sov-db: Track DB commit status #2272

bkolad · 2025-12-29T09:48:04Z

Description

This PR adds tracking for DB commit status.

Previously, the CommitFlag mechanism saved the CommitStatus to a file, but it had two major limitations:

It did not cover all possible database shutdown scenarios.
The flag was written after committing a specific DB. It is now written before the commit, which simplifies error handling.

The CommitStatus is now written to a file in the DbGroup::commit method, and recovery is performed in NomtStateDb::validate_commit_flag_and_rollback_if_necssesary.

Unit tests will be included in a follow-up PR.

I have updated CHANGELOG.md with a new entry if my PR makes any breaking changes or fixes a bug. If my PR removes a feature or changes its behavior, I provide help for users on how to migrate to the new behavior.
I have carefully reviewed all my Cargo.toml changes before opening the PRs. (Are all new dependencies necessary? Is any module dependency leaked into the full-node (hint: it shouldn't)?)

crates/full-node/sov-db/src/state_db_nomt.rs

crates/full-node/sov-db/src/lib.rs

crates/full-node/sov-db/src/storage_manager/nomt_based/groups.rs

crates/full-node/sov-db/src/storage_manager/nomt_based/mod.rs

citizen-stig · 2025-12-30T15:31:47Z

crates/full-node/sov-db/src/commit_flag.rs


-    pub fn log_reset_instruction(&self) {
-        tracing::error!(
-            "To reset commit flag, please remove commit flag file: `rm {}`",


This was useful if user knows that it just wants to remove flag, they can just copy command and execute it. Why we removed it?

Why would we ever want to reset the flag manually? The flow has changed and now we save the file before committing the nomt.

crates/full-node/sov-db/src/flat_db.rs

citizen-stig · 2025-12-30T15:40:03Z

crates/full-node/sov-db/src/state_db_nomt.rs

-        debug_assert_eq!(self.commit_flag.read_status()?, in_progress_commit_status);
+        commit_flag.save_commit_status(&CommitStatus::CommittingKernelNomt(
+            self.kernel.root().into_inner(),
+        ))?;


What happens if NOMT has commited successfully, but writing flag has failed?

We set the flag before committing to Nomt, so if saving the flag fails, we won’t attempt the Nomt commit

citizen-stig · 2025-12-30T15:44:15Z

crates/full-node/sov-db/src/state_db_nomt.rs

+                tracing::warn!(
+                "Detected in-progress commit {commit_status:?}. Rolling back kernel & user DBs."
+            );
+                // User & Kernel commit was sucefull but we don't see `Success`. We rollback both User & Kernek.


Suggested change

// User & Kernel commit was sucefull but we don't see `Success`. We rollback both User & Kernek.

// User & Kernel commit was successful but we don't see `Success`. We rollback both User & Kernel.

crates/full-node/sov-db/src/state_db_nomt.rs

citizen-stig

Overall is good, left couple of comments

citizen-stig · 2025-12-30T15:51:26Z

crates/full-node/sov-db/src/storage_manager/nomt_based/groups.rs

-        let flat_state = FlatStateDb::new(path, state_cache_size, separate_archival_state)?;
+
+        // After validation override the commit flag to Success.
+        commit_flag.write_status(&CommitStatus::Success)?;


What happens if we commited live-db successfully, but failed to write commit status Success ?

We discussed this with Preston when you ware on holiday:

We will rollback both the user and kernel so they remain in a consistent state.

The flat-db and ledger will temporarily be ahead of Nomt,

On startup, the rollup will start from the latest height committed to nomt. After processing the first block, we will override the flat-db/ledger

crates/full-node/sov-db/src/commit_flag.rs

citizen-stig · 2025-12-30T19:09:17Z

crates/full-node/sov-db/src/state_db_nomt.rs

+                    ?commit_status,
+                    "Detected in-progress commit. Rolling back kernel & user DBs."
+                );
+                // User & Kernel commit was sucefull but we don't see `Success`. We rollback both User & Kernel.


Suggested change

// User & Kernel commit was sucefull but we don't see `Success`. We rollback both User & Kernel.

// User & Kernel commit was successful but we don't see `Success`. We rollback both User & Kernel.

citizen-stig · 2025-12-30T19:09:38Z

crates/full-node/sov-db/src/state_db_nomt.rs

+                self.user.rollback(1)?;
+            }
+            CommitStatus::Success => {}
+        }


Do we need to update flag to success at the end, so it is consistent on the next restart?

Meaning if it accidentally shut down immediately before starting new block

Added the save in DbGroup::new

citizen-stig · 2025-12-30T19:31:33Z

crates/full-node/sov-db/src/state_db_nomt.rs

+        Ok(Self { user, kernel })
+    }
+
+    pub(crate) fn validate_commit_flag_and_rollback_if_necssesary(


Suggested change

pub(crate) fn validate_commit_flag_and_rollback_if_necssesary(

pub(crate) fn validate_commit_flag_and_rollback_if_necessesary(

bkolad force-pushed the blaze/fix_db_commit branch from 1662beb to d804845 Compare December 29, 2025 10:57

bkolad changed the title ~~Blaze/fix db commit~~ sov-db: Track DB commit status Dec 29, 2025

bkolad force-pushed the blaze/fix_db_commit branch 3 times, most recently from 0ea1d6e to 811a9ba Compare December 29, 2025 19:04

Base automatically changed from blaze/atomic_db_1 to dev December 29, 2025 19:06

bkolad added 2 commits December 29, 2025 20:10

Refactor commit flag

295870e

Add new stauses

600ba4a

bkolad force-pushed the blaze/fix_db_commit branch from 811a9ba to 600ba4a Compare December 29, 2025 19:10

bkolad added 4 commits December 30, 2025 09:22

fix

f7ff573

fix

3f885e9

Add new stauses

72ac1a8

Comment

af72874

bkolad commented Dec 30, 2025

View reviewed changes

crates/full-node/sov-db/src/state_db_nomt.rs Show resolved Hide resolved

bkolad marked this pull request as ready for review December 30, 2025 13:38