\n\n# sled 1.0 architecture\n\n## in-memory\n\n* Lock-free B+ tree index, extracted into the [`concurrent-map`](https://github.com/komora-io/concurrent-map) crate.\n* The lowest key from each leaf is stored in this in-memory index.\n* To read any leaf that is not already cached in memory, at most one disk read will be required.\n* RwLock-backed leaves, using the ArcRwLock from the [`parking_lot`](https://github.com/Amanieu/parking_lot) crate. As a `Db` grows, leaf contention tends to go down in most use cases. But this may be revisited over time if many users have issues with RwLock-related contention. Avoiding full RCU for updates on the leaves results in many of the performance benefits over sled 0.34, with significantly lower memory pressure.\n* A simple but very high performance epoch-based reclamation technique is used for safely deferring frees of in-memory index data and reuse of on-disk heap slots, extracted into the [`ebr`](https://github.com/komora-io/ebr) crate.\n* A scan-resistant LRU is used for handling eviction. By default, 20% of the cache is reserved for leaves that are accessed at most once. This is configurable via `Config.entry_cache_percent`. This is handled by the extracted [`cache-advisor`](https://github.com/komora-io/cache-advisor) crate. The overall cache size is set by the `Config.cache_size` configurable.\n\n## write path\n\n* This is where things get interesting. There is no traditional WAL. There is no LSM. Only metadata is logged atomically after objects are written in parallel.\n* The important guarantees are:\n * all previous writes are durable after a call to `Db::flush` (This is also called periodically in the background by a flusher thread)\n * all write batches written using `Db::apply_batch` are either 100% visible or 0% visible after crash recovery. If it was followed by a flush that returned `Ok(())` it is guaranteed to be present.\n* Atomic ([linearizable](https://jepsen.io/consistency/models/linearizable)) durability is provided by marking dirty leaves as participants in \"flush epochs\" and performing atomic batch writes of the full epoch at a time, in order. Each call to `Db::flush` advances the current flush epoch by 1.\n* The atomic write consists in the following steps:\n 1. User code or the background flusher thread calls `Db::flush`.\n 1. In parallel (via [rayon](https://docs.rs/rayon)) serialize and compress each dirty leaf with zstd (configurable via `Config.zstd_compression_level`).\n 1. Based on the size of the bytes for each object, choose the smallest heap file slot that can hold the full set of bytes. This is an on-disk slab allocator.\n 1. Slab slots are not power-of-two sized, but tend to increase in size by around 20% from one to the next, resulting in far lower fragmentation than typical page-oriented heaps with either constant-size or power-of-two sized leaves.\n 1. Write the object to the allocated slot from the rayon threadpool.\n 1. After all writes, fsync the heap files that were written to.\n 1. If any writes were written to the end of the heap file, causing it to grow, fsync the directory that stores all heap files.\n 1. After the writes are stable, it is now safe to write an atomic metadata batch that records the location of each written leaf in the heap. This is a simple framed batch of `(low_key, slab_slot)` tuples that are initially written to a log, but eventually merged into a simple snapshot file for the metadata store once the log becomes larger than the snapshot file.\n 1. Fsync of the metadata log file.\n 1. Fsync of the metadata log directory.\n 1. After the atomic metadata batch write, the previously occupied slab slots are marked for future reuse with the epoch-based reclamation system. After all threads that may have witnessed the previous location have finished their work, the slab slot is added to the free `BinaryHeap` of the slot that it belongs to so that it may be reused in future atomic write batches.\n 1. Return `Ok(())` to the caller of `Db::flush`.\n* Writing objects before the metadata write is random, but modern SSDs handle this well. Even though the SSD's FTL will be working harder to defragment things periodically than if we wrote a few megabytes sequentially with each write, the data that the FTL will be copying will be mostly live due to the eager leaf write-backs.\n\n## recovery\n\n* Recovery involves simply reading the atomic metadata store that records the low key for each written leaf as well as its location and mapping it into the in-memory index. Any gaps in the slabs are then used as free slots.\n* Any write that failed to complete its entire atomic writebatch is treated as if it never happened, because no user-visible flush ever returned successfully.\n* Rayon is also used here for parallelizing reads of this metadata. In general, this is extremely fast compared to the previous sled recovery process.\n\n## tuning\n\n* The larger the `LEAF_FANOUT` const generic on the high-level `Db` struct (default `1024`), the smaller the in-memory leaf index and the better the compression ratio of the on-disk file, but the more expensive it will be to read the entire leaf off of disk and decompress it.\n* You can choose to turn the `LEAF_FANOUT` relatively low to make the system behave more like an Index+Log architecture, but overall disk size will grow and write performance will decrease.\n* NB: changing `LEAF_FANOUT` after writing data is not supported.\n"
},
{
"path": "CHANGELOG.md",
"content": "# Unreleased\n\n## New Features\n\n* #1178 batches and transactions are now unified for subscribers.\n* #1231 `Tree::get_zero_copy` allows for reading a value directly\n in-place without making an `IVec` first.\n* #1250 the global `print_profile` function has been added\n which is enabled when compiling with the `metrics` feature.\n* #1254 `IVec` data will now always have an alignment of 8,\n which may enable interesting architecture-specific use cases.\n* #1307 & #1315 `Db::contains_tree` can be used to see if a\n `Tree` with a given name already exists.\n\n## Improvements\n\n* #1214 a new slab-style storage engine has been added which\n replaces the previous file-per-blob technique for storing\n large pages.\n* #1231 tree nodes now get merged into a single-allocation\n representation that is able to dynamically avoid various\n overheads, resulting in significant efficiency improvements.\n\n## Breaking Changes\n\n* #1400 Bump MSRV to 1.57.\n* #1399 Thread support is now required on all platforms.\n* #1135 The \"no_metrics\" anti-feature has been replaced with\n the \"metrics\" positive feature.\n* #1178 the `Event` enum has become a unified struct that allows\n subscribers to iterate over each (Tree, key, optional value)\n involved in single key operations, batches, or transactions in\n a unified way.\n* #1178 the `Event::key` method has been removed in favor of the\n new more comprehensive `iter` method.\n* #1214 The deprecated `Config::build` method has been removed.\n* #1248 The deprecated `Tree::set` method has been removed.\n* #1248 The deprecated `Tree::del` method has been removed.\n* #1250 The `Config::print_profile_on_drop` method has been\n removed in favor of the global `print_profile` function.\n* #1252 The deprecated `Db::open` method has been removed.\n* #1252 The deprecated `Config::segment_cleanup_skew` method\n has been removed.\n* #1252 The deprecated `Config::segment_cleanup_threshold`\n method has been removed.\n* #1252 The deprecated `Config::snapshot_path` method has\n been removed.\n* #1253 The `IVec::subslice` method has been removed.\n* #1275 Keys and values are now limited to 128gb on 64-bit\n platforms and 512mb on 32-bit platforms.\n* #1281 `Config`'s `cache_capacity` is now a usize, as u64\n doesn't make sense for things that must fit in memory anyway.\n* #1314 `Subscriber::next_timeout` now requires a mutable self\n reference.\n* #1349 The \"measure_allocs\" feature has been removed.\n* #1354 `Error` has been modified to be Copy, removing all\n heap-allocated variants.\n\n## Bug Fixes\n\n* #1202 Fix a space leak where blobs were not\n removed when replaced by another blob.\n* #1229 the powerful ALICE crash consistency tool has been\n used to discover several crash vulnerabilities, now fixed.\n\n# 0.34.7\n\n## Bug Fixes\n\n* #1314 Fix a bug in Subscriber's Future impl.\n\n# 0.34.6\n\n## Improvements\n\n* documentation improved\n\n# 0.34.5\n\n## Improvements\n\n* #1164 widen some trait bounds on trees and batches\n\n# 0.34.4\n\n## New Features\n\n* #1151 `Send` is implemented for `Iter`\n* #1167 added `Tree::first` and `Tree::last` functions\n to retrieve the first or last items in a `Tree`, unless\n the `Tree` is empty.\n\n## Bug Fixes\n\n* #1159 dropping a `Db` instance will no-longer\n prematurely shut-down the background flusher\n thread.\n* #1168 fixed an issue that was causing panics during\n recovery in 32-bit code.\n* #1170 when encountering corrupted storage data,\n the recovery process will panic less often.\n\n# 0.34.3\n\n## New Features\n\n* #1146 added `TransactionalTree::generate_id`\n\n# 0.34.2\n\n## Improvements\n\n* #1133 transactions and writebatch performance has been\n significantly improved by removing a bottleneck in\n the atomic batch stability tracking code.\n\n# 0.34.1\n\n## New Features\n\n* #1136 Added the `TransactionalTree::flush` method to\n flush the underlying database after the transaction\n commits and before the transaction returns.\n\n# 0.34\n\n## Improvements\n\n* #1132 implemented From for io::Error to\n reduce friction in some situations.\n\n## Breaking Changes\n\n* #1131 transactions performed on `Tree`s from different\n `Db`s will now safely fail.\n* #1131 transactions may now only be performed on tuples\n of up to 14 elements. For higher numbers, please use\n slices.\n\n# 0.33\n\n## Breaking Changes\n\n* #1125 the backtrace crate has been made optional, which\n cuts several seconds off compilation time, but may cause\n breakage if you interacted with the backtrace field\n of corruption-related errors.\n\n## Bug Fixes\n\n* #1128 `Tree::pop_min` and `Tree::pop_max` had a bug where\n they were not atomic.\n\n# 0.32.1\n\n## New Features\n\n* #1116 `IVec::subslice` has been added to facilitate\n creating zero-copy subsliced `IVec`s that are backed\n by the same data.\n\n## Bug Fixes\n\n* #1120 Fixed a use-after-free caused by missing `ref` keyword\n on a `Copy` type in a pattern match in `IVec::as_mut`.\n* #1108 conversions from `Box<[u8]>` to `IVec` are fixed.\n\n# 0.32\n\n## New Features\n\n* #1079 `Transactional` is now implemented for\n `[&Tree]` and `[Tree]` so you can avoid the\n previous friction of using tuples, as was\n necessary previously.\n* #1058 The minimum supported Rust version (MSRV)\n is now 1.39.0.\n* #1037 `Subscriber` now implements `Future` (non-fused)\n so prefix watching may now be iterated over via\n `while let Some(event) = (&mut subscriber).await {}`\n\n## Improvements\n\n* #965 concurrency control is now dynamically enabled\n for atomic point operations, so that it may be\n avoided unless transactional functionality is\n being used in the system. This significantly\n increases performance for workloads that do not\n use transactions.\n* A number of memory optimizations have been implemented.\n* Disk usage has been significantly reduced for many\n workloads.\n* #1016 On 64-bit systems, we can now store 1-2 trillion items.\n* #993 Added DerefMut and AsMut<[u8]> for `IVec` where it\n works similarly to a `Cow`, making a private copy\n if the backing `Arc`'s strong count is not 1.\n* #1020 The sled wiki has been moved into the documentation\n itself, and is accessible through the `doc` module\n exported in lib.\n\n## Breaking Changes\n\n* #975 Changed the default `segment_size` from 8m to 512k.\n This will result in far smaller database files due\n to better file garbage collection granularity.\n* #975 deprecated several `Config` options that will be\n removed over time.\n* #1000 rearranged some transaction-related imports, and\n moved them to the `transaction` module away from\n the library root to keep the top level docs clean.\n* #1015 `TransactionalTree::apply_batch` now accepts\n its argument by reference instead of by value.\n* `Event` has been changed to make the inner fields\n named instead of anonymous.\n* #1057 read-only mode has been removed due to not having\n the resources to properly keep it tested while\n making progress on high priority issues. This may\n be correctly implemented in the future if resources\n permit.\n* The conversion between `Box<[u8]>` and `IVec` has\n been temporarily removed. This is re-added in 0.32.1.\n\n# 0.31\n\n## Improvements\n\n* #947 dramatic read and recovery optimizations\n* #921 reduced the reliance on locks while\n performing multithreaded IO on windows.\n* #928 use `sync_file_range` on linux instead\n of a full fsync for most writes.\n* #946 io_uring support changed to the `rio` crate\n* #939 reduced memory consumption during\n zstd decompression\n\n## Breaking Changes\n\n* #927 use SQLite-style varints for serializing\n `u64`. This dramatically reduces the written\n bytes for databases that store small keys and\n values.\n* #943 use varints for most of the fields in\n message headers, causing an additional large\n space reduction. combined with #927, these\n changes reduce bytes written by 68% for workloads\n writing small items.\n\n# 0.30.3\n\n* Documentation-only release\n\n# 0.30.2\n\n## New Features\n\n* Added the `open` function for quickly\n opening a database at a path with default\n configuration.\n\n# 0.30.1\n\n## Bugfixes\n\n* Fixed an issue where an idle threadpool worker\n would spin in a hot loop until work arrived\n\n# 0.30\n\n## Breaking Changes\n\n* Migrated to a new storage format\n\n## Bugfixes\n\n* Fixed a bug where cache was not being evicted.\n* Fixed a bug with using transactions with\n compression.\n\n# 0.29.2\n\n## New Features\n\n* The `create_new` option has been added\n to `Config`, allowing the user to specify\n that a database should only be freshly\n created, rather than re-opened.\n\n# 0.29.1\n\n## Bugfixes\n\n* Fixed a bug where prefix encoding could be\n incorrectly handled when merging nodes together.\n\n# 0.29\n\n## New Features\n\n* The `Config::open` method has been added to give\n `Config` a similar feel to std's `fs::OpenOptions`.\n The `Config::build` and `Db::start` methods are\n now deprecated in favor of calling `Config::open`\n directly.\n* A `checksum` method has been added to Tree and Db\n for use in verifying backups and migrations.\n* Transactions may now involve up to 69 different\n tables. Nice.\n* The `TransactionError::Abort` variant has had\n a generic member added that can be returned\n as a way to return information from a\n manually-aborted transaction. An `abort` helper\n function has been added to reduce the boiler-\n plate required to return aborted results.\n\n## Breaking Changes\n\n* The `ConfigBuilder` structure has been removed\n in favor of a simplified `Config` structure\n with the same functionality.\n* The way that sled versions are detected at\n initialization time is now independent of serde.\n* The `cas` method is deprecated in favor of the new\n `compare_and_swap` method which now returns the\n proposed value that failed to be applied.\n* Tree nodes now have constant prefix encoding\n lengths.\n* The `io_buf_size` configurable renamed to\n `segment_size`.\n* The `io_buf_size` configurable method has been\n removed from ConfigBuilder. This can be manually\n set by setting the attribute directly on the\n ConfigBuilder, but this is discouraged.\n Additionally, this must now be a power of 2.\n* The `page_consolidation_threshold` method has been\n removed from ConfigBuilder, and this is now\n a constant of 10.\n\n# 0.28\n\n## Breaking Changes\n\n* `Iter` no longer has a lifetime parameter.\n* `Db::open_tree` now returns a `Tree` instead of\n an `Arc`. `Tree` now has an inner type that\n uses an `Arc`, so you don't need to think about it.\n\n## Bug Fixes\n\n* A bug with prefix encoding has been fixed that\n led to nodes with keys longer than 256 bytes\n being stored incorrectly, which led to them\n being inaccessible and also leading to infinite\n loops during iteration.\n* Several cases of incorrect unsafe code were removed\n from the sled crate. No bugs are known to have been\n encountered, but they may have resulted in\n incorrect optimizations in future refactors.\n\n# 0.27\n\n## Breaking Changes\n\n* `Event::Set` has been renamed to `Event::Insert` and\n `Event::Del` has been renamed to `Event::Remove`. These\n names better align with the methods of BTreeMap from\n the standard library.\n\n## Bug Fixes\n\n* A deadlock was possible in very high write volume\n situations when the segment accountant lock was\n taken by all IO threads while a task was blocked\n trying to submit a file truncation request to the\n threadpool while holding the segment accountant lock.\n\n## New Features\n\n* `flush_async` has been added to perform time-intensive\n flushing in an asynchronous manner, returning a Future.\n\n# 0.26.1\n\n## Improvements\n\n* std::thread is no longer used on platforms other than\n linux, macos, and windows, which increases portability.\n\n# 0.26\n\n## New Features\n\n* Transactions! You may now call `Tree::transaction` and\n perform reads, writes, and deletes within a provided\n closure with a `TransactionalTree` argument. This\n closure may be called multiple times if the transaction\n encounters a concurrent update in the process of its\n execution. Transactions may also be used on tuples of\n `Tree` objects, where the closure will then be\n parameterized on `TransactionalTree` instances providing\n access to each of the provided `Tree` instances. This\n allows you to atomically read and modify multiple\n `Tree` instances in a single atomic operation.\n These transactions are serializable, fully ACID,\n and optimistic.\n* `Tree::apply_batch` allows you to apply a `Batch`\n* `TransactionalTree::apply_batch` allow you to\n apply a `Batch` from within a transaction.\n\n## Breaking Changes\n\n* `Tree::batch` has been removed. Now you can directly\n create a `Batch` with `Batch::default()` and then apply\n it to a `Tree` with `Tree::apply_batch` or during a\n transaction using `TransactionalTree::apply_batch`.\n This facilitates multi-`Tree` batches via transactions.\n* `Event::Merge` has been removed, and `Tree::merge` will\n now send a complete `Event::Set` item to be distributed\n to all listening subscribers.\n"
},
{
"path": "CONTRIBUTING.md",
"content": "# Welcome to the Project :)\n\n* Don't be a jerk - here's our [code of conduct](./code-of-conduct.md).\n We have a track record of defending our community from harm.\n\nThere are at least three great ways to contribute to sled:\n\n* [financial contribution](https://github.com/sponsors/spacejam)\n* coding\n* conversation\n\n#### Coding Considerations:\n\nPlease don't waste your time or ours by implementing things that\nwe do not want to introduce and maintain. Please discuss in an\nissue or on chat before submitting a PR with:\n\n* public API changes\n* new functionality of any sort\n* additional unsafe code\n* significant refactoring\n\nThe above changes are unlikely to be merged or receive\ntimely attention without prior discussion.\n\nPRs that generally require less coordination beforehand:\n\n* Anything addressing a correctness issue.\n* Better docs: whatever you find confusing!\n* Small code changes with big performance implications, substantiated with [responsibly-gathered metrics](https://sled.rs/perf#experiment-checklist).\n* FFI submodule changes: these are generally less well maintained than the Rust core, and benefit more from public assistance.\n* Generally any new kind of test that avoids biases inherent in the others.\n\n#### All PRs block on failing tests!\n\nsled has intense testing, including crash tests, multi-threaded tests with\ndelay injection, a variety of mechanically-generated tests that combine fault\ninjection with concurrency in interesting ways, cross-compilation and minimum\nsupported Rust version checks, LLVM sanitizers, and more. It can sometimes be\nchallenging to understand why something is failing these intense tests.\n\nFor better understanding test failures, please:\n\n1. read the failing test name and output log for clues\n1. try to reproduce the failed test locally by running its associated command from the [test script](https://github.com/spacejam/sled/blob/main/.github/workflows/test.yml)\n1. If it is not clear why your test is failing, feel free to request help with understanding it either on discord or requesting help on the PR, and we will do our best to help.\n\nWant to help sled but don't have time for individual contributions? Contribute via [GitHub Sponsors](https://github.com/sponsors/spacejam) to support the people pushing the project forward!\n"
},
{
"path": "Cargo.toml",
"content": "[package]\nname = \"sled\"\nversion = \"1.0.0-alpha.124\"\nedition = \"2024\"\nauthors = [\"Tyler Neely \"]\ndocumentation = \"https://docs.rs/sled/\"\ndescription = \"Lightweight high-performance pure-rust transactional embedded database.\"\nlicense = \"MIT OR Apache-2.0\"\nhomepage = \"https://github.com/spacejam/sled\"\nrepository = \"https://github.com/spacejam/sled\"\nkeywords = [\"redis\", \"mongo\", \"sqlite\", \"lmdb\", \"rocksdb\"]\ncategories = [\"database-implementations\", \"concurrency\", \"data-structures\", \"algorithms\", \"caching\"]\nreadme = \"README.md\"\nexclude = [\"benchmarks\", \"examples\", \"bindings\", \"scripts\", \"experiments\"]\n\n[features]\n# initializes allocated memory to 0xa1, writes 0xde to deallocated memory before freeing it\ntesting-shred-allocator = []\n# use a counting global allocator that provides the sled::alloc::{allocated, freed, resident, reset} functions\ntesting-count-allocator = []\nfor-internal-testing-only = []\n# turn off re-use of object IDs and heap slots, disable tree leaf merges, disable heap file truncation.\nmonotonic-behavior = []\n\n[profile.release]\ndebug = true\nopt-level = 3\noverflow-checks = true\npanic = \"abort\"\n\n[profile.test]\ndebug = true\noverflow-checks = true\npanic = \"abort\"\n\n[dependencies]\nbincode = \"1.3.3\"\ncache-advisor = \"1.0.16\"\nconcurrent-map = { version = \"5.0.31\", features = [\"serde\"] }\ncrc32fast = \"1.3.2\"\nebr = \"0.2.13\"\ninline-array = { version = \"0.1.13\", features = [\"serde\", \"concurrent_map_minimum\"] }\nfs2 = \"0.4.3\"\nlog = \"0.4.19\"\npagetable = \"0.4.5\"\nparking_lot = { version = \"0.12.1\", features = [\"arc_lock\"] }\nrayon = \"1.7.0\"\nserde = { version = \"1.0\", features = [\"derive\"] }\nstack-map = { version = \"1.0.5\", features = [\"serde\"] }\nzstd = \"0.12.4\"\nfnv = \"1.0.7\"\nfault-injection = \"1.0.10\"\ncrossbeam-queue = \"0.3.8\"\ncrossbeam-channel = \"0.5.8\"\ntempdir = \"0.3.7\"\n\n[dev-dependencies]\nenv_logger = \"0.10.0\"\nnum-format = \"0.4.4\"\n# heed = \"0.11.0\"\n# rocksdb = \"0.21.0\"\n# rusqlite = \"0.29.0\"\n# old_sled = { version = \"0.34\", package = \"sled\" }\nrand = \"0.9\"\nquickcheck = \"1.0.3\"\nrand_distr = \"0.5\"\nlibc = \"0.2.147\"\n\n[[test]]\nname = \"test_crash_recovery\"\npath = \"tests/test_crash_recovery.rs\"\nharness = false\n\n"
},
{
"path": "LICENSE-APACHE",
