cockroachdb
diff --git a/‎pkg/storage/abortspan/abortspan.go‎
Lines changed: 54 additions & 0 deletions b/‎pkg/storage/abortspan/abortspan.go‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎pkg/storage/batcheval/cmd_end_transaction.go‎
Lines changed: 16 additions & 53 deletions b/‎pkg/storage/batcheval/cmd_end_transaction.go‎
Lines changed: 16 additions & 53 deletions
diff --git a/‎pkg/storage/client_merge_test.go‎
Lines changed: 207 additions & 0 deletions b/‎pkg/storage/client_merge_test.go‎
Lines changed: 207 additions & 0 deletions
@@ -21,8 +21,11 @@ import (
 	"github.com/cockroachdb/cockroach/pkg/roachpb"
 	"github.com/cockroachdb/cockroach/pkg/storage/engine"
 	"github.com/cockroachdb/cockroach/pkg/storage/engine/enginepb"
+	"github.com/cockroachdb/cockroach/pkg/storage/storagebase"
 	"github.com/cockroachdb/cockroach/pkg/util/hlc"
+	"github.com/cockroachdb/cockroach/pkg/util/log"
 	"github.com/cockroachdb/cockroach/pkg/util/uuid"
+	"github.com/pkg/errors"
 )
 
 // An AbortSpan sets markers for aborted transactions to provide protection
@@ -140,3 +143,54 @@ func (sc *AbortSpan) Put(
 	key := keys.AbortSpanKey(sc.rangeID, txnID)
 	return engine.MVCCPutProto(ctx, e, ms, key, hlc.Timestamp{}, nil /* txn */, entry)
 }
+
+// CopyTo copies the abort span entries to the abort span for the range
+// identified by newRangeID. Entries are read from r and written to w. It is
+// safe for r and w to be the same object.
+//
+// CopyTo takes care to only copy records that are required: certain workloads
+// create sizable abort spans, and repeated splitting can blow them up further.
+// Once it reaches approximately the Raft MaxCommandSize, splits become
+// impossible, which is pretty bad (see #25233).
+func (sc *AbortSpan) CopyTo(
+	ctx context.Context,
+	r engine.Reader,
+	w engine.ReadWriter,
+	ms *enginepb.MVCCStats,
+	ts hlc.Timestamp,
+	newRangeID roachpb.RangeID,
+) error {
+	var abortSpanCopyCount, abortSpanSkipCount int
+	// Abort span entries before this span are eligible for GC, so we don't
+	// copy them into the new range. We could try to delete them from the LHS
+	// as well, but that could create a large Raft command in itself. Plus,
+	// we'd have to adjust the stats computations.
+	threshold := ts.Add(-storagebase.TxnCleanupThreshold.Nanoseconds(), 0)
+	var scratch [64]byte
+	if err := sc.Iterate(ctx, r, func(k roachpb.Key, entry roachpb.AbortSpanEntry) error {
+		if entry.Timestamp.Less(threshold) {
+			// The entry would be garbage collected (if GC had run), so
+			// don't bother copying it. Note that we can't filter on the key,
+			// that is just where the txn record lives, but it doesn't tell
+			// us whether the intents that triggered the abort span record
+			// where on the LHS, RHS, or both.
+			abortSpanSkipCount++
+			return nil
+		}
+
+		abortSpanCopyCount++
+		var txnID uuid.UUID
+		txnID, err := keys.DecodeAbortSpanKey(k, scratch[:0])
+		if err != nil {
+			return err
+		}
+		return engine.MVCCPutProto(ctx, w, ms,
+			keys.AbortSpanKey(newRangeID, txnID),
+			hlc.Timestamp{}, nil, &entry,
+		)
+	}); err != nil {
+		return roachpb.NewReplicaCorruptionError(errors.Wrap(err, "AbortSpan.CopyTo"))
+	}
+	log.Eventf(ctx, "abort span: copied %d entries, skipped %d", abortSpanCopyCount, abortSpanSkipCount)
+	return nil
+}
@@ -33,7 +33,6 @@ import (
 	"github.com/cockroachdb/cockroach/pkg/storage/storagebase"
 	"github.com/cockroachdb/cockroach/pkg/util/hlc"
 	"github.com/cockroachdb/cockroach/pkg/util/log"
-	"github.com/cockroachdb/cockroach/pkg/util/uuid"
 	"github.com/pkg/errors"
 )
 
@@ -772,45 +771,11 @@ func splitTrigger(
 		return enginepb.MVCCStats{}, result.Result{}, errors.Wrap(err, "unable to copy last replica GC timestamp")
 	}
 
