[WIP] clean up the c1z interfaces#986
Conversation
General PR Review: [WIP] clean up the c1z interfacesBlocking Issues: 0 | Suggestions: 1 | Threads Resolved: 0 Review SummaryScanned the full PR diff for security and correctness. This PR introduces explicit Security IssuesNone found. Correctness IssuesNone found. Suggestions
Prompt for AI agents |
363a37e to
acd49f1
Compare
acd49f1 to
4a090e6
Compare
3469dd1 to
126ebb7
Compare
126ebb7 to
2752d22
Compare
2752d22 to
939088a
Compare
| if inferred == "" { | ||
|
|
||
| // Auto-select: any Pebble input → Pebble output. | ||
| if hasPebble { |
There was a problem hiding this comment.
🟡 Suggestion: Mixed SQLite/Pebble inputs now resolve to Pebble output, and the doc above claims "SQLite inputs in a Pebble run are converted ... automatically; callers are not required to pre-convert." That holds only for the overlay path (compactPebble, which calls convertSQLiteInputToPebble). The fold path (compactPebbleFold) opens each input and uses enginepkg.AsEngine, returning "input is not a pebble c1z" for SQLite inputs — it has no conversion step. Because resolvePebbleMode selects fold purely on size, a mixed-input run that meets the fold size-gate will fail. Consider converting SQLite inputs in the fold path too, or gating fold off when any input is SQLite. (medium confidence)
2d59897 to
aa3d331
Compare
aa3d331 to
c52a8e2
Compare
| errors.Is(err, context.DeadlineExceeded) || | ||
| errors.Is(err, syscall.ENOSPC) || | ||
| os.IsPermission(err) { | ||
| return err |
There was a problem hiding this comment.
🟡 Suggestion: The OpenStore doc comment (line 202) promises transient I/O failures are "returned as-is and do not satisfy errors.Is(err, ErrStoreCorrupt)", but this allow-list only covers context cancellation, ENOSPC, and permission errors. Other genuinely transient failures (e.g. EMFILE/too-many-open-files, EIO, EROFS, temp-dir extraction failures) get wrapped as StoreCorruptError. A downstream caller that quarantines/deletes files on errors.Is(err, ErrStoreCorrupt) could destroy a valid c1z after a transient failure. Consider classifying as corrupt only for known decode errors (e.g. ErrInvalidFile, format/manifest read failures) rather than treating everything off the allow-list as corruption. (medium confidence)
c52a8e2 to
0f00845
Compare
0f00845 to
a62e1de
Compare
| // OpenStore is strict about existing files and requires a valid c1z. | ||
| // CreateStore accepts missing paths and zero-byte placeholders so callers | ||
| // can touch a target path before the first sync. | ||
| if stat, statErr := os.Stat(s.c1zPath); statErr == nil && stat.Size() > 0 { | ||
| store, err = dotc1z.OpenStore(ctx, s.c1zPath, storeOpts...) | ||
| } else { | ||
| store, err = dotc1z.CreateStore(ctx, s.c1zPath, storeOpts...) |
There was a problem hiding this comment.
🟡 Suggestion (low confidence): Behavior change worth confirming. The old NewStore/selectStoreDriver path would auto-convert an existing V1/SQLite file to Pebble in place when WithEngine(EnginePebble) was set and the file was writable. OpenStore deliberately ignores WithEngine and opens by the on-disk format, so a resume into an existing SQLite file while storageEngine == EnginePebble now stays SQLite instead of converting. This is arguably the safer behavior for resume, but it is a silent default change for this code path — confirm it's intended and that no downstream relied on the auto-convert-on-open.
No description provided.