"content": " Apache License\n Version 2.0, January 2004\n http://www.apache.org/licenses/\n\n TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n 1. Definitions.\n\n \"License\" shall mean the terms and conditions for use, reproduction,\n and distribution as defined by Sections 1 through 9 of this document.\n\n \"Licensor\" shall mean the copyright owner or entity authorized by\n the copyright owner that is granting the License.\n\n \"Legal Entity\" shall mean the union of the acting entity and all\n other entities that control, are controlled by, or are under common\n control with that entity. For the purposes of this definition,\n \"control\" means (i) the power, direct or indirect, to cause the\n direction or management of such entity, whether by contract or\n otherwise, or (ii) ownership of fifty percent (50%) or more of the\n outstanding shares, or (iii) beneficial ownership of such entity.\n\n \"You\" (or \"Your\") shall mean an individual or Legal Entity\n exercising permissions granted by this License.\n\n \"Source\" form shall mean the preferred form for making modifications,\n including but not limited to software source code, documentation\n source, and configuration files.\n\n \"Object\" form shall mean any form resulting from mechanical\n transformation or translation of a Source form, including but\n not limited to compiled object code, generated documentation,\n and conversions to other media types.\n\n \"Work\" shall mean the work of authorship, whether in Source or\n Object form, made available under the License, as indicated by a\n copyright notice that is included in or attached to the work\n (an example is provided in the Appendix below).\n\n \"Derivative Works\" shall mean any work, whether in Source or Object\n form, that is based on (or derived from) the Work and for which the\n editorial revisions, annotations, elaborations, or other modifications\n represent, as a whole, an original work of authorship. For the purposes\n of this License, Derivative Works shall not include works that remain\n separable from, or merely link (or bind by name) to the interfaces of,\n the Work and Derivative Works thereof.\n\n \"Contribution\" shall mean any work of authorship, including\n the original version of the Work and any modifications or additions\n to that Work or Derivative Works thereof, that is intentionally\n submitted to Licensor for inclusion in the Work by the copyright owner\n or by an individual or Legal Entity authorized to submit on behalf of\n the copyright owner. For the purposes of this definition, \"submitted\"\n means any form of electronic, verbal, or written communication sent\n to the Licensor or its representatives, including but not limited to\n communication on electronic mailing lists, source code control systems,\n and issue tracking systems that are managed by, or on behalf of, the\n Licensor for the purpose of discussing and improving the Work, but\n excluding communication that is conspicuously marked or otherwise\n designated in writing by the copyright owner as \"Not a Contribution.\"\n\n \"Contributor\" shall mean Licensor and any individual or Legal Entity\n on behalf of whom a Contribution has been received by Licensor and\n subsequently incorporated within the Work.\n\n 2. Grant of Copyright License. Subject to the terms and conditions of\n this License, each Contributor hereby grants to You a perpetual,\n worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n copyright license to reproduce, prepare Derivative Works of,\n publicly display, publicly perform, sublicense, and distribute the\n Work and such Derivative Works in Source or Object form.\n\n 3. Grant of Patent License. Subject to the terms and conditions of\n this License, each Contributor hereby grants to You a perpetual,\n worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n (except as stated in this section) patent license to make, have made,\n use, offer to sell, sell, import, and otherwise transfer the Work,\n where such license applies only to those patent claims licensable\n by such Contributor that are necessarily infringed by their\n Contribution(s) alone or by combination of their Contribution(s)\n with the Work to which such Contribution(s) was submitted. If You\n institute patent litigation against any entity (including a\n cross-claim or counterclaim in a lawsuit) alleging that the Work\n or a Contribution incorporated within the Work constitutes direct\n or contributory patent infringement, then any patent licenses\n granted to You under this License for that Work shall terminate\n as of the date such litigation is filed.\n\n 4. Redistribution. You may reproduce and distribute copies of the\n Work or Derivative Works thereof in any medium, with or without\n modifications, and in Source or Object form, provided that You\n meet the following conditions:\n\n (a) You must give any other recipients of the Work or\n Derivative Works a copy of this License; and\n\n (b) You must cause any modified files to carry prominent notices\n stating that You changed the files; and\n\n (c) You must retain, in the Source form of any Derivative Works\n that You distribute, all copyright, patent, trademark, and\n attribution notices from the Source form of the Work,\n excluding those notices that do not pertain to any part of\n the Derivative Works; and\n\n (d) If the Work includes a \"NOTICE\" text file as part of its\n distribution, then any Derivative Works that You distribute must\n include a readable copy of the attribution notices contained\n within such NOTICE file, excluding those notices that do not\n pertain to any part of the Derivative Works, in at least one\n of the following places: within a NOTICE text file distributed\n as part of the Derivative Works; within the Source form or\n documentation, if provided along with the Derivative Works; or,\n within a display generated by the Derivative Works, if and\n wherever such third-party notices normally appear. The contents\n of the NOTICE file are for informational purposes only and\n do not modify the License. You may add Your own attribution\n notices within Derivative Works that You distribute, alongside\n or as an addendum to the NOTICE text from the Work, provided\n that such additional attribution notices cannot be construed\n as modifying the License.\n\n You may add Your own copyright statement to Your modifications and\n may provide additional or different license terms and conditions\n for use, reproduction, or distribution of Your modifications, or\n for any such Derivative Works as a whole, provided Your use,\n reproduction, and distribution of the Work otherwise complies with\n the conditions stated in this License.\n\n 5. Submission of Contributions. Unless You explicitly state otherwise,\n any Contribution intentionally submitted for inclusion in the Work\n by You to the Licensor shall be under the terms and conditions of\n this License, without any additional terms or conditions.\n Notwithstanding the above, nothing herein shall supersede or modify\n the terms of any separate license agreement you may have executed\n with Licensor regarding such Contributions.\n\n 6. Trademarks. This License does not grant permission to use the trade\n names, trademarks, service marks, or product names of the Licensor,\n except as required for reasonable and customary use in describing the\n origin of the Work and reproducing the content of the NOTICE file.\n\n 7. Disclaimer of Warranty. Unless required by applicable law or\n agreed to in writing, Licensor provides the Work (and each\n Contributor provides its Contributions) on an \"AS IS\" BASIS,\n WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n implied, including, without limitation, any warranties or conditions\n of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n PARTICULAR PURPOSE. You are solely responsible for determining the\n appropriateness of using or redistributing the Work and assume any\n risks associated with Your exercise of permissions under this License.\n\n 8. Limitation of Liability. In no event and under no legal theory,\n whether in tort (including negligence), contract, or otherwise,\n unless required by applicable law (such as deliberate and grossly\n negligent acts) or agreed to in writing, shall any Contributor be\n liable to You for damages, including any direct, indirect, special,\n incidental, or consequential damages of any character arising as a\n result of this License or out of the use or inability to use the\n Work (including but not limited to damages for loss of goodwill,\n work stoppage, computer failure or malfunction, or any and all\n other commercial damages or losses), even if such Contributor\n has been advised of the possibility of such damages.\n\n 9. Accepting Warranty or Additional Liability. While redistributing\n the Work or Derivative Works thereof, You may choose to offer,\n and charge a fee for, acceptance of support, warranty, indemnity,\n or other liability obligations and/or rights consistent with this\n License. However, in accepting such obligations, You may act only\n on Your own behalf and on Your sole responsibility, not on behalf\n of any other Contributor, and only if You agree to indemnify,\n defend, and hold each Contributor harmless for any liability\n incurred by, or claims asserted against, such Contributor by reason\n of your accepting any such warranty or additional liability.\n\n END OF TERMS AND CONDITIONS\n\n APPENDIX: How to apply the Apache License to your work.\n\n To apply the Apache License to your work, attach the following\n boilerplate notice, with the fields enclosed by brackets \"{}\"\n replaced with your own identifying information. (Don't include\n the brackets!) The text should be enclosed in the appropriate\n comment syntax for the file format. We also recommend that a\n file or class name and description of purpose be included on the\n same \"printed page\" as the copyright notice for easier\n identification within third-party archives.\n\n Copyright 2015 Tyler Neely\n Copyright 2016 Tyler Neely\n Copyright 2017 Tyler Neely\n Copyright 2018 Tyler Neely\n Copyright 2019 Tyler Neely\n Copyright 2020 Tyler Neely\n Copyright 2021 Tyler Neely\n Copyright 2022 Tyler Neely\n Copyright 2023 Tyler Neely\n\n Licensed under the Apache License, Version 2.0 (the \"License\");\n you may not use this file except in compliance with the License.\n You may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\n Unless required by applicable law or agreed to in writing, software\n distributed under the License is distributed on an \"AS IS\" BASIS,\n WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n See the License for the specific language governing permissions and\n limitations under the License.\n"
},
{
"path": "LICENSE-MIT",
"content": "Copyright (c) 2015 Tyler Neely\nCopyright (c) 2016 Tyler Neely\nCopyright (c) 2017 Tyler Neely\nCopyright (c) 2018 Tyler Neely\nCopyright (c) 2019 Tyler Neely\nCopyright (c) 2020 Tyler Neely\nCopyright (c) 2021 Tyler Neely\nCopyright (c) 2022 Tyler Neely\nCopyright (c) 2023 Tyler Neely\n\nPermission is hereby granted, free of charge, to any\nperson obtaining a copy of this software and associated\ndocumentation files (the \"Software\"), to deal in the\nSoftware without restriction, including without\nlimitation the rights to use, copy, modify, merge,\npublish, distribute, sublicense, and/or sell copies of\nthe Software, and to permit persons to whom the Software\nis furnished to do so, subject to the following\nconditions:\n\nThe above copyright notice and this permission notice\nshall be included in all copies or substantial portions\nof the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF\nANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED\nTO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A\nPARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT\nSHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY\nCLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION\nOF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR\nIN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER\nDEALINGS IN THE SOFTWARE.\n"
},
{
"path": "README.md",
"content": "\n
\n\n\n# sled - ~~it's all downhill from here!!!~~\n\nAn embedded database.\n\n```rust\nlet tree = sled::open(\"/tmp/welcome-to-sled\")?;\n\n// insert and get, similar to std's BTreeMap\nlet old_value = tree.insert(\"key\", \"value\")?;\n\nassert_eq!(\n tree.get(&\"key\")?,\n Some(sled::IVec::from(\"value\")),\n);\n\n// range queries\nfor kv_result in tree.range(\"key_1\"..\"key_9\") {}\n\n// deletion\nlet old_value = tree.remove(&\"key\")?;\n\n// atomic compare and swap\ntree.compare_and_swap(\n \"key\",\n Some(\"current_value\"),\n Some(\"new_value\"),\n)?;\n\n// block until all operations are stable on disk\n// (flush_async also available to get a Future)\ntree.flush()?;\n```\n\n$${\\color{red}This \\space README \\space is \\space out \\space of \\space sync \\space with \\space the \\space main \\space branch \\space which \\space contains \\space a \\space large \\space in-progress \\space rewrite }$$\n\nIf you would like to work with structured data without paying expensive deserialization costs, check out the [structured](examples/structured.rs) example!\n\n# features\n\n* [API](https://docs.rs/sled) similar to a threadsafe `BTreeMap<[u8], [u8]>`\n* serializable (ACID) [transactions](https://docs.rs/sled/latest/sled/struct.Tree.html#method.transaction)\n for atomically reading and writing to multiple keys in multiple keyspaces.\n* fully atomic single-key operations, including [compare and swap](https://docs.rs/sled/latest/sled/struct.Tree.html#method.compare_and_swap)\n* zero-copy reads\n* [write batches](https://docs.rs/sled/latest/sled/struct.Tree.html#method.apply_batch)\n* [subscribe to changes on key\n prefixes](https://docs.rs/sled/latest/sled/struct.Tree.html#method.watch_prefix)\n* [multiple keyspaces](https://docs.rs/sled/latest/sled/struct.Db.html#method.open_tree)\n* [merge operators](https://docs.rs/sled/latest/sled/doc/merge_operators/index.html)\n* forward and reverse iterators over ranges of items\n* a crash-safe monotonic [ID generator](https://docs.rs/sled/latest/sled/struct.Db.html#method.generate_id)\n capable of generating 75-125 million unique ID's per second\n* [zstd](https://github.com/facebook/zstd) compression (use the\n `compression` build feature, disabled by default)\n* cpu-scalable lock-free implementation\n* flash-optimized log-structured storage\n* uses modern b-tree techniques such as prefix encoding and suffix\n truncation for reducing the storage costs of long keys with shared\n prefixes. If keys are the same length and sequential then the\n system can avoid storing 99%+ of the key data in most cases,\n essentially acting like a learned index\n\n# expectations, gotchas, advice\n\n* Maybe one of the first things that seems weird is the `IVec` type.\n This is an inlinable `Arc`ed slice that makes some things more efficient.\n* Durability: **sled automatically fsyncs every 500ms by default**,\n which can be configured with the `flush_every_ms` configurable, or you may\n call `flush` / `flush_async` manually after operations.\n* **Transactions are optimistic** - do not interact with external state\n or perform IO from within a transaction closure unless it is\n [idempotent](https://en.wikipedia.org/wiki/Idempotent).\n* Internal tree node optimizations: sled performs prefix encoding\n on long keys with similar prefixes that are grouped together in a range,\n as well as suffix truncation to further reduce the indexing costs of\n long keys. Nodes will skip potentially expensive length and offset pointers\n if keys or values are all the same length (tracked separately, don't worry\n about making keys the same length as values), so it may improve space usage\n slightly if you use fixed-length keys or values. This also makes it easier\n to use [structured access](examples/structured.rs) as well.\n* sled does not support multiple open instances for the time being. Please\n keep sled open for the duration of your process's lifespan. It's totally\n safe and often quite convenient to use a global lazy_static sled instance,\n modulo the normal global variable trade-offs. Every operation is threadsafe,\n and most are implemented under the hood with lock-free algorithms that avoid\n blocking in hot paths.\n\n# performance\n\n* [LSM tree](https://en.wikipedia.org/wiki/Log-structured_merge-tree)-like write performance\n with [traditional B+ tree](https://en.wikipedia.org/wiki/B%2B_tree)-like read performance\n* over a billion operations in under a minute at 95% read 5% writes on 16 cores on a small dataset\n* measure your own workloads rather than relying on some marketing for contrived workloads\n\n# a note on lexicographic ordering and endianness\n\nIf you want to store numerical keys in a way that will play nicely with sled's iterators and ordered operations, please remember to store your numerical items in big-endian form. Little endian (the default of many things) will often appear to be doing the right thing until you start working with more than 256 items (more than 1 byte), causing lexicographic ordering of the serialized bytes to diverge from the lexicographic ordering of their deserialized numerical form.\n\n* Rust integral types have built-in `to_be_bytes` and `from_be_bytes` [methods](https://doc.rust-lang.org/std/primitive.u64.html#method.from_be_bytes).\n* bincode [can be configured](https://docs.rs/bincode/1.2.0/bincode/struct.Config.html#method.big_endian) to store integral types in big-endian form.\n\n# interaction with async\n\nIf your dataset resides entirely in cache (achievable at startup by setting the cache\nto a large enough value and performing a full iteration) then all reads and writes are\nnon-blocking and async-friendly, without needing to use Futures or an async runtime.\n\nTo asynchronously suspend your async task on the durability of writes, we support the\n[`flush_async` method](https://docs.rs/sled/latest/sled/struct.Tree.html#method.flush_async),\nwhich returns a Future that your async tasks can await the completion of if they require\nhigh durability guarantees and you are willing to pay the latency costs of fsync.\nNote that sled automatically tries to sync all data to disk several times per second\nin the background without blocking user threads.\n\nWe support async subscription to events that happen on key prefixes, because the\n`Subscriber` struct implements `Future>`:\n\n```rust\nlet sled = sled::open(\"my_db\").unwrap();\n\nlet mut sub = sled.watch_prefix(\"\");\n\nsled.insert(b\"a\", b\"a\").unwrap();\n\nextreme::run(async move {\n while let Some(event) = (&mut sub).await {\n println!(\"got event {:?}\", event);\n }\n});\n```\n\n# minimum supported Rust version (MSRV)\n\nWe support Rust 1.62 and up.\n\n# architecture\n\nlock-free tree on a lock-free pagecache on a lock-free log. the pagecache scatters\npartial page fragments across the log, rather than rewriting entire pages at a time\nas B+ trees for spinning disks historically have. on page reads, we concurrently\nscatter-gather reads across the log to materialize the page from its fragments.\ncheck out the [architectural outlook](https://github.com/spacejam/sled/wiki/sled-architectural-outlook)\nfor a more detailed overview of where we're at and where we see things going!\n\n# philosophy\n\n1. don't make the user think. the interface should be obvious.\n1. don't surprise users with performance traps.\n1. don't wake up operators. bring reliability techniques from academia into real-world practice.\n1. don't use so much electricity. our data structures should play to modern hardware's strengths.\n\n# known issues, warnings\n\n* if reliability is your primary constraint, use SQLite. sled is beta.\n* if storage price performance is your primary constraint, use RocksDB. sled uses too much space sometimes.\n* if you have a multi-process workload that rarely writes, use LMDB. sled is architected for use with long-running, highly-concurrent workloads such as stateful services or higher-level databases.\n* quite young, should be considered unstable for the time being.\n* the on-disk format is going to change in ways that require [manual migrations](https://docs.rs/sled/latest/sled/struct.Db.html#method.export) before the `1.0.0` release!\n\n# priorities\n\n1. A full rewrite of sled's storage subsystem is happening on a modular basis as part of the [komora project](https://github.com/komora-io), in particular the marble storage engine. This will dramatically lower both the disk space usage (space amplification) and garbage collection overhead (write amplification) of sled.\n2. The memory layout of tree nodes is being completely rewritten to reduce fragmentation and eliminate serialization costs.\n3. The merge operator feature will change into a trigger feature that resembles traditional database triggers, allowing state to be modified as part of the same atomic writebatch that triggered it for retaining serializability with reactive semantics.\n\n# fund feature development\n\nLike what we're doing? Help us out via [GitHub Sponsors](https://github.com/sponsors/spacejam)!\n"
},
{
"path": "RELEASE_CHECKLIST.md",
"content": "# Release Checklist\n\nThis checklist must be completed before publishing a release of any kind.\n\nOver time, anything in this list that can be turned into an automated test should be, but\nthere are still some big blind spots.\n\n## API stability\n\n- [ ] rust-flavored semver respected\n\n## Performance\n\n- [ ] micro-benchmark regressions should not happen unless newly discovered correctness criteria demands them\n- [ ] mixed point operation latency distribution should narrow over time\n- [ ] sequential operation average throughput should increase over time\n- [ ] workloads should pass TSAN and ASAN on macOS. Linux should additionally pass LSAN & MSAN.\n- [ ] workload write and space amplification thresholds should see no regressions\n\n## Concurrency Audit\n\n- [ ] any new `Guard` objects are dropped inside the rayon threadpool\n- [ ] no new EBR `Collector`s, as they destroy causality. These will be optimized in-bulk in the future.\n- [ ] no code assumes a recently read page pointer will remain unchanged (transactions may change this if reads are inline)\n- [ ] no calls to `rand::thread_rng` from a droppable function (anything in the SegmentAccountant)\n\n## Burn-In\n\n- [ ] fuzz tests should run at least 24 hours each with zero crashes\n- [ ] sequential and point workloads run at least 24 hours in constrained docker container without OOM / out of disk\n"
},
{
"path": "SAFETY.md",
"content": "# sled safety model\n\nThis document applies\n[STPA](http://psas.scripts.mit.edu/home/get_file.php?name=STPA_handbook.pdf)-style\nhazard analysis to the sled embedded database for the purpose of guiding\ndesign and testing efforts to prevent unacceptable losses.\n\nOutline\n\n* [purpose of analysis](#purpose-of-analysis)\n * [losses](#losses)\n * [system boundary](#system-boundary)\n * [hazards](#hazards)\n * [leading indicators](#leading-indicators)\n * [constraints](#constraints)\n* [model of control structure](#model-of-control-structure)\n* [identify unsafe control actions](#identify-unsafe-control-actions)\n* [identify loss scenarios][#identify-loss-scenarios)\n* [resources for learning more about STAMP, STPA, and CAST](#resources)\n\n# Purpose of Analysis\n\n## Losses\n\nWe wish to prevent the following undesirable situations:\n\n* data loss\n* inconsistent (non-linearizable) data access\n* process crash\n* resource exhaustion\n\n## System Boundary\n\nWe draw the line between system and environment where we can reasonably\ninvest our efforts to prevent losses.\n\nInside the boundary:\n\n* codebase\n * put safe control actions into place that prevent losses\n* documentation\n * show users how to use sled safely\n * recommend hardware, kernels, user code\n\nOutside the boundary:\n\n* Direct changes to hardware, kernels, user code\n\n## Hazards\n\nThese hazards can result in the above losses:\n\n* data may be lost if\n * bugs in the logging system\n * `Db::flush` fails to make previous writes durable\n * bugs in the GC system\n * the old location is overwritten before the defragmented location becomes durable\n * bugs in the recovery system\n * hardare failures\n* consistency violations may be caused by\n * transaction concurrency control failure to enforce linearizability (strict serializability)\n * non-linearizable lock-free single-key operations\n* panic\n * of user threads\n * IO threads\n * flusher & GC thread\n * indexing\n * unwraps/expects\n * failed TryInto/TryFrom + unwrap\n* persistent storage exceeding (2 + N concurrent writers) * logical data size\n* in-memory cache exceeding the configured cache size\n * caused by incorrect calculation of cache\n* use-after-free\n* data race\n* memory leak\n* integer overflow\n* buffer overrun\n* uninitialized memory access\n\n## Constraints\n\n# Models of Control Structures\n\nfor each control action we have, consider:\n\n1. what hazards happen when we fail to apply it / it does not exist?\n2. what hazards happen when we do apply it\n3. what hazards happen when we apply it too early or too late?\n4. what hazards happen if we apply it for too long or not long enough?\n\ndurability model\n\n * recovery\n * LogIter::max_lsn\n * return None if last_lsn_in_batch >= self.max_lsn\n * batch requirement set to last reservation base + inline len - 1\n * reserve bumps\n * bump_atomic_lsn(&self.iobufs.max_reserved_lsn, reservation_lsn + inline_buf_len as Lsn - 1);\n\nlock-free linearizability model\n\ntransactional linearizability (strict serializability) model\n\npanic model\n\nmemory usage model\n\nstorage usage model\n\n"
},
{
"path": "SECURITY.md",
"content": "# Security Policy\n\n## Reporting a Vulnerability\n\nsled uses some unsafe functionality in the core lock-free algorithms, and in a few places to more efficiently copy data.\n\nPlease contact [Tyler Neely](mailto:tylerneely@gmail.com?subject=sled%20security%20issue) immediately if you find any vulnerability, and I will work with you to fix the issue rapidly and coordinate public disclosure with an expedited release including the fix.\n\nIf you are a bug hunter or a person with a security interest, here is my mental model of memory corruption risk in the sled codebase:\n\n1. memory issues relating to the lock-free data structures in their colder failure paths. these have been tested a bit by injecting delays into random places, but this is still an area with elevated risk\n1. anywhere the `unsafe` keyword is used\n"
},
{
"path": "art/CREDITS",
"content": "original tree logo with face:\n https://twitter.com/daiyitastic\n\nanti-transphobia additions:\n spacejam\n"
},
{
"path": "code-of-conduct.md",
"content": "# Contributor Covenant Code of Conduct\n\n## Our Pledge\n\nIn the interest of fostering an open and welcoming environment, we as\ncontributors and maintainers pledge to making participation in our project and\nour community a harassment-free experience for everyone, regardless of age, body\nsize, disability, ethnicity, sex characteristics, gender identity and expression,\nlevel of experience, education, socio-economic status, nationality, personal\nappearance, race, religion, or sexual identity and orientation.\n\n## Our Standards\n\nExamples of behavior that contributes to creating a positive environment\ninclude:\n\n* Using welcoming and inclusive language\n* Being respectful of differing viewpoints and experiences\n* Gracefully accepting constructive criticism\n* Focusing on what is best for the community\n* Showing empathy towards other community members\n\nExamples of unacceptable behavior by participants include:\n\n* The use of sexualized language or imagery and unwelcome sexual attention or\n advances\n* Trolling, insulting/derogatory comments, and personal or political attacks\n* Public or private harassment\n* Publishing others' private information, such as a physical or electronic\n address, without explicit permission\n* Other conduct which could reasonably be considered inappropriate in a\n professional setting\n\n## Our Responsibilities\n\nProject maintainers are responsible for clarifying the standards of acceptable\nbehavior and are expected to take appropriate and fair corrective action in\nresponse to any instances of unacceptable behavior.\n\nProject maintainers have the right and responsibility to remove, edit, or\nreject comments, commits, code, wiki edits, issues, and other contributions\nthat are not aligned to this Code of Conduct, or to ban temporarily or\npermanently any contributor for other behaviors that they deem inappropriate,\nthreatening, offensive, or harmful.\n\n## Scope\n\nThis Code of Conduct applies both within project spaces and in public spaces\nwhen an individual is representing the project or its community. Examples of\nrepresenting a project or community include using an official project e-mail\naddress, posting via an official social media account, or acting as an appointed\nrepresentative at an online or offline event. Representation of a project may be\nfurther defined and clarified by project maintainers.\n\n## Enforcement\n\nInstances of abusive, harassing, or otherwise unacceptable behavior may be\nreported by contacting the project team at tylerneely@gmail.com. All\ncomplaints will be reviewed and investigated and will result in a response that\nis deemed necessary and appropriate to the circumstances. The project team is\nobligated to maintain confidentiality with regard to the reporter of an incident.\nFurther details of specific enforcement policies may be posted separately.\n\nProject maintainers who do not follow or enforce the Code of Conduct in good\nfaith may face temporary or permanent repercussions as determined by other\nmembers of the project's leadership.\n\n## Attribution\n\nThis Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,\navailable at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html\n\n[homepage]: https://www.contributor-covenant.org\n\n"
