Trillian batch operations with > 1k entries fail on MariaDB >= 10.3 #1845
Comments
|
Occasionally passing for me go env |
This ensures that issues such as #1845 can't be introduced and be unnoticed.
|
This works reliably for me with a min/max leaf batch of 100, but 150 fails reliably (admittedly on a small sample size): HAMMER_OPTS="--operations=500 --min_leaves=150 --max_leaves=150 --invalid_chance=0" ./integration/maphammer.sh |
|
Same error around the wrong roots? |
|
Still fails to validate inclusion proofs. I'm looking into it now. |
There is no reason in the real world that the number of leaves fetched by clients in a batch would have any relationship to the number of leaves written at a time. The single parameter was an artefact of the way the hammer was written. Allowing these to be configured separately better approximates the real world and allows the hammer to hit the map more flexibly. Making either of the read or write flags be above 100 triggers the issue in google#1845, though it does so differently for each of the batch sizes.
There is no reason in the real world that the number of leaves fetched by clients in a batch would have any relationship to the number of leaves written at a time. The single parameter was an artefact of the way the hammer was written. Allowing these to be configured separately better approximates the real world and allows the hammer to hit the map more flexibly. Making either of the read or write flags be above 100 triggers the issue in #1845, though it does so differently for each of the batch sizes.
|
Confirmed that batches of > 100 work on MariaDB 10.1 and 10.2, but fail on 10.3 and 10.4. |
mhutchinson
changed the title
This doesn't trigger google#1845 but that in itself tells us something.
This doesn't trigger google#1845 but that in itself tells us something.
This allows for useful diagnostics when digging into issues such as google#1845, providing the correct commandline args are provided. e.g: `go test -v ./storage/mysql/... -count 1 -args -stderrthreshold=INFO`
|
Thanks for doing all this research. Nailing this down to particular DB versions is a big step forward. Props. |
|
This may be useful to other people needing to switch between DB versions to isolate problems. So I'm not the only one that acquires the dubious honour of knowing how to do this, I'm doing this using homebrew with the following set of steps. Note that in all cases I don't care about the DB contents. These steps should not be followed if you want a data-preserving upgrade/downgrade procedure: Edit |
|
Here's a pretty key finding: this works on the newer versions of MariaDB if @pavelkalinnikov how likely is this preload to be changed by your ongoing work? I feel that I'm getting closer to root causing this now, but if it's all about to be thrown away then I'll save my time for something more useful. |
|
Wow, this is a great finding! My work largely overlaps with this option indeed:
It definitely makes sense to look at why it doesn't work now to then demonstrate that the issue was fixed and how. I am happy to play with it, and see if my interference is needed there. Also, I have a totally made-up idea on why this might be failing. Could be a combination of the following:
Not sure what's so magical about this exact hundred threshold... |
|
Check this thing out introduced in MariaDB 10.3: https://mariadb.com/kb/en/library/conversion-of-big-in-predicates-into-subqueries/. Note the condition enabling this optimization: "the IN list has more than 1000 elements". Our subtrees query uses a large The map is split into 11 strata levels: trillian/storage/mysql/map_storage.go Line 44 in 10e7f25 The topmost stratum is queried separately, which means the paths in the bottom "shards" span exactly 10 strata. Now 100 random leaf updates probably span a little under 100 shards (birthday paradox might subtract 1 or 2 from that). Multiply that by 10 strata, and maybe do +1 for the root stratum, and we get just above the magical 1000 threshold. Printing trillian/storage/mysql/tree_storage.go Line 207 in 10e7f25 Also, changing the strata layout should result in a different "magic threshold", e.g. for var defaultMapStrata = []int{8, 8, 8, 8, 8, 8, 8, 8, 8, 184}it should be ~112. |
|
Confirmed. |
This allows for useful diagnostics when digging into issues such as #1845, providing the correct commandline args are provided. e.g: `go test -v ./storage/mysql/... -count 1 -args -stderrthreshold=INFO`
These were intended to show that google#1845 could be easily reproduced with batches over 1k but they run fine. More investigation is needed, but more tests is always good.
|
Failing test case! #1930 |
This will flush out issues like google#1845 faster and more precisely than relying on the hammer.
This will flush out issues like #1845 faster and more precisely than relying on the hammer.
These were intended to show that google#1845 could be easily reproduced with batches over 1k but they run fine. More investigation is needed, but more tests is always good.
These were intended to show that google#1845 could be easily reproduced with batches over 1k but they run fine. More investigation is needed, but more tests is always good.
mhutchinson
changed the title
|
Updated the title: as the tests in #1930 demonstrate, this affects the log API too. The log storage layer can be coerced into failing in multiple ways through batch operations, but only one of these is wired to the gRPC API: QueueLeaves (when >= 1k duplicate entries are queued). The root cause appears to be https://jira.mariadb.org/browse/MDEV-12176 which is still attracting discussion from the community. It's unclear how this optimization seems to be a functional change for all of our lookups. There is one report, allegedly fixed in 10.3.3, of behavioural changes, but all ongoing discussions are around the performance impact. Getting further into this may be a waste of our resources. As a strawman, I suggest we remove MariaDB 10.3+ from Trillian supported configurations, unless we believe there is sufficient motivation to continue supporting this. Any fix will require updating the SQL, which may impact performance/correctness in other situations. |
These show that google#1845 can be reproduced with batches over 1k on newer versions of MariaDB. Some of these tests are map specific, but the QueueLeaves test can be triggered via the Trillian gRPC API.
These tests would likely fail if they were run for more operations. We have found that batch sizes of < 100 is reliable, so we should stick to that for stability and clarity.
|
According to a MariaDB developer comment,
Unfortunately for us, MariaDB 10.3.18 isn't yet available in Amazon RDS yet. 🤕 |
|
@pgporada Have you migrated to a newer MariaDB? |
|
@mhutchinson Are there any more action items here? |
|
This was only ever known to cause issues with the DB-backed Map, which was experimental is now EOL (#2284). So I'm not planning more work here. Any map work will be on the |
|
We did upgrade to MariaDB 10.3.18 prior to me leaving for paternity leave (October 2020). RDS didn't allow us to change the optimizers that we needed and per a support email they had no intention of ever letting us do so. It would take an application change to allow setting |
|
@pgporada: Is this issue affecting your (non-map) deployment? |
|
This issue is activated when a query has an However, I can see some queries in logs that do have a variable-length
I believe, CT logs are not affected by this bug. As for non-CT uses of the log, we could add a limit on the number of entries to submit/query, for all of the 3 cases above. |
|
Thanks for the explanation, Pavel! |
go test ./testonly/hammer/...
--- FAIL: TestInProcessMapHammer (9.77s)
hammer_test.go:129: hammer failure: failed to verify inclusion proof for Index=922cab9b7de0da6c6b65792d3030303030303234000000000000000000000000: calculated root: 3af78a4fc25a48d822fd41eed4d56b3afff53cf6ac4f603427120b9127eece9c, want: 8192c68b3ec424a648ef33ae4d3b970b7ff870f12aa6fca03214652d25363e61
FAIL
FAIL github.com/google/trillian/testonly/hammer 10.203s
? github.com/google/trillian/testonly/hammer/maphammer [no test files]
? github.com/google/trillian/testonly/hammer/mapreplay [no test files]
FAIL
Whatever else happens, we need to be explicit about which versions of mysql we support.
It's also worth seeing whether this version of MySQL can be supported without breaking backwards compatibility.
The text was updated successfully, but these errors were encountered: