fix: DynamicFilterPhysicalExpr violates Hash/Eq contract #19659
Conversation
|
cc @adriangb |
|
Thanks for working on this. Were there any alternatives considered? I've thought about it a little bit and think this is probably the best path forward, but maybe there are other alternatives; it would be good to document why we chose this option. At least one would be to make |
|
Thanks for the feedback, I did some analysis before implementation to best of my understanding;
Current Implementation:
The panic approach is reasonable but would be a breaking change(I think). Happy to discuss further if you think the explicitness outweighs the compatibility benefit. |
|
Sound good to me. Could we look for any potential call sites and update them to use |
|
I wonder if we could somehow use |
adriangb
left a comment
adriangb
left a comment
There was a problem hiding this comment.
I'm approving because this seems like the best choice and is better than the status quo. I imagine there may be uses where a different behavior is desired, we've tried to think through them but can't pretend to have covered them all. For future readers: if a different behavior is required please comment on this PR or open a new issue.
|
(let's wait a day before merging this) |
|
I think we should include this in datafusion-52 so I added it to the list on |
## Which issue does this PR close? <!-- We generally require a GitHub issue to be filed for all bug fixes and enhancements and this helps us generate change logs for our releases. You can link an issue to this PR using the GitHub syntax. For example `Closes apache#123` indicates that this PR will close issue apache#123. --> - Closes apache#19641. ## Rationale for this change `DynamicFilterPhysicalExpr` violates the `Hash/Eq` contract because the `Hash` and `PartialEq` implementations each call `self.current()` which acquires separate `RwLock::read()` locks. This allows the underlying expression to change between `hash()` and `eq()` calls via `update()`, causing: - HashMap key instability (keys "disappear" after update) - Potential infinite loops during HashMap operations - Corrupted HashMap state during concurrent access <!-- Why are you proposing this change? If this is already explained clearly in the issue then this section is not needed. Explaining clearly why changes are proposed helps reviewers understand your changes and offer better suggestions for fixes. --> ## What changes are included in this PR? Replaced content-based Hash/Eq with identity-based implementations: - Hash: Uses `Arc::as_ptr(&self.inner)` instead of hashing the mutable expression content - PartialEq: Uses `Arc::ptr_eq(&self.inner)` instead of comparing expression content via locks <!-- There is no need to duplicate the description in the issue here but it is sometimes worth providing a summary of the individual changes in this PR. --> ## Are these changes tested? Yes <!-- We typically require tests for all PRs in order to: 1. Prevent the code from being accidentally broken by subsequent changes 2. Serve as another way to document the expected behavior of the code If tests are not included in your PR, please explain why (for example, are they covered by existing tests)? --> ## Are there any user-facing changes? <!-- If there are user-facing changes then we may require documentation to be updated before approving the PR. --> <!-- If there are any breaking changes to public APIs, please add the `api change` label. -->
…19659) (#19705) ## Which issue does this PR close? <!-- We generally require a GitHub issue to be filed for all bug fixes and enhancements and this helps us generate change logs for our releases. You can link an issue to this PR using the GitHub syntax. For example `Closes #123` indicates that this PR will close issue #123. --> - part of #18566 ## Rationale for this change I propose back porting the fix for #19641 to 52 release ## What changes are included in this PR? - Backport #19659 ## Are these changes tested? eYes ## Are there any user-facing changes? bug fix Co-authored-by: Kumar Ujjawal <[email protected]>
3 participants
Which issue does this PR close?
Rationale for this change
DynamicFilterPhysicalExprviolates theHash/Eqcontract because theHashandPartialEqimplementations each callself.current()which acquires separateRwLock::read()locks. This allows the underlying expression to change betweenhash()andeq()calls viaupdate(), causing:What changes are included in this PR?
Replaced content-based Hash/Eq with identity-based implementations:
Arc::as_ptr(&self.inner)instead of hashing the mutable expression contentArc::ptr_eq(&self.inner)instead of comparing expression content via locksAre these changes tested?
Yes
Are there any user-facing changes?