},
{
"path": "examples/bench.rs",
"content": "use std::path::Path;\nuse std::sync::Barrier;\nuse std::thread::scope;\nuse std::time::{Duration, Instant};\nuse std::{fs, io};\n\nuse num_format::{Locale, ToFormattedString};\n\nuse sled::{Config, Db as SledDb};\n\ntype Db = SledDb<1024>;\n\nconst N_WRITES_PER_THREAD: u32 = 4 * 1024 * 1024;\nconst MAX_CONCURRENCY: u32 = 4;\nconst CONCURRENCY: &[usize] = &[/*1, 2, 4,*/ MAX_CONCURRENCY as _];\nconst BYTES_PER_ITEM: u32 = 8;\n\ntrait Databench: Clone + Send {\n type READ: AsRef<[u8]>;\n const NAME: &'static str;\n const PATH: &'static str;\n fn open() -> Self;\n fn remove_generic(&self, key: &[u8]);\n fn insert_generic(&self, key: &[u8], value: &[u8]);\n fn get_generic(&self, key: &[u8]) -> Option;\n fn flush_generic(&self);\n fn print_stats(&self);\n}\n\nimpl Databench for Db {\n type READ = sled::InlineArray;\n\n const NAME: &'static str = \"sled 1.0.0-alpha\";\n const PATH: &'static str = \"timing_test.sled-new\";\n\n fn open() -> Self {\n sled::Config {\n path: Self::PATH.into(),\n zstd_compression_level: 3,\n cache_capacity_bytes: 1024 * 1024 * 1024,\n entry_cache_percent: 20,\n flush_every_ms: Some(200),\n ..Config::default()\n }\n .open()\n .unwrap()\n }\n\n fn insert_generic(&self, key: &[u8], value: &[u8]) {\n self.insert(key, value).unwrap();\n }\n fn remove_generic(&self, key: &[u8]) {\n self.remove(key).unwrap();\n }\n fn get_generic(&self, key: &[u8]) -> Option {\n self.get(key).unwrap()\n }\n fn flush_generic(&self) {\n self.flush().unwrap();\n }\n fn print_stats(&self) {\n dbg!(self.stats());\n }\n}\n\n/*\nimpl Databench for old_sled::Db {\n type READ = old_sled::IVec;\n\n const NAME: &'static str = \"sled 0.34.7\";\n const PATH: &'static str = \"timing_test.sled-old\";\n\n fn open() -> Self {\n old_sled::open(Self::PATH).unwrap()\n }\n fn insert_generic(&self, key: &[u8], value: &[u8]) {\n self.insert(key, value).unwrap();\n }\n fn get_generic(&self, key: &[u8]) -> Option {\n self.get(key).unwrap()\n }\n fn flush_generic(&self) {\n self.flush().unwrap();\n }\n}\n*/\n\n/*\nimpl Databench for Arc {\n type READ = Vec;\n\n const NAME: &'static str = \"rocksdb 0.21.0\";\n const PATH: &'static str = \"timing_test.rocksdb\";\n\n fn open() -> Self {\n Arc::new(rocksdb::DB::open_default(Self::PATH).unwrap())\n }\n fn insert_generic(&self, key: &[u8], value: &[u8]) {\n self.put(key, value).unwrap();\n }\n fn get_generic(&self, key: &[u8]) -> Option {\n self.get(key).unwrap()\n }\n fn flush_generic(&self) {\n self.flush().unwrap();\n }\n}\n*/\n\n/*\nstruct Lmdb {\n env: heed::Env,\n db: heed::Database<\n heed::types::UnalignedSlice,\n heed::types::UnalignedSlice,\n >,\n}\n\nimpl Clone for Lmdb {\n fn clone(&self) -> Lmdb {\n Lmdb { env: self.env.clone(), db: self.db.clone() }\n }\n}\n\nimpl Databench for Lmdb {\n type READ = Vec;\n\n const NAME: &'static str = \"lmdb\";\n const PATH: &'static str = \"timing_test.lmdb\";\n\n fn open() -> Self {\n let _ = std::fs::create_dir_all(Self::PATH);\n let env = heed::EnvOpenOptions::new()\n .map_size(1024 * 1024 * 1024)\n .open(Self::PATH)\n .unwrap();\n let db = env.create_database(None).unwrap();\n Lmdb { env, db }\n }\n fn insert_generic(&self, key: &[u8], value: &[u8]) {\n let mut wtxn = self.env.write_txn().unwrap();\n self.db.put(&mut wtxn, key, value).unwrap();\n wtxn.commit().unwrap();\n }\n fn get_generic(&self, key: &[u8]) -> Option {\n let rtxn = self.env.read_txn().unwrap();\n let ret = self.db.get(&rtxn, key).unwrap().map(Vec::from);\n rtxn.commit().unwrap();\n ret\n }\n fn flush_generic(&self) {\n // NOOP\n }\n}\n*/\n\n/*\nstruct Sqlite {\n connection: rusqlite::Connection,\n}\n\nimpl Clone for Sqlite {\n fn clone(&self) -> Sqlite {\n Sqlite { connection: rusqlite::Connection::open(Self::PATH).unwrap() }\n }\n}\n\nimpl Databench for Sqlite {\n type READ = Vec;\n\n const NAME: &'static str = \"sqlite\";\n const PATH: &'static str = \"timing_test.sqlite\";\n\n fn open() -> Self {\n let connection = rusqlite::Connection::open(Self::PATH).unwrap();\n connection\n .execute(\n \"create table if not exists bench (\n key integer primary key,\n val integer not null\n )\",\n [],\n )\n .unwrap();\n Sqlite { connection }\n }\n fn insert_generic(&self, key: &[u8], value: &[u8]) {\n loop {\n let res = self.connection.execute(\n \"insert or ignore into bench (key, val) values (?1, ?2)\",\n [\n format!(\"{}\", u32::from_be_bytes(key.try_into().unwrap())),\n format!(\n \"{}\",\n u32::from_be_bytes(value.try_into().unwrap())\n ),\n ],\n );\n if res.is_ok() {\n break;\n }\n }\n }\n fn get_generic(&self, key: &[u8]) -> Option {\n let mut stmt = self\n .connection\n .prepare(\"SELECT b.val from bench b WHERE key = ?1\")\n .unwrap();\n let mut rows =\n stmt.query([u32::from_be_bytes(key.try_into().unwrap())]).unwrap();\n\n let value = rows.next().unwrap()?;\n value.get(0).ok()\n }\n fn flush_generic(&self) {\n // NOOP\n }\n}\n*/\n\nfn allocated() -> usize {\n #[cfg(feature = \"testing-count-allocator\")]\n {\n return sled::alloc::allocated();\n }\n 0\n}\n\nfn freed() -> usize {\n #[cfg(feature = \"testing-count-allocator\")]\n {\n return sled::alloc::freed();\n }\n 0\n}\n\nfn resident() -> usize {\n #[cfg(feature = \"testing-count-allocator\")]\n {\n return sled::alloc::resident();\n }\n 0\n}\n\nfn inserts(store: &D) -> Vec {\n println!(\"{} inserts\", D::NAME);\n let mut i = 0_u32;\n\n let factory = move || {\n i += 1;\n (store.clone(), i - 1)\n };\n\n let f = |state: (D, u32)| {\n let (store, offset) = state;\n let start = N_WRITES_PER_THREAD * offset;\n let end = N_WRITES_PER_THREAD * (offset + 1);\n for i in start..end {\n let k: &[u8] = &i.to_be_bytes();\n store.insert_generic(k, k);\n }\n };\n\n let mut ret = vec![];\n\n for concurrency in CONCURRENCY {\n let insert_elapsed =\n execute_lockstep_concurrent(factory, f, *concurrency);\n\n let flush_timer = Instant::now();\n store.flush_generic();\n\n let wps = (N_WRITES_PER_THREAD * *concurrency as u32) as u64\n * 1_000_000_u64\n / u64::try_from(insert_elapsed.as_micros().max(1))\n .unwrap_or(u64::MAX);\n\n ret.push(InsertStats {\n thread_count: *concurrency,\n inserts_per_second: wps,\n });\n\n println!(\n \"{} inserts/s with {concurrency} threads over {:?}, then {:?} to flush {}\",\n wps.to_formatted_string(&Locale::en),\n insert_elapsed,\n flush_timer.elapsed(),\n D::NAME,\n );\n }\n\n ret\n}\n\nfn removes(store: &D) -> Vec {\n println!(\"{} removals\", D::NAME);\n let mut i = 0_u32;\n\n let factory = move || {\n i += 1;\n (store.clone(), i - 1)\n };\n\n let f = |state: (D, u32)| {\n let (store, offset) = state;\n let start = N_WRITES_PER_THREAD * offset;\n let end = N_WRITES_PER_THREAD * (offset + 1);\n for i in start..end {\n let k: &[u8] = &i.to_be_bytes();\n store.remove_generic(k);\n }\n };\n\n let mut ret = vec![];\n\n for concurrency in CONCURRENCY {\n let remove_elapsed =\n execute_lockstep_concurrent(factory, f, *concurrency);\n\n let flush_timer = Instant::now();\n store.flush_generic();\n\n let wps = (N_WRITES_PER_THREAD * *concurrency as u32) as u64\n * 1_000_000_u64\n / u64::try_from(remove_elapsed.as_micros().max(1))\n .unwrap_or(u64::MAX);\n\n ret.push(RemoveStats {\n thread_count: *concurrency,\n removes_per_second: wps,\n });\n\n println!(\n \"{} removes/s with {concurrency} threads over {:?}, then {:?} to flush {}\",\n wps.to_formatted_string(&Locale::en),\n remove_elapsed,\n flush_timer.elapsed(),\n D::NAME,\n );\n }\n\n ret\n}\n\nfn gets(store: &D) -> Vec {\n println!(\"{} reads\", D::NAME);\n\n let factory = || store.clone();\n\n let f = |store: D| {\n let start = 0;\n let end = N_WRITES_PER_THREAD * MAX_CONCURRENCY;\n for i in start..end {\n let k: &[u8] = &i.to_be_bytes();\n store.get_generic(k);\n }\n };\n\n let mut ret = vec![];\n\n for concurrency in CONCURRENCY {\n let get_stone_elapsed =\n execute_lockstep_concurrent(factory, f, *concurrency);\n\n let rps = (N_WRITES_PER_THREAD * MAX_CONCURRENCY * *concurrency as u32)\n as u64\n * 1_000_000_u64\n / u64::try_from(get_stone_elapsed.as_micros().max(1))\n .unwrap_or(u64::MAX);\n\n ret.push(GetStats { thread_count: *concurrency, gets_per_second: rps });\n\n println!(\n \"{} gets/s with concurrency of {concurrency}, {:?} total reads {}\",\n rps.to_formatted_string(&Locale::en),\n get_stone_elapsed,\n D::NAME\n );\n }\n ret\n}\n\nfn execute_lockstep_concurrent<\n State: Send,\n Factory: FnMut() -> State,\n F: Sync + Fn(State),\n>(\n mut factory: Factory,\n f: F,\n concurrency: usize,\n) -> Duration {\n let barrier = &Barrier::new(concurrency + 1);\n let f = &f;\n\n scope(|s| {\n let mut threads = vec![];\n\n for _ in 0..concurrency {\n let state = factory();\n\n let thread = s.spawn(move || {\n barrier.wait();\n f(state);\n });\n\n threads.push(thread);\n }\n\n barrier.wait();\n let get_stone = Instant::now();\n\n for thread in threads.into_iter() {\n thread.join().unwrap();\n }\n\n get_stone.elapsed()\n })\n}\n\n#[derive(Debug, Clone, Copy)]\nstruct InsertStats {\n thread_count: usize,\n inserts_per_second: u64,\n}\n\n#[derive(Debug, Clone, Copy)]\nstruct GetStats {\n thread_count: usize,\n gets_per_second: u64,\n}\n\n#[derive(Debug, Clone, Copy)]\nstruct RemoveStats {\n thread_count: usize,\n removes_per_second: u64,\n}\n\n#[allow(unused)]\n#[derive(Debug, Clone)]\nstruct Stats {\n post_insert_disk_space: u64,\n post_remove_disk_space: u64,\n allocated_memory: usize,\n freed_memory: usize,\n resident_memory: usize,\n insert_stats: Vec,\n get_stats: Vec,\n remove_stats: Vec,\n}\n\nimpl Stats {\n fn print_report(&self) {\n println!(\n \"bytes on disk after inserts: {}\",\n self.post_insert_disk_space.to_formatted_string(&Locale::en)\n );\n println!(\n \"bytes on disk after removes: {}\",\n self.post_remove_disk_space.to_formatted_string(&Locale::en)\n );\n println!(\n \"bytes in memory: {}\",\n self.resident_memory.to_formatted_string(&Locale::en)\n );\n for stats in &self.insert_stats {\n println!(\n \"{} threads {} inserts per second\",\n stats.thread_count,\n stats.inserts_per_second.to_formatted_string(&Locale::en)\n );\n }\n for stats in &self.get_stats {\n println!(\n \"{} threads {} gets per second\",\n stats.thread_count,\n stats.gets_per_second.to_formatted_string(&Locale::en)\n );\n }\n for stats in &self.remove_stats {\n println!(\n \"{} threads {} removes per second\",\n stats.thread_count,\n stats.removes_per_second.to_formatted_string(&Locale::en)\n );\n }\n }\n}\n\nfn bench() -> Stats {\n let store = D::open();\n\n let insert_stats = inserts(&store);\n\n let before_flush = Instant::now();\n store.flush_generic();\n println!(\"final flush took {:?} for {}\", before_flush.elapsed(), D::NAME);\n\n let post_insert_disk_space = du(D::PATH.as_ref()).unwrap();\n\n let get_stats = gets(&store);\n\n let remove_stats = removes(&store);\n\n store.print_stats();\n\n Stats {\n post_insert_disk_space,\n post_remove_disk_space: du(D::PATH.as_ref()).unwrap(),\n allocated_memory: allocated(),\n freed_memory: freed(),\n resident_memory: resident(),\n insert_stats,\n get_stats,\n remove_stats,\n }\n}\n\nfn du(path: &Path) -> io::Result {\n fn recurse(mut dir: fs::ReadDir) -> io::Result {\n dir.try_fold(0, |acc, file| {\n let file = file?;\n let size = match file.metadata()? {\n data if data.is_dir() => recurse(fs::read_dir(file.path())?)?,\n data => data.len(),\n };\n Ok(acc + size)\n })\n }\n\n recurse(fs::read_dir(path)?)\n}\n\nfn main() {\n let _ = env_logger::try_init();\n\n let new_stats = bench::();\n\n println!(\n \"raw data size: {}\",\n (MAX_CONCURRENCY * N_WRITES_PER_THREAD * BYTES_PER_ITEM)\n .to_formatted_string(&Locale::en)\n );\n println!(\"sled 1.0 space stats:\");\n new_stats.print_report();\n\n /*\n let old_stats = bench::();\n dbg!(old_stats);\n\n let new_sled_vs_old_sled_storage_ratio =\n new_stats.disk_space as f64 / old_stats.disk_space as f64;\n let new_sled_vs_old_sled_allocated_memory_ratio =\n new_stats.allocated_memory as f64 / old_stats.allocated_memory as f64;\n let new_sled_vs_old_sled_freed_memory_ratio =\n new_stats.freed_memory as f64 / old_stats.freed_memory as f64;\n let new_sled_vs_old_sled_resident_memory_ratio =\n new_stats.resident_memory as f64 / old_stats.resident_memory as f64;\n\n dbg!(new_sled_vs_old_sled_storage_ratio);\n dbg!(new_sled_vs_old_sled_allocated_memory_ratio);\n dbg!(new_sled_vs_old_sled_freed_memory_ratio);\n dbg!(new_sled_vs_old_sled_resident_memory_ratio);\n\n let rocksdb_stats = bench::>();\n\n bench::();\n\n bench::();\n */\n\n /*\n let new_sled_vs_rocksdb_storage_ratio =\n new_stats.disk_space as f64 / rocksdb_stats.disk_space as f64;\n let new_sled_vs_rocksdb_allocated_memory_ratio =\n new_stats.allocated_memory as f64 / rocksdb_stats.allocated_memory as f64;\n let new_sled_vs_rocksdb_freed_memory_ratio =\n new_stats.freed_memory as f64 / rocksdb_stats.freed_memory as f64;\n let new_sled_vs_rocksdb_resident_memory_ratio =\n new_stats.resident_memory as f64 / rocksdb_stats.resident_memory as f64;\n\n dbg!(new_sled_vs_rocksdb_storage_ratio);\n dbg!(new_sled_vs_rocksdb_allocated_memory_ratio);\n dbg!(new_sled_vs_rocksdb_freed_memory_ratio);\n dbg!(new_sled_vs_rocksdb_resident_memory_ratio);\n */\n\n /*\n let scan = Instant::now();\n let count = stone.iter().count();\n assert_eq!(count as u64, N_WRITES_PER_THREAD);\n let scan_elapsed = scan.elapsed();\n println!(\n \"{} scanned items/s, total {:?}\",\n (N_WRITES_PER_THREAD * 1_000_000) / u64::try_from(scan_elapsed.as_micros().max(1)).unwrap_or(u64::MAX),\n scan_elapsed\n );\n */\n\n /*\n let scan_rev = Instant::now();\n let count = stone.range(..).rev().count();\n assert_eq!(count as u64, N_WRITES_PER_THREAD);\n let scan_rev_elapsed = scan_rev.elapsed();\n println!(\n \"{} reverse-scanned items/s, total {:?}\",\n (N_WRITES_PER_THREAD * 1_000_000) / u64::try_from(scan_rev_elapsed.as_micros().max(1)).unwrap_or(u64::MAX),\n scan_rev_elapsed\n );\n */\n}\n"
},
{
"path": "fuzz/.gitignore",
"content": "target\ncorpus\nartifacts\n"
},
{
"path": "fuzz/Cargo.toml",
"content": "[package]\nname = \"bloodstone-fuzz\"\nversion = \"0.0.0\"\nauthors = [\"Automatically generated\"]\npublish = false\nedition = \"2018\"\n\n[package.metadata]\ncargo-fuzz = true\n\n[dependencies.libfuzzer-sys]\nversion = \"0.4.0\"\nfeatures = [\"arbitrary-derive\"]\n\n[dependencies]\narbitrary = { version = \"1.0.3\", features = [\"derive\"] }\ntempfile = \"3.5.0\"\n\n[dependencies.sled]\npath = \"..\"\nfeatures = []\n\n# Prevent this from interfering with workspaces\n[workspace]\nmembers = [\".\"]\n\n[[bin]]\nname = \"fuzz_model\"\npath = \"fuzz_targets/fuzz_model.rs\"\ntest = false\ndoc = false\n"
},
{
"path": "fuzz/fuzz_targets/fuzz_model.rs",
"content": "#![no_main]\n#[macro_use]\nextern crate libfuzzer_sys;\nextern crate arbitrary;\nextern crate sled;\n\nuse arbitrary::Arbitrary;\n\nuse sled::{Config, Db as SledDb, InlineArray};\n\ntype Db = SledDb<3>;\n\nconst KEYSPACE: u64 = 128;\n\n#[derive(Debug)]\nenum Op {\n Get { key: InlineArray },\n Insert { key: InlineArray, value: InlineArray },\n Reboot,\n Remove { key: InlineArray },\n Cas { key: InlineArray, old: Option, new: Option },\n Range { start: InlineArray, end: InlineArray },\n}\n\nfn keygen(\n u: &mut arbitrary::Unstructured<'_>,\n) -> arbitrary::Result {\n let key_i: u64 = u.int_in_range(0..=KEYSPACE)?;\n Ok(key_i.to_be_bytes().as_ref().into())\n}\n\nimpl<'a> Arbitrary<'a> for Op {\n fn arbitrary(\n u: &mut arbitrary::Unstructured<'a>,\n ) -> arbitrary::Result {\n Ok(if u.ratio(1, 2)? {\n Op::Insert { key: keygen(u)?, value: keygen(u)? }\n } else if u.ratio(1, 2)? {\n Op::Get { key: keygen(u)? }\n } else if u.ratio(1, 2)? {\n Op::Reboot\n } else if u.ratio(1, 2)? {\n Op::Remove { key: keygen(u)? }\n } else if u.ratio(1, 2)? {\n Op::Cas {\n key: keygen(u)?,\n old: if u.ratio(1, 2)? { Some(keygen(u)?) } else { None },\n new: if u.ratio(1, 2)? { Some(keygen(u)?) } else { None },\n }\n } else {\n let start = u.int_in_range(0..=KEYSPACE)?;\n let end = (start + 1).max(u.int_in_range(0..=KEYSPACE)?);\n\n Op::Range {\n start: start.to_be_bytes().as_ref().into(),\n end: end.to_be_bytes().as_ref().into(),\n }\n })\n }\n}\n\nfuzz_target!(|ops: Vec| {\n let tmp_dir = tempfile::TempDir::new().unwrap();\n let tmp_path = tmp_dir.path().to_owned();\n let config = Config::new().path(tmp_path);\n\n let mut tree: Db = config.open().unwrap();\n let mut model = std::collections::BTreeMap::new();\n\n for (_i, op) in ops.into_iter().enumerate() {\n match op {\n Op::Insert { key, value } => {\n assert_eq!(\n tree.insert(key.clone(), value.clone()).unwrap(),\n model.insert(key, value)\n );\n }\n Op::Get { key } => {\n assert_eq!(tree.get(&key).unwrap(), model.get(&key).cloned());\n }\n Op::Reboot => {\n drop(tree);\n tree = config.open().unwrap();\n }\n Op::Remove { key } => {\n assert_eq!(tree.remove(&key).unwrap(), model.remove(&key));\n }\n Op::Range { start, end } => {\n let mut model_iter =\n model.range::(&start..&end);\n let mut tree_iter = tree.range(start..end);\n\n for (k1, v1) in &mut model_iter {\n let (k2, v2) = tree_iter\n .next()\n .expect(\"None returned from iter when Some expected\")\n .expect(\"IO issue encountered\");\n assert_eq!((k1, v1), (&k2, &v2));\n }\n\n assert!(tree_iter.next().is_none());\n }\n Op::Cas { key, old, new } => {\n let succ = if old == model.get(&key).cloned() {\n if let Some(n) = &new {\n model.insert(key.clone(), n.clone());\n } else {\n model.remove(&key);\n }\n true\n } else {\n false\n };\n\n let res = tree\n .compare_and_swap(key, old.as_ref(), new)\n .expect(\"hit IO error\");\n\n if succ {\n assert!(res.is_ok());\n } else {\n assert!(res.is_err());\n }\n }\n };\n\n for (key, value) in &model {\n assert_eq!(tree.get(key).unwrap().unwrap(), value);\n }\n\n for kv_res in &tree {\n let (key, value) = kv_res.unwrap();\n assert_eq!(model.get(&key), Some(&value));\n }\n }\n\n let mut model_iter = model.iter();\n let mut tree_iter = tree.iter();\n\n for (k1, v1) in &mut model_iter {\n let (k2, v2) = tree_iter.next().unwrap().unwrap();\n assert_eq!((k1, v1), (&k2, &v2));\n }\n\n assert!(tree_iter.next().is_none());\n});\n"
},
{
"path": "scripts/cgtest.sh",
"content": "#!/bin/sh\nset -e\n\ncgdelete memory:sledTest || true\ncgcreate -g memory:sledTest\necho 100M > /sys/fs/cgroup/memory/sledTest/memory.limit_in_bytes\n\nsu $SUDO_USER -c 'cargo build --release --features=testing'\n\nfor test in target/release/deps/test*; do\n if [[ -x $test ]]\n then\n echo running test: $test\n cgexec -g memory:sledTest $test --test-threads=1\n rm $test\n fi\ndone\n"
},
{
"path": "scripts/cross_compile.sh",
"content": "#!/bin/sh\nset -e\n\n# checks sled's compatibility using several targets\n\ntargets=\"wasm32-wasi wasm32-unknown-unknown aarch64-fuchsia aarch64-linux-android \\\n i686-linux-android i686-unknown-linux-gnu \\\n x86_64-linux-android x86_64-fuchsia \\\n mips-unknown-linux-musl aarch64-apple-ios\"\n\nrustup update --no-self-update\n\nRUSTFLAGS=\"--cfg miri\" cargo check\n\nrustup toolchain install 1.62 --no-self-update\ncargo clean\nrm Cargo.lock\ncargo +1.62 check\n\nfor target in $targets; do\n echo \"setting up $target...\"\n rustup target add $target\n echo \"checking $target...\"\n cargo check --target $target\ndone\n\n"
},
{
"path": "scripts/execution_explorer.py",
"content": "#!/usr/bin/gdb --command\n\n\"\"\"\na simple python GDB script for running multithreaded\nprograms in a way that is \"deterministic enough\"\nto tease out and replay interesting bugs.\n\nTyler Neely 25 Sept 2017\nt@jujit.su\n\nreferences:\n https://sourceware.org/gdb/onlinedocs/gdb/All_002dStop-Mode.html\n https://sourceware.org/gdb/onlinedocs/gdb/Non_002dStop-Mode.html\n https://sourceware.org/gdb/onlinedocs/gdb/Threads-In-Python.html\n https://sourceware.org/gdb/onlinedocs/gdb/Events-In-Python.html\n https://blog.0x972.info/index.php?tag=gdb.py\n\"\"\"\n\nimport gdb\nimport random\n\n###############################################################################\n# config #\n###############################################################################\n# set this to a number for reproducing results or None to explore randomly\nseed = 156112673742 # None # 951931004895\n\n# set this to the number of valid threads in the program\n# {2, 3} assumes a main thread that waits on 2 workers.\n# {1, ... N} assumes all of the first N threads are to be explored\nthreads_whitelist = {2, 3}\n\n# set this to the file of the binary to explore\nfilename = \"target/debug/binary\"\n\n# set this to the place the threads should rendezvous before exploring\nentrypoint = \"src/main.rs:8\"\n\n# set this to after the threads are done\nexitpoint = \"src/main.rs:12\"\n\n# invariant unreachable points that should never be accessed\nunreachable = [\n \"panic_unwind::imp::panic\"\n ]\n\n# set this to the locations you want to test interleavings for\ninteresting = [\n \"src/main.rs:8\",\n \"src/main.rs:9\"\n ]\n\n# uncomment this to output the specific commands issued to gdb\ngdb.execute(\"set trace-commands on\")\n\n###############################################################################\n###############################################################################\n\n\nclass UnreachableBreakpoint(gdb.Breakpoint):\n pass\n\n\nclass DoneBreakpoint(gdb.Breakpoint):\n pass\n\n\nclass InterestingBreakpoint(gdb.Breakpoint):\n pass\n\n\nclass DeterministicExecutor:\n def __init__(self, seed=None):\n if seed:\n print(\"seeding with\", seed)\n self.seed = seed\n random.seed(seed)\n else:\n # pick a random new seed if not provided with one\n self.reseed()\n\n gdb.execute(\"file \" + filename)\n\n # non-stop is necessary to provide thread-specific\n # information when breakpoints are hit.\n gdb.execute(\"set non-stop on\")\n gdb.execute(\"set confirm off\")\n\n self.ready = set()\n self.finished = set()\n\n def reseed(self):\n random.seed()\n self.seed = random.randrange(1e12)\n print(\"reseeding with\", self.seed)\n random.seed(self.seed)\n\n def restart(self):\n # reset inner state\n self.ready = set()\n self.finished = set()\n\n # disconnect callbacks\n gdb.events.stop.disconnect(self.scheduler_callback)\n gdb.events.exited.disconnect(self.exit_callback)\n\n # nuke all breakpoints\n gdb.execute(\"d\")\n\n # end execution\n gdb.execute(\"k\")\n\n # pick new seed\n self.reseed()\n\n self.run()\n\n def rendezvous_callback(self, event):\n try:\n self.ready.add(event.inferior_thread.num)\n if len(self.ready) == len(threads_whitelist):\n self.run_schedule()\n except Exception as e:\n # this will be thrown if breakpoint is not a part of event,\n # like when the event was stopped for another reason.\n print(e)\n\n def run(self):\n gdb.execute(\"b \" + entrypoint)\n\n gdb.events.stop.connect(self.rendezvous_callback)\n gdb.events.exited.connect(self.exit_callback)\n\n gdb.execute(\"r\")\n\n def run_schedule(self):\n print(\"running schedule\")\n gdb.execute(\"d\")\n gdb.events.stop.disconnect(self.rendezvous_callback)\n gdb.events.stop.connect(self.scheduler_callback)\n\n for bp in interesting:\n InterestingBreakpoint(bp)\n\n for bp in unreachable:\n UnreachableBreakpoint(bp)\n\n DoneBreakpoint(exitpoint)\n\n self.pick()\n\n def pick(self):\n threads = self.runnable_threads()\n if not threads:\n print(\"restarting execution after running out of valid threads\")\n self.restart()\n return\n\n thread = random.choice(threads)\n\n gdb.execute(\"t \" + str(thread.num))\n gdb.execute(\"c\")\n\n def scheduler_callback(self, event):\n if not isinstance(event, gdb.BreakpointEvent):\n print(\"WTF sched callback got\", event.__dict__)\n return\n\n if isinstance(event.breakpoint, DoneBreakpoint):\n self.finished.add(event.inferior_thread.num)\n elif isinstance(event.breakpoint, UnreachableBreakpoint):\n print(\"!\" * 80)\n print(\"unreachable breakpoint triggered with seed\", self.seed)\n print(\"!\" * 80)\n gdb.events.exited.disconnect(self.exit_callback)\n gdb.execute(\"q\")\n else:\n print(\"thread\", event.inferior_thread.num,\n \"hit breakpoint at\", event.breakpoint.location)\n\n self.pick()\n\n def runnable_threads(self):\n threads = gdb.selected_inferior().threads()\n\n def f(it):\n return (it.is_valid() and not\n it.is_exited() and\n it.num in threads_whitelist and\n it.num not in self.finished)\n\n good_threads = [it for it in threads if f(it)]\n good_threads.sort(key=lambda it: it.num)\n\n return good_threads\n\n def exit_callback(self, event):\n try:\n if event.exit_code != 0:\n print(\"!\" * 80)\n print(\"interesting exit with seed\", self.seed)\n print(\"!\" * 80)\n else:\n print(\"happy exit\")\n self.restart()\n\n gdb.execute(\"q\")\n except Exception as e:\n pass\n\nde = DeterministicExecutor(seed)\nde.run()\n"
},
{
"path": "scripts/instructions",
"content": "#!/bin/sh\n# counts instructions for a standard workload\nset -e\n\nOUTFILE=\"cachegrind.stress2.`git describe --always --dirty`-`date +%s`\"\n\nrm -rf default.sled || true\n\ncargo build \\\n --bin=stress2 \\\n --release\n\n\n# --tool=callgrind --dump-instr=yes --collect-jumps=yes --simulate-cache=yes \\\n# --callgrind-out-file=\"$OUTFILE\" \\\n\nvalgrind \\\n --tool=cachegrind \\\n --cachegrind-out-file=\"$OUTFILE\" \\\n ./target/release/stress2 --total-ops=50000 --set-prop=1000000000000 --threads=1\n\nLAST=`ls -t cachegrind.stress2.* | sed -n 2p`\n\necho \"comparing $LAST with new $OUTFILE\"\n\necho \"--------------------------------------------------------------------------------\"\necho \"change since last run:\"\necho \" Ir I1mr ILmr Dr D1mr DLmr Dw D1mw DLmw\"\necho \"--------------------------------------------------------------------------------\"\ncg_diff $LAST $OUTFILE | tail -1\n"
},
{
"path": "scripts/sanitizers.sh",
"content": "#!/bin/bash\nset -eo pipefail\n\npushd benchmarks/stress2\n\nrustup toolchain install nightly\nrustup toolchain install nightly --component rust-src\nrustup update\n\nexport SLED_LOCK_FREE_DELAY_INTENSITY=2000\n\necho \"msan\"\ncargo clean\nexport RUSTFLAGS=\"-Zsanitizer=memory -Zsanitizer-memory-track-origins\"\ncargo +nightly build -Zbuild-std --target x86_64-unknown-linux-gnu\nsudo rm -rf default.sled\nsudo target/x86_64-unknown-linux-gnu/debug/stress2 --duration=30 --set-prop=100000000 --val-len=1000 --entries=100 --threads=100\nsudo target/x86_64-unknown-linux-gnu/debug/stress2 --duration=30 --entries=100\nsudo target/x86_64-unknown-linux-gnu/debug/stress2 --duration=30\nunset MSAN_OPTIONS\n\necho \"asan\"\ncargo clean\nexport RUSTFLAGS=\"-Z sanitizer=address\"\nexport ASAN_OPTIONS=\"detect_odr_violation=0\"\ncargo +nightly build --features=lock_free_delays --target x86_64-unknown-linux-gnu\nsudo rm -rf default.sled\nsudo target/x86_64-unknown-linux-gnu/debug/stress2 --duration=60\nsudo target/x86_64-unknown-linux-gnu/debug/stress2 --duration=6\nunset ASAN_OPTIONS\n\necho \"lsan\"\ncargo clean\nexport RUSTFLAGS=\"-Z sanitizer=leak\"\ncargo +nightly build --features=lock_free_delays --target x86_64-unknown-linux-gnu\nsudo rm -rf default.sled\nsudo target/x86_64-unknown-linux-gnu/debug/stress2 --duration=60\nsudo target/x86_64-unknown-linux-gnu/debug/stress2 --duration=6\n\necho \"tsan\"\ncargo clean\nexport RUSTFLAGS=\"-Z sanitizer=thread\"\nexport TSAN_OPTIONS=suppressions=../../tsan_suppressions.txt\nsudo rm -rf default.sled\ncargo +nightly run --features=lock_free_delays --target x86_64-unknown-linux-gnu -- --duration=60\ncargo +nightly run --features=lock_free_delays --target x86_64-unknown-linux-gnu -- --duration=6\nunset RUSTFLAGS\nunset TSAN_OPTIONS\n"
},
{
"path": "scripts/shufnice.sh",
"content": "#!/bin/sh\n\nwhile true; do\n PID=`pgrep $1`\n TIDS=`ls /proc/$PID/task`\n TID=`echo $TIDS | tr \" \" \"\\n\" | shuf -n1`\n NICE=$((`shuf -i 0-39 -n 1` - 20))\n echo \"renicing $TID to $NICE\"\n renice -n $NICE -p $TID\ndone\n"
},
{
"path": "scripts/ubuntu_bench",
"content": "#!/bin/sh\n\nsudo apt-get update\nsudo apt-get install htop dstat build-essential linux-tools-common linux-tools-generic linux-tools-`uname -r`\ncurl https://sh.rustup.rs -sSf | sh\nsource $HOME/.cargo/env\n\ncargo install flamegraph\n\ngit clone https://github.com/spacejam/sled.git\ncd sled\n\ncores=$(grep -c ^processor /proc/cpuinfo)\nwriters=(($cores / 5 + 1 ))\nreaders=$(( ($cores / 5 + 1) * 4 ))\n\ncargo build --release --bin=stress2 --features=stress\n\n# we use sudo here to get access to symbols\npushd benchmarks/stress2\ncargo flamegraph --release -- --get=$readers --set=$writers\n"
},
{
"path": "src/alloc.rs",
"content": "#[cfg(any(\n feature = \"testing-shred-allocator\",\n feature = \"testing-count-allocator\"\n))]\npub use alloc::*;\n\n// the memshred feature causes all allocated and deallocated\n// memory to be set to a specific non-zero value of 0xa1 for\n// uninitialized allocations and 0xde for deallocated memory,\n// in the hope that it will cause memory errors to surface\n// more quickly.\n\n#[cfg(feature = \"testing-shred-allocator\")]\nmod alloc {\n use std::alloc::{Layout, System};\n\n #[global_allocator]\n static ALLOCATOR: ShredAllocator = ShredAllocator;\n\n #[derive(Default, Debug, Clone, Copy)]\n struct ShredAllocator;\n\n unsafe impl std::alloc::GlobalAlloc for ShredAllocator {\n unsafe fn alloc(&self, layout: Layout) -> *mut u8 {\n let ret = System.alloc(layout);\n assert_ne!(ret, std::ptr::null_mut());\n std::ptr::write_bytes(ret, 0xa1, layout.size());\n ret\n }\n\n unsafe fn dealloc(&self, ptr: *mut u8, layout: Layout) {\n std::ptr::write_bytes(ptr, 0xde, layout.size());\n System.dealloc(ptr, layout)\n }\n }\n}\n\n#[cfg(feature = \"testing-count-allocator\")]\nmod alloc {\n use std::alloc::{Layout, System};\n\n #[global_allocator]\n static ALLOCATOR: CountingAllocator = CountingAllocator;\n\n static ALLOCATED: AtomicUsize = AtomicUsize::new(0);\n static FREED: AtomicUsize = AtomicUsize::new(0);\n static RESIDENT: AtomicUsize = AtomicUsize::new(0);\n\n fn allocated() -> usize {\n ALLOCATED.swap(0, Ordering::Relaxed)\n }\n\n fn freed() -> usize {\n FREED.swap(0, Ordering::Relaxed)\n }\n\n fn resident() -> usize {\n RESIDENT.load(Ordering::Relaxed)\n }\n\n #[derive(Default, Debug, Clone, Copy)]\n struct CountingAllocator;\n\n unsafe impl std::alloc::GlobalAlloc for CountingAllocator {\n unsafe fn alloc(&self, layout: Layout) -> *mut u8 {\n let ret = System.alloc(layout);\n assert_ne!(ret, std::ptr::null_mut());\n ALLOCATED.fetch_add(layout.size(), Ordering::Relaxed);\n RESIDENT.fetch_add(layout.size(), Ordering::Relaxed);\n std::ptr::write_bytes(ret, 0xa1, layout.size());\n ret\n }\n\n unsafe fn dealloc(&self, ptr: *mut u8, layout: Layout) {\n std::ptr::write_bytes(ptr, 0xde, layout.size());\n FREED.fetch_add(layout.size(), Ordering::Relaxed);\n RESIDENT.fetch_sub(layout.size(), Ordering::Relaxed);\n System.dealloc(ptr, layout)\n }\n }\n}\n"
},
{
"path": "src/block_checker.rs",
"content": "use std::collections::BTreeMap;\nuse std::panic::Location;\nuse std::sync::atomic::{AtomicU64, Ordering};\nuse std::sync::{LazyLock, Mutex};\n\nstatic COUNTER: AtomicU64 = AtomicU64::new(0);\nstatic CHECK_INS: LazyLock = LazyLock::new(|| {\n std::thread::spawn(move || {\n let mut last_top_10 = Default::default();\n loop {\n std::thread::sleep(std::time::Duration::from_secs(5));\n last_top_10 = CHECK_INS.report(last_top_10);\n }\n });\n\n BlockChecker::default()\n});\n\ntype LocationMap = BTreeMap>;\n\n#[derive(Default)]\npub(crate) struct BlockChecker {\n state: Mutex,\n}\n\nimpl BlockChecker {\n fn report(&self, last_top_10: LocationMap) -> LocationMap {\n let state = self.state.lock().unwrap();\n println!(\"top 10 longest blocking sections:\");\n\n let top_10: LocationMap =\n state.iter().take(10).map(|(k, v)| (*k, *v)).collect();\n\n for (id, location) in &top_10 {\n if last_top_10.contains_key(id) {\n println!(\"id: {}, location: {:?}\", id, location);\n }\n }\n\n top_10\n }\n\n fn check_in(&self, location: &'static Location) -> BlockGuard {\n let next_id = COUNTER.fetch_add(1, Ordering::Relaxed);\n let mut state = self.state.lock().unwrap();\n state.insert(next_id, location);\n BlockGuard { id: next_id }\n }\n\n fn check_out(&self, id: u64) {\n let mut state = self.state.lock().unwrap();\n state.remove(&id);\n }\n}\n\npub(crate) struct BlockGuard {\n id: u64,\n}\n\nimpl Drop for BlockGuard {\n fn drop(&mut self) {\n CHECK_INS.check_out(self.id)\n }\n}\n\n#[track_caller]\npub(crate) fn track_blocks() -> BlockGuard {\n let caller = Location::caller();\n CHECK_INS.check_in(caller)\n}\n"
},
{
"path": "src/config.rs",
"content": "use std::io;\nuse std::path::{Path, PathBuf};\nuse std::sync::Arc;\n\nuse fault_injection::{annotate, fallible};\nuse tempdir::TempDir;\n\nuse crate::Db;\n\nmacro_rules! builder {\n ($(($name:ident, $t:ty, $desc:expr)),*) => {\n $(\n #[doc=$desc]\n pub fn $name(mut self, to: $t) -> Self {\n self.$name = to;\n self\n }\n )*\n }\n}\n\n#[derive(Debug, Clone)]\npub struct Config {\n /// The base directory for storing the database.\n pub path: PathBuf,\n /// Cache size in **bytes**. Default is 512mb.\n pub cache_capacity_bytes: usize,\n /// The percentage of the cache that is dedicated to the\n /// scan-resistant entry cache.\n pub entry_cache_percent: u8,\n /// Start a background thread that flushes data to disk\n /// every few milliseconds. Defaults to every 200ms.\n pub flush_every_ms: Option,\n /// The zstd compression level to use when writing data to disk. Defaults to 3.\n pub zstd_compression_level: i32,\n /// This is only set to `Some` for objects created via\n /// `Config::tmp`, and will remove the storage directory\n /// when the final Arc drops.\n pub tempdir_deleter: Option>,\n /// A float between 0.0 and 1.0 that controls how much fragmentation can\n /// exist in a file before GC attempts to recompact it.\n pub target_heap_file_fill_ratio: f32,\n /// Values larger than this configurable will be stored as separate blob\n pub max_inline_value_threshold: usize,\n}\n\nimpl Default for Config {\n fn default() -> Config {\n Config {\n path: \"bloodstone.default\".into(),\n flush_every_ms: Some(200),\n cache_capacity_bytes: 512 * 1024 * 1024,\n entry_cache_percent: 20,\n zstd_compression_level: 3,\n tempdir_deleter: None,\n target_heap_file_fill_ratio: 0.9,\n max_inline_value_threshold: 4096,\n }\n }\n}\n\nimpl Config {\n /// Returns a default `Config`\n pub fn new() -> Config {\n Config::default()\n }\n\n /// Returns a config with the `path` initialized to a system\n /// temporary directory that will be deleted when this `Config`\n /// is dropped.\n pub fn tmp() -> io::Result {\n let tempdir = fallible!(tempdir::TempDir::new(\"sled_tmp\"));\n\n Ok(Config {\n path: tempdir.path().into(),\n tempdir_deleter: Some(Arc::new(tempdir)),\n ..Config::default()\n })\n }\n\n /// Set the path of the database (builder).\n pub fn path>(mut self, path: P) -> Config {\n self.path = path.as_ref().to_path_buf();\n self\n }\n\n builder!(\n (flush_every_ms, Option, \"Start a background thread that flushes data to disk every few milliseconds. Defaults to every 200ms.\"),\n (cache_capacity_bytes, usize, \"Cache size in **bytes**. Default is 512mb.\"),\n (entry_cache_percent, u8, \"The percentage of the cache that is dedicated to the scan-resistant entry cache.\"),\n (zstd_compression_level, i32, \"The zstd compression level to use when writing data to disk. Defaults to 3.\"),\n (target_heap_file_fill_ratio, f32, \"A float between 0.0 and 1.0 that controls how much fragmentation can exist in a file before GC attempts to recompact it.\"),\n (max_inline_value_threshold, usize, \"Values larger than this configurable will be stored as separate blob\")\n );\n\n pub fn open(\n &self,\n ) -> io::Result> {\n if LEAF_FANOUT < 3 {\n return Err(annotate!(io::Error::new(\n io::ErrorKind::Unsupported,\n \"Db's LEAF_FANOUT const generic must be 3 or greater.\"\n )));\n }\n Db::open_with_config(self)\n }\n}\n"
},
{
"path": "src/db.rs",
"content": "use std::collections::HashMap;\nuse std::fmt;\nuse std::io;\nuse std::sync::{Arc, mpsc};\nuse std::time::{Duration, Instant};\n\nuse parking_lot::Mutex;\n\nuse crate::*;\n\n/// sled 1.0 alpha :)\n///\n/// One of the main differences between this and sled 0.34 is that\n/// `Db` and `Tree` now have a `LEAF_FANOUT` const generic parameter.\n/// This parameter is an interesting single-knob performance tunable\n/// that allows users to traverse the performance-vs-efficiency\n/// trade-off spectrum. The default value of `1024` causes keys and\n/// values to be more efficiently compressed when stored on disk,\n/// but for larger-than-memory random workloads it may be advantageous\n/// to lower `LEAF_FANOUT` to between `16` to `256`, depending on your\n/// efficiency requirements. A lower value will also cause contention\n/// to be reduced for frequently accessed data. This value cannot be\n/// changed after creating the database.\n///\n/// As an alpha release, please do not expect this to be safe for\n/// business-critical use cases. However, if you would like this to\n/// serve your business-critical use cases over time, please give it\n/// a shot in a low-risk non-production environment and report any\n/// issues you encounter in a github issue.\n///\n/// Note that `Db` implements `Deref` for the default `Tree` (sled's\n/// version of namespaces / keyspaces / buckets), but you can create\n/// and use others using `Db::open_tree`.\n#[derive(Clone)]\npub struct Db {\n config: Config,\n _shutdown_dropper: Arc>,\n cache: ObjectCache,\n trees: Arc>>>,\n collection_id_allocator: Arc,\n collection_name_mapping: Tree,\n default_tree: Tree,\n was_recovered: bool,\n}\n\nimpl std::ops::Deref for Db {\n type Target = Tree;\n fn deref(&self) -> &Tree {\n &self.default_tree\n }\n}\n\nimpl IntoIterator for &Db {\n type Item = io::Result<(InlineArray, InlineArray)>;\n type IntoIter = crate::Iter;\n\n fn into_iter(self) -> Self::IntoIter {\n self.iter()\n }\n}\n\nimpl fmt::Debug for Db {\n fn fmt(&self, w: &mut fmt::Formatter<'_>) -> fmt::Result {\n let alternate = w.alternate();\n\n let mut debug_struct = w.debug_struct(&format!(\"Db<{}>\", LEAF_FANOUT));\n\n if alternate {\n debug_struct\n .field(\"global_error\", &self.check_error())\n .field(\n \"data\",\n &format!(\"{:?}\", self.iter().collect::>()),\n )\n .finish()\n } else {\n debug_struct.field(\"global_error\", &self.check_error()).finish()\n }\n }\n}\n\nfn flusher(\n cache: ObjectCache,\n shutdown_signal: mpsc::Receiver>,\n flush_every_ms: usize,\n) {\n let interval = Duration::from_millis(flush_every_ms as _);\n let mut last_flush_duration = Duration::default();\n\n let flush = || {\n let flush_res_res = std::panic::catch_unwind(|| cache.flush());\n match flush_res_res {\n Ok(Ok(_)) => {\n // don't abort.\n return;\n }\n Ok(Err(flush_failure)) => {\n log::error!(\n \"Db flusher encountered error while flushing: {:?}\",\n flush_failure\n );\n cache.set_error(&flush_failure);\n }\n Err(panicked) => {\n log::error!(\n \"Db flusher panicked while flushing: {:?}\",\n panicked\n );\n cache.set_error(&io::Error::other(\n \"Db flusher panicked while flushing\".to_string(),\n ));\n }\n }\n std::process::abort();\n };\n\n loop {\n let recv_timeout = interval\n .saturating_sub(last_flush_duration)\n .max(Duration::from_millis(1));\n if let Ok(shutdown_sender) = shutdown_signal.recv_timeout(recv_timeout)\n {\n flush();\n\n // this is probably unnecessary but it will avoid issues\n // if egregious bugs get introduced that trigger it\n cache.set_error(&io::Error::other(\n \"system has been shut down\".to_string(),\n ));\n\n assert!(cache.is_clean());\n\n drop(cache);\n\n if let Err(e) = shutdown_sender.send(()) {\n log::error!(\n \"Db flusher could not ack shutdown to requestor: {e:?}\"\n );\n }\n log::debug!(\n \"flush thread terminating after signalling to requestor\"\n );\n return;\n }\n\n let before_flush = Instant::now();\n\n flush();\n\n last_flush_duration = before_flush.elapsed();\n }\n}\n\nimpl Drop for Db {\n fn drop(&mut self) {\n if self.config.flush_every_ms.is_none() {\n if let Err(e) = self.flush() {\n log::error!(\"failed to flush Db on Drop: {e:?}\");\n }\n } else {\n // otherwise, it is expected that the flusher thread will\n // flush while shutting down the final Db/Tree instance\n }\n }\n}\n\nimpl Db {\n #[cfg(feature = \"for-internal-testing-only\")]\n fn validate(&self) -> io::Result<()> {\n // for each tree, iterate over index, read node and assert low key matches\n // and assert first time we've ever seen node ID\n\n let mut ever_seen = std::collections::HashSet::new();\n let before = std::time::Instant::now();\n\n #[cfg(feature = \"for-internal-testing-only\")]\n let _b0 = crate::block_checker::track_blocks();\n\n for (_cid, tree) in self.trees.lock().iter() {\n let mut hi_none_count = 0;\n let mut last_hi = None;\n for (low, node) in tree.index.iter() {\n // ensure we haven't reused the object_id across Trees\n assert!(ever_seen.insert(node.object_id));\n\n let (read_low, node_mu, read_node) =\n tree.page_in(&low, self.cache.current_flush_epoch())?;\n\n assert_eq!(read_node.object_id, node.object_id);\n assert_eq!(node_mu.leaf.as_ref().unwrap().lo, low);\n assert_eq!(read_low, low);\n\n if let Some(hi) = &last_hi {\n assert_eq!(hi, &node_mu.leaf.as_ref().unwrap().lo);\n }\n\n if let Some(hi) = &node_mu.leaf.as_ref().unwrap().hi {\n last_hi = Some(hi.clone());\n } else {\n assert_eq!(hi_none_count, 0);\n hi_none_count += 1;\n }\n }\n // each tree should have exactly one leaf with no max hi key\n assert_eq!(hi_none_count, 1);\n }\n\n log::debug!(\n \"{} leaves looking good after {} micros\",\n ever_seen.len(),\n before.elapsed().as_micros()\n );\n\n Ok(())\n }\n\n pub fn stats(&self) -> Stats {\n Stats { cache: self.cache.stats() }\n }\n\n pub fn size_on_disk(&self) -> io::Result {\n use std::fs::read_dir;\n\n fn recurse(mut dir: std::fs::ReadDir) -> io::Result {\n dir.try_fold(0, |acc, file| {\n let file = file?;\n let size = match file.metadata()? {\n data if data.is_dir() => recurse(read_dir(file.path())?)?,\n data => data.len(),\n };\n Ok(acc + size)\n })\n }\n\n recurse(read_dir(&self.cache.config.path)?)\n }\n\n /// Returns `true` if the database was\n /// recovered from a previous process.\n /// Note that database state is only\n /// guaranteed to be present up to the\n /// last call to `flush`! Otherwise state\n /// is synced to disk periodically if the\n /// `Config.sync_every_ms` configuration option\n /// is set to `Some(number_of_ms_between_syncs)`\n /// or if the IO buffer gets filled to\n /// capacity before being rotated.\n pub fn was_recovered(&self) -> bool {\n self.was_recovered\n }\n\n pub fn open_with_config(config: &Config) -> io::Result> {\n let (shutdown_tx, shutdown_rx) = mpsc::channel();\n\n let (cache, indices, was_recovered) = ObjectCache::recover(config)?;\n\n let _shutdown_dropper = Arc::new(ShutdownDropper {\n shutdown_sender: Mutex::new(shutdown_tx),\n cache: Mutex::new(cache.clone()),\n });\n\n let mut allocated_collection_ids = fnv::FnvHashSet::default();\n\n let mut trees: HashMap> = indices\n .into_iter()\n .map(|(collection_id, index)| {\n assert!(\n allocated_collection_ids.insert(collection_id.0),\n \"allocated_collection_ids already contained {:?}\",\n collection_id\n );\n (\n collection_id,\n Tree::new(\n collection_id,\n cache.clone(),\n index,\n _shutdown_dropper.clone(),\n ),\n )\n })\n .collect();\n\n let collection_name_mapping =\n trees.get(&NAME_MAPPING_COLLECTION_ID).unwrap().clone();\n\n let default_tree = trees.get(&DEFAULT_COLLECTION_ID).unwrap().clone();\n\n for kv_res in collection_name_mapping.iter() {\n let (_collection_name, collection_id_buf) = kv_res.unwrap();\n let collection_id = CollectionId(u64::from_le_bytes(\n collection_id_buf.as_ref().try_into().unwrap(),\n ));\n\n if trees.contains_key(&collection_id) {\n continue;\n }\n\n // need to initialize tree leaf for empty collection\n\n assert!(\n allocated_collection_ids.insert(collection_id.0),\n \"allocated_collection_ids already contained {:?}\",\n collection_id\n );\n\n let initial_low_key = InlineArray::default();\n\n let empty_node = cache.allocate_default_node(collection_id);\n\n let index = Index::default();\n\n assert!(index.insert(initial_low_key, empty_node).is_none());\n\n let tree = Tree::new(\n collection_id,\n cache.clone(),\n index,\n _shutdown_dropper.clone(),\n );\n\n trees.insert(collection_id, tree);\n }\n\n let collection_id_allocator =\n Arc::new(Allocator::from_allocated(&allocated_collection_ids));\n\n assert_eq!(collection_name_mapping.len()? + 2, trees.len());\n\n let ret = Db {\n config: config.clone(),\n cache: cache.clone(),\n default_tree,\n collection_name_mapping,\n collection_id_allocator,\n trees: Arc::new(Mutex::new(trees)),\n _shutdown_dropper,\n was_recovered,\n };\n\n #[cfg(feature = \"for-internal-testing-only\")]\n ret.validate()?;\n\n if let Some(flush_every_ms) = ret.cache.config.flush_every_ms {\n let spawn_res = std::thread::Builder::new()\n .name(\"sled_flusher\".into())\n .spawn(move || flusher(cache, shutdown_rx, flush_every_ms));\n\n if let Err(e) = spawn_res {\n return Err(io::Error::other(format!(\n \"unable to spawn flusher thread for sled database: {:?}\",\n e\n )));\n }\n }\n Ok(ret)\n }\n\n /// A database export method for all collections in the `Db`,\n /// for use in sled version upgrades. Can be used in combination\n /// with the `import` method below on a database running a later\n /// version.\n ///\n /// # Panics\n ///\n /// Panics if any IO problems occur while trying\n /// to perform the export.\n ///\n /// # Examples\n ///\n /// If you want to migrate from one version of sled\n /// to another, you need to pull in both versions\n /// by using version renaming:\n ///\n /// `Cargo.toml`:\n ///\n /// ```toml\n /// [dependencies]\n /// sled = \"0.32\"\n /// old_sled = { version = \"0.31\", package = \"sled\" }\n /// ```\n ///\n /// and in your code, remember that old versions of\n /// sled might have a different way to open them\n /// than the current `sled::open` method:\n ///\n /// ```\n /// # use sled as old_sled;\n /// # fn main() -> Result<(), Box> {\n /// let old = old_sled::open(\"my_old_db_export\")?;\n ///\n /// // may be a different version of sled,\n /// // the export type is version agnostic.\n /// let new = sled::open(\"my_new_db_export\")?;\n ///\n /// let export = old.export();\n /// new.import(export);\n ///\n /// assert_eq!(old.checksum()?, new.checksum()?);\n /// # drop(old);\n /// # drop(new);\n /// # let _ = std::fs::remove_dir_all(\"my_old_db_export\");\n /// # let _ = std::fs::remove_dir_all(\"my_new_db_export\");\n /// # Ok(()) }\n /// ```\n pub fn export(\n &self,\n ) -> Vec<(\n CollectionType,\n CollectionName,\n impl Iterator>> + '_,\n )> {\n let trees = self.trees.lock();\n\n let mut ret = vec![];\n\n for kv_res in self.collection_name_mapping.iter() {\n let (collection_name, collection_id_buf) = kv_res.unwrap();\n let collection_id = CollectionId(u64::from_le_bytes(\n collection_id_buf.as_ref().try_into().unwrap(),\n ));\n let tree = trees.get(&collection_id).unwrap().clone();\n\n ret.push((\n b\"tree\".to_vec(),\n collection_name.to_vec(),\n tree.iter().map(|kv_opt| {\n let kv = kv_opt.unwrap();\n vec![kv.0.to_vec(), kv.1.to_vec()]\n }),\n ));\n }\n\n ret\n }\n\n /// Imports the collections from a previous database.\n ///\n /// # Panics\n ///\n /// Panics if any IO problems occur while trying\n /// to perform the import.\n ///\n /// # Examples\n ///\n /// If you want to migrate from one version of sled\n /// to another, you need to pull in both versions\n /// by using version renaming:\n ///\n /// `Cargo.toml`:\n ///\n /// ```toml\n /// [dependencies]\n /// sled = \"0.32\"\n /// old_sled = { version = \"0.31\", package = \"sled\" }\n /// ```\n ///\n /// and in your code, remember that old versions of\n /// sled might have a different way to open them\n /// than the current `sled::open` method:\n ///\n /// ```\n /// # use sled as old_sled;\n /// # fn main() -> Result<(), Box> {\n /// let old = old_sled::open(\"my_old_db_import\")?;\n ///\n /// // may be a different version of sled,\n /// // the export type is version agnostic.\n /// let new = sled::open(\"my_new_db_import\")?;\n ///\n /// let export = old.export();\n /// new.import(export);\n ///\n /// assert_eq!(old.checksum()?, new.checksum()?);\n /// # drop(old);\n /// # drop(new);\n /// # let _ = std::fs::remove_dir_all(\"my_old_db_import\");\n /// # let _ = std::fs::remove_dir_all(\"my_new_db_import\");\n /// # Ok(()) }\n /// ```\n pub fn import(\n &self,\n export: Vec<(\n CollectionType,\n CollectionName,\n impl Iterator>>,\n )>,\n ) {\n for (collection_type, collection_name, collection_iter) in export {\n match collection_type {\n ref t if t == b\"tree\" => {\n let tree = self\n .open_tree(collection_name)\n .expect(\"failed to open new tree during import\");\n for mut kv in collection_iter {\n let v = kv\n .pop()\n .expect(\"failed to get value from tree export\");\n let k = kv\n .pop()\n .expect(\"failed to get key from tree export\");\n let old = tree.insert(k, v).expect(\n \"failed to insert value during tree import\",\n );\n assert!(\n old.is_none(),\n \"import is overwriting existing data\"\n );\n }\n }\n other => panic!(\"unknown collection type {:?}\", other),\n }\n }\n }\n\n pub fn contains_tree>(&self, name: V) -> io::Result {\n Ok(self.collection_name_mapping.get(name.as_ref())?.is_some())\n }\n\n pub fn drop_tree>(&self, name: V) -> io::Result {\n let name_ref = name.as_ref();\n let trees = self.trees.lock();\n\n let tree = if let Some(collection_id_buf) =\n self.collection_name_mapping.get(name_ref)?\n {\n let collection_id = CollectionId(u64::from_le_bytes(\n collection_id_buf.as_ref().try_into().unwrap(),\n ));\n\n trees.get(&collection_id).unwrap()\n } else {\n return Ok(false);\n };\n\n tree.clear()?;\n\n self.collection_name_mapping.remove(name_ref)?;\n\n Ok(true)\n }\n\n /// Open or create a new disk-backed [`Tree`] with its own keyspace,\n /// accessible from the `Db` via the provided identifier.\n pub fn open_tree>(\n &self,\n name: V,\n ) -> io::Result> {\n let name_ref = name.as_ref();\n let mut trees = self.trees.lock();\n\n if let Some(collection_id_buf) =\n self.collection_name_mapping.get(name_ref)?\n {\n let collection_id = CollectionId(u64::from_le_bytes(\n collection_id_buf.as_ref().try_into().unwrap(),\n ));\n\n let tree = trees.get(&collection_id).unwrap();\n\n return Ok(tree.clone());\n }\n\n let collection_id =\n CollectionId(self.collection_id_allocator.allocate());\n\n let initial_low_key = InlineArray::default();\n\n let empty_node = self.cache.allocate_default_node(collection_id);\n\n let index = Index::default();\n\n assert!(index.insert(initial_low_key, empty_node).is_none());\n\n let tree = Tree::new(\n collection_id,\n self.cache.clone(),\n index,\n self._shutdown_dropper.clone(),\n );\n\n self.collection_name_mapping\n .insert(name_ref, &collection_id.0.to_le_bytes())?;\n\n trees.insert(collection_id, tree.clone());\n\n Ok(tree)\n }\n}\n\n/// These types provide the information that allows an entire\n/// system to be exported and imported to facilitate\n/// major upgrades. It is comprised entirely\n/// of standard library types to be forward compatible.\n/// NB this definitions are expensive to change, because\n/// they impact the migration path.\ntype CollectionType = Vec;\ntype CollectionName = Vec;\n"
},
{
"path": "src/event_verifier.rs",
