Wait a second... I thought the whole point of using BDB was that it was
journaled, and that any transaction was thus guaranteed atomic and
re-playable (if the transaction was a success).
So, (a) how is it that a commit that happened hours before the power
went down existed *only* in a log file? And (b), is there a way to
"play back" all of the non-corrupted transactions? That is, if
transaction N resides only in the (corrupted) log file but everything
else is properly journaled/whatever, shouldn't it be trivial to restore
the DB back to state N-1? It seems really unfortunate that if a log
file gets corrupted, there's no simple way to roll the repository back
to the last "usable" state, and instead you have to rely on
questionable database "recovery" steps that apparently don't deal
super-well deal bungled logfiles.
Further, as I stated, by deleting the logfile, I was able to restore
(read-only) functionality to the repository -- *all the way up to the
latest commit*. So it appears that the real problem wasn't that the
last commit hadn't been flushed from the log to the database, but that
BDB had somehow forgotten that it had already flushed that and thought
that the logfile was still somehow active. Is this a separate
vulnerability in BDB?
Presumably I am missing some subtleties of how the DB functions. As
such, I'm not trying to be antagonistic with these questions, but just
trying to reconcile what I know (mostly from the SVN docs, which make
strong claims about why BDB is great) with what you're telling me now.
A deeper understanding of the DB would certainly help me get things
sorted out!
Thanks for your time,
Zach Pincus
On Jul 1, 2005, at 11:17 AM, kfogel@collab.net wrote:
> Zachary Pincus <zpincus@stanford.edu> writes:
>> Thanks for putting up this information! Unfortunately, I was never
>> able to get my original repository fully-recovered. Though, as I said,
>> through some miracle I did manage to get it to a state where I could
>> perform a dump, by playing stupid games with the log files.
>>
>> Since power had gone down well *after* the last commit to SVN, the
>> only thing that seemed to have gotten corrupt was the log files
>> themselves, and not the db; and it seems (in the few times I've had
>> this type of problem) that BDB is very sensitive to corrupt log files
>> and has difficulty recovering from them.
>
> Well, until a checkpoint happens (i.e., data is sync'd from log file
> to database file), the logfiles hold the only copy of actual data. So
> BDB's sensitivity to logfile corruption is understandable! :-)
>
> -Karl
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jul 1 22:44:47 2005