From e6e2f3699c6217583e5180b8ecafb55c569e0e4e Mon Sep 17 00:00:00 2001 From: Andrew Kryczka Date: Tue, 18 Aug 2020 09:51:23 -0700 Subject: [PATCH] fix doc about kTolerateCorruptedTailRecords recovery (#7270) Summary: - Made it clear only one record in the tail is allowed to have a problem - Added detail about the valid use case instead of calling it legacy behavior Pull Request resolved: https://github.com/facebook/rocksdb/pull/7270 Reviewed By: riversand963 Differential Revision: D23169075 Pulled By: ajkr fbshipit-source-id: 2a4b45aa8641f17efa104523fbad765012a98fb0 --- include/rocksdb/options.h | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/include/rocksdb/options.h b/include/rocksdb/options.h index 2186d1e7d..ccc68c8a7 100644 --- a/include/rocksdb/options.h +++ b/include/rocksdb/options.h @@ -303,8 +303,24 @@ struct ColumnFamilyOptions : public AdvancedColumnFamilyOptions { enum class WALRecoveryMode : char { // Original levelDB recovery - // We tolerate incomplete record in trailing data on all logs - // Use case : This is legacy behavior + // + // We tolerate the last record in any log to be incomplete due to a crash + // while writing it. Zeroed bytes from preallocation are also tolerated in the + // trailing data of any log. + // + // Use case: Applications for which updates, once applied, must not be rolled + // back even after a crash-recovery. In this recovery mode, RocksDB guarantees + // this as long as `WritableFile::Append()` writes are durable. In case the + // user needs the guarantee in more situations (e.g., when + // `WritableFile::Append()` writes to page cache, but the user desires this + // guarantee in face of power-loss crash-recovery), RocksDB offers various + // mechanisms to additionally invoke `WritableFile::Sync()` in order to + // strengthen the guarantee. + // + // This differs from `kPointInTimeRecovery` in that, in case a corruption is + // detected during recovery, this mode will refuse to open the DB. Whereas, + // `kPointInTimeRecovery` will stop recovery just before the corruption since + // that is a valid point-in-time to which to recover. kTolerateCorruptedTailRecords = 0x00, // Recover from clean shutdown // We don't expect to find any corruption in the WAL