-
Notifications
You must be signed in to change notification settings - Fork 651
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding checksum to each page #492
Comments
Copying my comment from #505 (comment). There are many sources of corruption that we cannot control:
Most databases put checksum to each page. |
This goes into Merkele tree proposal. If someone is interested in this issue, please reachout to me, I'm happy to provide requirements and help with the design. |
My proposal is about ensuring physical integrity of database pages at low level (protection against faulty hardware, bitflips, etc.). etcd's problem looks related but not exactly overlaps with this bbolt's problem.
Because etcd uses |
Correct me if I'm wrong, but as a MVCC bbolt is already updating every page up the root during a write?
Database integrity not only depends on integrity of data, but also on integrity of executed instructions. As terrifying as it seems a bitflip can happen in your if branch logic and change execution path. :P
Looks like a blocker for implementing it on bbolt level. Still happy to collaborate and work on design to address all the action items in https://github.com/etcd-io/etcd/blob/main/Documentation/postmortems/v3.5-data-inconsistency.md#action-items |
You're right. I was wrong about that. |
Adding checksum needs super careful consideration. The impact on performance is also a big concern to consider. It needs an overall design, recovery is the point, so it must be considered in the first place. Note that the existing Again, I'd like us to spend more effort to analyze all the existing data corruption cases before we move on adding any new big features; otherwise, it will add more technical debts. |
This may help detecting corruptions. I'm creating this issue to discuss:
implications.
The text was updated successfully, but these errors were encountered: