SEARCH-300 (BTS-789) remove database directory for arangosearch #18420
Conversation
and a lot of refactoring
MBkkt
changed the title
| } | ||
| return true; | ||
| }); | ||
| stale = static_cast<size_t>(end - it); |
There was a problem hiding this comment.
NIT
| stale = static_cast<size_t>(end - it); | |
| stale = static_cast<size_t>(std::distance(it, end)); |
There was a problem hiding this comment.
I completely disagree, if distance will do for each, I want instead of this code will be written ++stale in cycle above
| // TODO(MBkkt) Why shouldn't we remove database data | ||
| // if exists database with same name? |
There was a problem hiding this comment.
Because this thread executes the deletion at some point after the user issued a db._dropDatabase() call.
Consider the following situation:
- user executes
db._dropDatabase("foo"); - user executes
db._createDatabase("foo"); - DatabaseManagerThread now finds the deleted database "foo". Shall it remove its application directory now? We cannot be sure about it, because it may be the new database's application directory.
There was a problem hiding this comment.
I understand, but we use id for new databases in path for v8 stuff (query register still use name :()
There was a problem hiding this comment.
We unfortunately use the database name for the Foxx app directories.
There was a problem hiding this comment.
Not always, please check following code
/// @brief return either the name of the database to be used as a folder name,
/// or its id if its name contains special characters and is not fully supported
/// in every OS
[[nodiscard]] static std::string_view getDatabaseDirName(std::string_view name,
std::string_view id) {
bool const isOldStyleName = DatabaseNameValidator::isAllowedName(
/*allowSystem=*/true, /*extendedNames=*/false, name);
return (isOldStyleName || id.empty()) ? name : id;
}
| // compare-exchange failed. try again! | ||
| expected = _refCount.load(std::memory_order_relaxed); | ||
| } | ||
| } while (!_refCount.compare_exchange_weak(v, v + 2, std::memory_order_acquire, |
There was a problem hiding this comment.
Why is the memory order acquire here and not release?
There was a problem hiding this comment.
Because we probably want to synchronize with markAsDropped (if don't want should be relaxed), and our +2 not needed for synchronization code.
You can look on intrusive_ptr as an a good example of this pattern
https://www.boost.org/doc/libs/1_81_0/libs/atomic/doc/html/atomic/usage_examples.html#boost_atomic.usage_examples.example_reference_counters
There was a problem hiding this comment.
For -2 we need release because we want to synchronize with isDangling
| } | ||
|
|
||
| void TRI_vocbase_t::forceUse() { _refCount += 2; } | ||
| void TRI_vocbase_t::forceUse() noexcept { | ||
| _refCount.fetch_add(2, std::memory_order_relaxed); |
There was a problem hiding this comment.
Should it be memory order release here?
| auto const v = _refCount.load(std::memory_order_acquire); | ||
| TRI_ASSERT((v & 1) == 0 || !isSystem()); | ||
| return v == 1; |
There was a problem hiding this comment.
I think this could be a behavior change and may be unsafe.
It someone manages to set the drop bit on the system database, this function will now return true, but previously it always returned false. It could have unintended side-effects for example in the DatabaseManagerThread, which will remove the database then if this function here returns true.
ofc it would be useful to not allow to set the drop bit for the system database in the first place, but this function here previously provided some extra security.
There was a problem hiding this comment.
No, please see assert in markAsDropped.
System database is never isDropped, so it's never isDangling
There was a problem hiding this comment.
I guess ASSERT than should be our choice. As system database should never have delete bit set.
Scope & Purpose
SEARCH-300 remove database directory for arangosearch
and a lot of refactoring
Checklist
Related Information
(Please reference tickets / specification / other PRs etc)