aeternusdb 1.0.0

An embeddable, persistent key-value store built on an LSM-tree architecture.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352

//! Manifest checkpoint robustness and crash-simulation tests.
//!
//! These tests verify correctness when checkpoint is interrupted, when the
//! snapshot `.tmp` file is left behind, and that `allocate_sst_id` stays
//! monotonic after crash and recovery.
//!
//! ## Coverage
//! - Leftover `.tmp` file from interrupted checkpoint does not break reopen
//! - Multiple rapid checkpoints preserve state
//! - `allocate_sst_id` monotonicity after checkpoint + reopen
//! - Large manifest state survives checkpoint round-trip
//! - Concurrent mutations between checkpoints correctly replay
//! - Snapshot corruption detected on reopen
//!
//! ## See also
//! - [`tests_basic`]      — lifecycle, crash-recovery, checksum corruption
//! - [`tests_edge_cases`] — idempotent ops, empty-checkpoint, post-checkpoint WAL

#[cfg(test)]
mod tests {
    use crate::manifest::{Manifest, ManifestSstEntry};
    use std::fs;
    use tempfile::TempDir;
    use tracing_subscriber::EnvFilter;

    fn init_tracing() {
        let _ = tracing_subscriber::fmt()
            .with_env_filter(EnvFilter::from_default_env())
            .with_test_writer()
            .try_init();
    }

    fn open_manifest(temp: &TempDir) -> Manifest {
        Manifest::open(temp.path()).expect("Manifest open failed")
    }

    fn sst_entry(id: u64) -> ManifestSstEntry {
        ManifestSstEntry {
            id,
            path: format!("sst_{:06}.sst", id).into(),
        }
    }

    // ================================================================
    // 1. Leftover .tmp from interrupted checkpoint
    // ================================================================

    /// # Scenario
    /// Simulate a crash that leaves `MANIFEST-000001.tmp` on disk
    /// but the rename to `MANIFEST-000001` never happened.
    ///
    /// # Starting environment
    /// Manifest with some mutations, no prior snapshot.
    ///
    /// # Actions
    /// 1. Open manifest, add SSTable, set active WAL.
    /// 2. Drop manifest.
    /// 3. Write a bogus `MANIFEST-000001.tmp` file.
    /// 4. Reopen manifest — should recover from WAL.
    ///
    /// # Expected behavior
    /// The `.tmp` file is ignored. WAL replay restores correct state.
    #[test]
    fn leftover_tmp_from_interrupted_checkpoint() {
        init_tracing();

        let temp = TempDir::new().unwrap();

        {
            let m = open_manifest(&temp);
            m.set_active_wal(5).unwrap();
            m.add_sstable(sst_entry(1)).unwrap();
        }

        // Simulate leftover .tmp from a crashed checkpoint.
        let tmp_path = temp.path().join("MANIFEST-000001.tmp");
        fs::write(&tmp_path, b"corrupted partial snapshot data").unwrap();

        // Reopen — should succeed via WAL replay.
        let m2 = open_manifest(&temp);
        assert_eq!(m2.get_active_wal().unwrap(), 5);
        assert_eq!(m2.get_sstables().unwrap().len(), 1);
        assert_eq!(m2.get_sstables().unwrap()[0].id, 1);
    }

    // ================================================================
    // 2. Multiple rapid checkpoints
    // ================================================================

    /// # Scenario
    /// Perform several checkpoints in rapid succession. Each should
    /// produce a valid snapshot.
    ///
    /// # Expected behavior
    /// After reopening, the latest state is fully recovered.
    #[test]
    fn multiple_rapid_checkpoints() {
        init_tracing();

        let temp = TempDir::new().unwrap();

        {
            let mut m = open_manifest(&temp);

            for i in 1..=5u64 {
                m.add_sstable(sst_entry(i)).unwrap();
                m.checkpoint().unwrap();
            }
        }

        let m2 = open_manifest(&temp);
        let ssts = m2.get_sstables().unwrap();
        assert_eq!(ssts.len(), 5);

        for i in 1..=5u64 {
            assert!(ssts.iter().any(|e| e.id == i), "SST {} must exist", i);
        }
    }

