2018-03-04 15:24:24 -05:00
|
|
|
// This file is part of Moonfire NVR, a security camera network video recorder.
|
2020-03-20 00:35:42 -04:00
|
|
|
// Copyright (C) 2018-2020 The Moonfire NVR Authors
|
2018-03-04 15:24:24 -05:00
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// In addition, as a special exception, the copyright holders give
|
|
|
|
// permission to link the code of portions of this program with the
|
|
|
|
// OpenSSL library under certain conditions as described in each
|
|
|
|
// individual source file, and distribute linked combinations including
|
|
|
|
// the two.
|
|
|
|
//
|
|
|
|
// You must obey the GNU General Public License in all respects for all
|
|
|
|
// of the code used other than OpenSSL. If you modify file(s) with this
|
|
|
|
// exception, you may extend this exception to your version of the
|
|
|
|
// file(s), but you are not obligated to do so. If you do not wish to do
|
|
|
|
// so, delete this exception statement from your version. If you delete
|
|
|
|
// this exception statement from all source files in the program, then
|
|
|
|
// also delete it here.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU General Public License
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
//! Sample file directory management.
|
|
|
|
//!
|
|
|
|
//! This includes opening files for serving, rotating away old files, and saving new files.
|
|
|
|
|
2018-12-28 22:53:29 -05:00
|
|
|
use base::clock::{self, Clocks};
|
2018-12-28 13:21:49 -05:00
|
|
|
use crate::db::{self, CompositeId};
|
|
|
|
use crate::dir;
|
2020-08-06 08:16:38 -04:00
|
|
|
use crate::recording::{self, MAX_RECORDING_WALL_DURATION};
|
2018-12-28 22:53:29 -05:00
|
|
|
use failure::{Error, bail, format_err};
|
2018-03-04 15:24:24 -05:00
|
|
|
use fnv::FnvHashMap;
|
|
|
|
use parking_lot::Mutex;
|
2019-09-26 09:09:27 -04:00
|
|
|
use log::{debug, trace, warn};
|
2020-04-15 01:56:20 -04:00
|
|
|
use std::convert::TryFrom;
|
|
|
|
use std::cmp::{self, Ordering};
|
2018-03-04 15:24:24 -05:00
|
|
|
use std::io;
|
|
|
|
use std::mem;
|
2020-04-15 01:56:20 -04:00
|
|
|
use std::sync::{Arc, mpsc};
|
2018-03-04 15:24:24 -05:00
|
|
|
use std::thread;
|
2018-03-23 18:16:43 -04:00
|
|
|
use std::time::Duration as StdDuration;
|
|
|
|
use time::{Duration, Timespec};
|
2018-03-04 15:24:24 -05:00
|
|
|
|
|
|
|
pub trait DirWriter : 'static + Send {
|
|
|
|
type File : FileWriter;
|
|
|
|
|
2019-07-12 00:59:01 -04:00
|
|
|
fn create_file(&self, id: CompositeId) -> Result<Self::File, nix::Error>;
|
|
|
|
fn sync(&self) -> Result<(), nix::Error>;
|
|
|
|
fn unlink_file(&self, id: CompositeId) -> Result<(), nix::Error>;
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
pub trait FileWriter : 'static {
|
|
|
|
/// As in `std::fs::File::sync_all`.
|
|
|
|
fn sync_all(&self) -> Result<(), io::Error>;
|
|
|
|
|
|
|
|
/// As in `std::io::Writer::write`.
|
|
|
|
fn write(&mut self, buf: &[u8]) -> Result<usize, io::Error>;
|
|
|
|
}
|
|
|
|
|
|
|
|
impl DirWriter for Arc<dir::SampleFileDir> {
|
|
|
|
type File = ::std::fs::File;
|
|
|
|
|
2019-07-12 00:59:01 -04:00
|
|
|
fn create_file(&self, id: CompositeId) -> Result<Self::File, nix::Error> {
|
2018-03-04 15:24:24 -05:00
|
|
|
dir::SampleFileDir::create_file(self, id)
|
|
|
|
}
|
2019-07-12 00:59:01 -04:00
|
|
|
fn sync(&self) -> Result<(), nix::Error> { dir::SampleFileDir::sync(self) }
|
|
|
|
fn unlink_file(&self, id: CompositeId) -> Result<(), nix::Error> {
|
2018-03-04 15:24:24 -05:00
|
|
|
dir::SampleFileDir::unlink_file(self, id)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl FileWriter for ::std::fs::File {
|
|
|
|
fn sync_all(&self) -> Result<(), io::Error> { self.sync_all() }
|
|
|
|
fn write(&mut self, buf: &[u8]) -> Result<usize, io::Error> { io::Write::write(self, buf) }
|
|
|
|
}
|
|
|
|
|
|
|
|
/// A command sent to the syncer. These correspond to methods in the `SyncerChannel` struct.
|
|
|
|
enum SyncerCommand<F> {
|
2018-03-23 18:16:43 -04:00
|
|
|
AsyncSaveRecording(CompositeId, recording::Duration, F),
|
2018-03-04 15:24:24 -05:00
|
|
|
DatabaseFlushed,
|
2019-01-06 10:07:04 -05:00
|
|
|
Flush(mpsc::SyncSender<()>),
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
/// A channel which can be used to send commands to the syncer.
|
|
|
|
/// Can be cloned to allow multiple threads to send commands.
|
|
|
|
pub struct SyncerChannel<F>(mpsc::Sender<SyncerCommand<F>>);
|
|
|
|
|
|
|
|
impl<F> ::std::clone::Clone for SyncerChannel<F> {
|
|
|
|
fn clone(&self) -> Self { SyncerChannel(self.0.clone()) }
|
|
|
|
}
|
|
|
|
|
|
|
|
/// State of the worker thread.
|
2018-03-23 16:31:23 -04:00
|
|
|
struct Syncer<C: Clocks + Clone, D: DirWriter> {
|
2018-03-04 15:24:24 -05:00
|
|
|
dir_id: i32,
|
|
|
|
dir: D,
|
2018-03-23 16:31:23 -04:00
|
|
|
db: Arc<db::Database<C>>,
|
2019-01-04 14:56:15 -05:00
|
|
|
planned_flushes: std::collections::BinaryHeap<PlannedFlush>,
|
|
|
|
}
|
|
|
|
|
|
|
|
struct PlannedFlush {
|
|
|
|
/// Monotonic time at which this flush should happen.
|
|
|
|
when: Timespec,
|
|
|
|
|
|
|
|
/// Recording which prompts this flush. If this recording is already flushed at the planned
|
|
|
|
/// time, it can be skipped.
|
|
|
|
recording: CompositeId,
|
|
|
|
|
|
|
|
/// A human-readable reason for the flush, for logs.
|
|
|
|
reason: String,
|
2019-01-06 10:07:04 -05:00
|
|
|
|
|
|
|
/// Senders to drop when this time is reached. This is for test instrumentation; see
|
|
|
|
/// `SyncerChannel::flush`.
|
|
|
|
senders: Vec<mpsc::SyncSender<()>>,
|
2019-01-04 14:56:15 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
// PlannedFlush is meant for placement in a max-heap which should return the soonest flush. This
|
|
|
|
// PlannedFlush is greater than other if its when is _less_ than the other's.
|
|
|
|
impl Ord for PlannedFlush {
|
|
|
|
fn cmp(&self, other: &Self) -> Ordering {
|
|
|
|
other.when.cmp(&self.when)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl PartialOrd for PlannedFlush {
|
|
|
|
fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
|
|
|
|
Some(self.cmp(other))
|
|
|
|
}
|
|
|
|
}
|
2018-03-23 18:16:43 -04:00
|
|
|
|
2019-01-04 14:56:15 -05:00
|
|
|
impl PartialEq for PlannedFlush {
|
|
|
|
fn eq(&self, other: &Self) -> bool {
|
|
|
|
self.when == other.when
|
|
|
|
}
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
2019-01-04 14:56:15 -05:00
|
|
|
impl Eq for PlannedFlush {}
|
|
|
|
|
2018-03-04 15:24:24 -05:00
|
|
|
/// Starts a syncer for the given sample file directory.
