar_ bug was still present. `@bb` found a way to trigger this bug and helped us find the origin of it. As I don't have a minimal reproducible example of this bug I bet on the unsafe `put_current` calls when we index new documents as the bug was trigger after a big indexation on a clean database, thus not triggering a deletion update. I only replaced the unsafe `put_current` with two safe calls to `get`/`put`. I hope it helps and fixes the bug, only `@bb` can help us check that. I am not even sure how I can create a custom Docker image and expose it for testing purposes. <details> <summary>The backtrace leading us to a panic in grenad.</summary> ``` meilisearch_1 | thread 'tokio-runtime-worker' panicked at 'assertion failed: key > &last_key', /root/.cargo/git/checkouts/grenad-e2cb77f65d31bb02/3adcb26/src/block_builder.rs:38:17 meilisearch_1 | stack backtrace: meilisearch_1 | 0: rust_begin_unwind meilisearch_1 | at ./rustc/53cb7b09b00cbea8754ffb78e7e3cb521cb8af4b/library/std/src/panicking.rs:493:5 meilisearch_1 | 1: core::panicking::panic_fmt meilisearch_1 | at ./rustc/53cb7b09b00cbea8754ffb78e7e3cb521cb8af4b/library/core/src/panicking.rs:92:14 meilisearch_1 | 2: core::panicking::panic meilisearch_1 | at ./rustc/53cb7b09b00cbea8754ffb78e7e3cb521cb8af4b/library/core/src/panicking.rs:50:5 meilisearch_1 | 3: grenad::block_builder::BlockBuilder::insert meilisearch_1 | at ./root/.cargo/git/checkouts/grenad-e2cb77f65d31bb02/3adcb26/src/block_builder.rs:38:17 meilisearch_1 | 4: grenad::writer::Writer<W>::insert meilisearch_1 | at ./root/.cargo/git/checkouts/grenad-e2cb77f65d31bb02/3adcb26/src/writer.rs:92:12 meilisearch_1 | 5: milli::update::words_level_positions::write_level_entry meilisearch_1 | at ./root/.cargo/git/checkouts/milli-00376cd5db949a15/007fec2/milli/src/update/words_level_positions.rs:262:5 meilisearch_1 | 6: milli::update::words_level_positions::compute_positions_levels meilisearch_1 | at ./root/.cargo/git/checkouts/milli-00376cd5db949a15/007fec2/milli/src/update/words_level_positions.rs:211:13 meilisearch_1 | 7: milli::update::words_level_positions::WordsLevelPositions::execute meilisearch_1 | at ./root/.cargo/git/checkouts/milli-00376cd5db949a15/007fec2/milli/src/update/words_level_positions.rs:65:23 meilisearch_1 | 8: milli::update::index_documents::IndexDocuments::execute_raw meilisearch_1 | at ./root/.cargo/git/checkouts/milli-00376cd5db949a15/007fec2/milli/src/update/index_documents/mod.rs:831:9 meilisearch_1 | 9: milli::update::index_documents::IndexDocuments::execute meilisearch_1 | at ./root/.cargo/git/checkouts/milli-00376cd5db949a15/007fec2/milli/src/update/index_documents/mod.rs:372:9 meilisearch_1 | 10: meilisearch_http::index::updates::<impl meilisearch_http::index::Index>::update_documents_txn meilisearch_1 | at ./meilisearch/meilisearch-http/src/index/updates.rs:225:30 meilisearch_1 | 11: meilisearch_http::index::updates::<impl meilisearch_http::index::Index>::update_documents meilisearch_1 | at ./meilisearch/meilisearch-http/src/index/updates.rs:183:22 meilisearch_1 | 12: meilisearch_http::index::update_handler::UpdateHandler::handle_update meilisearch_1 | at ./meilisearch/meilisearch-http/src/index/update_handler.rs:75:18 meilisearch_1 | 13: meilisearch_http::index_controller::index_actor::actor::IndexActor<S>::handle_update::{{closure}}::{{closure}} meilisearch_1 | at ./meilisearch/meilisearch-http/src/index_controller/index_actor/actor.rs:174:35 meilisearch_1 | 14: <tokio::runtime::blocking::task::BlockingTask<T> as core::future::future::Future>::poll meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/blocking/task.rs:42:21 meilisearch_1 | 15: tokio::runtime::task::core::CoreStage<T>::poll::{{closure}} meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/task/core.rs:243:17 meilisearch_1 | 16: tokio::loom::std::unsafe_cell::UnsafeCell<T>::with_mut meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/loom/std/unsafe_cell.rs:14:9 meilisearch_1 | 17: tokio::runtime::task::core::CoreStage<T>::poll meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/task/core.rs:233:13 meilisearch_1 | 18: tokio::runtime::task::harness::poll_future::{{closure}} meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/task/harness.rs:427:23 meilisearch_1 | 19: <std::panic::AssertUnwindSafe<F> as core::ops::function::FnOnce<()>>::call_once meilisearch_1 | at ./rustc/53cb7b09b00cbea8754ffb78e7e3cb521cb8af4b/library/std/src/panic.rs:344:9 meilisearch_1 | 20: std::panicking::try::do_call meilisearch_1 | at ./rustc/53cb7b09b00cbea8754ffb78e7e3cb521cb8af4b/library/std/src/panicking.rs:379:40 meilisearch_1 | 21: std::panicking::try meilisearch_1 | at ./rustc/53cb7b09b00cbea8754ffb78e7e3cb521cb8af4b/library/std/src/panicking.rs:343:19 meilisearch_1 | 22: std::panic::catch_unwind meilisearch_1 | at ./rustc/53cb7b09b00cbea8754ffb78e7e3cb521cb8af4b/library/std/src/panic.rs:431:14 meilisearch_1 | 23: tokio::runtime::task::harness::poll_future meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/task/harness.rs:414:19 meilisearch_1 | 24: tokio::runtime::task::harness::Harness<T,S>::poll_inner meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/task/harness.rs:89:9 meilisearch_1 | 25: tokio::runtime::task::harness::Harness<T,S>::poll meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/task/harness.rs:59:15 meilisearch_1 | 26: tokio::runtime::task::raw::RawTask::poll meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/task/raw.rs:66:18 meilisearch_1 | 27: tokio::runtime::task::Notified<S>::run meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/task/mod.rs:171:9 meilisearch_1 | 28: tokio::runtime::blocking::pool::Inner::run meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/blocking/pool.rs:265:17 meilisearch_1 | 29: tokio::runtime::blocking::pool::Spawner::spawn_thread::{{closure}} meilisearch_1 | at ./root/.cargo/registry/src/github.com-1ecc6299db9ec823/tokio-1.7.1/src/runtime/blocking/pool.rs:245:17 meilisearch_1 | note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace. ``` </details> Co-authored-by: Kerollmops <clement@meilisearch.com>
We were incorrectly using LMDB by keeping references into the database while modifying it, it was mostly due to heed not specifying anything about this behavior (blame me). I made sure in this PR that we always keep and owned version of the references we were previously using.
This PR partially fixes #261, we need to bump heed to v0.12 when it is available as it marks the
del/put_current
, andappend
methods as unsafe and explains why.I would like to thank the whole Rust community for their help, especially: