chore: improve read object range error handling and retry robustness (googleapis#3021)

When a read causes an error it is delivered as a stream error. Depending on the kind of error (DATA_LOSS OUT_OF_RANGE) this could lead to a terminal state for the stream. If the error is for a specific range(s) mark those individual reads as terminally failed, but do not fail any others. Instead, raise a client side retryable ABORTED to restart the stream and any remaining reads for it.

Author: BenWhitehead

google-cloud-storage/src/main/java/com/google/cloud/storage/GrpcStorageOptions.java

@@ -36,6 +36,7 @@
 import com.google.api.gax.retrying.BasicResultRetryAlgorithm;
 import com.google.api.gax.retrying.ResultRetryAlgorithm;
 import com.google.api.gax.retrying.RetrySettings;
+import com.google.api.gax.rpc.AbortedException;
 import com.google.api.gax.rpc.BidiStreamingCallable;
 import com.google.api.gax.rpc.ClientContext;
 import com.google.api.gax.rpc.HeaderProvider;
@@ -1309,11 +1310,12 @@ private ReadObjectRangeResultRetryAlgorithmDecorator(ResultRetryAlgorithm<?> del
     }
 
     @Override
-    public boolean shouldRetry(Throwable previousThrowable, Object previousResponse) {
+    public boolean shouldRetry(Throwable t, Object previousResponse) {
       // this is only retryable with read object range, not other requests
-      return previousThrowable instanceof UncheckedChecksumMismatchException
-          || previousThrowable instanceof OutOfRangeException
-          || delegate.shouldRetry(StorageException.coalesce(previousThrowable), null);
+      return t instanceof UncheckedChecksumMismatchException
+          || (t instanceof OutOfRangeException && ((OutOfRangeException) t).isRetryable())
+          || (t instanceof AbortedException && ((AbortedException) t).isRetryable())
+          || delegate.shouldRetry(StorageException.coalesce(t), null);
     }
   }
 }

google-cloud-storage/src/main/java/com/google/cloud/storage/ObjectReadSessionStream.java

@@ -377,37 +377,52 @@ public void onResponse(BidiReadObjectResponse response) {
     @Override
     public void onError(Throwable t) {
       requestStream = null;
-      try {
-        BidiReadObjectError error = GrpcUtils.getBidiReadObjectError(t);
-        if (error == null) {
-          return;
-        }
+      BidiReadObjectError error = GrpcUtils.getBidiReadObjectError(t);
+      if (error == null) {
+        // if there isn't a BidiReadObjectError that may contain more narrow failures, propagate
+        // the failure as is to the stream.
+        streamRetryContext.recordError(
+            t, ObjectReadSessionStream.this::restart, ObjectReadSessionStream.this::failAll);
+        return;
+      }
 
-        List<ReadRangeError> rangeErrors = error.getReadRangeErrorsList();
-        if (rangeErrors.isEmpty()) {
-          return;
-        }
-        for (ReadRangeError rangeError : rangeErrors) {
-          Status status = rangeError.getStatus();
-          long id = rangeError.getReadId();
-          ObjectReadSessionStreamRead<?> read = state.getOutstandingRead(id);
-          if (read == null) {
-            continue;
-          }
-          // mark read as failed, but don't resolve its future now. Schedule the delivery of the
-          // failure in executor to ensure any downstream future doesn't block this IO thread.
-          read.preFail();
-          executor.execute(
-              StorageException.liftToRunnable(
-                  () ->
-                      state
-                          .removeOutstandingReadOnFailure(id, read::fail)
-                          .onFailure(GrpcUtils.statusToApiException(status))));
-        }
-      } finally {
+      List<ReadRangeError> rangeErrors = error.getReadRangeErrorsList();
+      if (rangeErrors.isEmpty()) {
+        // if there aren't any specific read id's that contain errors, propagate the error as is to
+        // the stream.
         streamRetryContext.recordError(
             t, ObjectReadSessionStream.this::restart, ObjectReadSessionStream.this::failAll);
+        return;
+      }
+      for (ReadRangeError rangeError : rangeErrors) {
+        Status status = rangeError.getStatus();
+        long id = rangeError.getReadId();
+        ObjectReadSessionStreamRead<?> read = state.getOutstandingRead(id);
+        if (read == null) {
+          continue;
+        }
+        // mark read as failed, but don't resolve its future now. Schedule the delivery of the
+        // failure in executor to ensure any downstream future doesn't block this IO thread.
+        read.preFail();
+        executor.execute(
+            StorageException.liftToRunnable(
+                () ->
+                    state
+                        .removeOutstandingReadOnFailure(id, read::fail)
+                        .onFailure(GrpcUtils.statusToApiException(status))));
       }
+      // now that we've failed specific reads, raise a retryable ABORTED error to the stream to
+      // cause it to retry and pending remaining reads.
+      ApiException apiException =
+          ApiExceptionFactory.createException(
+              "Stream error, reclassifying as ABORTED for reads not specified in BidiReadObjectError",
+              t,
+              GrpcStatusCode.of(Code.ABORTED),
+              true);
+      streamRetryContext.recordError(
+          apiException,
+          ObjectReadSessionStream.this::restart,
+          ObjectReadSessionStream.this::failAll);
     }
 
     private OnSuccess restartReadFromCurrentOffset(long id) {

google-cloud-storage/src/test/java/com/google/cloud/storage/ITObjectReadSessionFakeTest.java

@@ -53,9 +53,11 @@
 import com.google.common.io.BaseEncoding;
 import com.google.common.io.ByteStreams;
 import com.google.common.truth.Correspondence;
+import com.google.common.util.concurrent.ThreadFactoryBuilder;
 import com.google.protobuf.Any;
 import com.google.protobuf.ByteString;
 import com.google.protobuf.TextFormat;
+import com.google.rpc.DebugInfo;
 import com.google.storage.v2.BidiReadHandle;
 import com.google.storage.v2.BidiReadObjectError;
 import com.google.storage.v2.BidiReadObjectRedirectedError;
@@ -77,6 +79,7 @@
 import io.grpc.protobuf.ProtoUtils;
 import io.grpc.stub.StreamObserver;
 import java.io.ByteArrayOutputStream;
+import java.io.IOException;
 import java.nio.ByteBuffer;
 import java.nio.channels.Channels;
 import java.nio.channels.ScatteringByteChannel;
@@ -86,13 +89,20 @@
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
+import java.util.Optional;
 import java.util.Set;
 import java.util.UUID;
 import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.ExecutionException;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import java.util.concurrent.Semaphore;
 import java.util.concurrent.TimeUnit;
 import java.util.concurrent.atomic.AtomicInteger;
+import java.util.concurrent.atomic.AtomicReference;
 import java.util.function.Consumer;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
@@ -1376,9 +1386,6 @@ public void gettingSessionFromFastOpenKeepsTheSessionOpenUntilClosed() throws Ex
                     .build())
             .build();
 
-    System.out.println("req1 = " + TextFormat.printer().shortDebugString(req1));
-    System.out.println("req2 = " + TextFormat.printer().shortDebugString(req2));
-    System.out.println("req3 = " + TextFormat.printer().shortDebugString(req3));
     ImmutableMap<BidiReadObjectRequest, BidiReadObjectResponse> db =
         ImmutableMap.<BidiReadObjectRequest, BidiReadObjectResponse>builder()
             .put(req1, res1)
@@ -1538,6 +1545,196 @@ public void expectRetryForRangeWithFailedChecksumValidation_channel() throws Exc
     }
   }
 
+  /**
+   * Define a test where multiple reads for the same session will be performed, and some of those
+   * reads cause OUT_OF_RANGE errors.
+   *
+   * <p>An OUT_OF_RANGE error is delivered as a stream level status, which means any reads which
+   * share a stream must be restarted while the read that caused the OUT_OF_RANGE should be failed.
+   *
+   * <p>Verify this behavior for both channel based and future byte[] based.
+   */
+  @Test
+  public void serverOutOfRangeIsNotRetried() throws Exception {
+    ChecksummedTestContent expected = ChecksummedTestContent.of(ALL_OBJECT_BYTES, 10, 20);
+    Semaphore sem = new Semaphore(1);
+
+    BidiReadObjectResponse dataResp =
+        BidiReadObjectResponse.newBuilder()
+            .addObjectDataRanges(
+                ObjectRangeData.newBuilder()
+                    .setChecksummedData(expected.asChecksummedData())
+                    .setReadRange(getReadRange(0, 10, 20))
+                    .setRangeEnd(true)
+                    .build())
+            .build();
+
+    AtomicInteger bidiReadObjectCount = new AtomicInteger();
+    ExecutorService exec =
+        Executors.newCachedThreadPool(
+            new ThreadFactoryBuilder().setDaemon(true).setNameFormat("test-server-%d").build());
+
+    StorageImplBase fakeStorage =
+        new StorageImplBase() {
+          @Override
+          public StreamObserver<BidiReadObjectRequest> bidiReadObject(
+              StreamObserver<BidiReadObjectResponse> respond) {
+            bidiReadObjectCount.getAndIncrement();
+            return new StreamObserver<BidiReadObjectRequest>() {
+              @Override
+              public void onNext(BidiReadObjectRequest request) {
+                if (request.equals(REQ_OPEN)) {
+                  respond.onNext(RES_OPEN);
+                } else if (request.getReadRangesList().get(0).getReadOffset() == 10) {
+                  exec.submit(
+                      () -> {
+                        try {
+                          sem.acquire();
+                          BidiReadObjectResponse.Builder b = dataResp.toBuilder();
+                          ReadRange readRange = request.getReadRangesList().get(0);
+                          ObjectRangeData.Builder bb = dataResp.getObjectDataRanges(0).toBuilder();
+                          bb.getReadRangeBuilder().setReadId(readRange.getReadId());
+                          b.setObjectDataRanges(0, bb.build());
+                          respond.onNext(b.build());
+                        } catch (InterruptedException e) {
+                          respond.onError(
+                              TestUtils.apiException(Code.UNIMPLEMENTED, e.getMessage()));
+                        }
+                      });
+                } else if (bidiReadObjectCount.getAndIncrement() >= 1) {
+                  Optional<ReadRange> readRange = request.getReadRangesList().stream().findFirst();
+                  String message =
+                      String.format(
+                          Locale.US,
+                          "OUT_OF_RANGE read_offset = %d",
+                          readRange.map(ReadRange::getReadOffset).orElse(0L));
+                  long readId = readRange.map(ReadRange::getReadId).orElse(0L);
+
+                  BidiReadObjectError err2 =
+                      BidiReadObjectError.newBuilder()
+                          .addReadRangeErrors(
+                              ReadRangeError.newBuilder()
+                                  .setReadId(readId)
+                                  .setStatus(
+                                      com.google.rpc.Status.newBuilder()
+                                          .setCode(com.google.rpc.Code.OUT_OF_RANGE_VALUE)
+                                          .build())
+                                  .build())
+                          .build();
+
+                  com.google.rpc.Status grpcStatusDetails =
+                      com.google.rpc.Status.newBuilder()
+                          .setCode(com.google.rpc.Code.UNAVAILABLE_VALUE)
+                          .setMessage("fail read_id: " + readId)
+                          .addDetails(Any.pack(err2))
+                          .addDetails(
+                              Any.pack(
+                                  DebugInfo.newBuilder()
+                                      .setDetail(message)
+                                      .addStackEntries(