|
|
|
|
///
|
|
|
|
/// The lock must not be held on `db` when this is called.
|
|
|
|
///
|
|
|
|
/// There should be only one syncer per directory, or 0 if operating in read-only mode.
|
|
|
|
/// This function will perform the initial rotation synchronously, so that it is finished before
|
|
|
|
/// file writing starts. Afterward the syncing happens in a background thread.
|
|
|
|
///
|
|
|
|
/// Returns a `SyncerChannel` which can be used to send commands (and can be cloned freely) and
|
|
|
|
/// a `JoinHandle` for the syncer thread. Commands sent on the channel will be executed or retried
|
|
|
|
/// forever. (TODO: provide some manner of pushback during retry.) At program shutdown, all
|
|
|
|
/// `SyncerChannel` clones should be dropped and then the handle joined to allow all recordings to
|
|
|
|
/// be persisted.
|
|
|
|
///
|
|
|
|
/// Note that dropping all `SyncerChannel` clones currently includes calling
|
|
|
|
/// `LockedDatabase::clear_on_flush`, as this function installs a hook to watch database flushes.
|
|
|
|
/// TODO: add a join wrapper which arranges for the on flush hook to be removed automatically.
|
2018-03-23 16:31:23 -04:00
|
|
|
pub fn start_syncer<C>(db: Arc<db::Database<C>>, dir_id: i32)
|
|
|
|
-> Result<(SyncerChannel<::std::fs::File>, thread::JoinHandle<()>), Error>
|
|
|
|
where C: Clocks + Clone {
|
2018-03-04 15:24:24 -05:00
|
|
|
let db2 = db.clone();
|
|
|
|
let (mut syncer, path) = Syncer::new(&db.lock(), db2, dir_id)?;
|
|
|
|
syncer.initial_rotation()?;
|
|
|
|
let (snd, rcv) = mpsc::channel();
|
|
|
|
db.lock().on_flush(Box::new({
|
|
|
|
let snd = snd.clone();
|
|
|
|
move || if let Err(e) = snd.send(SyncerCommand::DatabaseFlushed) {
|
|
|
|
warn!("Unable to notify syncer for dir {} of flush: {}", dir_id, e);
|
|
|
|
}
|
|
|
|
}));
|
|
|
|
Ok((SyncerChannel(snd),
|
|
|
|
thread::Builder::new()
|
|
|
|
.name(format!("sync-{}", path))
|
2019-01-04 19:11:58 -05:00
|
|
|
.spawn(move || { while syncer.iter(&rcv) {} }).unwrap()))
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
pub struct NewLimit {
|
|
|
|
pub stream_id: i32,
|
|
|
|
pub limit: i64,
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Deletes recordings if necessary to fit within the given new `retain_bytes` limit.
|
|
|
|
/// Note this doesn't change the limit in the database; it only deletes files.
|
|
|
|
/// Pass a limit of 0 to delete all recordings associated with a camera.
|
|
|
|
pub fn lower_retention(db: Arc<db::Database>, dir_id: i32, limits: &[NewLimit])
|
|
|
|
-> Result<(), Error> {
|
|
|
|
let db2 = db.clone();
|
|
|
|
let (mut syncer, _) = Syncer::new(&db.lock(), db2, dir_id)?;
|
|
|
|
syncer.do_rotation(|db| {
|
|
|
|
for l in limits {
|
2020-07-12 19:51:39 -04:00
|
|
|
let (fs_bytes_before, extra);
|
2018-03-04 15:24:24 -05:00
|
|
|
{
|
|
|
|
let stream = db.streams_by_id().get(&l.stream_id)
|
|
|
|
.ok_or_else(|| format_err!("no such stream {}", l.stream_id))?;
|
2020-07-12 19:51:39 -04:00
|
|
|
fs_bytes_before = stream.fs_bytes + stream.fs_bytes_to_add -
|
|
|
|
stream.fs_bytes_to_delete;
|
2018-03-04 15:24:24 -05:00
|
|
|
extra = stream.retain_bytes - l.limit;
|
|
|
|
}
|
2020-07-12 19:51:39 -04:00
|
|
|
if l.limit >= fs_bytes_before { continue }
|
2018-03-04 15:24:24 -05:00
|
|
|
delete_recordings(db, l.stream_id, extra)?;
|
|
|
|
}
|
|
|
|
Ok(())
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Deletes recordings to bring a stream's disk usage within bounds.