"content": "use std::collections::BTreeMap;\nuse std::sync::Mutex;\n\nuse crate::{FlushEpoch, ObjectId};\n\n#[derive(Debug, Clone, Copy, PartialEq, Eq)]\npub(crate) enum State {\n Unallocated,\n Dirty,\n CooperativelySerialized,\n AddedToWriteBatch,\n Flushed,\n CleanPagedIn,\n PagedOut,\n}\n\nimpl State {\n fn can_transition_within_epoch_to(&self, next: State) -> bool {\n match (self, next) {\n (State::Flushed, State::PagedOut) => true,\n (State::Flushed, _) => false,\n (State::AddedToWriteBatch, State::Flushed) => true,\n (State::AddedToWriteBatch, _) => false,\n (State::CleanPagedIn, State::AddedToWriteBatch) => false,\n (State::CleanPagedIn, State::Flushed) => false,\n (State::Dirty, State::AddedToWriteBatch) => true,\n (State::CooperativelySerialized, State::AddedToWriteBatch) => true,\n (State::CooperativelySerialized, _) => false,\n (State::Unallocated, State::AddedToWriteBatch) => true,\n (State::Unallocated, _) => false,\n (State::Dirty, State::Dirty) => true,\n (State::Dirty, State::CooperativelySerialized) => true,\n (State::Dirty, State::Unallocated) => true,\n (State::Dirty, _) => false,\n (State::CleanPagedIn, State::Dirty) => true,\n (State::CleanPagedIn, State::PagedOut) => true,\n (State::CleanPagedIn, State::CleanPagedIn) => true,\n (State::CleanPagedIn, State::Unallocated) => true,\n (State::CleanPagedIn, State::CooperativelySerialized) => true,\n (State::PagedOut, State::CleanPagedIn) => true,\n (State::PagedOut, _) => false,\n }\n }\n\n fn needs_flush(&self) -> bool {\n match self {\n State::CleanPagedIn => false,\n State::Flushed => false,\n State::PagedOut => false,\n _ => true,\n }\n }\n}\n\n#[derive(Debug, Default)]\npub(crate) struct EventVerifier {\n flush_model:\n Mutex>>,\n}\n\nimpl Drop for EventVerifier {\n fn drop(&mut self) {\n // assert that nothing is currently Dirty\n let flush_model = self.flush_model.lock().unwrap();\n for ((oid, _epoch), history) in flush_model.iter() {\n if let Some((last_state, _at)) = history.last() {\n assert_ne!(\n *last_state,\n State::Dirty,\n \"{oid:?} is Dirty when system shutting down\"\n );\n }\n }\n }\n}\n\nimpl EventVerifier {\n pub(crate) fn mark(\n &self,\n object_id: ObjectId,\n epoch: FlushEpoch,\n state: State,\n at: &'static str,\n ) {\n if matches!(state, State::PagedOut) {\n let dirty_epochs = self.dirty_epochs(object_id);\n if !dirty_epochs.is_empty() {\n println!(\"{object_id:?} was paged out while having dirty epochs {dirty_epochs:?}\");\n self.print_debug_history_for_object(object_id);\n println!(\"{state:?} {epoch:?} {at}\");\n println!(\"invalid object state transition\");\n std::process::abort();\n }\n }\n\n let mut flush_model = self.flush_model.lock().unwrap();\n let history = flush_model.entry((object_id, epoch)).or_default();\n\n if let Some((last_state, _at)) = history.last() {\n if !last_state.can_transition_within_epoch_to(state) {\n println!(\n \"object_id {object_id:?} performed \\\n illegal state transition from {last_state:?} \\\n to {state:?} at {at} in epoch {epoch:?}.\"\n );\n\n println!(\"history:\");\n history.push((state, at));\n\n let active_epochs = flush_model.range(\n (object_id, FlushEpoch::MIN)..=(object_id, FlushEpoch::MAX),\n );\n for ((_oid, epoch), history) in active_epochs {\n for (last_state, at) in history {\n println!(\"{last_state:?} {epoch:?} {at}\");\n }\n }\n\n println!(\"invalid object state transition\");\n\n std::process::abort();\n }\n }\n history.push((state, at));\n }\n\n /// Returns the FlushEpochs for which this ObjectId has unflushed\n /// dirty data for.\n fn dirty_epochs(&self, object_id: ObjectId) -> Vec {\n let mut dirty_epochs = vec![];\n let flush_model = self.flush_model.lock().unwrap();\n\n let active_epochs = flush_model\n .range((object_id, FlushEpoch::MIN)..=(object_id, FlushEpoch::MAX));\n\n for ((_oid, epoch), history) in active_epochs {\n let (last_state, _at) = history.last().unwrap();\n if last_state.needs_flush() {\n dirty_epochs.push(*epoch);\n }\n }\n\n dirty_epochs\n }\n\n pub(crate) fn print_debug_history_for_object(&self, object_id: ObjectId) {\n let flush_model = self.flush_model.lock().unwrap();\n println!(\"history for object {:?}:\", object_id);\n let active_epochs = flush_model\n .range((object_id, FlushEpoch::MIN)..=(object_id, FlushEpoch::MAX));\n for ((_oid, epoch), history) in active_epochs {\n for (last_state, at) in history {\n println!(\"{last_state:?} {epoch:?} {at}\");\n }\n }\n }\n}\n"
},
{
"path": "src/flush_epoch.rs",
"content": "use std::num::NonZeroU64;\nuse std::sync::atomic::{AtomicPtr, AtomicU64, Ordering};\nuse std::sync::{Arc, Condvar, Mutex};\n\nconst SEAL_BIT: u64 = 1 << 63;\nconst SEAL_MASK: u64 = u64::MAX - SEAL_BIT;\nconst MIN_EPOCH: u64 = 2;\n\n#[derive(\n Debug,\n Clone,\n Copy,\n serde::Serialize,\n serde::Deserialize,\n PartialOrd,\n Ord,\n PartialEq,\n Eq,\n Hash,\n)]\npub struct FlushEpoch(NonZeroU64);\n\nimpl FlushEpoch {\n pub const MIN: FlushEpoch = FlushEpoch(NonZeroU64::MIN);\n #[allow(unused)]\n pub const MAX: FlushEpoch = FlushEpoch(NonZeroU64::MAX);\n\n pub fn increment(&self) -> FlushEpoch {\n FlushEpoch(NonZeroU64::new(self.0.get() + 1).unwrap())\n }\n\n pub fn get(&self) -> u64 {\n self.0.get()\n }\n}\n\nimpl concurrent_map::Minimum for FlushEpoch {\n const MIN: FlushEpoch = FlushEpoch::MIN;\n}\n\n#[derive(Debug)]\npub(crate) struct FlushInvariants {\n max_flushed_epoch: AtomicU64,\n max_flushing_epoch: AtomicU64,\n}\n\nimpl Default for FlushInvariants {\n fn default() -> FlushInvariants {\n FlushInvariants {\n max_flushed_epoch: (MIN_EPOCH - 1).into(),\n max_flushing_epoch: (MIN_EPOCH - 1).into(),\n }\n }\n}\n\nimpl FlushInvariants {\n pub(crate) fn mark_flushed_epoch(&self, epoch: FlushEpoch) {\n let last = self.max_flushed_epoch.swap(epoch.get(), Ordering::SeqCst);\n\n assert_eq!(last + 1, epoch.get());\n }\n\n pub(crate) fn mark_flushing_epoch(&self, epoch: FlushEpoch) {\n let last = self.max_flushing_epoch.swap(epoch.get(), Ordering::SeqCst);\n\n assert_eq!(last + 1, epoch.get());\n }\n}\n\n#[derive(Clone, Debug)]\npub(crate) struct Completion {\n mu: Arc>,\n cv: Arc,\n epoch: FlushEpoch,\n}\n\nimpl Completion {\n pub fn epoch(&self) -> FlushEpoch {\n self.epoch\n }\n\n pub fn new(epoch: FlushEpoch) -> Completion {\n Completion { mu: Default::default(), cv: Default::default(), epoch }\n }\n\n pub fn wait_for_complete(self) -> FlushEpoch {\n let mut mu = self.mu.lock().unwrap();\n while !*mu {\n mu = self.cv.wait(mu).unwrap();\n }\n\n self.epoch\n }\n\n pub fn mark_complete(self) {\n self.mark_complete_inner(false);\n }\n\n fn mark_complete_inner(&self, previously_sealed: bool) {\n let mut mu = self.mu.lock().unwrap();\n if !previously_sealed {\n // TODO reevaluate - assert!(!*mu);\n }\n log::trace!(\"marking epoch {:?} as complete\", self.epoch);\n // it's possible for *mu to already be true due to this being\n // immediately dropped in the check_in method when we see that\n // the checked-in epoch has already been marked as sealed.\n *mu = true;\n drop(mu);\n self.cv.notify_all();\n }\n\n #[cfg(test)]\n pub fn is_complete(&self) -> bool {\n *self.mu.lock().unwrap()\n }\n}\n\npub struct FlushEpochGuard<'a> {\n tracker: &'a EpochTracker,\n previously_sealed: bool,\n}\n\nimpl Drop for FlushEpochGuard<'_> {\n fn drop(&mut self) {\n let rc = self.tracker.rc.fetch_sub(1, Ordering::SeqCst) - 1;\n if rc & SEAL_MASK == 0 && (rc & SEAL_BIT) == SEAL_BIT {\n crate::debug_delay();\n self.tracker\n .vacancy_notifier\n .mark_complete_inner(self.previously_sealed);\n }\n }\n}\n\nimpl FlushEpochGuard<'_> {\n pub fn epoch(&self) -> FlushEpoch {\n self.tracker.epoch\n }\n}\n\n#[derive(Debug)]\npub(crate) struct EpochTracker {\n epoch: FlushEpoch,\n rc: AtomicU64,\n vacancy_notifier: Completion,\n previous_flush_complete: Completion,\n}\n\n#[derive(Clone, Debug)]\npub(crate) struct FlushEpochTracker {\n active_ebr: ebr::Ebr, 16, 16>,\n inner: Arc,\n}\n\n#[derive(Debug)]\npub(crate) struct FlushEpochInner {\n counter: AtomicU64,\n roll_mu: Mutex<()>,\n current_active: AtomicPtr,\n}\n\nimpl Drop for FlushEpochInner {\n fn drop(&mut self) {\n let vacancy_mu = self.roll_mu.lock().unwrap();\n let old_ptr =\n self.current_active.swap(std::ptr::null_mut(), Ordering::SeqCst);\n if !old_ptr.is_null() {\n //let old: &EpochTracker = &*old_ptr;\n unsafe { drop(Box::from_raw(old_ptr)) }\n }\n drop(vacancy_mu);\n }\n}\n\nimpl Default for FlushEpochTracker {\n fn default() -> FlushEpochTracker {\n let last = Completion::new(FlushEpoch(NonZeroU64::new(1).unwrap()));\n let current_active_ptr = Box::into_raw(Box::new(EpochTracker {\n epoch: FlushEpoch(NonZeroU64::new(MIN_EPOCH).unwrap()),\n rc: AtomicU64::new(0),\n vacancy_notifier: Completion::new(FlushEpoch(\n NonZeroU64::new(MIN_EPOCH).unwrap(),\n )),\n previous_flush_complete: last.clone(),\n }));\n\n last.mark_complete();\n\n let current_active = AtomicPtr::new(current_active_ptr);\n\n FlushEpochTracker {\n inner: Arc::new(FlushEpochInner {\n counter: AtomicU64::new(2),\n roll_mu: Mutex::new(()),\n current_active,\n }),\n active_ebr: ebr::Ebr::default(),\n }\n }\n}\n\nimpl FlushEpochTracker {\n /// Returns the epoch notifier for the previous epoch.\n /// Intended to be passed to a flusher that can eventually\n /// notify the flush-requesting thread.\n pub fn roll_epoch_forward(&self) -> (Completion, Completion, Completion) {\n let mut tracker_guard = self.active_ebr.pin();\n\n let vacancy_mu = self.inner.roll_mu.lock().unwrap();\n\n let flush_through = self.inner.counter.fetch_add(1, Ordering::SeqCst);\n\n let flush_through_epoch =\n FlushEpoch(NonZeroU64::new(flush_through).unwrap());\n\n let new_epoch = flush_through_epoch.increment();\n\n let forward_flush_notifier = Completion::new(flush_through_epoch);\n\n let new_active = Box::into_raw(Box::new(EpochTracker {\n epoch: new_epoch,\n rc: AtomicU64::new(0),\n vacancy_notifier: Completion::new(new_epoch),\n previous_flush_complete: forward_flush_notifier.clone(),\n }));\n\n let old_ptr =\n self.inner.current_active.swap(new_active, Ordering::SeqCst);\n\n assert!(!old_ptr.is_null());\n\n let (last_flush_complete_notifier, vacancy_notifier) = unsafe {\n let old: &EpochTracker = &*old_ptr;\n let last = old.rc.fetch_add(SEAL_BIT + 1, Ordering::SeqCst);\n\n assert_eq!(\n last & SEAL_BIT,\n 0,\n \"epoch {} double-sealed\",\n flush_through\n );\n\n // mark_complete_inner called via drop in a uniform way\n //println!(\"dropping flush epoch guard for epoch {flush_through}\");\n drop(FlushEpochGuard { tracker: old, previously_sealed: true });\n\n (old.previous_flush_complete.clone(), old.vacancy_notifier.clone())\n };\n tracker_guard.defer_drop(unsafe { Box::from_raw(old_ptr) });\n drop(vacancy_mu);\n (last_flush_complete_notifier, vacancy_notifier, forward_flush_notifier)\n }\n\n pub fn check_in<'a>(&self) -> FlushEpochGuard<'a> {\n let _tracker_guard = self.active_ebr.pin();\n loop {\n let tracker: &'a EpochTracker =\n unsafe { &*self.inner.current_active.load(Ordering::SeqCst) };\n\n let rc = tracker.rc.fetch_add(1, Ordering::SeqCst);\n\n let previously_sealed = rc & SEAL_BIT == SEAL_BIT;\n\n let guard = FlushEpochGuard { tracker, previously_sealed };\n\n if previously_sealed {\n // the epoch is already closed, so we must drop the rc\n // and possibly notify, which is handled in the guard's\n // Drop impl.\n drop(guard);\n } else {\n return guard;\n }\n }\n }\n\n pub fn manually_advance_epoch(&self) {\n self.active_ebr.manually_advance_epoch();\n }\n\n pub fn current_flush_epoch(&self) -> FlushEpoch {\n let current = self.inner.counter.load(Ordering::SeqCst);\n\n FlushEpoch(NonZeroU64::new(current).unwrap())\n }\n}\n\n#[test]\nfn flush_epoch_basic_functionality() {\n let epoch_tracker = FlushEpochTracker::default();\n\n for expected in MIN_EPOCH..1_000_000 {\n let g1 = epoch_tracker.check_in();\n let g2 = epoch_tracker.check_in();\n\n assert_eq!(g1.tracker.epoch.0.get(), expected);\n assert_eq!(g2.tracker.epoch.0.get(), expected);\n\n let previous_notifier = epoch_tracker.roll_epoch_forward().1;\n assert!(!previous_notifier.is_complete());\n\n drop(g1);\n assert!(!previous_notifier.is_complete());\n drop(g2);\n assert_eq!(previous_notifier.wait_for_complete().0.get(), expected);\n }\n}\n\n#[cfg(test)]\nfn concurrent_flush_epoch_burn_in_inner() {\n const N_THREADS: usize = 10;\n const N_OPS_PER_THREAD: usize = 3000;\n\n let fa = FlushEpochTracker::default();\n\n let barrier = std::sync::Arc::new(std::sync::Barrier::new(21));\n\n let pt = pagetable::PageTable::::default();\n\n let rolls = || {\n let fa = fa.clone();\n let barrier = barrier.clone();\n let pt = &pt;\n move || {\n barrier.wait();\n for _ in 0..N_OPS_PER_THREAD {\n let (previous, this, next) = fa.roll_epoch_forward();\n let last_epoch = previous.wait_for_complete().0.get();\n assert_eq!(0, pt.get(last_epoch).load(Ordering::Acquire));\n let flush_through_epoch = this.wait_for_complete().0.get();\n assert_eq!(\n 0,\n pt.get(flush_through_epoch).load(Ordering::Acquire)\n );\n\n next.mark_complete();\n }\n }\n };\n\n let check_ins = || {\n let fa = fa.clone();\n let barrier = barrier.clone();\n let pt = &pt;\n move || {\n barrier.wait();\n for _ in 0..N_OPS_PER_THREAD {\n let guard = fa.check_in();\n let epoch = guard.epoch().0.get();\n pt.get(epoch).fetch_add(1, Ordering::SeqCst);\n std::thread::yield_now();\n pt.get(epoch).fetch_sub(1, Ordering::SeqCst);\n drop(guard);\n }\n }\n };\n\n std::thread::scope(|s| {\n let mut threads = vec![];\n\n for _ in 0..N_THREADS {\n threads.push(s.spawn(rolls()));\n threads.push(s.spawn(check_ins()));\n }\n\n barrier.wait();\n\n for thread in threads.into_iter() {\n thread.join().expect(\"a test thread crashed unexpectedly\");\n }\n });\n\n for i in 0..N_OPS_PER_THREAD * N_THREADS {\n assert_eq!(0, pt.get(i as u64).load(Ordering::Acquire));\n }\n}\n\n#[test]\nfn concurrent_flush_epoch_burn_in() {\n for _ in 0..128 {\n concurrent_flush_epoch_burn_in_inner();\n }\n}\n"
},
{
"path": "src/heap.rs",
"content": "use std::fmt;\nuse std::fs;\nuse std::io::{self, Read};\nuse std::num::NonZeroU64;\nuse std::path::{Path, PathBuf};\nuse std::sync::Arc;\nuse std::sync::atomic::{AtomicPtr, AtomicU64, Ordering, fence};\nuse std::time::{Duration, Instant};\n\nuse ebr::{Ebr, Guard};\nuse fault_injection::{annotate, fallible, maybe};\nuse fnv::FnvHashSet;\nuse fs2::FileExt as _;\nuse parking_lot::{Mutex, RwLock};\nuse rayon::prelude::*;\n\nuse crate::object_location_mapper::{AllocatorStats, ObjectLocationMapper};\nuse crate::{CollectionId, Config, DeferredFree, MetadataStore, ObjectId};\n\nconst WARN: &str = \"DO_NOT_PUT_YOUR_FILES_HERE\";\npub(crate) const N_SLABS: usize = 78;\nconst FILE_TARGET_FILL_RATIO: u64 = 80;\nconst FILE_RESIZE_MARGIN: u64 = 115;\n\nconst SLAB_SIZES: [usize; N_SLABS] = [\n 64, // 0x40\n 80, // 0x50\n 96, // 0x60\n 112, // 0x70\n 128, // 0x80\n 160, // 0xa0\n 192, // 0xc0\n 224, // 0xe0\n 256, // 0x100\n 320, // 0x140\n 384, // 0x180\n 448, // 0x1c0\n 512, // 0x200\n 640, // 0x280\n 768, // 0x300\n 896, // 0x380\n 1024, // 0x400\n 1280, // 0x500\n 1536, // 0x600\n 1792, // 0x700\n 2048, // 0x800\n 2560, // 0xa00\n 3072, // 0xc00\n 3584, // 0xe00\n 4096, // 0x1000\n 5120, // 0x1400\n 6144, // 0x1800\n 7168, // 0x1c00\n 8192, // 0x2000\n 10240, // 0x2800\n 12288, // 0x3000\n 14336, // 0x3800\n 16384, // 0x4000\n 20480, // 0x5000\n 24576, // 0x6000\n 28672, // 0x7000\n 32768, // 0x8000\n 40960, // 0xa000\n 49152, // 0xc000\n 57344, // 0xe000\n 65536, // 0x10000\n 98304, // 0x1a000\n 131072, // 0x20000\n 163840, // 0x28000\n 196608,\n 262144,\n 393216,\n 524288,\n 786432,\n 1048576,\n 1572864,\n 2097152,\n 3145728,\n 4194304,\n 6291456,\n 8388608,\n 12582912,\n 16777216,\n 25165824,\n 33554432,\n 50331648,\n 67108864,\n 100663296,\n 134217728,\n 201326592,\n 268435456,\n 402653184,\n 536870912,\n 805306368,\n 1073741824,\n 1610612736,\n 2147483648,\n 3221225472,\n 4294967296,\n 6442450944,\n 8589934592,\n 12884901888,\n 17_179_869_184, // 17gb is max page size as-of now\n];\n\n#[derive(Default, Debug, Copy, Clone)]\npub struct WriteBatchStats {\n pub heap_bytes_written: u64,\n pub heap_files_written_to: u64,\n /// Latency inclusive of fsync\n pub heap_write_latency: Duration,\n /// Latency for fsyncing files\n pub heap_sync_latency: Duration,\n pub metadata_bytes_written: u64,\n pub metadata_write_latency: Duration,\n pub truncated_files: u64,\n pub truncated_bytes: u64,\n pub truncate_latency: Duration,\n}\n\n#[derive(Default, Debug, Clone, Copy)]\npub struct HeapStats {\n pub allocator: AllocatorStats,\n pub write_batch_max: WriteBatchStats,\n pub write_batch_sum: WriteBatchStats,\n pub truncated_file_bytes: u64,\n}\n\nimpl WriteBatchStats {\n pub(crate) fn max(&self, other: &WriteBatchStats) -> WriteBatchStats {\n WriteBatchStats {\n heap_bytes_written: self\n .heap_bytes_written\n .max(other.heap_bytes_written),\n heap_files_written_to: self\n .heap_files_written_to\n .max(other.heap_files_written_to),\n heap_write_latency: self\n .heap_write_latency\n .max(other.heap_write_latency),\n heap_sync_latency: self\n .heap_sync_latency\n .max(other.heap_sync_latency),\n metadata_bytes_written: self\n .metadata_bytes_written\n .max(other.metadata_bytes_written),\n metadata_write_latency: self\n .metadata_write_latency\n .max(other.metadata_write_latency),\n truncated_files: self.truncated_files.max(other.truncated_files),\n truncated_bytes: self.truncated_bytes.max(other.truncated_bytes),\n truncate_latency: self.truncate_latency.max(other.truncate_latency),\n }\n }\n\n pub(crate) fn sum(&self, other: &WriteBatchStats) -> WriteBatchStats {\n use std::ops::Add;\n WriteBatchStats {\n heap_bytes_written: self\n .heap_bytes_written\n .add(other.heap_bytes_written),\n heap_files_written_to: self\n .heap_files_written_to\n .add(other.heap_files_written_to),\n heap_write_latency: self\n .heap_write_latency\n .add(other.heap_write_latency),\n heap_sync_latency: self\n .heap_sync_latency\n .add(other.heap_sync_latency),\n metadata_bytes_written: self\n .metadata_bytes_written\n .add(other.metadata_bytes_written),\n metadata_write_latency: self\n .metadata_write_latency\n .add(other.metadata_write_latency),\n truncated_files: self.truncated_files.add(other.truncated_files),\n truncated_bytes: self.truncated_bytes.add(other.truncated_bytes),\n truncate_latency: self.truncate_latency.add(other.truncate_latency),\n }\n }\n}\n\nconst fn overhead_for_size(size: usize) -> usize {\n if size + 5 <= u8::MAX as usize {\n // crc32 + 1 byte frame\n 5\n } else if size + 6 <= u16::MAX as usize {\n // crc32 + 2 byte frame\n 6\n } else if size + 8 <= u32::MAX as usize {\n // crc32 + 4 byte frame\n 8\n } else {\n // crc32 + 8 byte frame\n 12\n }\n}\n\nfn slab_for_size(size: usize) -> u8 {\n let total_size = size + overhead_for_size(size);\n for (idx, slab_size) in SLAB_SIZES.iter().enumerate() {\n if *slab_size >= total_size {\n return u8::try_from(idx).unwrap();\n }\n }\n u8::MAX\n}\n\npub use inline_array::InlineArray;\n\n#[derive(Debug)]\npub struct ObjectRecovery {\n pub object_id: ObjectId,\n pub collection_id: CollectionId,\n pub low_key: InlineArray,\n}\n\npub struct HeapRecovery {\n pub heap: Heap,\n pub recovered_nodes: Vec,\n pub was_recovered: bool,\n}\n\nenum PersistentSettings {\n V1 { leaf_fanout: u64 },\n}\n\nimpl PersistentSettings {\n // NB: should only be called with a directory lock already exclusively acquired\n fn verify_or_store>(\n &self,\n path: P,\n _directory_lock: &std::fs::File,\n ) -> io::Result<()> {\n let settings_path = path.as_ref().join(\"durability_cookie\");\n\n match std::fs::read(&settings_path) {\n Ok(previous_bytes) => {\n let previous =\n PersistentSettings::deserialize(&previous_bytes)?;\n self.check_compatibility(&previous)\n }\n Err(e) if e.kind() == std::io::ErrorKind::NotFound => {\n std::fs::write(settings_path, self.serialize())\n }\n Err(e) => Err(e),\n }\n }\n\n fn deserialize(buf: &[u8]) -> io::Result {\n let mut cursor = buf;\n let mut buf = [0_u8; 64];\n cursor.read_exact(&mut buf)?;\n\n let version = u16::from_le_bytes([buf[0], buf[1]]);\n\n let crc_actual = (crc32fast::hash(&buf[0..60]) ^ 0xAF).to_le_bytes();\n let crc_expected = &buf[60..];\n\n if crc_actual != crc_expected {\n return Err(io::Error::new(\n io::ErrorKind::InvalidData,\n \"encountered corrupted settings cookie with mismatched CRC.\",\n ));\n }\n\n match version {\n 1 => {\n let leaf_fanout =\n u64::from_le_bytes(buf[2..10].try_into().unwrap());\n Ok(PersistentSettings::V1 { leaf_fanout })\n }\n _ => Err(io::Error::new(\n io::ErrorKind::InvalidData,\n \"encountered unknown version number when reading settings cookie\",\n )),\n }\n }\n\n fn check_compatibility(\n &self,\n other: &PersistentSettings,\n ) -> io::Result<()> {\n use PersistentSettings::*;\n\n match (self, other) {\n (V1 { leaf_fanout: lf1 }, V1 { leaf_fanout: lf2 }) => {\n if lf1 != lf2 {\n Err(io::Error::new(\n io::ErrorKind::Unsupported,\n format!(\n \"sled was already opened with a LEAF_FANOUT const generic of {}, \\\n and this may not be changed after initial creation. Please use \\\n Db::import / Db::export to migrate, if you wish to change the \\\n system's format.\",\n lf2\n ),\n ))\n } else {\n Ok(())\n }\n }\n }\n }\n\n fn serialize(&self) -> Vec {\n // format: 64 bytes in total, with the last 4 being a LE crc32\n // first 2 are LE version number\n let mut buf = vec![];\n\n match self {\n PersistentSettings::V1 { leaf_fanout } => {\n // LEAF_FANOUT: 8 bytes LE\n let version: [u8; 2] = 1_u16.to_le_bytes();\n buf.extend_from_slice(&version);\n\n buf.extend_from_slice(&leaf_fanout.to_le_bytes());\n }\n }\n\n // zero-pad the buffer\n assert!(buf.len() < 60);\n buf.resize(60, 0);\n\n let hash: u32 = crc32fast::hash(&buf) ^ 0xAF;\n let hash_bytes: [u8; 4] = hash.to_le_bytes();\n buf.extend_from_slice(&hash_bytes);\n\n // keep the buffer to 64 bytes for easy parsing over time.\n assert_eq!(buf.len(), 64);\n\n buf\n }\n}\n\n#[derive(Clone, Copy, Debug, PartialEq)]\npub(crate) struct SlabAddress {\n slab_id: u8,\n slab_slot: [u8; 7],\n}\n\nimpl SlabAddress {\n pub(crate) fn from_slab_slot(slab: u8, slot: u64) -> SlabAddress {\n let slot_bytes = slot.to_be_bytes();\n\n assert_eq!(slot_bytes[0], 0);\n\n SlabAddress {\n slab_id: slab,\n slab_slot: slot_bytes[1..].try_into().unwrap(),\n }\n }\n\n #[inline]\n pub const fn slab(&self) -> u8 {\n self.slab_id\n }\n\n #[inline]\n pub const fn slot(&self) -> u64 {\n u64::from_be_bytes([\n 0,\n self.slab_slot[0],\n self.slab_slot[1],\n self.slab_slot[2],\n self.slab_slot[3],\n self.slab_slot[4],\n self.slab_slot[5],\n self.slab_slot[6],\n ])\n }\n}\n\nimpl From for SlabAddress {\n fn from(i: NonZeroU64) -> SlabAddress {\n let i = i.get();\n let bytes = i.to_be_bytes();\n SlabAddress {\n slab_id: bytes[0] - 1,\n slab_slot: bytes[1..].try_into().unwrap(),\n }\n }\n}\n\nimpl From for NonZeroU64 {\n fn from(sa: SlabAddress) -> NonZeroU64 {\n NonZeroU64::new(u64::from_be_bytes([\n sa.slab_id + 1,\n sa.slab_slot[0],\n sa.slab_slot[1],\n sa.slab_slot[2],\n sa.slab_slot[3],\n sa.slab_slot[4],\n sa.slab_slot[5],\n sa.slab_slot[6],\n ]))\n .unwrap()\n }\n}\n\n#[cfg(unix)]\nmod sys_io {\n use std::io;\n use std::os::unix::fs::FileExt;\n\n use super::*;\n\n pub(super) fn read_exact_at(\n file: &fs::File,\n buf: &mut [u8],\n offset: u64,\n ) -> io::Result<()> {\n match maybe!(file.read_exact_at(buf, offset)) {\n Ok(r) => Ok(r),\n Err(e) => {\n // FIXME BUG 3: failed to read 64 bytes at offset 192 from file with len 192\n println!(\n \"failed to read {} bytes at offset {} from file with len {}\",\n buf.len(),\n offset,\n file.metadata().unwrap().len(),\n );\n let _ = dbg!(std::backtrace::Backtrace::force_capture());\n Err(e)\n }\n }\n }\n\n pub(super) fn write_all_at(\n file: &fs::File,\n buf: &[u8],\n offset: u64,\n ) -> io::Result<()> {\n maybe!(file.write_all_at(buf, offset))\n }\n}\n\n#[cfg(windows)]\nmod sys_io {\n use std::os::windows::fs::FileExt;\n\n use super::*;\n\n pub(super) fn read_exact_at(\n file: &fs::File,\n mut buf: &mut [u8],\n mut offset: u64,\n ) -> io::Result<()> {\n while !buf.is_empty() {\n match maybe!(file.seek_read(buf, offset)) {\n Ok(0) => break,\n Ok(n) => {\n let tmp = buf;\n buf = &mut tmp[n..];\n offset += n as u64;\n }\n Err(ref e) if e.kind() == io::ErrorKind::Interrupted => {}\n Err(e) => return Err(annotate!(e)),\n }\n }\n if !buf.is_empty() {\n Err(annotate!(io::Error::new(\n io::ErrorKind::UnexpectedEof,\n \"failed to fill whole buffer\"\n )))\n } else {\n Ok(())\n }\n }\n\n pub(super) fn write_all_at(\n file: &fs::File,\n mut buf: &[u8],\n mut offset: u64,\n ) -> io::Result<()> {\n while !buf.is_empty() {\n match maybe!(file.seek_write(buf, offset)) {\n Ok(0) => {\n return Err(annotate!(io::Error::new(\n io::ErrorKind::WriteZero,\n \"failed to write whole buffer\",\n )));\n }\n Ok(n) => {\n buf = &buf[n..];\n offset += n as u64;\n }\n Err(ref e) if e.kind() == io::ErrorKind::Interrupted => {}\n Err(e) => return Err(annotate!(e)),\n }\n }\n Ok(())\n }\n}\n\n#[derive(Debug)]\nstruct Slab {\n file: fs::File,\n slot_size: usize,\n max_live_slot_since_last_truncation: AtomicU64,\n}\n\nimpl Slab {\n fn sync(&self) -> io::Result<()> {\n self.file.sync_all()\n }\n\n fn read(\n &self,\n slot: u64,\n _guard: &mut Guard<'_, DeferredFree, 16, 16>,\n ) -> io::Result> {\n log::trace!(\"reading from slot {} in slab {}\", slot, self.slot_size);\n\n let mut data = Vec::with_capacity(self.slot_size);\n unsafe {\n data.set_len(self.slot_size);\n }\n\n let whence = self.slot_size as u64 * slot;\n\n maybe!(sys_io::read_exact_at(&self.file, &mut data, whence))?;\n\n let hash_actual: [u8; 4] =\n (crc32fast::hash(&data[..self.slot_size - 4]) ^ 0xAF).to_le_bytes();\n let hash_expected = &data[self.slot_size - 4..];\n\n if hash_expected != hash_actual {\n return Err(annotate!(io::Error::new(\n io::ErrorKind::InvalidData,\n \"crc mismatch - data corruption detected\"\n )));\n }\n\n let len: usize = if self.slot_size <= u8::MAX as usize {\n // crc32 + 1 byte frame\n usize::from(data[self.slot_size - 5])\n } else if self.slot_size <= u16::MAX as usize {\n // crc32 + 2 byte frame\n let mut size_bytes: [u8; 2] = [0; 2];\n size_bytes\n .copy_from_slice(&data[self.slot_size - 6..self.slot_size - 4]);\n usize::from(u16::from_le_bytes(size_bytes))\n } else if self.slot_size <= u32::MAX as usize {\n // crc32 + 4 byte frame\n let mut size_bytes: [u8; 4] = [0; 4];\n size_bytes\n .copy_from_slice(&data[self.slot_size - 8..self.slot_size - 4]);\n usize::try_from(u32::from_le_bytes(size_bytes)).unwrap()\n } else {\n // crc32 + 8 byte frame\n let mut size_bytes: [u8; 8] = [0; 8];\n size_bytes.copy_from_slice(\n &data[self.slot_size - 12..self.slot_size - 4],\n );\n usize::try_from(u64::from_le_bytes(size_bytes)).unwrap()\n };\n\n data.truncate(len);\n\n Ok(data)\n }\n\n fn write(&self, slot: u64, mut data: Vec) -> io::Result<()> {\n let len = data.len();\n\n assert!(len + overhead_for_size(data.len()) <= self.slot_size);\n\n data.resize(self.slot_size, 0);\n\n if self.slot_size <= u8::MAX as usize {\n // crc32 + 1 byte frame\n data[self.slot_size - 5] = u8::try_from(len).unwrap();\n } else if self.slot_size <= u16::MAX as usize {\n // crc32 + 2 byte frame\n let size_bytes: [u8; 2] = u16::try_from(len).unwrap().to_le_bytes();\n data[self.slot_size - 6..self.slot_size - 4]\n .copy_from_slice(&size_bytes);\n } else if self.slot_size <= u32::MAX as usize {\n // crc32 + 4 byte frame\n let size_bytes: [u8; 4] = u32::try_from(len).unwrap().to_le_bytes();\n data[self.slot_size - 8..self.slot_size - 4]\n .copy_from_slice(&size_bytes);\n } else {\n // crc32 + 8 byte frame\n let size_bytes: [u8; 8] = u64::try_from(len).unwrap().to_le_bytes();\n data[self.slot_size - 12..self.slot_size - 4]\n .copy_from_slice(&size_bytes);\n }\n\n let hash: [u8; 4] =\n (crc32fast::hash(&data[..self.slot_size - 4]) ^ 0xAF).to_le_bytes();\n data[self.slot_size - 4..].copy_from_slice(&hash);\n\n let whence = self.slot_size as u64 * slot;\n\n log::trace!(\"writing to slot {} in slab {}\", slot, self.slot_size);\n sys_io::write_all_at(&self.file, &data, whence)\n }\n}\n\nfn set_error(\n global_error: &AtomicPtr<(io::ErrorKind, String)>,\n error: &io::Error,\n) {\n let kind = error.kind();\n let reason = error.to_string();\n\n let boxed = Box::new((kind, reason));\n let ptr = Box::into_raw(boxed);\n\n if global_error\n .compare_exchange(\n std::ptr::null_mut(),\n ptr,\n Ordering::SeqCst,\n Ordering::SeqCst,\n )\n .is_err()\n {\n // global fatal error already installed, drop this one\n unsafe {\n drop(Box::from_raw(ptr));\n }\n }\n}\n\n#[derive(Debug)]\npub enum Update {\n Store {\n object_id: ObjectId,\n collection_id: CollectionId,\n low_key: InlineArray,\n data: Vec,\n },\n Free {\n object_id: ObjectId,\n collection_id: CollectionId,\n },\n}\n\nimpl Update {\n #[allow(unused)]\n pub(crate) fn object_id(&self) -> ObjectId {\n match self {\n Update::Store { object_id, .. }\n | Update::Free { object_id, .. } => *object_id,\n }\n }\n}\n\n#[derive(Debug, PartialOrd, Ord, PartialEq, Eq)]\npub enum UpdateMetadata {\n Store {\n object_id: ObjectId,\n collection_id: CollectionId,\n low_key: InlineArray,\n location: NonZeroU64,\n },\n Free {\n object_id: ObjectId,\n collection_id: CollectionId,\n },\n}\n\nimpl UpdateMetadata {\n pub fn object_id(&self) -> ObjectId {\n match self {\n UpdateMetadata::Store { object_id, .. }\n | UpdateMetadata::Free { object_id, .. } => *object_id,\n }\n }\n}\n\n#[derive(Debug, Default, Clone, Copy)]\nstruct WriteBatchStatTracker {\n sum: WriteBatchStats,\n max: WriteBatchStats,\n}\n\n#[derive(Clone)]\npub struct Heap {\n path: PathBuf,\n slabs: Arc<[Slab; N_SLABS]>,\n table: ObjectLocationMapper,\n metadata_store: Arc>,\n free_ebr: Ebr,\n global_error: Arc>,\n #[allow(unused)]\n directory_lock: Arc,\n stats: Arc>,\n truncated_file_bytes: Arc,\n}\n\nimpl fmt::Debug for Heap {\n fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {\n f.debug_struct(\"Heap\")\n .field(\"path\", &self.path)\n .field(\"stats\", &self.stats())\n .finish()\n }\n}\n\nimpl Heap {\n pub fn recover(\n leaf_fanout: usize,\n config: &Config,\n ) -> io::Result {\n let path = &config.path;\n log::trace!(\"recovering Heap at {:?}\", path);\n let slabs_dir = path.join(\"slabs\");\n\n // TODO NOCOMMIT\n let sync_status = std::process::Command::new(\"sync\")\n .status()\n .map(|status| status.success());\n\n if !matches!(sync_status, Ok(true)) {\n log::warn!(\n \"sync command before recovery failed: {:?}\",\n sync_status\n );\n }\n\n // initialize directories if not present\n let mut was_recovered = true;\n for p in [path, &slabs_dir] {\n if let Err(e) = fs::read_dir(p) {\n if e.kind() == io::ErrorKind::NotFound {\n fallible!(fs::create_dir_all(p));\n was_recovered = false;\n continue;\n }\n }\n maybe!(fs::File::open(p).and_then(|f| f.sync_all()))?;\n }\n\n let _ = fs::File::create(path.join(WARN));\n\n let mut file_lock_opts = fs::OpenOptions::new();\n file_lock_opts.create(false).read(false).write(false);\n let directory_lock = fallible!(fs::File::open(path));\n fallible!(directory_lock.try_lock_exclusive());\n\n maybe!(fs::File::open(&slabs_dir).and_then(|f| f.sync_all()))?;\n maybe!(directory_lock.sync_all())?;\n\n let persistent_settings =\n PersistentSettings::V1 { leaf_fanout: leaf_fanout as u64 };\n\n persistent_settings.verify_or_store(path, &directory_lock)?;\n\n let (metadata_store, recovered_metadata) =\n MetadataStore::recover(path.join(\"metadata\"))?;\n\n let table = ObjectLocationMapper::new(\n &recovered_metadata,\n config.target_heap_file_fill_ratio,\n );\n\n let mut recovered_nodes =\n Vec::::with_capacity(recovered_metadata.len());\n\n for update_metadata in recovered_metadata {\n match update_metadata {\n UpdateMetadata::Store {\n object_id,\n collection_id,\n location: _,\n low_key,\n } => {\n recovered_nodes.push(ObjectRecovery {\n object_id,\n collection_id,\n low_key,\n });\n }\n UpdateMetadata::Free { .. } => {\n unreachable!()\n }\n }\n }\n\n let mut slabs = vec![];\n let mut slab_opts = fs::OpenOptions::new();\n slab_opts.create(true).read(true).write(true);\n for slot_size in &SLAB_SIZES {\n let slab_path = slabs_dir.join(format!(\"{}\", slot_size));\n\n let file = fallible!(slab_opts.open(slab_path));\n\n slabs.push(Slab {\n slot_size: *slot_size,\n file,\n max_live_slot_since_last_truncation: AtomicU64::new(0),\n })\n }\n\n maybe!(fs::File::open(&slabs_dir).and_then(|f| f.sync_all()))?;\n\n log::debug!(\"recovery of Heap at {:?} complete\", path);\n\n Ok(HeapRecovery {\n heap: Heap {\n slabs: Arc::new(slabs.try_into().unwrap()),\n path: path.into(),\n table,\n global_error: metadata_store.get_global_error_arc(),\n metadata_store: Arc::new(Mutex::new(metadata_store)),\n directory_lock: Arc::new(directory_lock),\n free_ebr: Ebr::default(),\n truncated_file_bytes: Arc::default(),\n stats: Arc::default(),\n },\n recovered_nodes,\n was_recovered,\n })\n }\n\n pub fn get_global_error_arc(\n &self,\n ) -> Arc> {\n self.global_error.clone()\n }\n\n fn check_error(&self) -> io::Result<()> {\n let err_ptr: *const (io::ErrorKind, String) =\n self.global_error.load(Ordering::Acquire);\n\n if err_ptr.is_null() {\n Ok(())\n } else {\n let deref: &(io::ErrorKind, String) = unsafe { &*err_ptr };\n Err(io::Error::new(deref.0, deref.1.clone()))\n }\n }\n\n fn set_error(&self, error: &io::Error) {\n set_error(&self.global_error, error);\n }\n\n pub fn manually_advance_epoch(&self) {\n self.free_ebr.manually_advance_epoch();\n }\n\n pub fn stats(&self) -> HeapStats {\n let truncated_file_bytes =\n self.truncated_file_bytes.load(Ordering::Acquire);\n\n let stats = self.stats.read();\n\n HeapStats {\n truncated_file_bytes,\n allocator: self.table.stats(),\n write_batch_max: stats.max,\n write_batch_sum: stats.sum,\n }\n }\n\n pub fn read(&self, object_id: ObjectId) -> Option>> {\n if let Err(e) = self.check_error() {\n return Some(Err(e));\n }\n\n let mut guard = self.free_ebr.pin();\n let slab_address = self.table.get_location_for_object(object_id)?;\n\n let slab = &self.slabs[usize::from(slab_address.slab_id)];\n\n match slab.read(slab_address.slot(), &mut guard) {\n Ok(bytes) => Some(Ok(bytes)),\n Err(e) => {\n let annotated = annotate!(e);\n self.set_error(&annotated);\n Some(Err(annotated))\n }\n }\n }\n\n pub fn write_batch(\n &self,\n batch: Vec,\n ) -> io::Result {\n self.check_error()?;\n let metadata_store = self.metadata_store.try_lock()\n .expect(\"write_batch called concurrently! major correctness assumpiton violated\");\n let mut guard = self.free_ebr.pin();\n\n let slabs = &self.slabs;\n let table = &self.table;\n\n let heap_bytes_written = AtomicU64::new(0);\n let heap_files_used_0_to_63 = AtomicU64::new(0);\n let heap_files_used_64_to_127 = AtomicU64::new(0);\n\n let map_closure = |update: Update| match update {\n Update::Store { object_id, collection_id, low_key, data } => {\n let data_len = data.len();\n let slab_id = slab_for_size(data_len);\n let slab = &slabs[usize::from(slab_id)];\n let new_location = table.allocate_slab_slot(slab_id);\n let new_location_nzu: NonZeroU64 = new_location.into();\n\n let complete_durability_pipeline =\n maybe!(slab.write(new_location.slot(), data));\n\n if let Err(e) = complete_durability_pipeline {\n // can immediately free slot as the\n table.free_slab_slot(new_location);\n return Err(e);\n }\n\n // record stats\n heap_bytes_written\n .fetch_add(data_len as u64, Ordering::Release);\n\n if slab_id < 64 {\n let slab_bit = 0b1 << slab_id;\n heap_files_used_0_to_63\n .fetch_or(slab_bit, Ordering::Release);\n } else {\n assert!(slab_id < 128);\n let slab_bit = 0b1 << (slab_id - 64);\n heap_files_used_64_to_127\n .fetch_or(slab_bit, Ordering::Release);\n }\n\n Ok(UpdateMetadata::Store {\n object_id,\n collection_id,\n low_key,\n location: new_location_nzu,\n })\n }\n Update::Free { object_id, collection_id } => {\n Ok(UpdateMetadata::Free { object_id, collection_id })\n }\n };\n\n let before_heap_write = Instant::now();\n\n let metadata_batch_res: io::Result> =\n batch.into_par_iter().map(map_closure).collect();\n\n let before_heap_sync = Instant::now();\n\n fence(Ordering::SeqCst);\n\n for slab_id in 0..N_SLABS {\n let dirty = if slab_id < 64 {\n let slab_bit = 0b1 << slab_id;\n\n heap_files_used_0_to_63.load(Ordering::Acquire) & slab_bit\n == slab_bit\n } else {\n let slab_bit = 0b1 << (slab_id - 64);\n\n heap_files_used_64_to_127.load(Ordering::Acquire) & slab_bit\n == slab_bit\n };\n\n if dirty {\n self.slabs[slab_id].sync()?;\n }\n }\n\n let heap_sync_latency = before_heap_sync.elapsed();\n\n let heap_write_latency = before_heap_write.elapsed();\n\n let metadata_batch = match metadata_batch_res {\n Ok(mut mb) => {\n // TODO evaluate impact : cost ratio of this sort\n mb.par_sort_unstable();\n mb\n }\n Err(e) => {\n self.set_error(&e);\n return Err(e);\n }\n };\n\n // make metadata durable\n let before_metadata_write = Instant::now();\n let metadata_bytes_written =\n match metadata_store.write_batch(&metadata_batch) {\n Ok(metadata_bytes_written) => metadata_bytes_written,\n Err(e) => {\n self.set_error(&e);\n return Err(e);\n }\n };\n let metadata_write_latency = before_metadata_write.elapsed();\n\n // reclaim previous disk locations for future writes\n for update_metadata in metadata_batch {\n let last_address_opt = match update_metadata {\n UpdateMetadata::Store { object_id, location, .. } => {\n self.table.insert(object_id, SlabAddress::from(location))\n }\n UpdateMetadata::Free { object_id, .. } => {\n guard.defer_drop(DeferredFree {\n allocator: self.table.clone_object_id_allocator_arc(),\n freed_slot: object_id.0.get(),\n });\n self.table.remove(object_id)\n }\n };\n\n if let Some(last_address) = last_address_opt {\n guard.defer_drop(DeferredFree {\n allocator: self\n .table\n .clone_slab_allocator_arc(last_address.slab_id),\n freed_slot: last_address.slot(),\n });\n }\n }\n\n // truncate files that are now too fragmented\n let before_truncate = Instant::now();\n let mut truncated_files = 0;\n let mut truncated_bytes = 0;\n for (i, max_live_slot) in self.table.get_max_allocated_per_slab() {\n let slab = &self.slabs[i];\n\n let last_max = slab\n .max_live_slot_since_last_truncation\n .fetch_max(max_live_slot, Ordering::SeqCst);\n\n let max_since_last_truncation = last_max.max(max_live_slot);\n\n let currently_occupied_bytes =\n (max_live_slot + 1) * slab.slot_size as u64;\n\n let max_occupied_bytes =\n (max_since_last_truncation + 1) * slab.slot_size as u64;\n\n let ratio = currently_occupied_bytes * 100 / max_occupied_bytes;\n\n if ratio < FILE_TARGET_FILL_RATIO {\n let target_len = if max_live_slot < 16 {\n currently_occupied_bytes\n } else {\n currently_occupied_bytes * FILE_RESIZE_MARGIN / 100\n };\n\n assert!(target_len < max_occupied_bytes);\n assert!(\n target_len >= currently_occupied_bytes,\n \"target_len of {} is above actual occupied len of {}\",\n target_len,\n currently_occupied_bytes\n );\n\n if cfg!(not(feature = \"monotonic-behavior\")) {\n if slab.file.set_len(target_len).is_ok() {\n slab.max_live_slot_since_last_truncation\n .store(max_live_slot, Ordering::SeqCst);\n\n let file_truncated_bytes =\n currently_occupied_bytes.saturating_sub(target_len);\n self.truncated_file_bytes\n .fetch_add(file_truncated_bytes, Ordering::Release);\n\n truncated_files += 1;\n truncated_bytes += file_truncated_bytes;\n } else {\n // TODO surface stats\n }\n }\n }\n }\n\n let truncate_latency = before_truncate.elapsed();\n\n let heap_files_written_to = u64::from(\n heap_files_used_0_to_63.load(Ordering::Acquire).count_ones()\n + heap_files_used_64_to_127\n .load(Ordering::Acquire)\n .count_ones(),\n );\n\n let stats = WriteBatchStats {\n heap_bytes_written: heap_bytes_written.load(Ordering::Acquire),\n heap_files_written_to,\n heap_write_latency,\n heap_sync_latency,\n metadata_bytes_written,\n metadata_write_latency,\n truncated_files,\n truncated_bytes,\n truncate_latency,\n };\n\n {\n let mut stats_tracker = self.stats.write();\n stats_tracker.max = stats_tracker.max.max(&stats);\n stats_tracker.sum = stats_tracker.sum.sum(&stats);\n }\n\n Ok(stats)\n }\n\n pub fn heap_object_id_pin(&self) -> ebr::Guard<'_, DeferredFree, 16, 16> {\n self.free_ebr.pin()\n }\n\n pub fn allocate_object_id(&self) -> ObjectId {\n self.table.allocate_object_id()\n }\n\n pub(crate) fn objects_to_defrag(&self) -> FnvHashSet {\n self.table.objects_to_defrag()\n }\n}\n"
},
{
"path": "src/id_allocator.rs",
"content": "use std::collections::BTreeSet;\nuse std::sync::atomic::{AtomicU64, Ordering};\nuse std::sync::Arc;\n\nuse crossbeam_queue::SegQueue;\nuse fnv::FnvHashSet;\nuse parking_lot::Mutex;\n\n#[derive(Default, Debug)]\nstruct FreeSetAndTip {\n free_set: BTreeSet,\n next_to_allocate: u64,\n}\n\n#[derive(Default, Debug)]\npub struct Allocator {\n free_and_pending: Mutex,\n /// Flat combining.\n ///\n /// A lock free queue of recently freed ids which uses when there is contention on `free_and_pending`.\n free_queue: SegQueue,\n allocation_counter: AtomicU64,\n free_counter: AtomicU64,\n}\n\nimpl Allocator {\n /// Intended primarily for heap slab slot allocators when performing GC.\n ///\n /// If the slab is fragmented beyond the desired fill ratio, this returns\n /// the range of offsets (min inclusive, max exclusive) that may be copied\n /// into earlier free slots if they are currently occupied in order to\n /// achieve the desired fragmentation ratio.\n pub fn fragmentation_cutoff(\n &self,\n desired_ratio: f32,\n ) -> Option<(u64, u64)> {\n let mut free_and_tip = self.free_and_pending.lock();\n\n let next_to_allocate = free_and_tip.next_to_allocate;\n\n if next_to_allocate == 0 {\n return None;\n }\n\n while let Some(free_id) = self.free_queue.pop() {\n free_and_tip.free_set.insert(free_id);\n }\n\n let live_objects =\n next_to_allocate - free_and_tip.free_set.len() as u64;\n let actual_ratio = live_objects as f32 / next_to_allocate as f32;\n\n log::trace!(\n \"fragmented_slots actual ratio: {actual_ratio}, free len: {}\",\n free_and_tip.free_set.len()\n );\n\n if desired_ratio <= actual_ratio {\n return None;\n }\n\n // calculate theoretical cut-off point, return everything past that\n let min = (live_objects as f32 / desired_ratio) as u64;\n let max = next_to_allocate;\n assert!(min < max);\n Some((min, max))\n }\n\n pub fn from_allocated(allocated: &FnvHashSet) -> Allocator {\n let mut heap = BTreeSet::::default();\n let max = allocated.iter().copied().max();\n\n for i in 0..max.unwrap_or(0) {\n if !allocated.contains(&i) {\n heap.insert(i);\n }\n }\n\n let free_and_pending = Mutex::new(FreeSetAndTip {\n free_set: heap,\n next_to_allocate: max.map(|m| m + 1).unwrap_or(0),\n });\n\n Allocator {\n free_and_pending,\n free_queue: SegQueue::default(),\n allocation_counter: 0.into(),\n free_counter: 0.into(),\n }\n }\n\n pub fn max_allocated(&self) -> Option {\n let next = self.free_and_pending.lock().next_to_allocate;\n\n if next == 0 {\n None\n } else {\n Some(next - 1)\n }\n }\n\n pub fn allocate(&self) -> u64 {\n self.allocation_counter.fetch_add(1, Ordering::Relaxed);\n let mut free_and_tip = self.free_and_pending.lock();\n while let Some(free_id) = self.free_queue.pop() {\n free_and_tip.free_set.insert(free_id);\n }\n\n compact(&mut free_and_tip);\n\n let pop_attempt = free_and_tip.free_set.pop_first();\n\n if let Some(id) = pop_attempt {\n id\n } else {\n let ret = free_and_tip.next_to_allocate;\n free_and_tip.next_to_allocate += 1;\n ret\n }\n }\n\n pub fn free(&self, id: u64) {\n if cfg!(not(feature = \"monotonic-behavior\")) {\n self.free_counter.fetch_add(1, Ordering::Relaxed);\n if let Some(mut free) = self.free_and_pending.try_lock() {\n while let Some(free_id) = self.free_queue.pop() {\n free.free_set.insert(free_id);\n }\n free.free_set.insert(id);\n\n compact(&mut free);\n } else {\n self.free_queue.push(id);\n }\n }\n }\n\n /// Returns the counters for allocated, free\n pub fn counters(&self) -> (u64, u64) {\n (\n self.allocation_counter.load(Ordering::Acquire),\n self.free_counter.load(Ordering::Acquire),\n )\n }\n}\n\nfn compact(free: &mut FreeSetAndTip) {\n let next = &mut free.next_to_allocate;\n\n while *next > 1 && free.free_set.contains(&(*next - 1)) {\n free.free_set.remove(&(*next - 1));\n *next -= 1;\n }\n}\n\npub struct DeferredFree {\n pub allocator: Arc,\n pub freed_slot: u64,\n}\n\nimpl Drop for DeferredFree {\n fn drop(&mut self) {\n self.allocator.free(self.freed_slot)\n }\n}\n"
},
{
"path": "src/leaf.rs",
"content": "use crate::*;\n\n#[derive(Debug, Clone, serde::Serialize, serde::Deserialize)]\npub(crate) struct Leaf {\n pub lo: InlineArray,\n pub hi: Option,\n pub prefix_length: usize,\n data: stack_map::StackMap,\n pub in_memory_size: usize,\n pub mutation_count: u64,\n #[serde(skip)]\n pub dirty_flush_epoch: Option,\n #[serde(skip)]\n pub page_out_on_flush: Option,\n #[serde(skip)]\n pub deleted: Option,\n #[serde(skip)]\n pub max_unflushed_epoch: Option,\n}\n\nimpl Leaf {\n pub(crate) fn empty() -> Leaf {\n Leaf {\n lo: InlineArray::default(),\n hi: None,\n prefix_length: 0,\n data: stack_map::StackMap::default(),\n // this does not need to be marked as dirty until it actually\n // receives inserted data\n dirty_flush_epoch: None,\n in_memory_size: std::mem::size_of::>(),\n mutation_count: 0,\n page_out_on_flush: None,\n deleted: None,\n max_unflushed_epoch: None,\n }\n }\n\n pub(crate) const fn is_empty(&self) -> bool {\n self.data.is_empty()\n }\n\n pub(crate) fn set_dirty_epoch(&mut self, epoch: FlushEpoch) {\n assert!(self.deleted.is_none());\n if let Some(current_epoch) = self.dirty_flush_epoch {\n assert!(current_epoch <= epoch);\n }\n if self.page_out_on_flush < Some(epoch) {\n self.page_out_on_flush = None;\n }\n self.dirty_flush_epoch = Some(epoch);\n }\n\n fn prefix(&self) -> &[u8] {\n assert!(self.deleted.is_none());\n &self.lo[..self.prefix_length]\n }\n\n pub(crate) fn get(&self, key: &[u8]) -> Option<&InlineArray> {\n assert!(self.deleted.is_none());\n assert!(key.starts_with(self.prefix()));\n let prefixed_key = &key[self.prefix_length..];\n self.data.get(prefixed_key)\n }\n\n pub(crate) fn insert(\n &mut self,\n key: InlineArray,\n value: InlineArray,\n ) -> Option {\n assert!(self.deleted.is_none());\n assert!(key.starts_with(self.prefix()));\n let prefixed_key = key[self.prefix_length..].into();\n self.data.insert(prefixed_key, value)\n }\n\n pub(crate) fn remove(&mut self, key: &[u8]) -> Option {\n assert!(self.deleted.is_none());\n let prefix = self.prefix();\n assert!(key.starts_with(prefix));\n let partial_key = &key[self.prefix_length..];\n self.data.remove(partial_key)\n }\n\n pub(crate) fn merge_from(&mut self, other: &mut Self) {\n assert!(self.is_empty());\n\n self.hi = other.hi.clone();\n\n let new_prefix_len = if let Some(hi) = &self.hi {\n self.lo.iter().zip(hi.iter()).take_while(|(l, r)| l == r).count()\n } else {\n 0\n };\n\n assert_eq!(self.lo[..new_prefix_len], other.lo[..new_prefix_len]);\n\n // self.prefix_length is not read because it's expected to be\n // initialized here.\n self.prefix_length = new_prefix_len;\n\n if self.prefix() == other.prefix() {\n self.data = std::mem::take(&mut other.data);\n return;\n }\n\n assert!(\n self.prefix_length < other.prefix_length,\n \"self: {:?} other: {:?}\",\n self,\n other\n );\n\n let unshifted_key_amount = other.prefix_length - self.prefix_length;\n let unshifted_prefix = &other.lo\n [other.prefix_length - unshifted_key_amount..other.prefix_length];\n\n for (k, v) in other.data.iter() {\n let mut unshifted_key =\n Vec::with_capacity(unshifted_prefix.len() + k.len());\n unshifted_key.extend_from_slice(unshifted_prefix);\n unshifted_key.extend_from_slice(k);\n self.data.insert(unshifted_key.into(), v.clone());\n }\n\n assert_eq!(other.data.len(), self.data.len());\n\n #[cfg(feature = \"for-internal-testing-only\")]\n assert_eq!(\n self.iter().collect::>(),\n other.iter().collect::>(),\n \"self: {:#?} \\n other: {:#?}\\n\",\n self,\n other\n );\n }\n\n pub(crate) fn iter(\n &self,\n ) -> impl Iterator {\n let prefix = self.prefix();\n self.data.iter().map(|(k, v)| {\n let mut unshifted_key = Vec::with_capacity(prefix.len() + k.len());\n unshifted_key.extend_from_slice(prefix);\n unshifted_key.extend_from_slice(k);\n (unshifted_key.into(), v.clone())\n })\n }\n\n pub(crate) fn serialize(&self, zstd_compression_level: i32) -> Vec {\n let mut ret = vec![];\n\n let mut zstd_enc =\n zstd::stream::Encoder::new(&mut ret, zstd_compression_level)\n .unwrap();\n\n bincode::serialize_into(&mut zstd_enc, self).unwrap();\n\n zstd_enc.finish().unwrap();\n\n ret\n }\n\n pub(crate) fn deserialize(\n buf: &[u8],\n ) -> std::io::Result>> {\n let zstd_decoded = zstd::stream::decode_all(buf).unwrap();\n let mut leaf: Box> =\n bincode::deserialize(&zstd_decoded).unwrap();\n\n // use decompressed buffer length as a cheap proxy for in-memory size for now\n leaf.in_memory_size = zstd_decoded.len();\n\n Ok(leaf)\n }\n\n fn set_in_memory_size(&mut self) {\n self.in_memory_size = std::mem::size_of::>()\n + self.hi.as_ref().map(|h| h.len()).unwrap_or(0)\n + self.lo.len()\n + self.data.iter().map(|(k, v)| k.len() + v.len()).sum::();\n }\n\n pub(crate) fn split_if_full(\n &mut self,\n new_epoch: FlushEpoch,\n allocator: &ObjectCache,\n collection_id: CollectionId,\n ) -> Option<(InlineArray, Object)> {\n if self.data.is_full() {\n let original_len = self.data.len();\n\n let old_prefix_len = self.prefix_length;\n // split\n let split_offset = if self.lo.is_empty() {\n // split left-most shard almost at the beginning for\n // optimizing downward-growing workloads\n 1\n } else if self.hi.is_none() {\n // split right-most shard almost at the end for\n // optimizing upward-growing workloads\n self.data.len() - 2\n } else {\n self.data.len() / 2\n };\n\n let data = self.data.split_off(split_offset);\n\n let left_max = &self.data.last().unwrap().0;\n let right_min = &data.first().unwrap().0;\n\n // suffix truncation attempts to shrink the split key\n // so that shorter keys bubble up into the index\n let splitpoint_length = right_min\n .iter()\n .zip(left_max.iter())\n .take_while(|(a, b)| a == b)\n .count()\n + 1;\n\n let mut split_vec =\n Vec::with_capacity(self.prefix_length + splitpoint_length);\n split_vec.extend_from_slice(self.prefix());\n split_vec.extend_from_slice(&right_min[..splitpoint_length]);\n let split_key = InlineArray::from(split_vec);\n\n let rhs_id = allocator.allocate_object_id(new_epoch);\n\n log::trace!(\n \"split leaf {:?} at split key: {:?} into new {:?} at {:?}\",\n self.lo,\n split_key,\n rhs_id,\n new_epoch,\n );\n\n let mut rhs = Leaf {\n dirty_flush_epoch: Some(new_epoch),\n hi: self.hi.clone(),\n lo: split_key.clone(),\n prefix_length: 0,\n in_memory_size: 0,\n data,\n mutation_count: 0,\n page_out_on_flush: None,\n deleted: None,\n max_unflushed_epoch: None,\n };\n\n rhs.shorten_keys_after_split(old_prefix_len);\n\n rhs.set_in_memory_size();\n\n self.hi = Some(split_key.clone());\n\n self.shorten_keys_after_split(old_prefix_len);\n\n self.set_in_memory_size();\n\n assert_eq!(self.hi.as_ref().unwrap(), &split_key);\n assert_eq!(rhs.lo, &split_key);\n assert_eq!(rhs.data.len() + self.data.len(), original_len);\n\n let rhs_node = Object {\n object_id: rhs_id,\n collection_id,\n low_key: split_key.clone(),\n inner: Arc::new(RwLock::new(CacheBox {\n leaf: Some(Box::new(rhs)),\n logged_index: BTreeMap::default(),\n })),\n };\n\n return Some((split_key, rhs_node));\n }\n\n None\n }\n\n pub(crate) fn shorten_keys_after_split(&mut self, old_prefix_len: usize) {\n let Some(hi) = self.hi.as_ref() else { return };\n\n let new_prefix_len =\n self.lo.iter().zip(hi.iter()).take_while(|(l, r)| l == r).count();\n\n assert_eq!(self.lo[..new_prefix_len], hi[..new_prefix_len]);\n\n // self.prefix_length is not read because it's expected to be\n // initialized here.\n self.prefix_length = new_prefix_len;\n\n if new_prefix_len == old_prefix_len {\n return;\n }\n\n assert!(\n new_prefix_len > old_prefix_len,\n \"expected new prefix length of {} to be greater than the pre-split prefix length of {} for node {:?}\",\n new_prefix_len,\n old_prefix_len,\n self\n );\n\n let key_shift = new_prefix_len - old_prefix_len;\n\n for (k, v) in std::mem::take(&mut self.data).iter() {\n self.data.insert(k[key_shift..].into(), v.clone());\n }\n }\n}\n"
},
{
"path": "src/lib.rs",
