github-code-scanning[bot] commented on code in PR #15049: URL: https://github.com/apache/druid/pull/15049#discussion_r1339360736
########## extensions-contrib/ddsketch/src/main/java/org/apache/druid/query/aggregation/ddsketch/DDSketchAggregator.java: ########## @@ -0,0 +1,103 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.druid.query.aggregation.ddsketch; + +import com.datadoghq.sketch.ddsketch.DDSketch; +import com.datadoghq.sketch.ddsketch.DDSketches; +import com.google.errorprone.annotations.concurrent.GuardedBy; +import org.apache.druid.java.util.common.IAE; +import org.apache.druid.query.aggregation.Aggregator; +import org.apache.druid.segment.ColumnValueSelector; + +import javax.annotation.Nullable; + + +/** + * Aggregator to build DDsketches on numeric values. + * It generally makes sense to use this aggregator during the ingestion time. + * <p> + * One can use this aggregator to build these sketches during query time too, just + * that it will be slower and more resource intensive. + */ +public class DDSketchAggregator implements Aggregator +{ + + private final ColumnValueSelector selector; + + @GuardedBy("this") + private DDSketch histogram; + + public DDSketchAggregator(ColumnValueSelector selector, @Nullable Double relativeError, @Nullable Integer numBins) + { + Integer effectiveNumBins = numBins != null ? numBins : DDSketchAggregatorFactory.DEFAULT_NUM_BINS; + Double effectiveRelativeError = relativeError != null ? relativeError : DDSketchAggregatorFactory.DEFAULT_RELATIVE_ERROR; Review Comment: ## Boxed variable is never null The variable 'effectiveRelativeError' is only assigned values of primitive type and is never 'null', but it is declared with the boxed type 'Double'. [Show more details](https://github.com/apache/druid/security/code-scanning/5824) ########## extensions-contrib/ddsketch/src/test/java/org/apache/druid/query/aggregation/ddsketch/DDSketchToQuantilesPostAggregatorTest.java: ########## @@ -0,0 +1,90 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.druid.query.aggregation.ddsketch; + +import nl.jqno.equalsverifier.EqualsVerifier; +import org.apache.druid.jackson.DefaultObjectMapper; +import org.apache.druid.java.util.common.IAE; +import org.apache.druid.query.aggregation.PostAggregator; +import org.apache.druid.query.aggregation.post.ConstantPostAggregator; +import org.junit.Assert; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.ExpectedException; + +public class DDSketchToQuantilesPostAggregatorTest +{ + @Rule + public ExpectedException expectedException = ExpectedException.none(); Review Comment: ## Deprecated method or constructor invocation Invoking [ExpectedException.none](1) should be avoided because it has been deprecated. [Show more details](https://github.com/apache/druid/security/code-scanning/5826) ########## extensions-contrib/ddsketch/src/test/java/org/apache/druid/query/aggregation/ddsketch/DDSketchToQuantilePostAggregatorTest.java: ########## @@ -0,0 +1,73 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.druid.query.aggregation.ddsketch; + +import nl.jqno.equalsverifier.EqualsVerifier; +import org.apache.druid.jackson.DefaultObjectMapper; +import org.apache.druid.query.aggregation.PostAggregator; +import org.apache.druid.query.aggregation.post.ConstantPostAggregator; +import org.junit.Assert; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.ExpectedException; + +public class DDSketchToQuantilePostAggregatorTest +{ + @Rule + public ExpectedException expectedException = ExpectedException.none(); Review Comment: ## Deprecated method or constructor invocation Invoking [ExpectedException.none](1) should be avoided because it has been deprecated. [Show more details](https://github.com/apache/druid/security/code-scanning/5825) ########## extensions-contrib/ddsketch/src/main/java/org/apache/druid/query/aggregation/ddsketch/DDSketchAggregator.java: ########## @@ -0,0 +1,103 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.druid.query.aggregation.ddsketch; + +import com.datadoghq.sketch.ddsketch.DDSketch; +import com.datadoghq.sketch.ddsketch.DDSketches; +import com.google.errorprone.annotations.concurrent.GuardedBy; +import org.apache.druid.java.util.common.IAE; +import org.apache.druid.query.aggregation.Aggregator; +import org.apache.druid.segment.ColumnValueSelector; + +import javax.annotation.Nullable; + + +/** + * Aggregator to build DDsketches on numeric values. + * It generally makes sense to use this aggregator during the ingestion time. + * <p> + * One can use this aggregator to build these sketches during query time too, just + * that it will be slower and more resource intensive. + */ +public class DDSketchAggregator implements Aggregator +{ + + private final ColumnValueSelector selector; + + @GuardedBy("this") + private DDSketch histogram; + + public DDSketchAggregator(ColumnValueSelector selector, @Nullable Double relativeError, @Nullable Integer numBins) + { + Integer effectiveNumBins = numBins != null ? numBins : DDSketchAggregatorFactory.DEFAULT_NUM_BINS; Review Comment: ## Boxed variable is never null The variable 'effectiveNumBins' is only assigned values of primitive type and is never 'null', but it is declared with the boxed type 'Integer'. [Show more details](https://github.com/apache/druid/security/code-scanning/5823) ########## extensions-contrib/ddsketch/src/main/java/org/apache/druid/query/aggregation/ddsketch/DDSketchAggregatorFactory.java: ########## @@ -0,0 +1,327 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.druid.query.aggregation.ddsketch; + +import com.datadoghq.sketch.ddsketch.DDSketch; +import com.datadoghq.sketch.ddsketch.DDSketches; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonTypeName; +import org.apache.druid.query.aggregation.AggregateCombiner; +import org.apache.druid.query.aggregation.Aggregator; +import org.apache.druid.query.aggregation.AggregatorFactory; +import org.apache.druid.query.aggregation.AggregatorFactoryNotMergeableException; +import org.apache.druid.query.aggregation.BufferAggregator; +import org.apache.druid.query.aggregation.ObjectAggregateCombiner; +import org.apache.druid.query.cache.CacheKeyBuilder; +import org.apache.druid.segment.ColumnSelectorFactory; +import org.apache.druid.segment.ColumnValueSelector; +import org.apache.druid.segment.column.ColumnType; + +import javax.annotation.Nonnull; +import javax.annotation.Nullable; +import java.util.Collections; +import java.util.Comparator; +import java.util.List; +import java.util.Objects; + +/** + * Aggregation operations over the ddsketch quantile sketch + * available on <a href="https://github.com/DataDog/sketches-java";>github</a> and described + * in the paper + * <a href="https://blog.acolyer.org/2019/09/06/ddsketch/";> + * Computing relative error quantiles using ddsketch</a>. + * <p> + */ +@JsonTypeName(DDSketchAggregatorFactory.TYPE_NAME) +public class DDSketchAggregatorFactory extends AggregatorFactory +{ + private static final byte CACHE_TYPE_ID = 0x50; + // Default relative error + public static final double DEFAULT_RELATIVE_ERROR = 0.01; + + // Default num bins + public static final int DEFAULT_NUM_BINS = 1000; + + @Nonnull + private final String name; + @Nonnull + private final String fieldName; + + private final double relativeError; + + private final int numBins; + + private final byte cacheTypeId; + + public static final String TYPE_NAME = "ddSketch"; + public static final ColumnType TYPE = ColumnType.ofComplex(TYPE_NAME); + + @JsonCreator + public DDSketchAggregatorFactory( + @JsonProperty("name") final String name, + @JsonProperty("fieldName") final String fieldName, + @JsonProperty("relativeError") final Double relativeError, + @JsonProperty("numBins") final Integer numBins + ) + { + this(name, fieldName, relativeError, numBins, CACHE_TYPE_ID); + } + + DDSketchAggregatorFactory( + final