1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
// SPDX-License-Identifier: Apache-2.0
// Copyright (c) 2024-present, fjall-rs
// Copyright (c) 2026-present, Structured World Foundation
//! Active tombstone sets for tracking range tombstones during iteration.
//!
//! During forward or reverse scans, range tombstones must be activated when
//! the scan enters their range and expired when it leaves. These sets use
//! a seqno multiset (`BTreeMap<SeqNo, u32>`) for O(log t) max-seqno queries,
//! and a comparator-ordered expiry queue for deterministic retirement.
//!
//! A unique monotonic `id` on each expiry entry ensures total ordering even
//! when multiple tombstones share the same boundary key.
use crate::{SeqNo, UserKey, comparator::SharedComparator, range_tombstone::RangeTombstone};
use alloc::collections::BTreeMap;
#[cfg(not(feature = "std"))]
use alloc::vec::Vec;
/// Tracks active range tombstones during forward iteration.
///
/// Tombstones are activated when the scan reaches their `start` key, and
/// expired when the scan reaches or passes their `end` key.
///
/// Uses a sorted vector keyed by `(end desc, id asc)` in comparator order,
/// with the expiring-soonest tombstone kept at the tail for cheap `last()`.
pub struct ActiveTombstoneSet {
comparator: SharedComparator,
seqno_counts: BTreeMap<SeqNo, u32>,
// A comparator-ordered Vec keeps expiry deterministic for custom
// comparators; overlap cardinality is typically small, so O(t) inserts are
// an acceptable tradeoff for a compact structure with cheap tail expiry.
pending_expiry: Vec<(UserKey, u64, SeqNo)>,
next_id: u64,
}
impl ActiveTombstoneSet {
/// Creates a new forward active tombstone set.
#[must_use]
#[cfg_attr(
not(test),
expect(
dead_code,
reason = "backward-compatible default-comparator constructor"
)
)]
pub fn new() -> Self {
Self::new_with_comparator(crate::comparator::default_comparator())
}
/// Creates a new forward active tombstone set with the given comparator.
#[must_use]
pub fn new_with_comparator(comparator: SharedComparator) -> Self {
Self {
comparator,
seqno_counts: BTreeMap::new(),
pending_expiry: Vec::new(),
next_id: 0,
}
}
/// Resets the set to empty in place, reusing the backing `BTreeMap` /
/// `Vec` storage instead of dropping it. Equivalent to replacing with a
/// fresh [`Self::new_with_comparator`] but allocation-preserving: a
/// seek-then-iterate-then-reseek loop that activated tombstones keeps the
/// node / buffer capacity for the next pass.
pub fn clear(&mut self) {
self.seqno_counts.clear();
self.pending_expiry.clear();
self.next_id = 0;
}
/// Activates a range tombstone, adding it to the active set.
///
/// The tombstone is only activated if it is visible at `cutoff_seqno`
/// (i.e., `rt.seqno < cutoff_seqno`). Each source may supply a different
/// cutoff (e.g., ephemeral memtable uses its own `index_seqno`).
/// Duplicate activations (same seqno from different sources) are handled
/// correctly via multiset accounting.
pub fn activate(&mut self, rt: &RangeTombstone, cutoff_seqno: SeqNo) {
if !rt.visible_at(cutoff_seqno) {
return;
}
let id = self.next_id;
self.next_id += 1;
*self.seqno_counts.entry(rt.seqno).or_insert(0) += 1;
let end = rt.end.clone();
let seqno = rt.seqno;
let comparator = self.comparator.as_ref();
let insert_idx = self
.pending_expiry
.binary_search_by(|(existing_end, existing_id, _)| {
// `binary_search_by` uses the closure to position the new
// target within the existing slice order. Because this Vec is
// intentionally sorted by `(end desc, id asc)`, we compare the
// target `(end, id)` against the existing probe here.
// Swapping the arguments would search as if the slice were in
// ascending comparator order and would break the tested expiry
// invariant that the earliest tombstone stays at `last()`.
comparator
.compare(&end, existing_end)
.then_with(|| existing_id.cmp(&id))
})
.unwrap_or_else(|idx| idx);
self.pending_expiry.insert(insert_idx, (end, id, seqno));
}
/// Expires tombstones whose `end <= current_key`.
///
/// In the half-open convention `[start, end)`, a tombstone stops covering
/// keys at `end`. So when `current_key >= end`, the tombstone no longer
/// applies and is removed from the active set.
///
/// # Panics
///
/// Panics if an expiry pop has no matching activation in the seqno multiset.
pub fn expire_until(&mut self, current_key: &[u8]) {
while let Some((end, _, seqno)) = self.pending_expiry.last() {
if self.comparator.compare(end, current_key) == core::cmp::Ordering::Greater {
break;
}
let seqno = *seqno;
self.pending_expiry.pop();
#[expect(
clippy::expect_used,
reason = "expiry pop must have matching activation"
)]
let count = self
.seqno_counts
.get_mut(&seqno)
.expect("expiry pop must have matching activation");
*count -= 1;
if *count == 0 {
self.seqno_counts.remove(&seqno);
}
}
}
/// Returns the highest seqno among all active tombstones, or `None` if
/// no tombstones are active.
#[must_use]
pub fn max_active_seqno(&self) -> Option<SeqNo> {
self.seqno_counts.keys().next_back().copied()
}
/// Returns `true` if a KV with the given seqno is suppressed by any
/// active tombstone (i.e., there exists an active tombstone with a
/// higher seqno).
#[must_use]
pub fn is_suppressed(&self, key_seqno: SeqNo) -> bool {
self.max_active_seqno().is_some_and(|max| key_seqno < max)
}
/// Bulk-activates tombstones at a seek position.
