|
| 1 | +# Audit Findings |
| 2 | + |
| 3 | +> Auto-managed by /x-review and /x-fix. |
| 4 | +
|
| 5 | +## Open |
| 6 | + |
| 7 | +### [LOW] compaction: misleading variable name `min_unflushed_seq` for oldest snapshot |
| 8 | +- **Where**: src/compaction/leveled.rs:723, 953 |
| 9 | +- **What**: The variable `min_unflushed_seq` is used to store the sequence number of the oldest active snapshot. |
| 10 | +- **Why**: In LSM-Tree terminology, `min_unflushed_seq` typically refers to the sequence of the oldest data in the memtable/WAL. Using it to mean "oldest snapshot" might confuse future maintainers. |
| 11 | +- **Suggested fix**: Rename to `oldest_snapshot_seq` or `min_active_snapshot_seq` in a future cleanup. |
| 12 | + |
| 13 | +## Won't Fix |
| 14 | + |
| 15 | +### [MEDIUM] manifest: `log_and_apply` performs I/O via `maybe_compact_manifest` while caller holds DB mutex |
| 16 | +- **Where**: src/manifest/version_set.rs:316, 406-414 |
| 17 | +- **What**: Every 1000th edit, `maybe_compact_manifest` fires from inside `log_and_apply`, performing file create, write, fsync, rename, directory fsync, and file removal — all while the caller holds the main DB mutex. |
| 18 | +- **Reason**: Fixing requires separating `VersionSet` from the DB mutex (new manifest-specific lock), which is a deep architectural refactor. The current behavior causes a periodic write-stall spike (~10-100ms every 1000 edits) but does not affect correctness. |
| 19 | + |
| 20 | +### [LOW] db: `max_immutable_memtables` option declared but not enforced |
| 21 | +- **Where**: src/options.rs:18-19 |
| 22 | +- **What**: Option is documented but no code enforces the limit. |
| 23 | +- **Reason**: Feature not yet implemented. Option exists for API forward-compatibility. Not a correctness bug. |
| 24 | + |
| 25 | +### [LOW] types: `from_encoded_slice` appears unused in production code |
| 26 | +- **Where**: src/types.rs:88-95 |
| 27 | +- **What**: Public method with no callers outside tests. |
| 28 | +- **Reason**: Public API for external consumers; cannot determine if unused without checking downstream crates. |
| 29 | + |
| 30 | +### [LOW] types: "Safety:" comment in non-unsafe context |
| 31 | +- **Where**: src/types.rs:49-52 |
| 32 | +- **What**: Comment uses "Safety:" but no unsafe block is involved. |
| 33 | +- **Reason**: Comment is a design note, not a safety justification. Cosmetic only. |
0 commit comments