    // ================================================================
    // 3. allocate_sst_id monotonicity after checkpoint + reopen
    // ================================================================

    /// # Scenario
    /// Allocate several SSTable IDs, checkpoint, reopen, and allocate
    /// more. The IDs must be strictly monotonic.
    ///
    /// # Expected behavior
    /// Post-reopen allocations continue from where the pre-checkpoint
    /// counter left off.
    #[test]
    fn allocate_sst_id_monotonic_after_checkpoint() {
        init_tracing();

        let temp = TempDir::new().unwrap();

        let (id_a, id_b);

        {
            let mut m = open_manifest(&temp);

            id_a = m.allocate_sst_id().unwrap();
            id_b = m.allocate_sst_id().unwrap();
            assert!(id_b > id_a, "IDs should be monotonically increasing");

            m.checkpoint().unwrap();
        }

        // Reopen after checkpoint.
        let m2 = open_manifest(&temp);
        let id_c = m2.allocate_sst_id().unwrap();
        assert!(
            id_c > id_b,
            "ID after reopen ({id_c}) must be > last pre-checkpoint ID ({id_b})"
        );

        let id_d = m2.allocate_sst_id().unwrap();
        assert!(id_d > id_c);
    }

    // ================================================================
    // 4. allocate_sst_id monotonicity after WAL-only recovery
    // ================================================================

    /// # Scenario
    /// Allocate SSTable IDs without checkpointing, then reopen.
    /// WAL replay must correctly restore the counter.
    ///
    /// # Expected behavior
    /// Post-reopen allocation returns an ID greater than all prior.
    #[test]
    fn allocate_sst_id_monotonic_after_wal_recovery() {
        init_tracing();

        let temp = TempDir::new().unwrap();

        let last_id;

        {
            let m = open_manifest(&temp);

            for _ in 0..10 {
                m.allocate_sst_id().unwrap();
            }
            last_id = m.peek_next_sst_id().unwrap() - 1;
        }

        let m2 = open_manifest(&temp);
        let new_id = m2.allocate_sst_id().unwrap();
        assert!(
            new_id > last_id,
            "Post-reopen ID ({new_id}) must exceed pre-crash last ({last_id})"
        );
    }

    // ================================================================
    // 5. Large manifest state checkpoint round-trip
    // ================================================================

    /// # Scenario
    /// Build a manifest with many SSTables and frozen WALs, checkpoint,
    /// reopen. All entries must survive.
    ///
    /// # Expected behavior
    /// 100 SSTables and 50 frozen WALs present after reopen.
    #[test]
    fn large_state_checkpoint_round_trip() {
        init_tracing();

        let temp = TempDir::new().unwrap();

        {
            let mut m = open_manifest(&temp);

            for i in 1..=100u64 {
                m.add_sstable(sst_entry(i)).unwrap();
            }
            for w in 1..=50u64 {
                m.add_frozen_wal(w).unwrap();
            }
            m.update_lsn(12345).unwrap();
            m.set_active_wal(999).unwrap();

            m.checkpoint().unwrap();
        }

        let m2 = open_manifest(&temp);
        assert_eq!(m2.get_sstables().unwrap().len(), 100);
        assert_eq!(m2.get_frozen_wals().unwrap().len(), 50);
        assert_eq!(m2.get_last_lsn().unwrap(), 12345);
        assert_eq!(m2.get_active_wal().unwrap(), 999);
    }

    // ================================================================
    // 6. Mutations after checkpoint replayed on reopen
    // ================================================================