|
|
|
|
fn delete_recordings(db: &mut db::LockedDatabase, stream_id: i32,
|
|
|
|
extra_bytes_needed: i64) -> Result<(), Error> {
|
2020-07-12 19:51:39 -04:00
|
|
|
let fs_bytes_needed = {
|
2018-03-04 15:24:24 -05:00
|
|
|
let stream = match db.streams_by_id().get(&stream_id) {
|
|
|
|
None => bail!("no stream {}", stream_id),
|
|
|
|
Some(s) => s,
|
|
|
|
};
|
2020-07-12 19:51:39 -04:00
|
|
|
stream.fs_bytes + stream.fs_bytes_to_add - stream.fs_bytes_to_delete + extra_bytes_needed
|
2018-03-04 15:24:24 -05:00
|
|
|
- stream.retain_bytes
|
|
|
|
};
|
2020-07-12 19:51:39 -04:00
|
|
|
let mut fs_bytes_to_delete = 0;
|
|
|
|
if fs_bytes_needed <= 0 {
|
|
|
|
debug!("{}: have remaining quota of {}", stream_id,
|
|
|
|
base::strutil::encode_size(-fs_bytes_needed));
|
2018-03-04 15:24:24 -05:00
|
|
|
return Ok(());
|
|
|
|
}
|
|
|
|
let mut n = 0;
|
|
|
|
db.delete_oldest_recordings(stream_id, &mut |row| {
|
2020-07-12 19:51:39 -04:00
|
|
|
if fs_bytes_needed >= fs_bytes_to_delete {
|
|
|
|
fs_bytes_to_delete += db::round_up(i64::from(row.sample_file_bytes));
|
2018-03-04 15:24:24 -05:00
|
|
|
n += 1;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
false
|
|
|
|
})?;
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
impl<F: FileWriter> SyncerChannel<F> {
|
|
|
|
/// Asynchronously syncs the given writer, closes it, records it into the database, and
|
|
|
|
/// starts rotation.
|
2020-08-06 08:16:38 -04:00
|
|
|
fn async_save_recording(&self, id: CompositeId, wall_duration: recording::Duration, f: F) {
|
|
|
|
self.0.send(SyncerCommand::AsyncSaveRecording(id, wall_duration, f)).unwrap();
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
2019-01-06 10:07:04 -05:00
|
|
|
|
|
|
|
/// For testing: flushes the syncer, waiting for all currently-queued commands to complete,
|
|
|
|
/// including the next scheduled database flush (if any). Note this doesn't wait for any
|
|
|
|
/// post-database flush garbage collection.
|
|
|
|
pub fn flush(&self) {
|
|
|
|
let (snd, rcv) = mpsc::sync_channel(0);
|
|
|
|
self.0.send(SyncerCommand::Flush(snd)).unwrap();
|
|
|
|
rcv.recv().unwrap_err(); // syncer should just drop the channel, closing it.
|
|
|
|
}
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
2018-03-23 16:31:23 -04:00
|
|
|
/// Lists files which should be "abandoned" (deleted without ever recording in the database)
|
|
|
|
/// on opening.
|
2019-07-12 14:05:36 -04:00
|
|
|
fn list_files_to_abandon(dir: &dir::SampleFileDir, streams_to_next: FnvHashMap<i32, i32>)
|
2018-03-23 16:31:23 -04:00
|
|
|
-> Result<Vec<CompositeId>, Error> {
|
|
|
|
let mut v = Vec::new();
|
2019-07-12 14:05:36 -04:00
|
|
|
let mut d = dir.opendir()?;
|
|
|
|
for e in d.iter() {
|
2018-03-23 16:31:23 -04:00
|
|
|
let e = e?;
|
2019-07-12 14:05:36 -04:00
|
|
|
let id = match dir::parse_id(e.file_name().to_bytes()) {
|
2018-03-23 16:31:23 -04:00
|
|
|
Ok(i) => i,
|
|
|
|
Err(_) => continue,
|
|
|
|
};
|
|
|
|
let next = match streams_to_next.get(&id.stream()) {
|
|
|
|
Some(n) => *n,
|
|
|
|
None => continue, // unknown stream.