"content": "// 1.0 blockers\n//\n// bugs\n// * page-out needs to be deferred until after any flush of the dirty epoch\n// * need to remove max_unflushed_epoch after flushing it\n// * can't send reliable page-out request backwards from 7->6\n// * re-locking every mutex in a writebatch feels bad\n// * need to signal stability status forward\n// * maybe we already are\n// * can make dirty_flush_epoch atomic and CAS it to 0 after flush\n// * can change dirty_flush_epoch to unflushed_epoch\n// * can always set mutation_count to max dirty flush epoch\n// * this feels nice, we can lazily update a global stable flushed counter\n// * can get rid of dirty_flush_epoch and page_out_on_flush?\n// * or at least dirty_flush_epoch\n// * dirty_flush_epoch really means \"hasn't yet been cooperatively serialized @ F.E.\"\n// * interesting metrics:\n// * whether dirty for some epoch\n// * whether cooperatively serialized for some epoch\n// * whether fully flushed for some epoch\n// * clean -> dirty -> {maybe coop} -> flushed\n// * for page-out, we only care if it's stable or if we need to add it to\n// a page-out priority queue\n// * page-out doesn't seem to happen as expected\n//\n// reliability\n// TODO make all writes wrapped in a Tearable wrapper that splits writes\n// and can possibly crash based on a counter.\n// TODO test concurrent drop_tree when other threads are still using it\n// TODO list trees test for recovering empty collections\n// TODO set explicit max key and value sizes w/ corresponding heap\n// TODO add failpoints to writepath\n//\n// performance\n// TODO handle prefix encoding\n// TODO (minor) remove cache access for removed node in merge function\n// TODO index+log hybrid - tinylsm key -> object location\n//\n// features\n// TODO multi-collection batch\n//\n// misc\n// TODO skim inlining output of RUSTFLAGS=\"-Cremark=all -Cdebuginfo=1\"\n//\n// ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1.0 cutoff ~~~~~~~~~~~~~~~~~~~~~~~~~~~\n//\n// post-1.0 improvements\n//\n// reliability\n// TODO bug hiding: if the crash_iter test panics, the test doesn't fail as expected\n// TODO event log assertion for testing heap location bidirectional referential integrity,\n// particularly in the object location mapper.\n// TODO ensure nothing \"from the future\" gets copied into earlier epochs during GC\n// TODO collection_id on page_in checks - it needs to be pinned w/ heap's EBR?\n// TODO put aborts behind feature flags for hard crashes\n// TODO re-enable transaction tests in test_tree.rs\n//\n// performance\n// TODO force writers to flush when some number of dirty epochs have built up\n// TODO serialize flush batch in parallel\n// TODO concurrent serialization of NotYetSerialized dirty objects\n// TODO make the Arc`,\n//! but with several additional capabilities for\n//! assisting creators of stateful systems.\n//!\n//! It is fully thread-safe, and all operations are\n//! atomic. Multiple `Tree`s with isolated keyspaces\n//! are supported with the\n//! [`Db::open_tree`](struct.Db.html#method.open_tree) method.\n//!\n//! `sled` is built by experienced database engineers\n//! who think users should spend less time tuning and\n//! working against high-friction APIs. Expect\n//! significant ergonomic and performance improvements\n//! over time. Most surprises are bugs, so please\n//! [let us know](mailto:tylerneely@gmail.com?subject=sled%20sucks!!!)\n//! if something is high friction.\n//!\n//! # Examples\n//!\n//! ```\n//! # let _ = std::fs::remove_dir_all(\"my_db\");\n//! let db: sled::Db = sled::open(\"my_db\").unwrap();\n//!\n//! // insert and get\n//! db.insert(b\"yo!\", b\"v1\");\n//! assert_eq!(&db.get(b\"yo!\").unwrap().unwrap(), b\"v1\");\n//!\n//! // Atomic compare-and-swap.\n//! db.compare_and_swap(\n//! b\"yo!\", // key\n//! Some(b\"v1\"), // old value, None for not present\n//! Some(b\"v2\"), // new value, None for delete\n//! )\n//! .unwrap();\n//!\n//! // Iterates over key-value pairs, starting at the given key.\n//! let scan_key: &[u8] = b\"a non-present key before yo!\";\n//! let mut iter = db.range(scan_key..);\n//! assert_eq!(&iter.next().unwrap().unwrap().0, b\"yo!\");\n//! assert!(iter.next().is_none());\n//!\n//! db.remove(b\"yo!\");\n//! assert!(db.get(b\"yo!\").unwrap().is_none());\n//!\n//! let other_tree: sled::Tree = db.open_tree(b\"cool db facts\").unwrap();\n//! other_tree.insert(\n//! b\"k1\",\n//! &b\"a Db acts like a Tree due to implementing Deref\"[..]\n//! ).unwrap();\n//! # let _ = std::fs::remove_dir_all(\"my_db\");\n//! ```\n#[cfg(feature = \"for-internal-testing-only\")]\nmod block_checker;\nmod config;\nmod db;\nmod flush_epoch;\nmod heap;\nmod id_allocator;\nmod leaf;\nmod metadata_store;\nmod object_cache;\nmod object_location_mapper;\nmod tree;\n\n#[cfg(any(\n feature = \"testing-shred-allocator\",\n feature = \"testing-count-allocator\"\n))]\npub mod alloc;\n\n#[cfg(feature = \"for-internal-testing-only\")]\nmod event_verifier;\n\n#[inline]\nfn debug_delay() {\n #[cfg(debug_assertions)]\n {\n let rand =\n std::time::SystemTime::UNIX_EPOCH.elapsed().unwrap().as_nanos();\n\n if rand % 128 > 100 {\n for _ in 0..rand % 16 {\n std::thread::yield_now();\n }\n }\n }\n}\n\npub use crate::config::Config;\npub use crate::db::Db;\npub use crate::tree::{Batch, Iter, Tree};\npub use inline_array::InlineArray;\n\nconst NAME_MAPPING_COLLECTION_ID: CollectionId = CollectionId(0);\nconst DEFAULT_COLLECTION_ID: CollectionId = CollectionId(1);\nconst INDEX_FANOUT: usize = 64;\nconst EBR_LOCAL_GC_BUFFER_SIZE: usize = 128;\n\nuse std::collections::BTreeMap;\nuse std::num::NonZeroU64;\nuse std::ops::Bound;\nuse std::sync::Arc;\n\nuse parking_lot::RwLock;\n\nuse crate::flush_epoch::{\n FlushEpoch, FlushEpochGuard, FlushEpochTracker, FlushInvariants,\n};\nuse crate::heap::{\n HeapStats, ObjectRecovery, SlabAddress, Update, WriteBatchStats,\n};\nuse crate::id_allocator::{Allocator, DeferredFree};\nuse crate::leaf::Leaf;\n\n// These are public so that they can be easily crash tested in external\n// binaries. They are hidden because there are zero guarantees around their\n// API stability or functionality.\n#[doc(hidden)]\npub use crate::heap::{Heap, HeapRecovery};\n#[doc(hidden)]\npub use crate::metadata_store::MetadataStore;\n#[doc(hidden)]\npub use crate::object_cache::{CacheStats, Dirty, FlushStats, ObjectCache};\n\n/// Opens a `Db` with a default configuration at the\n/// specified path. This will create a new storage\n/// directory at the specified path if it does\n/// not already exist. You can use the `Db::was_recovered`\n/// method to determine if your database was recovered\n/// from a previous instance.\npub fn open>(path: P) -> std::io::Result {\n Config::new().path(path).open()\n}\n\n#[derive(Debug, Copy, Clone)]\npub struct Stats {\n pub cache: CacheStats,\n}\n\n/// Compare and swap result.\n///\n/// It returns `Ok(Ok(()))` if operation finishes successfully and\n/// - `Ok(Err(CompareAndSwapError(current, proposed)))` if operation failed\n/// to setup a new value. `CompareAndSwapError` contains current and\n/// proposed values.\n/// - `Err(Error::Unsupported)` if the database is opened in read-only mode.\n/// otherwise.\npub type CompareAndSwapResult = std::io::Result<\n std::result::Result,\n>;\n\ntype Index = concurrent_map::ConcurrentMap<\n InlineArray,\n Object,\n INDEX_FANOUT,\n EBR_LOCAL_GC_BUFFER_SIZE,\n>;\n\n/// Compare and swap error.\n#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]\npub struct CompareAndSwapError {\n /// The current value which caused your CAS to fail.\n pub current: Option,\n /// Returned value that was proposed unsuccessfully.\n pub proposed: Option,\n}\n\n/// Compare and swap success.\n#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]\npub struct CompareAndSwapSuccess {\n /// The current value which was successfully installed.\n pub new_value: Option,\n /// Returned value that was previously stored.\n pub previous_value: Option,\n}\n\nimpl std::fmt::Display for CompareAndSwapError {\n fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {\n write!(f, \"Compare and swap conflict\")\n }\n}\n\nimpl std::error::Error for CompareAndSwapError {}\n\n#[derive(\n Debug,\n Clone,\n Copy,\n serde::Serialize,\n serde::Deserialize,\n PartialOrd,\n Ord,\n PartialEq,\n Eq,\n Hash,\n)]\npub struct ObjectId(NonZeroU64);\n\nimpl ObjectId {\n fn new(from: u64) -> Option {\n NonZeroU64::new(from).map(ObjectId)\n }\n}\n\nimpl std::ops::Deref for ObjectId {\n type Target = u64;\n\n fn deref(&self) -> &u64 {\n let self_ref: &NonZeroU64 = &self.0;\n\n // NonZeroU64 is repr(transparent) where it wraps a u64\n // so it is guaranteed to match the binary layout. This\n // makes it safe to cast a reference to one as a reference\n // to the other like this.\n let self_ptr: *const NonZeroU64 = self_ref as *const _;\n let reference: *const u64 = self_ptr as *const u64;\n\n unsafe { &*reference }\n }\n}\n\nimpl concurrent_map::Minimum for ObjectId {\n const MIN: ObjectId = ObjectId(NonZeroU64::MIN);\n}\n\n#[derive(\n Debug,\n Clone,\n Copy,\n serde::Serialize,\n serde::Deserialize,\n PartialOrd,\n Ord,\n PartialEq,\n Eq,\n Hash,\n)]\npub struct CollectionId(u64);\n\nimpl concurrent_map::Minimum for CollectionId {\n const MIN: CollectionId = CollectionId(u64::MIN);\n}\n\n#[derive(Debug, Clone)]\nstruct CacheBox {\n leaf: Option>>,\n #[allow(unused)]\n logged_index: BTreeMap,\n}\n\n#[allow(unused)]\n#[derive(Debug, Clone)]\nstruct LogValue {\n location: SlabAddress,\n value: Option,\n}\n\n#[derive(Debug, Clone)]\npub struct Object {\n object_id: ObjectId,\n collection_id: CollectionId,\n low_key: InlineArray,\n inner: Arc>>,\n}\n\nimpl PartialEq for Object {\n fn eq(&self, other: &Self) -> bool {\n self.object_id == other.object_id\n }\n}\n\n/// Stored on `Db` and `Tree` in an Arc, so that when the\n/// last \"high-level\" struct is dropped, the flusher thread\n/// is cleaned up.\nstruct ShutdownDropper {\n shutdown_sender: parking_lot::Mutex<\n std::sync::mpsc::Sender>,\n >,\n cache: parking_lot::Mutex>,\n}\n\nimpl Drop for ShutdownDropper {\n fn drop(&mut self) {\n let (tx, rx) = std::sync::mpsc::channel();\n log::debug!(\"sending shutdown signal to flusher\");\n if self.shutdown_sender.lock().send(tx).is_ok() {\n if let Err(e) = rx.recv() {\n log::error!(\"failed to shut down flusher thread: {:?}\", e);\n } else {\n log::debug!(\"flush thread successfully terminated\");\n }\n } else {\n log::debug!(\n \"failed to shut down flusher, manually flushing ObjectCache\"\n );\n let cache = self.cache.lock();\n if let Err(e) = cache.flush() {\n log::error!(\n \"Db flusher encountered error while flushing: {:?}\",\n e\n );\n cache.set_error(&e);\n }\n }\n }\n}\n\nfn map_bound U>(bound: Bound, f: F) -> Bound {\n match bound {\n Bound::Unbounded => Bound::Unbounded,\n Bound::Included(x) => Bound::Included(f(x)),\n Bound::Excluded(x) => Bound::Excluded(f(x)),\n }\n}\n\nconst fn _assert_public_types_send_sync() {\n use std::fmt::Debug;\n\n const fn _assert_send() {}\n\n const fn _assert_send_sync() {}\n\n /*\n _assert_send::();\n _assert_send_sync::();\n _assert_send_sync::();\n _assert_send_sync::();\n */\n\n _assert_send::();\n\n _assert_send_sync::();\n _assert_send_sync::();\n _assert_send_sync::();\n _assert_send_sync::();\n _assert_send_sync::();\n}\n"
},
{
"path": "src/metadata_store.rs",
"content": "use std::collections::BTreeSet;\nuse std::fs;\nuse std::io::{self, Read, Write};\nuse std::num::NonZeroU64;\nuse std::path::{Path, PathBuf};\nuse std::sync::{\n Arc,\n atomic::{AtomicPtr, AtomicU64, Ordering},\n};\n\nuse crossbeam_channel::{Receiver, Sender, bounded, unbounded};\nuse fault_injection::{annotate, fallible, maybe};\nuse fnv::FnvHashMap;\nuse inline_array::InlineArray;\nuse parking_lot::Mutex;\nuse rayon::prelude::*;\nuse zstd::stream::read::Decoder as ZstdDecoder;\nuse zstd::stream::write::Encoder as ZstdEncoder;\n\nuse crate::{CollectionId, ObjectId, heap::UpdateMetadata};\n\nconst WARN: &str = \"DO_NOT_PUT_YOUR_FILES_HERE\";\nconst TMP_SUFFIX: &str = \".tmp\";\nconst LOG_PREFIX: &str = \"log\";\nconst SNAPSHOT_PREFIX: &str = \"snapshot\";\n\nconst ZSTD_LEVEL: i32 = 3;\n\n// NB: intentionally does not implement Clone, and\n// the Inner::drop code relies on this invariant for\n// now so that we don't free the global error until\n// all high-level structs are dropped. This is not\n// hard to change over time though, just a current\n// invariant.\npub struct MetadataStore {\n inner: Inner,\n is_shut_down: bool,\n}\n\nimpl Drop for MetadataStore {\n fn drop(&mut self) {\n if self.is_shut_down {\n return;\n }\n\n self.shutdown_inner();\n self.is_shut_down = true;\n }\n}\n\nstruct MetadataRecovery {\n recovered: Vec,\n id_for_next_log: u64,\n snapshot_size: u64,\n}\n\nstruct LogAndStats {\n file: fs::File,\n bytes_written: u64,\n log_sequence_number: u64,\n}\n\nenum WorkerMessage {\n Shutdown(Sender<()>),\n LogReadyToCompact { log_and_stats: LogAndStats },\n}\n\nfn get_compactions(\n rx: &mut Receiver,\n) -> Result, Option>> {\n let mut ret = vec![];\n\n match rx.recv() {\n Ok(WorkerMessage::Shutdown(tx)) => {\n return Err(Some(tx));\n }\n Ok(WorkerMessage::LogReadyToCompact { log_and_stats }) => {\n ret.push(log_and_stats.log_sequence_number);\n }\n Err(e) => {\n log::error!(\n \"metadata store worker thread unable to receive message, unexpected shutdown: {e:?}\"\n );\n return Err(None);\n }\n }\n\n // scoop up any additional logs that have built up while we were busy compacting\n loop {\n match rx.try_recv() {\n Ok(WorkerMessage::Shutdown(tx)) => {\n tx.send(()).unwrap();\n return Err(Some(tx));\n }\n Ok(WorkerMessage::LogReadyToCompact { log_and_stats }) => {\n ret.push(log_and_stats.log_sequence_number);\n }\n Err(_timeout) => return Ok(ret),\n }\n }\n}\n\nfn worker(\n mut rx: Receiver,\n mut last_snapshot_lsn: u64,\n inner: Inner,\n) {\n loop {\n if let Err(error) = check_error(&inner.global_error) {\n drop(inner);\n\n log::error!(\n \"compaction thread terminating after global error set to {:?}\",\n error\n );\n\n return;\n }\n\n match get_compactions(&mut rx) {\n Ok(log_ids) => {\n assert_eq!(log_ids[0], last_snapshot_lsn + 1);\n\n let write_res = read_snapshot_and_apply_logs(\n &inner.storage_directory,\n log_ids.into_iter().collect(),\n Some(last_snapshot_lsn),\n &inner.directory_lock,\n );\n match write_res {\n Err(e) => {\n set_error(&inner.global_error, &e);\n log::error!(\n \"log compactor thread encountered error: {:?} - setting global fatal error and shutting down compactions\",\n e\n );\n return;\n }\n Ok(recovery) => {\n inner\n .snapshot_size\n .store(recovery.snapshot_size, Ordering::SeqCst);\n last_snapshot_lsn =\n recovery.id_for_next_log.checked_sub(1).unwrap();\n }\n }\n }\n Err(Some(tx)) => {\n drop(inner);\n if let Err(e) = tx.send(()) {\n log::error!(\n \"log compactor failed to send shutdown ack to system: {e:?}\"\n );\n }\n return;\n }\n Err(None) => {\n return;\n }\n }\n }\n}\n\nfn set_error(\n global_error: &AtomicPtr<(io::ErrorKind, String)>,\n error: &io::Error,\n) {\n let kind = error.kind();\n let reason = error.to_string();\n\n let boxed = Box::new((kind, reason));\n let ptr = Box::into_raw(boxed);\n\n if global_error\n .compare_exchange(\n std::ptr::null_mut(),\n ptr,\n Ordering::SeqCst,\n Ordering::SeqCst,\n )\n .is_err()\n {\n // global fatal error already installed, drop this one\n unsafe {\n drop(Box::from_raw(ptr));\n }\n }\n}\n\nfn check_error(\n global_error: &AtomicPtr<(io::ErrorKind, String)>,\n) -> io::Result<()> {\n let err_ptr: *const (io::ErrorKind, String) =\n global_error.load(Ordering::Acquire);\n\n if err_ptr.is_null() {\n Ok(())\n } else {\n let deref: &(io::ErrorKind, String) = unsafe { &*err_ptr };\n Err(io::Error::new(deref.0, deref.1.clone()))\n }\n}\n\n#[derive(Clone)]\nstruct Inner {\n global_error: Arc>,\n active_log: Arc>,\n snapshot_size: Arc,\n storage_directory: PathBuf,\n directory_lock: Arc,\n worker_outbox: Sender,\n}\n\nimpl Drop for Inner {\n fn drop(&mut self) {\n // NB: this is the only place where the global error should be\n // reclaimed in the whole sled codebase, as this Inner is only held\n // by the background writer and the heap (in an Arc) so when this\n // drop happens, it's because the whole system is going down, not\n // because any particular Db instance that may have been cloned\n // by a thread is dropping.\n let error_ptr =\n self.global_error.swap(std::ptr::null_mut(), Ordering::Acquire);\n if !error_ptr.is_null() {\n unsafe {\n drop(Box::from_raw(error_ptr));\n }\n }\n }\n}\n\nimpl MetadataStore {\n pub fn get_global_error_arc(\n &self,\n ) -> Arc> {\n self.inner.global_error.clone()\n }\n\n fn shutdown_inner(&mut self) {\n let (tx, rx) = bounded(1);\n if self.inner.worker_outbox.send(WorkerMessage::Shutdown(tx)).is_ok() {\n let _ = rx.recv();\n }\n\n self.set_error(&io::Error::other(\n \"system has been shut down\".to_string(),\n ));\n\n self.is_shut_down = true;\n }\n\n fn check_error(&self) -> io::Result<()> {\n check_error(&self.inner.global_error)\n }\n\n fn set_error(&self, error: &io::Error) {\n set_error(&self.inner.global_error, error);\n }\n\n /// Returns the writer handle `MetadataStore`, a sorted array of metadata, and a sorted array\n /// of free keys.\n pub fn recover>(\n storage_directory: P,\n ) -> io::Result<(\n // Metadata writer\n MetadataStore,\n // Metadata - node id, value, user data\n Vec,\n )> {\n use fs2::FileExt;\n\n // TODO NOCOMMIT\n let sync_status = std::process::Command::new(\"sync\")\n .status()\n .map(|status| status.success());\n\n if !matches!(sync_status, Ok(true)) {\n log::warn!(\n \"sync command before recovery failed: {:?}\",\n sync_status\n );\n }\n\n let path = storage_directory.as_ref();\n\n // initialize directories if not present\n if let Err(e) = fs::read_dir(path) {\n if e.kind() == io::ErrorKind::NotFound {\n fallible!(fs::create_dir_all(path));\n }\n }\n\n let _ = fs::File::create(path.join(WARN));\n\n let directory_lock = fallible!(fs::File::open(path));\n fallible!(directory_lock.sync_all());\n fallible!(directory_lock.try_lock_exclusive());\n\n let recovery =\n MetadataStore::recover_inner(&storage_directory, &directory_lock)?;\n\n let new_log = LogAndStats {\n log_sequence_number: recovery.id_for_next_log,\n bytes_written: 0,\n file: fallible!(fs::File::create(log_path(\n path,\n recovery.id_for_next_log\n ))),\n };\n\n let (tx, rx) = unbounded();\n\n let inner = Inner {\n snapshot_size: Arc::new(recovery.snapshot_size.into()),\n storage_directory: path.into(),\n directory_lock: Arc::new(directory_lock),\n global_error: Default::default(),\n active_log: Arc::new(Mutex::new(new_log)),\n worker_outbox: tx,\n };\n\n let worker_inner = inner.clone();\n\n let spawn_res = std::thread::Builder::new()\n .name(\"sled_flusher\".into())\n .spawn(move || {\n worker(\n rx,\n recovery.id_for_next_log.checked_sub(1).unwrap(),\n worker_inner,\n )\n });\n\n if let Err(e) = spawn_res {\n return Err(io::Error::other(format!(\n \"unable to spawn metadata compactor thread for sled database: {:?}\",\n e\n )));\n }\n\n Ok((MetadataStore { inner, is_shut_down: false }, recovery.recovered))\n }\n\n /// Returns the recovered mappings, the id for the next log file, the highest allocated object id, and the set of free ids\n fn recover_inner>(\n storage_directory: P,\n directory_lock: &fs::File,\n ) -> io::Result {\n let path = storage_directory.as_ref();\n\n log::debug!(\"opening MetadataStore at {:?}\", path);\n\n let (log_ids, snapshot_id_opt) = enumerate_logs_and_snapshot(path)?;\n\n read_snapshot_and_apply_logs(\n path,\n log_ids,\n snapshot_id_opt,\n directory_lock,\n )\n }\n\n /// Write a batch of metadata. `None` for the second half of the outer tuple represents a\n /// deletion. Returns the bytes written.\n pub fn write_batch(&self, batch: &[UpdateMetadata]) -> io::Result {\n self.check_error()?;\n\n let batch_bytes = serialize_batch(batch);\n let ret = batch_bytes.len() as u64;\n\n let mut log = self.inner.active_log.lock();\n\n if let Err(e) = maybe!(log.file.write_all(&batch_bytes)) {\n self.set_error(&e);\n return Err(e);\n }\n\n if let Err(e) = maybe!(log.file.sync_all())\n .and_then(|_| self.inner.directory_lock.sync_all())\n {\n self.set_error(&e);\n return Err(e);\n }\n\n log.bytes_written += batch_bytes.len() as u64;\n\n if log.bytes_written\n > self.inner.snapshot_size.load(Ordering::Acquire).max(64 * 1024)\n {\n let next_offset = log.log_sequence_number + 1;\n let next_path =\n log_path(&self.inner.storage_directory, next_offset);\n\n // open new log\n let mut next_log_file_opts = fs::OpenOptions::new();\n next_log_file_opts.create(true).read(true).write(true);\n\n let next_log_file = match maybe!(next_log_file_opts.open(next_path))\n {\n Ok(nlf) => nlf,\n Err(e) => {\n self.set_error(&e);\n return Err(e);\n }\n };\n\n let next_log_and_stats = LogAndStats {\n file: next_log_file,\n log_sequence_number: next_offset,\n bytes_written: 0,\n };\n\n // replace log\n let old_log_and_stats =\n std::mem::replace(&mut *log, next_log_and_stats);\n\n // send to snapshot writer\n self.inner\n .worker_outbox\n .send(WorkerMessage::LogReadyToCompact {\n log_and_stats: old_log_and_stats,\n })\n .expect(\"unable to send log to compact to worker\");\n }\n\n Ok(ret)\n }\n}\n\nfn serialize_batch(batch: &[UpdateMetadata]) -> Vec {\n // we initialize the vector to contain placeholder bytes for the frame length\n let batch_bytes = 0_u64.to_le_bytes().to_vec();\n\n // write format:\n // 6 byte LE frame length (in bytes, not items)\n // 2 byte crc of the frame length\n // payload:\n // zstd encoded 8 byte LE key\n // zstd encoded 8 byte LE value\n // repeated for each kv pair\n // LE encoded crc32 of length + payload raw bytes, XOR 0xAF to make non-zero in empty case\n let mut batch_encoder = ZstdEncoder::new(batch_bytes, ZSTD_LEVEL).unwrap();\n\n for update_metadata in batch {\n match update_metadata {\n UpdateMetadata::Store {\n object_id,\n collection_id,\n low_key,\n location,\n } => {\n batch_encoder\n .write_all(&object_id.0.get().to_le_bytes())\n .unwrap();\n batch_encoder\n .write_all(&collection_id.0.to_le_bytes())\n .unwrap();\n batch_encoder.write_all(&location.get().to_le_bytes()).unwrap();\n\n let low_key_len: u64 = low_key.len() as u64;\n batch_encoder.write_all(&low_key_len.to_le_bytes()).unwrap();\n batch_encoder.write_all(low_key).unwrap();\n }\n UpdateMetadata::Free { object_id, collection_id } => {\n batch_encoder\n .write_all(&object_id.0.get().to_le_bytes())\n .unwrap();\n batch_encoder\n .write_all(&collection_id.0.to_le_bytes())\n .unwrap();\n // heap location\n batch_encoder.write_all(&0_u64.to_le_bytes()).unwrap();\n // metadata len\n batch_encoder.write_all(&0_u64.to_le_bytes()).unwrap();\n }\n }\n }\n\n let mut batch_bytes = batch_encoder.finish().unwrap();\n\n let batch_len = batch_bytes.len().checked_sub(8).unwrap();\n batch_bytes[..8].copy_from_slice(&batch_len.to_le_bytes());\n assert_eq!(&[0, 0], &batch_bytes[6..8]);\n\n let len_hash: [u8; 2] =\n (crc32fast::hash(&batch_bytes[..6]) as u16).to_le_bytes();\n\n batch_bytes[6..8].copy_from_slice(&len_hash);\n\n let hash: u32 = crc32fast::hash(&batch_bytes) ^ 0xAF;\n let hash_bytes: [u8; 4] = hash.to_le_bytes();\n batch_bytes.extend_from_slice(&hash_bytes);\n\n batch_bytes\n}\n\nfn read_frame(\n file: &mut fs::File,\n reusable_frame_buffer: &mut Vec,\n) -> io::Result> {\n let mut frame_size_with_crc_buf: [u8; 8] = [0; 8];\n // TODO only break if UnexpectedEof, otherwise propagate\n fallible!(file.read_exact(&mut frame_size_with_crc_buf));\n\n let expected_len_hash_buf =\n [frame_size_with_crc_buf[6], frame_size_with_crc_buf[7]];\n\n let actual_len_hash_buf: [u8; 2] =\n (crc32fast::hash(&frame_size_with_crc_buf[..6]) as u16).to_le_bytes();\n\n // clear crc bytes before turning into usize\n let mut frame_size_buf = frame_size_with_crc_buf;\n frame_size_buf[6] = 0;\n frame_size_buf[7] = 0;\n\n if actual_len_hash_buf != expected_len_hash_buf {\n return Err(annotate!(io::Error::new(\n io::ErrorKind::InvalidData,\n \"corrupt frame length\"\n )));\n }\n\n let len_u64: u64 = u64::from_le_bytes(frame_size_buf);\n let len: usize = usize::try_from(len_u64).unwrap();\n\n reusable_frame_buffer.clear();\n reusable_frame_buffer.reserve(len + 12);\n unsafe {\n reusable_frame_buffer.set_len(len + 12);\n }\n reusable_frame_buffer[..8].copy_from_slice(&frame_size_with_crc_buf);\n\n fallible!(file.read_exact(&mut reusable_frame_buffer[8..]));\n\n let crc_actual = crc32fast::hash(&reusable_frame_buffer[..len + 8]) ^ 0xAF;\n let crc_recorded = u32::from_le_bytes([\n reusable_frame_buffer[len + 8],\n reusable_frame_buffer[len + 9],\n reusable_frame_buffer[len + 10],\n reusable_frame_buffer[len + 11],\n ]);\n\n if crc_actual != crc_recorded {\n log::warn!(\"encountered incorrect crc for batch in log\");\n return Err(annotate!(io::Error::new(\n io::ErrorKind::InvalidData,\n \"crc mismatch for read of batch frame\",\n )));\n }\n\n let mut ret = vec![];\n\n let mut decoder = ZstdDecoder::new(&reusable_frame_buffer[8..len + 8])\n .expect(\"failed to create zstd decoder\");\n\n let mut object_id_buf: [u8; 8] = [0; 8];\n let mut collection_id_buf: [u8; 8] = [0; 8];\n let mut location_buf: [u8; 8] = [0; 8];\n let mut low_key_len_buf: [u8; 8] = [0; 8];\n let mut low_key_buf = vec![];\n loop {\n let first_read_res = decoder\n .read_exact(&mut object_id_buf)\n .and_then(|_| decoder.read_exact(&mut collection_id_buf))\n .and_then(|_| decoder.read_exact(&mut location_buf))\n .and_then(|_| decoder.read_exact(&mut low_key_len_buf));\n\n if let Err(e) = first_read_res {\n if e.kind() != io::ErrorKind::UnexpectedEof {\n return Err(e);\n } else {\n break;\n }\n }\n\n let object_id_u64 = u64::from_le_bytes(object_id_buf);\n\n let object_id = if let Some(object_id) = ObjectId::new(object_id_u64) {\n object_id\n } else {\n return Err(annotate!(io::Error::new(\n io::ErrorKind::InvalidData,\n \"corrupt object ID 0 somehow passed crc check\"\n )));\n };\n\n let collection_id = CollectionId(u64::from_le_bytes(collection_id_buf));\n let location = u64::from_le_bytes(location_buf);\n\n let low_key_len_raw = u64::from_le_bytes(low_key_len_buf);\n let low_key_len = usize::try_from(low_key_len_raw).unwrap();\n\n low_key_buf.reserve(low_key_len);\n unsafe {\n low_key_buf.set_len(low_key_len);\n }\n\n decoder\n .read_exact(&mut low_key_buf)\n .expect(\"we expect reads from crc-verified buffers to succeed\");\n\n if let Some(location_nzu) = NonZeroU64::new(location) {\n let low_key = InlineArray::from(&*low_key_buf);\n\n ret.push(UpdateMetadata::Store {\n object_id,\n collection_id,\n location: location_nzu,\n low_key,\n });\n } else {\n ret.push(UpdateMetadata::Free { object_id, collection_id });\n }\n }\n\n Ok(ret)\n}\n\n// returns the deduplicated data in this log, along with an optional offset where a\n// final torn write occurred.\nfn read_log(\n directory_path: &Path,\n lsn: u64,\n) -> io::Result> {\n log::trace!(\"reading log {lsn}\");\n let mut ret = FnvHashMap::default();\n\n let mut file = fallible!(fs::File::open(log_path(directory_path, lsn)));\n\n let mut reusable_frame_buffer: Vec = vec![];\n\n while let Ok(frame) = read_frame(&mut file, &mut reusable_frame_buffer) {\n for update_metadata in frame {\n ret.insert(update_metadata.object_id(), update_metadata);\n }\n }\n\n log::trace!(\"recovered {} items in log {}\", ret.len(), lsn);\n\n Ok(ret)\n}\n\n/// returns the data from the snapshot as well as the size of the snapshot\nfn read_snapshot(\n directory_path: &Path,\n lsn: u64,\n) -> io::Result<(FnvHashMap, u64)> {\n log::trace!(\"reading snapshot {lsn}\");\n let mut reusable_frame_buffer: Vec = vec![];\n let mut file =\n fallible!(fs::File::open(snapshot_path(directory_path, lsn, false)));\n let size = fallible!(file.metadata()).len();\n let raw_frame = read_frame(&mut file, &mut reusable_frame_buffer)?;\n\n let frame: FnvHashMap = raw_frame\n .into_iter()\n .map(|update_metadata| (update_metadata.object_id(), update_metadata))\n .collect();\n\n log::trace!(\"recovered {} items in snapshot {}\", frame.len(), lsn);\n\n Ok((frame, size))\n}\n\nfn log_path(directory_path: &Path, id: u64) -> PathBuf {\n directory_path.join(format!(\"{LOG_PREFIX}_{:016x}\", id))\n}\n\nfn snapshot_path(directory_path: &Path, id: u64, temporary: bool) -> PathBuf {\n if temporary {\n directory_path\n .join(format!(\"{SNAPSHOT_PREFIX}_{:016x}{TMP_SUFFIX}\", id))\n } else {\n directory_path.join(format!(\"{SNAPSHOT_PREFIX}_{:016x}\", id))\n }\n}\n\nfn enumerate_logs_and_snapshot(\n directory_path: &Path,\n) -> io::Result<(BTreeSet, Option)> {\n let mut logs = BTreeSet::new();\n let mut snapshot: Option = None;\n\n for dir_entry_res in fallible!(fs::read_dir(directory_path)) {\n let dir_entry = fallible!(dir_entry_res);\n let file_name = if let Ok(f) = dir_entry.file_name().into_string() {\n f\n } else {\n log::warn!(\n \"skipping unexpected file with non-unicode name {:?}\",\n dir_entry.file_name()\n );\n continue;\n };\n\n if file_name.ends_with(TMP_SUFFIX) {\n log::warn!(\"removing incomplete snapshot rewrite {file_name:?}\");\n fallible!(fs::remove_file(directory_path.join(file_name)));\n } else if file_name.starts_with(LOG_PREFIX) {\n let start = LOG_PREFIX.len() + 1;\n let stop = start + 16;\n\n if let Ok(id) = u64::from_str_radix(&file_name[start..stop], 16) {\n logs.insert(id);\n } else {\n todo!()\n }\n } else if file_name.starts_with(SNAPSHOT_PREFIX) {\n let start = SNAPSHOT_PREFIX.len() + 1;\n let stop = start + 16;\n\n if let Ok(id) = u64::from_str_radix(&file_name[start..stop], 16) {\n if let Some(snap_id) = snapshot {\n if snap_id < id {\n log::warn!(\n \"removing stale snapshot {id} that is superceded by snapshot {id}\"\n );\n\n if let Err(e) = fs::remove_file(&file_name) {\n log::warn!(\n \"failed to remove stale snapshot file {:?}: {:?}\",\n file_name,\n e\n );\n }\n\n snapshot = Some(id);\n }\n } else {\n snapshot = Some(id);\n }\n } else {\n todo!()\n }\n }\n }\n\n let snap_id = snapshot.unwrap_or(0);\n for stale_log_id in logs.range(..=snap_id) {\n let file_name = log_path(directory_path, *stale_log_id);\n\n log::warn!(\n \"removing stale log {file_name:?} that is contained within snapshot {snap_id}\"\n );\n\n fallible!(fs::remove_file(file_name));\n }\n logs.retain(|l| *l > snap_id);\n\n Ok((logs, snapshot))\n}\n\nfn read_snapshot_and_apply_logs(\n path: &Path,\n log_ids: BTreeSet,\n snapshot_id_opt: Option,\n locked_directory: &fs::File,\n) -> io::Result {\n let (snapshot_tx, snapshot_rx) = bounded(1);\n if let Some(snapshot_id) = snapshot_id_opt {\n let path: PathBuf = path.into();\n rayon::spawn(move || {\n let snap_res = read_snapshot(&path, snapshot_id)\n .map(|(snapshot, _snapshot_len)| snapshot);\n snapshot_tx.send(snap_res).unwrap();\n });\n } else {\n snapshot_tx.send(Ok(Default::default())).unwrap();\n }\n\n let mut max_log_id = snapshot_id_opt.unwrap_or(0);\n\n let log_data_res: io::Result<\n Vec<(u64, FnvHashMap)>,\n > = (&log_ids) //.iter().collect::>())\n .into_par_iter()\n .map(move |log_id| {\n if let Some(snapshot_id) = snapshot_id_opt {\n assert!(*log_id > snapshot_id);\n }\n\n let log_data = read_log(path, *log_id)?;\n\n Ok((*log_id, log_data))\n })\n .collect();\n\n let mut recovered: FnvHashMap =\n snapshot_rx.recv().unwrap()?;\n\n log::trace!(\"recovered snapshot contains {recovered:?}\");\n\n for (log_id, log_datum) in log_data_res? {\n max_log_id = max_log_id.max(log_id);\n\n for (object_id, update_metadata) in log_datum {\n if matches!(update_metadata, UpdateMetadata::Store { .. }) {\n recovered.insert(object_id, update_metadata);\n } else {\n let previous = recovered.remove(&object_id);\n if previous.is_none() {\n log::trace!(\n \"recovered a Free for {object_id:?} without a preceeding Store\"\n );\n }\n }\n }\n }\n\n let mut recovered: Vec = recovered.into_values().collect();\n\n recovered.par_sort_unstable();\n\n // write fresh snapshot with recovered data\n let new_snapshot_data = serialize_batch(&recovered);\n let snapshot_size = new_snapshot_data.len() as u64;\n\n let new_snapshot_tmp_path = snapshot_path(path, max_log_id, true);\n log::trace!(\"writing snapshot to {new_snapshot_tmp_path:?}\");\n\n let mut snapshot_file_opts = fs::OpenOptions::new();\n snapshot_file_opts.create(true).read(false).write(true);\n\n let mut snapshot_file =\n fallible!(snapshot_file_opts.open(&new_snapshot_tmp_path));\n\n fallible!(snapshot_file.write_all(&new_snapshot_data));\n drop(new_snapshot_data);\n\n fallible!(snapshot_file.sync_all());\n\n let new_snapshot_path = snapshot_path(path, max_log_id, false);\n log::trace!(\"renaming written snapshot to {new_snapshot_path:?}\");\n fallible!(fs::rename(new_snapshot_tmp_path, new_snapshot_path));\n fallible!(locked_directory.sync_all());\n\n for log_id in &log_ids {\n let log_path = log_path(path, *log_id);\n fallible!(fs::remove_file(log_path));\n }\n\n if let Some(old_snapshot_id) = snapshot_id_opt {\n let old_snapshot_path = snapshot_path(path, old_snapshot_id, false);\n fallible!(fs::remove_file(old_snapshot_path));\n }\n\n Ok(MetadataRecovery {\n recovered,\n id_for_next_log: max_log_id + 1,\n snapshot_size,\n })\n}\n"