-	// Initialize the RHS range's AbortSpan by copying the LHS's. Put a little extra
-	// effort into only copying records that are required: certain workloads create
-	// sizable abort spans, and repeated splitting can blow them up further. Once
-	// it reaches approximately the Raft MaxCommandSize, splits become impossible,
-	// which is pretty bad (see #25233).
-	{
-		var abortSpanCopyCount, abortSpanSkipCount int
-		// Abort span entries before this span are eligible for GC, so we don't
-		// copy them into the new range. We could try to delete them from the LHS
-		// as well, but that could create a large Raft command in itself. Plus,
-		// we'd have to adjust the stats computations.
-		threshold := ts.Add(-storagebase.TxnCleanupThreshold.Nanoseconds(), 0)
-		var scratch [64]byte
-		if err := rec.AbortSpan().Iterate(ctx, batch, func(k roachpb.Key, entry roachpb.AbortSpanEntry) error {
-			if entry.Timestamp.Less(threshold) {
-				// The entry would be garbage collected (if GC had run), so
-				// don't bother copying it. Note that we can't filter on the key,
-				// that is just where the txn record lives, but it doesn't tell
-				// us whether the intents that triggered the abort span record
-				// where on the LHS, RHS, or both.
-				abortSpanSkipCount++
-				return nil
-			}
-
-			abortSpanCopyCount++
-			var txnID uuid.UUID
-			txnID, err = keys.DecodeAbortSpanKey(k, scratch[:0])
-			if err != nil {
-				return err
-			}
-			return engine.MVCCPutProto(ctx, batch, &bothDeltaMS,
-				keys.AbortSpanKey(split.RightDesc.RangeID, txnID),
-				hlc.Timestamp{}, nil, &entry,
-			)
-		}); err != nil {
-			// TODO(tschottdorf): ReplicaCorruptionError.
-			return enginepb.MVCCStats{}, result.Result{}, errors.Wrap(err, "unable to copy AbortSpan to RHS split range")
-		}
-		log.Eventf(ctx, "abort span: copied %d entries, skipped %d", abortSpanCopyCount, abortSpanSkipCount)
+	// Initialize the RHS range's AbortSpan by copying the LHS's.
+	if err := rec.AbortSpan().CopyTo(
+		ctx, batch, batch, &bothDeltaMS, ts, split.RightDesc.RangeID,
+	); err != nil {
+		return enginepb.MVCCStats{}, result.Result{}, err
 	}
 
 	// Compute (absolute) stats for RHS range.
@@ -1021,23 +986,19 @@ func mergeTrigger(
 		return result.Result{}, err
 	}
 
-	// TODO(benesch): copy the non-expired abort span records from the RHS into
-	// the LHS. See the corresponding code for splits.
-
-	// Delete the RHS's range ID keys. Besides the abort span, which we copied
-	// above, it's all irrelevant.
-	rightRangeIDKey := keys.MakeRangeIDPrefix(merge.RightDesc.RangeID)
-	if err := eng.ClearRange(
-		engine.MakeMVCCMetadataKey(rightRangeIDKey),
-		engine.MakeMVCCMetadataKey(rightRangeIDKey.PrefixEnd()),
+	if err := abortspan.New(merge.RightDesc.RangeID).CopyTo(
+		ctx, eng, batch, ms, ts, merge.LeftDesc.RangeID,
 	); err != nil {
 		return result.Result{}, err
 	}
 
-	// Copy the rewritten RHS data into the command's batch.
+	// Copy the RHS data into the command's batch. We skip over the range-ID local
+	// keys. The abort span is the only relevant part of the range-ID local
+	// keyspace, and we already copied it above.
+	rhsRelevantStartKey := engine.MakeMVCCMetadataKey(keys.MakeRangeKeyPrefix(merge.RightDesc.StartKey))
 	iter := eng.NewIterator(engine.IterOptions{})
 	defer iter.Close()
-	for iter.Seek(engine.MVCCKey{}); ; iter.Next() {
+	for iter.Seek(rhsRelevantStartKey); ; iter.Next() {
 		if ok, err := iter.Valid(); err != nil {
 			return result.Result{}, err
 		} else if !ok {
@@ -1048,8 +1009,10 @@ func mergeTrigger(
 		}
 	}
 
-	// Adjust stats for the rewritten RHS data.
-	rhsMS, err := iter.ComputeStats(engine.MVCCKey{}, engine.MVCCKeyMax, 0 /* nowNanos */)
+	// Adjust stats for the rewritten RHS data. Again, we skip over the range-ID
+	// local keys, as only the abort span is relevant and its stats were accounted
+	// for above.
+	rhsMS, err := iter.ComputeStats(rhsRelevantStartKey, engine.MVCCKeyMax, 0 /* nowNanos */)
 	if err != nil {
 		return result.Result{}, err
 	}
 
@@ -29,6 +29,7 @@ import (
 	"github.com/cockroachdb/cockroach/pkg/storage"
 	"github.com/cockroachdb/cockroach/pkg/storage/engine"
 	"github.com/cockroachdb/cockroach/pkg/storage/stateloader"
+	"github.com/cockroachdb/cockroach/pkg/storage/txnwait"
 	"github.com/cockroachdb/cockroach/pkg/testutils"
 	"github.com/cockroachdb/cockroach/pkg/util/hlc"
 	"github.com/cockroachdb/cockroach/pkg/util/leaktest"
@@ -375,6 +376,38 @@ func TestStoreRangeMergeStats(t *testing.T) {
 	writeRandomDataToRange(t, store, aDesc.RangeID, []byte("aaa"))
 	writeRandomDataToRange(t, store, bDesc.RangeID, []byte("ccc"))
 
+	// Litter some abort span records. txn1 will leave a record on the LHS, txn2
+	// will leave a record on the RHS, and txn3 will leave a record on both. This
+	// tests whether the merge code properly accounts for merging abort span
+	// records for the same transaction.
+	txn1 := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+	if err := txn1.Put(ctx, "a-txn1", "val"); err != nil {
+		t.Fatal(err)
+	}
+	txn2 := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+	if err := txn2.Put(ctx, "c-txn2", "val"); err != nil {
+		t.Fatal(err)
+	}
+	txn3 := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+	if err := txn3.Put(ctx, "a-txn3", "val"); err != nil {
+		t.Fatal(err)
+	}
+	if err := txn3.Put(ctx, "c-txn3", "val"); err != nil {
+		t.Fatal(err)
+	}
+	hiPriTxn := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+	hiPriTxn.InternalSetPriority(roachpb.MaxTxnPriority)
+	for _, key := range []string{"a-txn1", "c-txn2", "a-txn3", "c-txn3"} {
+		if err := hiPriTxn.Put(ctx, key, "val"); err != nil {
+			t.Fatal(err)
+		}
+	}
+	if err := hiPriTxn.Commit(ctx); err != nil {
+		t.Fatal(err)
+	}
+	// Leave txn1-txn3 open so that their abort span records exist during the
+	// merge below.
+
 	// Get the range stats for both ranges now that we have data.
 	snap := store.Engine().NewSnapshot()
 	defer snap.Close()
@@ -418,6 +451,180 @@ func TestStoreRangeMergeStats(t *testing.T) {
 	}
 }
 
+func TestStoreRangeMergeInFlightTxns(t *testing.T) {
+	defer leaktest.AfterTest(t)
+
+	ctx := context.Background()
+	sc := storage.TestStoreConfig(nil)
+	sc.TestingKnobs.DisableReplicateQueue = true
+	mtc := &multiTestContext{storeConfig: &sc}
+	mtc.Start(t, 2)
+	defer mtc.Stop()
+	store := mtc.stores[0]
+
+	// Create two adjacent ranges. The left-hand range has exactly one replica,
+	// on the first store, and the right-hand range has exactly one replica,
+	// on the second store
+	var lhsDesc, rhsDesc *roachpb.RangeDescriptor
+	setupReplicas := func() {
+		var err *roachpb.Error
+		lhsDesc, rhsDesc, err = createSplitRanges(store)
+		if err != nil {
+			t.Fatal(err)
+		}
+		mtc.replicateRange(rhsDesc.RangeID, 1)
+		mtc.transferLease(ctx, rhsDesc.RangeID, 0, 1)
+		mtc.unreplicateRange(rhsDesc.RangeID, 0)
+	}
+
+	// Verify that a transaction can span a merge.
+	t.Run("valid", func(t *testing.T) {
+		setupReplicas()
+		lhsKey, rhsKey := roachpb.Key("aa"), roachpb.Key("cc")
+
+		txn := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+		// Put the key on the RHS side first so ownership of the transaction record
+		// will need to transfer to the LHS range during the merge.
+		if err := txn.Put(ctx, rhsKey, t.Name()); err != nil {
+			t.Fatal(err)
+		}
+		if err := txn.Put(ctx, lhsKey, t.Name()); err != nil {
+			t.Fatal(err)
+		}
+		args := adminMergeArgs(lhsDesc.StartKey.AsRawKey())
+		if _, err := client.SendWrapped(ctx, store.TestSender(), args); err != nil {
+			t.Fatal(err)
+		}
+		if err := txn.Commit(ctx); err != nil {
+			t.Fatal(err)
+		}
+
+		for _, key := range []roachpb.Key{lhsKey, rhsKey} {
+			kv, err := store.DB().Get(ctx, key)
+			if err != nil {
+				t.Fatal(err)
+			} else if string(kv.ValueBytes()) != t.Name() {
+				t.Fatalf("actual value %q did not match expected value %q", kv.ValueBytes(), t.Name())
+			}
+		}
+	})
+
+	// Verify that a transaction's abort span records are preserved when the
+	// transaction spans a merge.
+	t.Run("abort-span", func(t *testing.T) {
+		setupReplicas()
+		rhsKey := roachpb.Key("cc")
+
+		// Create a transaction that will be aborted before the merge but won't
+		// realize until after the merge.
+		txn1 := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+		// Put the key on the RHS side so ownership of the transaction record and
+		// abort span records will need to transfer to the LHS during the merge.
+		if err := txn1.Put(ctx, rhsKey, t.Name()); err != nil {
+			t.Fatal(err)
+		}
+
+		// Create and commit a txn that aborts txn1.
+		txn2 := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+		txn2.InternalSetPriority(roachpb.MaxTxnPriority)
+		if err := txn2.Put(ctx, rhsKey, "muhahahah"); err != nil {
+			t.Fatal(err)
+		}
+		if err := txn2.Commit(ctx); err != nil {
+			t.Fatal(err)
+		}
+
+		// Complete the merge.
+		args := adminMergeArgs(lhsDesc.StartKey.AsRawKey())
+		if _, err := client.SendWrapped(ctx, store.TestSender(), args); err != nil {
+			t.Fatal(err)
+		}
+		if _, err := txn1.Get(ctx, rhsKey); !testutils.IsError(err, "txn aborted") {
+			t.Fatalf("expected 'txn aborted' error but got %v", err)
+		}
+	})
+
+	// Verify that the transaction wait queue on the right-hand range in a merge
+	// is cleared if the merge commits.
+	t.Run("wait-queue", func(t *testing.T) {
+		setupReplicas()
+		rhsKey := roachpb.Key("cc")
+
+		// Set a timeout, and set the the transaction liveness threshold to
+		// something much larger than our timeout. We want transactions to get stuck
+		// in the transaction wait queue and trigger the timeout if we forget to
+		// clear it.
+		ctx, cancel := context.WithTimeout(ctx, testutils.DefaultSucceedsSoonDuration)
+		defer cancel()
+		defer func(old time.Duration) { txnwait.TxnLivenessThreshold = old }(txnwait.TxnLivenessThreshold)
+		txnwait.TxnLivenessThreshold = 2 * testutils.DefaultSucceedsSoonDuration
+
+		// Create a transaction that won't complete until after the merge.
+		txn1 := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+		// Put the key on the RHS side so ownership of the transaction record and
+		// abort span records will need to transfer to the LHS during the merge.
+		if err := txn1.Put(ctx, rhsKey, t.Name()); err != nil {
+			t.Fatal(err)
+		}
+
+		// Create a txn that will conflict with txn1.
+		txn2 := client.NewTxn(store.DB(), 0 /* gatewayNodeID */, client.RootTxn)
+		txn2ErrCh := make(chan error)
+		go func() {
+			txn2ErrCh <- txn2.Put(ctx, rhsKey, "muhahahah")
+		}()
+
+		// Wait for txn2 to realize it conflicts with txn1 and enter its wait queue.
+		{
+			repl, err := mtc.stores[1].GetReplica(rhsDesc.RangeID)
+			if err != nil {
+				t.Fatal(err)
+			}
+			for {
+				if _, ok := repl.GetTxnWaitQueue().TrackedTxns()[txn1.ID()]; ok {
+					break
+				}
+				select {
+				case <-time.After(10 * time.Millisecond):
+				case <-ctx.Done():
+					t.Fatal("timed out waiting for txn2 to enter wait queue")
+				}
+			}
+		}
+
+		// Complete the merge.
+		args := adminMergeArgs(lhsDesc.StartKey.AsRawKey())
+		if _, err := client.SendWrapped(ctx, store.TestSender(), args); err != nil {
+			t.Fatal(err)
+		}
+
+		if err := txn1.Commit(ctx); err != nil {
+			t.Fatal(err)
+		}
+
+		kv, pErr := store.DB().Get(ctx, rhsKey)
+		if pErr != nil {
+			t.Fatal(pErr)
+		} else if string(kv.ValueBytes()) != t.Name() {
+			t.Fatalf("actual value %q did not match expected value %q", kv.ValueBytes(), t.Name())
+		}
+
+		// Now that txn1 has committed, txn2's put operation should complete.
+		select {
+		case err := <-txn2ErrCh:
+			if err != nil {
+				t.Fatal(err)
+			}
+		case <-ctx.Done():
+			t.Fatal("timed out waiting for txn2 to complete put")
+		}
+
+		if err := txn2.Commit(ctx); err != nil {
+			t.Fatal(err)
+		}
+	})
+}
+
 func TestInvalidGetSnapshotForMergeRequest(t *testing.T) {
 	defer leaktest.AfterTest(t)()