String name, + final String fieldName, + @Nullable final Double relativeError, + @Nullable final Integer numBins, + final byte cacheTypeId + ) + { + this.name = Objects.requireNonNull(name, "Must have a valid, non-null aggregator name"); + this.fieldName = Objects.requireNonNull(fieldName, "Parameter fieldName must be specified"); + this.relativeError = relativeError == null ? DEFAULT_RELATIVE_ERROR : relativeError; + this.numBins = numBins == null ? DEFAULT_NUM_BINS : numBins; + this.cacheTypeId = cacheTypeId; + } + + + @Override + public byte[] getCacheKey() + { + return new CacheKeyBuilder( + cacheTypeId + ).appendString(fieldName).appendDouble(relativeError).appendInt(numBins).build(); + } + + + @Override + public Aggregator factorize(ColumnSelectorFactory metricFactory) + { + return new DDSketchAggregator(metricFactory.makeColumnValueSelector(fieldName), relativeError, numBins); + } + + @Override + public BufferAggregator factorizeBuffered(ColumnSelectorFactory metricFactory) + { + return new DDSketchBufferAggregator(metricFactory.makeColumnValueSelector(fieldName), relativeError, numBins); + } + + public static final Comparator<DDSketch> COMPARATOR = Comparator.nullsFirst( + Comparator.comparingLong(a -> a.serializedSize()) + ); + + @Override + public Comparator getComparator() + { + return COMPARATOR; + } + + @Override + public Object combine(@Nullable Object lhs, @Nullable Object rhs) + { + if (lhs == null) { + return rhs; + } + if (rhs == null) { + return lhs; + } + DDSketch union = (DDSketch) lhs; + union.mergeWith((DDSketch) rhs); + return union; + } + + @Override + public AggregatorFactory getCombiningFactory() + { + return new DDSketchAggregatorFactory(name, name, relativeError, numBins); + } + + @Override + public AggregatorFactory getMergingFactory(AggregatorFactory other) throws AggregatorFactoryNotMergeableException + { + if (other.getName().equals(this.getName()) && this.getClass() == other.getClass()) { + return getCombiningFactory(); + } else { + throw new AggregatorFactoryNotMergeableException(this, other); + } + } + + @Override + public List<AggregatorFactory> getRequiredColumns() + { + return Collections.singletonList( + new DDSketchAggregatorFactory( + name, + fieldName, + relativeError, + numBins + ) + ); + } + + @Override + public Object deserialize(Object serializedSketch) + { + return DDSketchUtils.deserialize(serializedSketch); + } + + @Nullable + @Override + public Object finalizeComputation(@Nullable Object object) + { + return object == null ? null : ((DDSketch) object).getCount(); + } + + @Override + @JsonProperty + public String getName() + { + return name; + } + + @JsonProperty + public String getFieldName() + { + return fieldName; + } + + @JsonProperty + public double getRelativeError() + { + return relativeError; + } + + @JsonProperty + public int getNumBins() + { + return numBins; + } + + @Override + public List<String> requiredFields() + { + return Collections.singletonList(fieldName); + } + + /** + * actual type is {@link DDSketch} + */ + @Override + public ColumnType getIntermediateType() + { + return TYPE; + } + + @Override + public ColumnType getResultType() + { + return TYPE; + } + + // The bounded lower collapsing yields a size of roughly numBins * 8 in terms of size. + // Since negative and positive value stores exist per sketch, we multiply this by 2. + // then we add 1k for measure. + @Override + public int getMaxIntermediateSize() + { + return numBins * 8 * 2 + 1000; Review Comment: ## User-controlled data in arithmetic expression This arithmetic expression depends on a [user-provided value](1), potentially causing an underflow. This arithmetic expression depends on a [user-provided value](1), potentially causing an overflow. [Show more details](https://github.com/apache/druid/security/code-scanning/5827) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
