Fix memory leak when query fails with permission error #12270
Conversation
viczhang861
requested review from
wenleix,
elonazoulay,
arhimondr and
mbasmanova
viczhang861
changed the title
viczhang861
force-pushed
the
cleanFailedQuery
branch
from
edfc5c1 to
ade4c5a
Compare
There was a problem hiding this comment.
@picrinite Looks good, thanks for figuring this out.
@elonazoulay Yeah, i think we should add a test. I think what we can try to do, is to create a new integration test class, create a distributed query runner, run different scenarios upon that query runner when checking that transaction manager is empty after every scenario.
| queryStateMachine.addStateChangeListener(newState -> { | ||
| QUERY_STATE_LOG.debug("Query %s is %s", queryStateMachine.getQueryId(), newState); | ||
| // mark finished or failed transaction as inactive | ||
| if (newState.isDone()) { |
There was a problem hiding this comment.
@picrinite Did you check that this listener is triggered when the analysis fails (the case with permission error)?
The last time we discussed it, we were thinking about wrapping the analysis into a try-catch, because we thought that the state change listener may not always be triggered. Is that not the case?
There was a problem hiding this comment.
@arhimondr The first commit is an improvement to make it safer for "setInactive" job. It is not triggered for permission error.
The second commit guarantees "setInactive" job is triggered when there is permission error, but there are some tests failed and I don't know how to reproduce. Help appreciated !
Regarding automatic test, cleanup of transaction manager is an asynchronous job with a delay (current default is 5 minutes), it is not deterministic.
There was a problem hiding this comment.
An integration test is added, the added test will fail without current fix.
presto-main/src/main/java/com/facebook/presto/execution/SqlQueryExecution.java
Outdated
Show resolved
Hide resolved
viczhang861
force-pushed
the
cleanFailedQuery
branch
2 times, most recently
from
3efda78 to
bced22d
Compare
viczhang861
changed the title
viczhang861
force-pushed
the
cleanFailedQuery
branch
2 times, most recently
from
d287858 to
28d7fbf
Compare
There was a problem hiding this comment.
Merge StateChangeListener for QueryStateMachine
- IIUC this commit just moves the listener registration to
QueryStateMachineright after the creation of the state machine. If this is correct we can update the commit title asRegister state change listener in QueryStateMachineor sth similar.
| @@ -496,6 +489,11 @@ public ThreadPoolExecutorMBean getManagementExecutor() | |||
| return queryManagementExecutorMBean; | |||
| } | |||
|
|
|||
| public TransactionManager getTransactionManager() | |||
There was a problem hiding this comment.
Annotate with @VisibleForTesting.
| @@ -56,6 +60,30 @@ public void tearDown() | |||
| queryRunner = null; | |||
| } | |||
|
|
|||
| @Test(timeOut = 100_000L) | |||
There was a problem hiding this comment.
Why not 60s? 100s is a bit on the long side.
| QueryInfo queryInfo = sqlQueryManager.getFullQueryInfo(queryId); | ||
| assertEquals(queryInfo.getState(), FAILED); | ||
| assertNotNull(queryInfo.getFailureInfo()); | ||
| TimeUnit.MILLISECONDS.sleep(50); |
There was a problem hiding this comment.
Why is there a sleep call here? Does the correctness of the test depend on this call?
There was a problem hiding this comment.
Can we get a future on that metadata cleanup asyn job and wait until it's done? Sleeping is fragile, this test can fail arbitrarily depending on the interleaving of the async job and the thread running this test.
There was a problem hiding this comment.
@nezihyigitbasi After further investigation with @arhimondr, we confirmed sleep() is not necessary since cleanup is synchronous. I have removed it from test.
viczhang861
force-pushed
the
cleanFailedQuery
branch
from
28d7fbf to
ebfb3d1
Compare
Register transaction cleanup job immediatelly after QueryStateMachine object is created to avoid failure.
viczhang861
force-pushed
the
cleanFailedQuery
branch
from
ebfb3d1 to
75f7343
Compare
presto-tests/src/test/java/com/facebook/presto/tests/TestQueryManager.java
Outdated
Show resolved
Hide resolved
presto-tests/src/test/java/com/facebook/presto/tests/TestTransactionManagerIntegration.java
Show resolved
Hide resolved
viczhang861
force-pushed
the
cleanFailedQuery
branch
from
75f7343 to
2d01d12
Compare
presto-tests/src/test/java/com/facebook/presto/tests/TestTransactionManagerIntegration.java
Show resolved
Hide resolved
When semantic error (including permission error) is thrown during creation of SqlQueryExecution object, transaction metadata is not cleaned up resulting in memory leak. Current handling of error via method TransactionMetadata::fail is not working if there is no existing transaction id in session object.
viczhang861
force-pushed
the
cleanFailedQuery
branch
from
2d01d12 to
b858007
Compare
Summary: Pull Request resolved: facebookincubator/velox#12270 Differential Revision: D69208299
When permission error is thrown inside creation of QueryExecution object,
transaction metadata is not marked as inactive resulting in memory leak.
Existing handling of error via method TransactionMetadata::fail is not
working when transaction id is empty in session object.
A heapdump is taken to test that previously leaked objects become
unreachable from GC roots after this fix.