Skip to content

HBASE-29857 better handling NPE in BucketCache #7685

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
teamconfx wants to merge 4 commits into
base: master
Choose a base branch
from
Open

HBASE-29857 better handling NPE in BucketCache #7685

teamconfx wants to merge 4 commits into from
+15 −1

Conversation

@teamconfx
Copy link
Contributor

@teamconfx teamconfx commented Jan 28, 2026

This PR is for JIRA issue: https://issues.apache.org/jira/browse/HBASE-29857

The original JIRA issue is found in HBase v2.6.3, and fixed by HBASE-28839.
I tested with the same workload that I see the bug from v2.6.3 and verify the fix works in both master and branch-2.6.

However the current code still not handle NPE when persistence file is empty or corrupted explicitly.
This PR proposes a new checker to better catch the null from BucketCacheProtos.BucketCacheEntry.parseDelimitedFrom(in);.

@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase

This comment has been minimized.

Sign in to view
vaijosh
vaijosh suggested changes Jan 29, 2026
View reviewed changes
hbase-server/src/main/java/org/apache/hadoop/hbase/io/hfile/bucket/BucketCache.java

// HBASE-29857: Handle case where persistence file is empty or corrupted.
// parseDelimitedFrom() returns null when there's no data to read.
if (cacheEntry == null) {
Copy link
Contributor

@vaijosh vaijosh Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@teamconfx
I noticed one more potential NPE in BucketCache.retrieveFromFile e.g. when ProtobufMagic.isPBMagicPrefix(pbuf)=true.

So can we validation check in the caller, BucketCache.retrieveFromFile to check if the persistence file is empty or corrupted?

Copy link
Contributor Author

@teamconfx teamconfx Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for pointing this out! Will do it.

Copy link
Contributor Author

@teamconfx teamconfx Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vaijosh I added a similar validation check for BucketCache.retrieveFromFile, can you please take another look? Thanks!

Copy link
Contributor

@vaijosh vaijosh Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. Thanks

Copy link
Contributor

@wchevreuil wchevreuil Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should re-phrase the comment, as this only handles the case for empty files. Corrupt files would likely cause a InvalidProtocolBufferException, which is a sub-class of IOException.

@Apache-HBase

This comment has been minimized.

Sign in to view
@vaijosh
Copy link
Contributor

vaijosh commented Jan 29, 2026

Thanks @teamconfx
Changes LGTM.

@Apache-HBase

This comment has been minimized.

Sign in to view
@Apache-HBase
Copy link

Apache-HBase commented Jan 29, 2026

🎊 +1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 12s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 0s codespell was not available.
+0 🆗 detsecrets 0m 0s detect-secrets was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
+1 💚 hbaseanti 0m 0s Patch does not have any anti-patterns.
_ master Compile Tests _
+1 💚 mvninstall 3m 21s master passed
+1 💚 compile 3m 32s master passed
+1 💚 checkstyle 1m 4s master passed
+1 💚 spotbugs 1m 52s master passed
+1 💚 spotless 0m 49s branch has no errors when running spotless:check.
_ Patch Compile Tests _
+1 💚 mvninstall 3m 33s the patch passed
+1 💚 compile 2m 48s the patch passed
+1 💚 javac 2m 48s the patch passed
+1 💚 blanks 0m 0s The patch has no blanks issues.
+1 💚 checkstyle 0m 48s the patch passed
+1 💚 spotbugs 1m 23s the patch passed
+1 💚 hadoopcheck 8m 53s Patch does not cause any errors with Hadoop 3.3.6 3.4.1.
+1 💚 spotless 0m 36s patch has no errors when running spotless:check.
_ Other Tests _
+1 💚 asflicense 0m 10s The patch does not generate ASF License warnings.
34m 45s
Subsystem Report/Notes
Docker ClientAPI=1.53 ServerAPI=1.53 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7685/3/artifact/yetus-general-check/output/Dockerfile
GITHUB PR #7685
Optional Tests dupname asflicense javac spotbugs checkstyle codespell detsecrets compile hadoopcheck hbaseanti spotless
uname Linux 09ad049fb39f 6.14.0-1018-aws #18~24.04.1-Ubuntu SMP Mon Nov 24 19:46:27 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/hbase-personality.sh
git revision master / 8423bce
Default Java Eclipse Adoptium-17.0.11+9
Max. process+thread count 84 (vs. ulimit of 30000)
modules C: hbase-server U: hbase-server
Console output https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7685/3/console
versions git=2.34.1 maven=3.9.8 spotbugs=4.7.3
Powered by Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

wchevreuil
wchevreuil reviewed Jan 29, 2026
View reviewed changes
Copy link
Contributor

@wchevreuil wchevreuil left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have a few minor comments. Apart from those, can we add UTs for these conditions?

hbase-server/src/main/java/org/apache/hadoop/hbase/io/hfile/bucket/BucketCache.java Outdated
Comment on lines 1615 to 1621
// HBASE-29857: Validate that the persistence file has data after the magic bytes.
// A truncated or corrupted file may only contain magic bytes without actual cache data.
if (in.available() == 0) {
throw new IOException("Persistence file appears to be truncated or corrupted. "
+ "File contains only magic bytes without cache data: " + persistencePath);
}

Copy link
Contributor

@wchevreuil wchevreuil Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we really need this extra check? I guess if there's nothing after pb magic in the stream, we will reach the condition where BucketCacheProtos.BucketCacheEntry.parseDelimitedFrom(in) returns null, which is already been validated for both cases.

Copy link
Contributor Author

@teamconfx teamconfx Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

True, I can remove this extra check.

hbase-server/src/main/java/org/apache/hadoop/hbase/io/hfile/bucket/BucketCache.java

// HBASE-29857: Handle case where persistence file is empty or corrupted.
// parseDelimitedFrom() returns null when there's no data to read.
if (cacheEntry == null) {
Copy link
Contributor

@wchevreuil wchevreuil Jan 29, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should re-phrase the comment, as this only handles the case for empty files. Corrupt files would likely cause a InvalidProtocolBufferException, which is a sub-class of IOException.

@Apache-HBase
Copy link

Apache-HBase commented Jan 29, 2026

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 12s Docker mode activated.
-0 ⚠️ yetus 0m 3s Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --author-ignore-list --blanks-eol-ignore-file --blanks-tabs-ignore-file --quick-hadoopcheck
_ Prechecks _
_ master Compile Tests _
+1 💚 mvninstall 2m 20s master passed
+1 💚 compile 0m 46s master passed
+1 💚 javadoc 0m 22s master passed
+1 💚 shadedjars 4m 26s branch has no errors when building our shaded downstream artifacts.
_ Patch Compile Tests _
+1 💚 mvninstall 2m 17s the patch passed
+1 💚 compile 0m 46s the patch passed
+1 💚 javac 0m 46s the patch passed
+1 💚 javadoc 0m 21s the patch passed
+1 💚 shadedjars 4m 26s patch has no errors when building our shaded downstream artifacts.
_ Other Tests _
-1 ❌ unit 215m 24s /patch-unit-hbase-server.txt hbase-server in the patch failed.
235m 17s
Subsystem Report/Notes
Docker ClientAPI=1.53 ServerAPI=1.53 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7685/3/artifact/yetus-jdk17-hadoop3-check/output/Dockerfile
GITHUB PR #7685
Optional Tests javac javadoc unit compile shadedjars
uname Linux d1f2b9254e00 6.14.0-1018-aws #18~24.04.1-Ubuntu SMP Mon Nov 24 19:46:27 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/hbase-personality.sh
git revision master / 8423bce
Default Java Eclipse Adoptium-17.0.11+9
Test Results https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7685/3/testReport/
Max. process+thread count 5911 (vs. ulimit of 30000)
modules C: hbase-server U: hbase-server
Console output https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7685/3/console
versions git=2.34.1 maven=3.9.8
Powered by Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

@Apache-HBase
Copy link

Apache-HBase commented Jan 29, 2026

🎊 +1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 1m 24s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 0s codespell was not available.
+0 🆗 detsecrets 0m 0s detect-secrets was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
+1 💚 hbaseanti 0m 0s Patch does not have any anti-patterns.
_ master Compile Tests _
+1 💚 mvninstall 2m 35s master passed
+1 💚 compile 2m 35s master passed
+1 💚 checkstyle 0m 47s master passed
+1 💚 spotbugs 1m 15s master passed
+1 💚 spotless 0m 40s branch has no errors when running spotless:check.
_ Patch Compile Tests _
+1 💚 mvninstall 2m 13s the patch passed
+1 💚 compile 2m 38s the patch passed
+1 💚 javac 2m 38s the patch passed
+1 💚 blanks 0m 0s The patch has no blanks issues.
+1 💚 checkstyle 0m 45s the patch passed
+1 💚 spotbugs 1m 19s the patch passed
+1 💚 hadoopcheck 8m 29s Patch does not cause any errors with Hadoop 3.3.6 3.4.1.
+1 💚 spotless 0m 33s patch has no errors when running spotless:check.
_ Other Tests _
+1 💚 asflicense 0m 9s The patch does not generate ASF License warnings.
30m 31s
Subsystem Report/Notes
Docker ClientAPI=1.48 ServerAPI=1.48 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7685/4/artifact/yetus-general-check/output/Dockerfile
GITHUB PR #7685
Optional Tests dupname asflicense javac spotbugs checkstyle codespell detsecrets compile hadoopcheck hbaseanti spotless
uname Linux 29577dda8773 6.8.0-1024-aws #26~22.04.1-Ubuntu SMP Wed Feb 19 06:54:57 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/hbase-personality.sh
git revision master / f64f0ed
Default Java Eclipse Adoptium-17.0.11+9
Max. process+thread count 86 (vs. ulimit of 30000)
modules C: hbase-server U: hbase-server
Console output https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7685/4/console
versions git=2.34.1 maven=3.9.8 spotbugs=4.7.3
Powered by Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wchevreuil wchevreuil wchevreuil left review comments

+1 more reviewer

@vaijosh vaijosh vaijosh approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@teamconfx @Apache-HBase @vaijosh @wchevreuil