[SERVER-48918] Enhance the ident reaper algorithm to check that all instances of Collection / IndexCatalogEntry have been deallocated before proceeding to delete the collection / index Created: 17/Jun/20  Updated: 29/Oct/23  Resolved: 19/Aug/20

Status: Closed
Project: Core Server
Component/s: Storage
Affects Version/s: None
Fix Version/s: 4.7.0

Type: Task Priority: Major - P3
Reporter: Dianna Hohensee (Inactive) Assignee: Dianna Hohensee (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-49731 Create an Ident base class for Record... Closed
Related
related to SERVER-48904 Query should use something other than... Closed
Backwards Compatibility: Fully Compatible
Sprint: Execution Team 2020-06-29, Execution Team 2020-07-13, Execution Team 2020-07-27, Execution Team 2020-08-24
Participants:

 Description   

When we start having many Collection instances for the same collection, we will need to know that there are no operations holding stale versions before deleting the collection or index data for good without versioning thereof.



 Comments   
Comment by Githook User [ 19/Aug/20 ]

Author:

{'name': 'Dianna Hohensee', 'email': 'dianna.hohensee@mongodb.com', 'username': 'DiannaHohensee'}

Message: SERVER-48918 Enhance the ident reaper algorithm to check that all instances of Collection / IndexCatalogEntry have been deallocated before proceeding to delete the collection / index
Branch: master
https://github.com/mongodb/mongo/commit/45a9e0a76e4a9ef995b3490d74610cab98dbcc0a

Comment by Dianna Hohensee (Inactive) [ 17/Jun/20 ]

Two operations hang onto IndexCatalogEntry (ICE) references today: collection validation; and queries. Both also use an isDropped() check, because having a reference isn't sufficient to determine the state of the ICE. Alternatively, we could give indexes UUIDs, like collections, so operations could refetch them and know if the index was dropped and recreated. But that would be extra work, for which i cannot find a good motivating factor.

Queries hold a weak_ptr to the ICE and checks whether the ICE instance still exists under the MODE_IS lock while restoring state after a yield.

Validate holds shared_ptrs to all of a collection's ICEs and checks whether the ICEs are !isDropped after relocking (to allow concurrent exclusive lock operations a chance to run).

---------------------------------------------

Queries won't have MODE_IS locks anymore.

Scenarios:
-----------------------------------------------------------------------------------------------------------------------------------------------------
                                         read grabs Collection w/ Index A — query doesn't actually re-fetch the IndexCatalogEntry, so Collection having it is irrelevant!
drop Index A
                                         isDropped check fails, query throws
-----------------------------------------------------------------------------------------------------------------------------------------------------
drop Index A
                                        read grabs Collection w/o Index A 
                                        either the weak_ptr convert to shared_ptr fails (reference no longer exists), or !isDropped() fails, and the query throws
-----------------------------------------------------------------------------------------------------------------------------------------------------
                                        read grabs Collection w Index A 
                                        weak_ptr converts to shared_ptr, and !isDropped() check succeeds, query runs
drop Index A
                                        query still successfully finds the index table
-----------------------------------------------------------------------------------------------------------------------------------------------------

The validate cmd will hang on to ICE reference and potentially hold up the ident reaper from dropping the index data. Whiles validate is running with a MODE_IS lock, indexes cannot be dropped. It is only across relock that validate can hold up the ident reaper from wiping the index data. So the ident reaper can be blocked by validate waiting for a MODE_IS lock acquisition, behind whatever exclusive lock operations might be running on the collection. That seems fairly okay, though not ideal. Nothing waits on the ident reaper, so we'll just keep some extra data around a little longer

We could, in future, give the validate op weak_ptrs to the ICEs to hang onto; or make background validate cmds lock-free.

Generated at Thu Feb 08 05:18:25 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.