1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
//! We believe operators of stateful systems should get as much sleep as they
//! want. We take testing seriously, and we take pains to avoid the pesticide
//! paradox wherever possible.
//!
//! sled uses the following testing strategies, and is eager to expand their
//! use:
//!
//! * quickcheck-based model testing on the Tree, `PageCache`, and Log
//! * proptest-based model testing on the `PageTable` using the [model](https://docs.rs/model)
//! testing library
//! * linearizability testing on the `PageTable` using the [model](https://docs.rs/model)
//! testing library
//! * deterministic concurrent model testing using linux realtime priorities,
//! approaching the utility of the PULSE system available for the Erlang
//! ecosystem
//! * `ThreadSanitizer` on a concurrent workload
//! * `LeakSanitizer` on a concurrent workload
//! * failpoints with model testing: at every IO operation, a test can cause the
//! system to simulate a crash
//! * crash testing: processes are quickly spun up and then `kill -9`'d while
//! recovering and writing. the recovered data is verified to recover the log
//! in-order, stopping at the first torn log message or incomplete segment
//! * fuzzing: libfuzzer is used to generate sequences of operations on the Tree
//! * TLA+ has been used to model some of the concurrent algorithms, but much
//! more is necessary