+                                          TextFormat.printer().shortDebugString(request))
+                                      .build()))
+                          .build();
+
+                  Metadata trailers = new Metadata();
+                  trailers.put(GRPC_STATUS_DETAILS_KEY, grpcStatusDetails);
+                  StatusRuntimeException statusRuntimeException =
+                      Status.OUT_OF_RANGE.withDescription(message).asRuntimeException(trailers);
+                  respond.onError(statusRuntimeException);
+                } else {
+                  respond.onError(
+                      apiException(
+                          Code.UNIMPLEMENTED,
+                          "Unexpected request { "
+                              + TextFormat.printer().shortDebugString(request)
+                              + " }"));
+                }
+              }
+
+              @Override
+              public void onError(Throwable t) {
+                respond.onError(t);
+              }
+
+              @Override
+              public void onCompleted() {
+                respond.onCompleted();
+              }
+            };
+          }
+        };
+    try (FakeServer fakeServer = FakeServer.of(fakeStorage);
+        Storage storage = fakeServer.getGrpcStorageOptions().getService()) {
+
+      BlobId id = BlobId.of("b", "o");
+
+      try (BlobReadSession session = storage.blobReadSession(id).get(5, TimeUnit.SECONDS)) {
+
+        ApiFuture<byte[]> shouldSucceedFuture =
+            session.readAs(
+                ReadProjectionConfigs.asFutureBytes().withRangeSpec(RangeSpec.of(10, 20)));
+
+        ApiFuture<byte[]> shouldFailFuture =
+            session.readAs(
+                ReadProjectionConfigs.asFutureBytes().withRangeSpec(RangeSpec.beginAt(37)));
+        ExecutionException exceptionFromFuture =
+            assertThrows(
+                ExecutionException.class, () -> shouldFailFuture.get(30, TimeUnit.SECONDS));
+        sem.release();
+
+        Exception exceptionFromChannel;
+        byte[] bytesFromFuture = shouldSucceedFuture.get(30, TimeUnit.SECONDS);
+
+        AtomicReference<byte[]> bytesFromChannel = new AtomicReference<>();
+        Future<Long> asyncShouldSucceedChannel =
+            exec.submit(
+                () -> {
+                  try (ScatteringByteChannel succeed =
+                      session.readAs(
+                          ReadProjectionConfigs.asChannel().withRangeSpec(RangeSpec.of(10, 20)))) {
+                    sem.acquire();
+                    ByteArrayOutputStream baos = new ByteArrayOutputStream();
+                    long copy = ByteStreams.copy(succeed, Channels.newChannel(baos));
+                    bytesFromChannel.set(baos.toByteArray());
+                    return copy;
+                  } catch (IOException e) {
+                    throw new RuntimeException(e);
+                  }
+                });
+
+        try (ScatteringByteChannel fail =
+            session.readAs(
+                ReadProjectionConfigs.asChannel().withRangeSpec(RangeSpec.beginAt(39)))) {
+          exceptionFromChannel =
+              assertThrows(
+                  IOException.class,
+                  () -> {
+                    int read = 0;
+                    do {
+                      read = fail.read(ByteBuffer.allocate(1));
+                    } while (read == 0);
+                  });
+          sem.release();
+        }
+        asyncShouldSucceedChannel.get(30, TimeUnit.SECONDS);
+        Exception finalExceptionFromChannel = exceptionFromChannel;
+        assertAll(
+            () ->
+                assertThat(exceptionFromFuture)
+                    .hasCauseThat()
+                    .hasCauseThat()
+                    .isInstanceOf(OutOfRangeException.class),
+            () ->
+                assertThat(finalExceptionFromChannel)
+                    .hasCauseThat()
+                    .hasCauseThat()
+                    .isInstanceOf(OutOfRangeException.class),
+            () -> assertThat(xxd(bytesFromFuture)).isEqualTo(xxd(expected.getBytes())),
+            () -> assertThat(xxd(bytesFromChannel.get())).isEqualTo(xxd(expected.getBytes())));
+      }
+    }
+  }
+
   private static void runTestAgainstFakeServer(
       FakeStorage fakeStorage, RangeSpec range, ChecksummedTestContent expected) throws Exception {