[master] ZIL-5403: check if a LevelDB object is null or not #3805
Conversation
github-actions
bot
changed the title
yaron-zilliqa
requested review from
JamesHinshelwood,
Steve-White-UK,
bzawisto,
chetan-zilliqa,
its-saeed and
n-hutton
yaron-zilliqa
force-pushed
the
bugfix/ZIL-5403
branch
from
31c32d9 to
80384a6
Compare
| LOG_GENERAL(WARNING, "LevelDB " << dbName << " isn't available"); | ||
| if (found) { | ||
| *found = false; | ||
| } |
There was a problem hiding this comment.
This has the effect that if the db isn't available, we assume that it's empty. Under what circumstances might it not be available? I'm thinking of the case where the user induces the contract state db not to be available whilst calling a transition that checks a flag - the db is not there, the flag checks out as no, and the user is then allowed to do something they shouldn't ... ?
There was a problem hiding this comment.
The design of this class is pretty bad from the start and indeed like you mentioned, it treats certain errors as if something is empty or not found instead of handling things correctly from the outset.
These changes are backward-compatible with this as I'm not convinced we can fix this completely and the change would be much larger.
Some databases are only created/read in lookup mode, for example. Another possibility is that something wasn't downloaded correctly or got corrupted.
The alternative is to let the process crash completely (which it would have done so far).. and also start downloading persistence upon the next restart, and then possibly crashing again, and so on...
There was a problem hiding this comment.
You're not wrong .. OK. Let's go with this on the basis that if at least 1/3 of the nodes have the right database, you won't be able to commit your txn? @JamesHinshelwood @DrZoltanFazekas - am I off base?
There was a problem hiding this comment.
@yaron-zilliqa Sorry, I'm not understanding this properly, but the new code does jump out to me as a bit scary. I agree that its dangerous to assume 'DB doesn't exist' is the same as 'DB exists, but is empty'.
Can you explain what the initial bug you were fixing was? A description of how you believe this changes the logic would also be useful. Sorry to be a pain, but because the methods in the class have been re-ordered as well as edited, it makes the diff quite difficult to understand.
There was a problem hiding this comment.
The methods haven't been reordered. The only change in logic here is checking for a nullptr before accessing it.
The previous methods were really a copy of one another with a different construction of leveldb::Slice, so the not simply invoke XXXXXImpl(...) instead of repeating the code.
The problem it solves is that the process won't crash (and then redownload persistence upon restart) if the required LevelDB object was NULL. I came across this scenario this time round when setting ARCHIVAL_LOOKUP_WITH_TX_TRACES to true and calling ots_getTransactionError.
| if (!s.IsNotFound()) { | ||
| LOG_GENERAL(WARNING, "LevelDB " << dbName << " status is not OK - " | ||
| << s.ToString()); | ||
| } |
There was a problem hiding this comment.
I'm not sure this makes sense. Would s.IsNotFound() be true if the DB exists, but the key (arg) doesn't exist in it?
There was a problem hiding this comment.
It would; this is backward compatible with the current implementation. Haven't changed anything there. This piece of code simply replaced log_error which I've removed and placed here.
yaron-zilliqa
force-pushed
the
bugfix/ZIL-5403
branch
from
80384a6 to
8952dc8
Compare
rrw-zilliqa
dismissed
their stale review
Discussed with @yaron-zilliqa - best not to merge this now; requesting changes so it doesn't end up in master before v9.3
yaron-zilliqa
force-pushed
the
bugfix/ZIL-5403
branch
5 times, most recently
from
384c631 to
61e7dac
Compare
yaron-zilliqa
force-pushed
the
bugfix/ZIL-5403
branch
from
61e7dac to
80df429
Compare
yaron-zilliqa
force-pushed
the
bugfix/ZIL-5403
branch
from
80df429 to
71a6ee5
Compare
3 participants
Description
Backward Compatibility
Review Suggestion
Status
Implementation
Integration Test (Core Team)