///
/// # Invariant
///
/// At any iterator position, the active set contains only tombstones
/// where `start <= current_key < end` (and visible at their respective
/// `cutoff_seqno`). Seek prefill must collect truly overlapping tombstones
/// (`start <= key < end`); `expire_until` immediately enforces the
/// `end` bound.
#[cfg_attr(
not(test),
expect(dead_code, reason = "used by iterator initialization logic")
)]
pub fn initialize_from(
&mut self,
tombstones: impl IntoIterator<Item = (RangeTombstone, SeqNo)>,
) {
for (rt, cutoff) in tombstones {
self.activate(&rt, cutoff);
}
}
/// Returns `true` if there are no active tombstones.
#[cfg_attr(
not(test),
expect(dead_code, reason = "helper for callers to inspect active tombstones")
)]
#[must_use]
pub fn is_empty(&self) -> bool {
self.seqno_counts.is_empty()
}
}
/// Tracks active range tombstones during reverse iteration.
///
/// During reverse scans, tombstones are activated when the scan reaches
/// a key < `end` (strict `>`: `rt.end > current_key`), and expired when
/// `current_key < rt.start`.
///
/// Uses a sorted vector keyed by `(start asc, id asc)` in comparator order,
/// with the expiring-soonest tombstone kept at the tail for cheap `last()`.
pub struct ActiveTombstoneSetReverse {
comparator: SharedComparator,
seqno_counts: BTreeMap<SeqNo, u32>,
pending_expiry: Vec<(UserKey, u64, SeqNo)>,
next_id: u64,
}
impl ActiveTombstoneSetReverse {
/// Creates a new reverse active tombstone set.
#[must_use]
#[cfg_attr(
not(test),
expect(
dead_code,
reason = "backward-compatible default-comparator constructor"
)
)]
pub fn new() -> Self {
Self::new_with_comparator(crate::comparator::default_comparator())
}
/// Creates a new reverse active tombstone set with the given comparator.
#[must_use]
pub fn new_with_comparator(comparator: SharedComparator) -> Self {
Self {
comparator,
seqno_counts: BTreeMap::new(),
pending_expiry: Vec::new(),
next_id: 0,
}
}
/// Resets the set to empty in place, reusing the backing `BTreeMap` /
/// `Vec` storage instead of dropping it (see
/// [`ActiveTombstoneSet::clear`]).
pub fn clear(&mut self) {
self.seqno_counts.clear();
self.pending_expiry.clear();
self.next_id = 0;
}
/// Activates a range tombstone, adding it to the active set.
///
/// The tombstone is only activated if it is visible at `cutoff_seqno`
/// (i.e., `rt.seqno < cutoff_seqno`). Each source may supply a different
/// cutoff (e.g., ephemeral memtable uses its own `index_seqno`).
/// Duplicate activations (same seqno from different sources) are handled
/// correctly via multiset accounting.
///
/// For reverse iteration, activation uses strict `>`: tombstones with
/// `rt.end > current_key` are activated. `key == end` is NOT covered
/// (half-open).
pub fn activate(&mut self, rt: &RangeTombstone, cutoff_seqno: SeqNo) {
if !rt.visible_at(cutoff_seqno) {
return;
}
let id = self.next_id;
self.next_id += 1;
*self.seqno_counts.entry(rt.seqno).or_insert(0) += 1;
let comparator = self.comparator.as_ref();
let pos = self
.pending_expiry
.binary_search_by(|(start, existing_id, _)| {
comparator
.compare(start, &rt.start)
.then_with(|| existing_id.cmp(&id))
})
.unwrap_or_else(|idx| idx);
self.pending_expiry
.insert(pos, (rt.start.clone(), id, rt.seqno));
}
/// Expires tombstones whose `start > current_key`.
///
/// During reverse iteration, when the scan moves to a key that is
/// before a tombstone's start, that tombstone no longer applies.
///
/// # Panics
///
/// Panics if an expiry pop has no matching activation in the seqno multiset.
pub fn expire_until(&mut self, current_key: &[u8]) {
while let Some((start, _, seqno)) = self.pending_expiry.last() {
if self.comparator.compare(current_key, start) == core::cmp::Ordering::Less {
let seqno = *seqno;
self.pending_expiry.pop();
#[expect(
clippy::expect_used,
reason = "expiry pop must have matching activation"
)]
let count = self
.seqno_counts
.get_mut(&seqno)
.expect("expiry pop must have matching activation");
*count -= 1;
if *count == 0 {
self.seqno_counts.remove(&seqno);
}
} else {
break;
}
}
}
/// Returns the highest seqno among all active tombstones, or `None` if
/// no tombstones are active.
#[must_use]
pub fn max_active_seqno(&self) -> Option<SeqNo> {
self.seqno_counts.keys().next_back().copied()
}
/// Returns `true` if a KV with the given seqno is suppressed by any
/// active tombstone (i.e., there exists an active tombstone with a
/// higher seqno).
#[must_use]
pub fn is_suppressed(&self, key_seqno: SeqNo) -> bool {
self.max_active_seqno().is_some_and(|max| key_seqno < max)
}
/// Bulk-activates tombstones at a seek position (for reverse).
#[cfg_attr(
not(test),
expect(dead_code, reason = "used by iterator initialization logic")
)]
pub fn initialize_from(
&mut self,
tombstones: impl IntoIterator<Item = (RangeTombstone, SeqNo)>,
) {
for (rt, cutoff) in tombstones {
self.activate(&rt, cutoff);
}
}
/// Returns `true` if there are no active tombstones.
#[cfg_attr(
not(test),
expect(dead_code, reason = "helper for callers to inspect active tombstones")
)]
#[must_use]
pub fn is_empty(&self) -> bool {
self.seqno_counts.is_empty()
}
}
#[cfg(test)]
mod tests;