Skip to main content

Browse the archive

Revision 03c4ea26bb6797873c394f569478c79fe6fc67e8 authored by Andrew Kryczka on 12 September 2022, 21:49:38 UTC, committed by Facebook GitHub Bot on 12 September 2022, 21:49:38 UTC 
db_stress option to preserve all files until verification success (#10659)
 
Summary:
In `db_stress`, DB and expected state files containing changes leading up to a verification failure are often deleted, which makes debugging such failures difficult. On the DB side, flushed WAL files and compacted SST files are marked obsolete and then deleted. Without those files, we cannot pinpoint where a key that failed verification changed unexpectedly. On the expected state side, files for verifying prefix-recoverability in the presence of unsynced data loss are deleted before verification. These include a baseline state file containing the expected state at the time of the last successful verification, and a trace file containing all operations since then. Without those files, we cannot know the sequence of DB operations expected to be recovered.

This PR attempts to address this gap with a new `db_stress` flag: `preserve_unverified_changes`. Setting `preserve_unverified_changes=1` has two effects.

First, prior to startup verification, `db_stress` hardlinks all DB and expected state files in "unverified/" subdirectories of `FLAGS_db` and `FLAGS_expected_values_dir`. The separate directories are needed because the pre-verification opening process deletes files written by the previous `db_stress` run as described above. These "unverified/" subdirectories are cleaned up following startup verification success.

I considered other approaches for preserving DB files through startup verification, like using a read-only DB or preventing deletion of DB files externally, e.g., in the `Env` layer. However, I decided against it since such an approach would not work for expected state files, and I did not want to change the DB management logic. If there were a way to disable DB file deletions before regular DB open, I would have preferred to use that.

Second, `db_stress` attempts to keep all DB and expected state files that were live at some point since the start of the `db_stress` run. This is a bit tricky and involves the following changes.

- Open the DB with `disable_auto_compactions=1` and `avoid_flush_during_recovery=1`
- DisableFileDeletions()
- EnableAutoCompactions()

For this part, too, I would have preferred to use a hypothetical API that disables DB file deletion before regular DB open.

Pull Request resolved: https://github.com/facebook/rocksdb/pull/10659

Reviewed By: hx235

Differential Revision: D39407454

Pulled By: ajkr

fbshipit-source-id: 6e981025c7dce147649d2e770728471395a7fa53
1 parent bd2ad2f
History
File Mode Size
.circleci
.github
buckifier
build_tools
cache
cmake
coverage
db
db_stress_tool
docs
env
examples
file
fuzz
include
java
logging
memory
memtable
microbench
monitoring
options
plugin
port
table
test_util
third-party
tools
trace_replay
util
utilities
.clang-format -rw-r--r-- 138 bytes
.gitignore -rw-r--r-- 1017 bytes
.lgtm.yml -rw-r--r-- 67 bytes
.watchmanconfig -rw-r--r-- 130 bytes
AUTHORS -rw-r--r-- 322 bytes
CMakeLists.txt -rw-r--r-- 55.9 KB
CODE_OF_CONDUCT.md -rw-r--r-- 3.3 KB
CONTRIBUTING.md -rw-r--r-- 706 bytes
COPYING -rw-r--r-- 17.7 KB
DEFAULT_OPTIONS_HISTORY.md -rw-r--r-- 1.5 KB
DUMP_FORMAT.md -rw-r--r-- 763 bytes
HISTORY.md -rw-r--r-- 255.1 KB
INSTALL.md -rw-r--r-- 7.9 KB
LANGUAGE-BINDINGS.md -rw-r--r-- 1.3 KB
LICENSE.Apache -rw-r--r-- 11.1 KB
LICENSE.leveldb -rw-r--r-- 1.5 KB
Makefile -rw-r--r-- 99.7 KB
PLUGINS.md -rw-r--r-- 705 bytes
README.md -rw-r--r-- 2.0 KB
ROCKSDB_LITE.md -rw-r--r-- 1.0 KB
TARGETS -rw-r--r-- 658.0 KB
USERS.md -rw-r--r-- 8.3 KB
Vagrantfile -rw-r--r-- 1017 bytes
WINDOWS_PORT.md -rw-r--r-- 12.5 KB
common.mk -rw-r--r-- 963 bytes
crash_test.mk -rw-r--r-- 4.1 KB
issue_template.md -rw-r--r-- 294 bytes
rocksdb.pc.in -rw-r--r-- 292 bytes
src.mk -rw-r--r-- 45.5 KB
thirdparty.inc -rw-r--r-- 7.8 KB

README.md

back to top