    /// # Scenario
    /// Checkpoint, then perform more mutations via WAL, then reopen.
    /// The WAL mutations after the checkpoint must be replayed on top
    /// of the restored snapshot.
    ///
    /// # Expected behavior
    /// Both snapshot state and post-checkpoint WAL entries are present.
    #[test]
    fn mutations_after_checkpoint_replayed() {
        init_tracing();

        let temp = TempDir::new().unwrap();

        {
            let mut m = open_manifest(&temp);

            // Pre-checkpoint state.
            m.add_sstable(sst_entry(1)).unwrap();
            m.set_active_wal(10).unwrap();
            m.checkpoint().unwrap();

            // Post-checkpoint mutations (only in WAL now).
            m.add_sstable(sst_entry(2)).unwrap();
            m.add_frozen_wal(10).unwrap();
            m.set_active_wal(11).unwrap();
            m.update_lsn(42).unwrap();
        }

        let m2 = open_manifest(&temp);
        let ssts = m2.get_sstables().unwrap();
        assert_eq!(ssts.len(), 2, "Both SSTs (pre+post checkpoint) must exist");
        assert_eq!(m2.get_active_wal().unwrap(), 11);
        assert_eq!(m2.get_last_lsn().unwrap(), 42);
        assert!(m2.get_frozen_wals().unwrap().contains(&10));
    }

    // ================================================================
    // 7. Corrupt snapshot blocks reopen
    // ================================================================

    /// # Scenario
    /// Create a valid snapshot, then corrupt its bytes. Reopening
    /// falls back to WAL replay (resilient recovery).
    ///
    /// # Expected behavior
    /// `Manifest::open` succeeds; since WAL was truncated by checkpoint,
    /// state reverts to defaults.
    #[test]
    fn corrupt_snapshot_falls_back_to_wal() {
        init_tracing();

        let temp = TempDir::new().unwrap();

        {
            let mut m = open_manifest(&temp);
            m.add_sstable(sst_entry(1)).unwrap();
            m.update_lsn(100).unwrap();
            m.checkpoint().unwrap();
        }

        // Corrupt the snapshot file (flip a byte near the middle).
        let snap_path = temp.path().join("MANIFEST-000001");
        let mut data = fs::read(&snap_path).unwrap();
        assert!(data.len() > 10, "Snapshot should be non-trivial");

        let mid = data.len() / 2;
        data[mid] ^= 0xFF;
        fs::write(&snap_path, &data).unwrap();

        // Resilient recovery: corrupt snapshot → WAL replay (empty after
        // checkpoint truncation) → default state.
        let m2 = Manifest::open(temp.path()).unwrap();
        assert_eq!(m2.get_last_lsn().unwrap(), 0);
        assert!(m2.get_sstables().unwrap().is_empty());
    }

    // ================================================================
    // 8. Compaction event survives checkpoint + reopen
    // ================================================================

    /// # Scenario
    /// Apply a compaction event (add 2, remove 1), checkpoint, reopen.
    ///
    /// # Expected behavior
    /// After reopen, the manifest reflects the compaction.
    #[test]
    fn compaction_event_survives_checkpoint() {
        init_tracing();

        let temp = TempDir::new().unwrap();

        {
            let mut m = open_manifest(&temp);

            // Add initial SSTables.
            m.add_sstable(sst_entry(1)).unwrap();
            m.add_sstable(sst_entry(2)).unwrap();
            m.add_sstable(sst_entry(3)).unwrap();

            // Compaction: merge #1 and #2 into #4.
            m.apply_compaction(vec![sst_entry(4)], vec![1, 2]).unwrap();

            m.checkpoint().unwrap();
        }

        let m2 = open_manifest(&temp);
        let ssts = m2.get_sstables().unwrap();
        let ids: Vec<u64> = ssts.iter().map(|e| e.id).collect();

        assert!(!ids.contains(&1), "SST 1 should have been removed");
        assert!(!ids.contains(&2), "SST 2 should have been removed");
        assert!(ids.contains(&3), "SST 3 should remain");
        assert!(ids.contains(&4), "SST 4 should have been added");
    }
}