},
{
"path": "src/object_cache.rs",
"content": "use std::cell::RefCell;\nuse std::collections::HashMap;\nuse std::io;\nuse std::sync::Arc;\nuse std::sync::atomic::{AtomicPtr, AtomicU64, Ordering};\nuse std::time::{Duration, Instant};\n\nuse cache_advisor::CacheAdvisor;\nuse concurrent_map::{ConcurrentMap, Minimum};\nuse fault_injection::annotate;\nuse inline_array::InlineArray;\nuse parking_lot::RwLock;\n\nuse crate::*;\n\n#[derive(Debug, Copy, Clone)]\npub struct CacheStats {\n pub cache_hits: u64,\n pub cache_misses: u64,\n pub cache_hit_ratio: f32,\n pub max_read_io_latency_us: u64,\n pub sum_read_io_latency_us: u64,\n pub deserialization_latency_max_us: u64,\n pub deserialization_latency_sum_us: u64,\n pub heap: HeapStats,\n pub flush_max: FlushStats,\n pub flush_sum: FlushStats,\n pub compacted_heap_slots: u64,\n pub tree_leaves_merged: u64,\n}\n\n#[derive(Default, Debug, Clone, Copy)]\npub struct FlushStats {\n pub pre_block_on_previous_flush: Duration,\n pub pre_block_on_current_quiescence: Duration,\n pub serialization_latency: Duration,\n pub compute_defrag_latency: Duration,\n pub storage_latency: Duration,\n pub post_write_eviction_latency: Duration,\n pub objects_flushed: u64,\n pub write_batch: WriteBatchStats,\n}\n\nimpl FlushStats {\n pub fn sum(&self, other: &FlushStats) -> FlushStats {\n use std::ops::Add;\n\n FlushStats {\n pre_block_on_previous_flush: self\n .pre_block_on_previous_flush\n .add(other.pre_block_on_previous_flush),\n pre_block_on_current_quiescence: self\n .pre_block_on_current_quiescence\n .add(other.pre_block_on_current_quiescence),\n compute_defrag_latency: self\n .compute_defrag_latency\n .add(other.compute_defrag_latency),\n serialization_latency: self\n .serialization_latency\n .add(other.serialization_latency),\n storage_latency: self.storage_latency.add(other.storage_latency),\n post_write_eviction_latency: self\n .post_write_eviction_latency\n .add(other.post_write_eviction_latency),\n objects_flushed: self.objects_flushed.add(other.objects_flushed),\n write_batch: self.write_batch.sum(&other.write_batch),\n }\n }\n pub fn max(&self, other: &FlushStats) -> FlushStats {\n FlushStats {\n pre_block_on_previous_flush: self\n .pre_block_on_previous_flush\n .max(other.pre_block_on_previous_flush),\n pre_block_on_current_quiescence: self\n .pre_block_on_current_quiescence\n .max(other.pre_block_on_current_quiescence),\n compute_defrag_latency: self\n .compute_defrag_latency\n .max(other.compute_defrag_latency),\n serialization_latency: self\n .serialization_latency\n .max(other.serialization_latency),\n storage_latency: self.storage_latency.max(other.storage_latency),\n post_write_eviction_latency: self\n .post_write_eviction_latency\n .max(other.post_write_eviction_latency),\n objects_flushed: self.objects_flushed.max(other.objects_flushed),\n write_batch: self.write_batch.max(&other.write_batch),\n }\n }\n}\n\n#[derive(Clone, Debug, PartialEq)]\npub enum Dirty {\n NotYetSerialized {\n low_key: InlineArray,\n node: Object,\n collection_id: CollectionId,\n },\n CooperativelySerialized {\n object_id: ObjectId,\n collection_id: CollectionId,\n low_key: InlineArray,\n data: Arc>,\n mutation_count: u64,\n },\n MergedAndDeleted {\n object_id: ObjectId,\n collection_id: CollectionId,\n },\n}\n\nimpl Dirty {\n pub fn is_final_state(&self) -> bool {\n match self {\n Dirty::NotYetSerialized { .. } => false,\n Dirty::CooperativelySerialized { .. } => true,\n Dirty::MergedAndDeleted { .. } => true,\n }\n }\n}\n\n#[derive(Debug, Default, Clone, Copy)]\nstruct FlushStatTracker {\n count: u64,\n sum: FlushStats,\n max: FlushStats,\n}\n\n#[derive(Debug, Default)]\npub(crate) struct ReadStatTracker {\n pub cache_hits: AtomicU64,\n pub cache_misses: AtomicU64,\n pub max_read_io_latency_us: AtomicU64,\n pub sum_read_io_latency_us: AtomicU64,\n pub max_deserialization_latency_us: AtomicU64,\n pub sum_deserialization_latency_us: AtomicU64,\n}\n\n#[derive(Clone)]\npub struct ObjectCache {\n pub config: Config,\n global_error: Arc>,\n pub object_id_index: ConcurrentMap<\n ObjectId,\n Object,\n INDEX_FANOUT,\n EBR_LOCAL_GC_BUFFER_SIZE,\n >,\n heap: Heap,\n cache_advisor: RefCell,\n flush_epoch: FlushEpochTracker,\n dirty: ConcurrentMap<(FlushEpoch, ObjectId), Dirty, 4>,\n compacted_heap_slots: Arc,\n pub(super) tree_leaves_merged: Arc,\n #[cfg(feature = \"for-internal-testing-only\")]\n pub(super) event_verifier: Arc,\n invariants: Arc,\n flush_stats: Arc>,\n pub(super) read_stats: Arc,\n}\n\nimpl std::panic::RefUnwindSafe\n for ObjectCache\n{\n}\n\nimpl ObjectCache {\n /// Returns the recovered ObjectCache, the tree indexes, and a bool signifying whether the system\n /// was recovered or not\n pub fn recover(\n config: &Config,\n ) -> io::Result<(\n ObjectCache,\n HashMap>,\n bool,\n )> {\n let HeapRecovery { heap, recovered_nodes, was_recovered } =\n Heap::recover(LEAF_FANOUT, config)?;\n\n let (object_id_index, indices) = initialize(&recovered_nodes, &heap);\n\n // validate recovery\n for ObjectRecovery { object_id, collection_id, low_key } in\n recovered_nodes\n {\n let index = indices.get(&collection_id).unwrap();\n let node = index.get(&low_key).unwrap();\n assert_eq!(node.object_id, object_id);\n }\n\n if config.cache_capacity_bytes < 256 {\n log::debug!(\n \"Db configured to have Config.cache_capacity_bytes \\\n of under 256, so we will use the minimum of 256 bytes instead\"\n );\n }\n\n if config.entry_cache_percent > 80 {\n log::debug!(\n \"Db configured to have Config.entry_cache_percent\\\n of over 80%, so we will clamp it to the maximum of 80% instead\"\n );\n }\n\n let pc = ObjectCache {\n config: config.clone(),\n object_id_index,\n cache_advisor: RefCell::new(CacheAdvisor::new(\n config.cache_capacity_bytes.max(256),\n config.entry_cache_percent.min(80),\n )),\n global_error: heap.get_global_error_arc(),\n heap,\n dirty: Default::default(),\n flush_epoch: Default::default(),\n #[cfg(feature = \"for-internal-testing-only\")]\n event_verifier: Arc::default(),\n compacted_heap_slots: Arc::default(),\n tree_leaves_merged: Arc::default(),\n invariants: Arc::default(),\n flush_stats: Arc::default(),\n read_stats: Arc::default(),\n };\n\n Ok((pc, indices, was_recovered))\n }\n\n pub fn is_clean(&self) -> bool {\n self.dirty.is_empty()\n }\n\n pub fn read(&self, object_id: ObjectId) -> Option>> {\n match self.heap.read(object_id) {\n Some(Ok(buf)) => Some(Ok(buf)),\n Some(Err(e)) => Some(Err(annotate!(e))),\n None => None,\n }\n }\n\n pub fn stats(&self) -> CacheStats {\n let flush_stats = { *self.flush_stats.read() };\n let cache_hits = self.read_stats.cache_hits.load(Ordering::Acquire);\n let cache_misses = self.read_stats.cache_misses.load(Ordering::Acquire);\n let cache_hit_ratio =\n cache_hits as f32 / (cache_hits + cache_misses).max(1) as f32;\n\n CacheStats {\n cache_hits,\n cache_misses,\n cache_hit_ratio,\n compacted_heap_slots: self\n .compacted_heap_slots\n .load(Ordering::Acquire),\n tree_leaves_merged: self.tree_leaves_merged.load(Ordering::Acquire),\n heap: self.heap.stats(),\n flush_max: flush_stats.max,\n flush_sum: flush_stats.sum,\n deserialization_latency_max_us: self\n .read_stats\n .max_deserialization_latency_us\n .load(Ordering::Acquire),\n deserialization_latency_sum_us: self\n .read_stats\n .sum_deserialization_latency_us\n .load(Ordering::Acquire),\n max_read_io_latency_us: self\n .read_stats\n .max_read_io_latency_us\n .load(Ordering::Acquire),\n sum_read_io_latency_us: self\n .read_stats\n .sum_read_io_latency_us\n .load(Ordering::Acquire),\n }\n }\n\n pub fn check_error(&self) -> io::Result<()> {\n let err_ptr: *const (io::ErrorKind, String) =\n self.global_error.load(Ordering::Acquire);\n\n if err_ptr.is_null() {\n Ok(())\n } else {\n let deref: &(io::ErrorKind, String) = unsafe { &*err_ptr };\n Err(io::Error::new(deref.0, deref.1.clone()))\n }\n }\n\n pub fn set_error(&self, error: &io::Error) {\n let kind = error.kind();\n let reason = error.to_string();\n\n let boxed = Box::new((kind, reason));\n let ptr = Box::into_raw(boxed);\n\n if self\n .global_error\n .compare_exchange(\n std::ptr::null_mut(),\n ptr,\n Ordering::SeqCst,\n Ordering::SeqCst,\n )\n .is_err()\n {\n // global fatal error already installed, drop this one\n unsafe {\n drop(Box::from_raw(ptr));\n }\n }\n }\n\n pub fn allocate_default_node(\n &self,\n collection_id: CollectionId,\n ) -> Object {\n let object_id = self.allocate_object_id(FlushEpoch::MIN);\n\n let node = Object {\n object_id,\n collection_id,\n low_key: InlineArray::default(),\n inner: Arc::new(RwLock::new(CacheBox {\n leaf: Some(Box::new(Leaf::empty())),\n logged_index: BTreeMap::default(),\n })),\n };\n\n self.object_id_index.insert(object_id, node.clone());\n\n node\n }\n\n pub fn allocate_object_id(\n &self,\n #[allow(unused)] flush_epoch: FlushEpoch,\n ) -> ObjectId {\n let object_id = self.heap.allocate_object_id();\n\n #[cfg(feature = \"for-internal-testing-only\")]\n {\n self.event_verifier.mark(\n object_id,\n flush_epoch,\n event_verifier::State::CleanPagedIn,\n concat!(file!(), ':', line!(), \":allocated\"),\n );\n }\n\n object_id\n }\n\n pub fn current_flush_epoch(&self) -> FlushEpoch {\n self.flush_epoch.current_flush_epoch()\n }\n\n pub fn check_into_flush_epoch(&self) -> FlushEpochGuard {\n self.flush_epoch.check_in()\n }\n\n pub fn install_dirty(\n &self,\n flush_epoch: FlushEpoch,\n object_id: ObjectId,\n dirty: Dirty,\n ) {\n // dirty can transition from:\n // None -> NotYetSerialized\n // None -> MergedAndDeleted\n // None -> CooperativelySerialized\n //\n // NotYetSerialized -> MergedAndDeleted\n // NotYetSerialized -> CooperativelySerialized\n //\n // if the new Dirty is final, we must assert that\n // we are transitioning from None or NotYetSerialized.\n //\n // if the new Dirty is not final, we must assert\n // that the old value is also not final.\n\n let last_dirty_opt = self.dirty.insert((flush_epoch, object_id), dirty);\n\n if let Some(last_dirty) = last_dirty_opt {\n assert!(\n !last_dirty.is_final_state(),\n \"tried to install another Dirty marker for a node that is already\n finalized for this flush epoch. \\nflush_epoch: {:?}\\nlast: {:?}\",\n flush_epoch, last_dirty,\n );\n }\n }\n\n // NB: must not be called while holding a leaf lock - which also means\n // that no two LeafGuards can be held concurrently in the same scope due to\n // this being called in the destructor.\n pub fn mark_access_and_evict(\n &self,\n accessed_object_id: ObjectId,\n size: usize,\n #[allow(unused)] flush_epoch: FlushEpoch,\n ) -> io::Result<()> {\n let mut ca = self.cache_advisor.borrow_mut();\n let to_evict = ca.accessed_reuse_buffer(*accessed_object_id, size);\n let mut not_found = 0;\n for (node_to_evict, _rough_size) in to_evict {\n let object_id =\n if let Some(object_id) = ObjectId::new(*node_to_evict) {\n object_id\n } else {\n unreachable!(\"object ID must never have been 0\");\n };\n\n if accessed_object_id == object_id {\n // TODO our own object was evicted, so\n // set page out after current epoch (or just page out if clean?)\n continue;\n }\n\n let node = if let Some(n) = self.object_id_index.get(&object_id) {\n if *n.object_id != *node_to_evict {\n continue;\n }\n n\n } else {\n not_found += 1;\n continue;\n };\n\n let mut write = node.inner.write();\n if write.leaf.is_none() {\n // already paged out\n continue;\n }\n let leaf: &mut Leaf = write.leaf.as_mut().unwrap();\n\n if let Some(dirty_epoch) = leaf.dirty_flush_epoch {\n // We can't page out this leaf until it has been\n // flushed, because its changes are not yet durable.\n leaf.page_out_on_flush =\n leaf.page_out_on_flush.max(Some(dirty_epoch));\n } else if let Some(max_unflushed_epoch) = leaf.max_unflushed_epoch {\n leaf.page_out_on_flush =\n leaf.page_out_on_flush.max(Some(max_unflushed_epoch));\n } else {\n #[cfg(feature = \"for-internal-testing-only\")]\n {\n self.event_verifier.mark(\n node.object_id,\n flush_epoch,\n event_verifier::State::PagedOut,\n concat!(file!(), ':', line!(), \":page-out\"),\n );\n }\n write.leaf = None;\n }\n }\n\n if not_found > 0 {\n log::trace!(\n \"during cache eviction, did not find {} nodes that we were trying to evict\",\n not_found\n );\n }\n\n Ok(())\n }\n\n pub fn heap_object_id_pin(&self) -> ebr::Guard<'_, DeferredFree, 16, 16> {\n self.heap.heap_object_id_pin()\n }\n\n pub fn flush(&self) -> io::Result {\n let mut write_batch = vec![];\n\n log::trace!(\"advancing epoch\");\n let (\n previous_flush_complete_notifier,\n this_vacant_notifier,\n forward_flush_notifier,\n ) = self.flush_epoch.roll_epoch_forward();\n\n let before_previous_block = Instant::now();\n\n log::trace!(\n \"waiting for previous flush of {:?} to complete\",\n previous_flush_complete_notifier.epoch()\n );\n let previous_epoch =\n previous_flush_complete_notifier.wait_for_complete();\n\n let pre_block_on_previous_flush = before_previous_block.elapsed();\n\n let before_current_quiescence = Instant::now();\n\n log::trace!(\n \"waiting for our epoch {:?} to become vacant\",\n this_vacant_notifier.epoch()\n );\n\n assert_eq!(previous_epoch.increment(), this_vacant_notifier.epoch());\n\n let flush_through_epoch: FlushEpoch =\n this_vacant_notifier.wait_for_complete();\n\n let pre_block_on_current_quiescence =\n before_current_quiescence.elapsed();\n\n self.invariants.mark_flushing_epoch(flush_through_epoch);\n\n let mut objects_to_defrag = self.heap.objects_to_defrag();\n\n let flush_boundary = (flush_through_epoch.increment(), ObjectId::MIN);\n\n let mut evict_after_flush = vec![];\n\n let before_serialization = Instant::now();\n\n for ((dirty_epoch, dirty_object_id), dirty_value_initial_read) in\n self.dirty.range(..flush_boundary)\n {\n objects_to_defrag.remove(&dirty_object_id);\n\n let dirty_value = self\n .dirty\n .remove(&(dirty_epoch, dirty_object_id))\n .expect(\"violation of flush responsibility\");\n\n if let Dirty::NotYetSerialized { .. } = &dirty_value {\n assert_eq!(dirty_value_initial_read, dirty_value);\n }\n\n // drop is necessary to increase chance of Arc strong count reaching 1\n // while taking ownership of the value\n drop(dirty_value_initial_read);\n\n assert_eq!(dirty_epoch, flush_through_epoch);\n\n match dirty_value {\n Dirty::MergedAndDeleted { object_id, collection_id } => {\n assert_eq!(object_id, dirty_object_id);\n\n log::trace!(\n \"MergedAndDeleted for {:?}, adding None to write_batch\",\n object_id\n );\n write_batch.push(Update::Free { object_id, collection_id });\n\n #[cfg(feature = \"for-internal-testing-only\")]\n {\n self.event_verifier.mark(\n object_id,\n dirty_epoch,\n event_verifier::State::AddedToWriteBatch,\n concat!(\n file!(),\n ':',\n line!(),\n \":flush-merged-and-deleted\"\n ),\n );\n }\n }\n Dirty::CooperativelySerialized {\n object_id: _,\n collection_id,\n low_key,\n mutation_count: _,\n mut data,\n } => {\n Arc::make_mut(&mut data);\n let data = Arc::into_inner(data).unwrap();\n write_batch.push(Update::Store {\n object_id: dirty_object_id,\n collection_id,\n low_key,\n data,\n });\n\n #[cfg(feature = \"for-internal-testing-only\")]\n {\n self.event_verifier.mark(\n dirty_object_id,\n dirty_epoch,\n event_verifier::State::AddedToWriteBatch,\n concat!(\n file!(),\n ':',\n line!(),\n \":flush-cooperative\"\n ),\n );\n }\n }\n Dirty::NotYetSerialized { low_key, collection_id, node } => {\n assert_eq!(low_key, node.low_key);\n assert_eq!(\n dirty_object_id, node.object_id,\n \"mismatched node ID for NotYetSerialized with low key {:?}\",\n low_key\n );\n let mut lock = node.inner.write();\n\n let leaf_ref: &mut Leaf = if let Some(\n lock_ref,\n ) =\n lock.leaf.as_mut()\n {\n lock_ref\n } else {\n #[cfg(feature = \"for-internal-testing-only\")]\n self.event_verifier\n .print_debug_history_for_object(dirty_object_id);\n\n panic!(\n \"failed to get lock for node that was NotYetSerialized, low key {:?} id {:?}\",\n low_key, node.object_id\n );\n };\n\n assert_eq!(leaf_ref.lo, low_key);\n\n let data = if leaf_ref.dirty_flush_epoch\n == Some(flush_through_epoch)\n {\n if let Some(deleted_at) = leaf_ref.deleted {\n #[cfg(feature = \"for-internal-testing-only\")]\n if deleted_at <= flush_through_epoch {\n println!(\n \"{dirty_object_id:?} deleted at {deleted_at:?} \\\n but we are flushing at {flush_through_epoch:?}\"\n );\n self.event_verifier\n .print_debug_history_for_object(\n dirty_object_id,\n );\n }\n assert!(deleted_at > flush_through_epoch);\n }\n\n leaf_ref.max_unflushed_epoch =\n leaf_ref.dirty_flush_epoch.take();\n\n #[cfg(feature = \"for-internal-testing-only\")]\n {\n self.event_verifier.mark(\n dirty_object_id,\n dirty_epoch,\n event_verifier::State::AddedToWriteBatch,\n concat!(\n file!(),\n ':',\n line!(),\n \":flush-serialize\"\n ),\n );\n }\n\n leaf_ref.serialize(self.config.zstd_compression_level)\n } else {\n // Here we expect that there was a benign data race and that another thread\n // mutated the leaf after encountering it being dirty for our epoch, after\n // storing a CooperativelySerialized in the dirty map.\n let dirty_value_2_opt =\n self.dirty.remove(&(dirty_epoch, dirty_object_id));\n\n if let Some(Dirty::CooperativelySerialized {\n low_key: low_key_2,\n mutation_count: _,\n mut data,\n collection_id: ci2,\n object_id: ni2,\n }) = dirty_value_2_opt\n {\n assert_eq!(node.object_id, ni2);\n assert_eq!(node.object_id, dirty_object_id);\n assert_eq!(low_key, low_key_2);\n assert_eq!(node.low_key, low_key);\n assert_eq!(collection_id, ci2);\n Arc::make_mut(&mut data);\n\n #[cfg(feature = \"for-internal-testing-only\")]\n {\n self.event_verifier.mark(\n dirty_object_id,\n dirty_epoch,\n event_verifier::State::AddedToWriteBatch,\n concat!(\n file!(),\n ':',\n line!(),\n \":flush-laggy-cooperative\"\n ),\n );\n }\n\n Arc::into_inner(data).unwrap()\n } else {\n log::error!(\n \"violation of flush responsibility for second read \\\n of expected cooperative serialization. leaf in question's \\\n dirty_flush_epoch is {:?}, our expected key was {:?}. node.deleted: {:?}\",\n leaf_ref.dirty_flush_epoch,\n (dirty_epoch, dirty_object_id),\n leaf_ref.deleted,\n );\n #[cfg(feature = \"for-internal-testing-only\")]\n self.event_verifier.print_debug_history_for_object(\n dirty_object_id,\n );\n unreachable!(\n \"a leaf was expected to be cooperatively serialized but it was not available. \\\n violation of flush responsibility for second read \\\n of expected cooperative serialization. leaf in question's \\\n dirty_flush_epoch is {:?}, our expected key was {:?}. node.deleted: {:?}\",\n leaf_ref.dirty_flush_epoch,\n (dirty_epoch, dirty_object_id),\n leaf_ref.deleted,\n );\n }\n };\n\n write_batch.push(Update::Store {\n object_id: dirty_object_id,\n collection_id,\n low_key,\n data,\n });\n\n if leaf_ref.page_out_on_flush == Some(flush_through_epoch) {\n // page_out_on_flush is set to false\n // on page-in due to serde(skip)\n evict_after_flush.push(node.clone());\n }\n }\n }\n }\n\n if !objects_to_defrag.is_empty() {\n log::debug!(\n \"objects to defrag (after flush loop): {}\",\n objects_to_defrag.len()\n );\n self.compacted_heap_slots\n .fetch_add(objects_to_defrag.len() as u64, Ordering::Relaxed);\n }\n\n let before_compute_defrag = Instant::now();\n\n if cfg!(not(feature = \"monotonic-behavior\")) {\n let mut object_not_found = 0;\n\n for fragmented_object_id in objects_to_defrag {\n let object_opt =\n self.object_id_index.get(&fragmented_object_id);\n\n let object = if let Some(object) = object_opt {\n object\n } else {\n object_not_found += 1;\n continue;\n };\n\n if let Some(ref inner) = object.inner.read().leaf {\n if let Some(dirty) = inner.dirty_flush_epoch {\n assert!(dirty > flush_through_epoch);\n // This object will be rewritten anyway when its dirty epoch gets flushed\n continue;\n }\n }\n\n let data = match self.read(fragmented_object_id) {\n Some(Ok(data)) => data,\n Some(Err(e)) => {\n let annotated = annotate!(e);\n log::error!(\n \"failed to read object during GC: {annotated:?}\"\n );\n continue;\n }\n None => {\n log::error!(\n \"failed to read object during GC: object not found\"\n );\n continue;\n }\n };\n\n write_batch.push(Update::Store {\n object_id: fragmented_object_id,\n collection_id: object.collection_id,\n low_key: object.low_key,\n data,\n });\n }\n\n if object_not_found > 0 {\n log::debug!(\n \"{} objects not found while defragmenting\",\n object_not_found\n );\n }\n }\n\n let compute_defrag_latency = before_compute_defrag.elapsed();\n\n let serialization_latency = before_serialization.elapsed();\n\n let before_storage = Instant::now();\n\n let objects_flushed = write_batch.len() as u64;\n\n #[cfg(feature = \"for-internal-testing-only\")]\n let write_batch_object_ids: Vec =\n write_batch.iter().map(Update::object_id).collect();\n\n let write_batch_stats = if objects_flushed > 0 {\n let write_batch_stats = self.heap.write_batch(write_batch)?;\n log::trace!(\n \"marking {flush_through_epoch:?} as flushed - \\\n {objects_flushed} objects written, {write_batch_stats:?}\",\n );\n write_batch_stats\n } else {\n WriteBatchStats::default()\n };\n\n let storage_latency = before_storage.elapsed();\n\n #[cfg(feature = \"for-internal-testing-only\")]\n {\n for update_object_id in write_batch_object_ids {\n self.event_verifier.mark(\n update_object_id,\n flush_through_epoch,\n event_verifier::State::Flushed,\n concat!(file!(), ':', line!(), \":flush-finished\"),\n );\n }\n }\n\n log::trace!(\n \"marking the forward flush notifier that {:?} is flushed\",\n flush_through_epoch\n );\n\n self.invariants.mark_flushed_epoch(flush_through_epoch);\n\n forward_flush_notifier.mark_complete();\n\n let before_eviction = Instant::now();\n\n for node_to_evict in evict_after_flush {\n // NB: since we dropped this leaf and lock after we marked its\n // node in evict_after_flush, it's possible that it may have\n // been written to afterwards.\n let mut lock = node_to_evict.inner.write();\n let leaf = lock.leaf.as_mut().unwrap();\n\n if let Some(dirty_epoch) = leaf.dirty_flush_epoch {\n if dirty_epoch != flush_through_epoch {\n continue;\n }\n } else {\n continue;\n }\n\n #[cfg(feature = \"for-internal-testing-only\")]\n {\n self.event_verifier.mark(\n node_to_evict.object_id,\n flush_through_epoch,\n event_verifier::State::PagedOut,\n concat!(file!(), ':', line!(), \":page-out-after-flush\"),\n );\n }\n\n lock.leaf = None;\n }\n\n let post_write_eviction_latency = before_eviction.elapsed();\n\n // kick forward the low level epoch-based reclamation systems\n // because this operation can cause a lot of garbage to build\n // up, and this speeds up its reclamation.\n self.flush_epoch.manually_advance_epoch();\n self.heap.manually_advance_epoch();\n\n let ret = FlushStats {\n pre_block_on_current_quiescence,\n pre_block_on_previous_flush,\n serialization_latency,\n storage_latency,\n post_write_eviction_latency,\n objects_flushed,\n write_batch: write_batch_stats,\n compute_defrag_latency,\n };\n\n let mut flush_stats = self.flush_stats.write();\n flush_stats.count += 1;\n flush_stats.max = flush_stats.max.max(&ret);\n flush_stats.sum = flush_stats.sum.sum(&ret);\n\n assert_eq!(self.dirty.range(..flush_boundary).count(), 0);\n\n Ok(ret)\n }\n}\n\nfn initialize(\n recovered_nodes: &[ObjectRecovery],\n heap: &Heap,\n) -> (\n ConcurrentMap<\n ObjectId,\n Object
![](\"https://img.shields.io/github/sponsors/spacejam\")
![](\"https://docs.rs/sled/badge.svg\"){kind=icon}
![](\"https://img.shields.io/discord/509773073294295082.svg?logo=discord\")
![](\"https://raw.githubusercontent.com/spacejam/sled/main/art/tree_face_anti-transphobia.png\"){kind=spacer}
\n