|
|
|
|
};
|
|
|
|
if id.recording() >= next {
|
|
|
|
v.push(id);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
Ok(v)
|
|
|
|
}
|
|
|
|
|
|
|
|
impl<C: Clocks + Clone> Syncer<C, Arc<dir::SampleFileDir>> {
|
|
|
|
fn new(l: &db::LockedDatabase, db: Arc<db::Database<C>>, dir_id: i32)
|
2018-03-04 15:24:24 -05:00
|
|
|
-> Result<(Self, String), Error> {
|
|
|
|
let d = l.sample_file_dirs_by_id()
|
|
|
|
.get(&dir_id)
|
|
|
|
.ok_or_else(|| format_err!("no dir {}", dir_id))?;
|
|
|
|
let dir = d.get()?;
|
|
|
|
|
|
|
|
// Abandon files.
|
|
|
|
// First, get a list of the streams in question.
|
|
|
|
let streams_to_next: FnvHashMap<_, _> =
|
|
|
|
l.streams_by_id()
|
|
|
|
.iter()
|
|
|
|
.filter_map(|(&k, v)| {
|
|
|
|
if v.sample_file_dir_id == Some(dir_id) {
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
Some((k, v.cum_recordings))
|
2018-03-04 15:24:24 -05:00
|
|
|
} else {
|
|
|
|
None
|
|
|
|
}
|
|
|
|
})
|
|
|
|
.collect();
|
2019-07-12 14:05:36 -04:00
|
|
|
let to_abandon = list_files_to_abandon(&dir, streams_to_next)?;
|
2018-03-04 15:24:24 -05:00
|
|
|
let mut undeletable = 0;
|
|
|
|
for &id in &to_abandon {
|
|
|
|
if let Err(e) = dir.unlink_file(id) {
|
2019-07-12 00:59:01 -04:00
|
|
|
if e == nix::Error::Sys(nix::errno::Errno::ENOENT) {
|
2018-03-04 15:24:24 -05:00
|
|
|
warn!("dir: abandoned recording {} already deleted!", id);
|
|
|
|
} else {
|
|
|
|
warn!("dir: Unable to unlink abandoned recording {}: {}", id, e);
|
|
|
|
undeletable += 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if undeletable > 0 {
|
|
|
|
bail!("Unable to delete {} abandoned recordings.", undeletable);
|
|
|
|
}
|
|
|
|
|
|
|
|
Ok((Syncer {
|
|
|
|
dir_id,
|
|
|
|
dir,
|
|
|
|
db,
|
2019-01-04 14:56:15 -05:00
|
|
|
planned_flushes: std::collections::BinaryHeap::new(),
|
2018-03-04 15:24:24 -05:00
|
|
|
}, d.path.clone()))
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Rotates files for all streams and deletes stale files from previous runs.
|
|
|
|
/// Called from main thread.
|
|
|
|
fn initial_rotation(&mut self) -> Result<(), Error> {
|
|
|
|
self.do_rotation(|db| {
|
|
|
|
let streams: Vec<i32> = db.streams_by_id().keys().map(|&id| id).collect();
|
|
|
|
for &stream_id in &streams {
|
|
|
|
delete_recordings(db, stream_id, 0)?;
|
|
|
|
}
|
|
|
|
Ok(())
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Helper to do initial or retention-lowering rotation. Called from main thread.
|
|
|
|
fn do_rotation<F>(&mut self, delete_recordings: F) -> Result<(), Error>
|
|
|
|
where F: Fn(&mut db::LockedDatabase) -> Result<(), Error> {
|
|
|
|
{
|
|
|
|
let mut db = self.db.lock();
|
|
|
|
delete_recordings(&mut *db)?;
|
|
|
|
db.flush("synchronous deletion")?;
|
|
|
|
}
|
|
|
|
let mut garbage: Vec<_> = {
|
|
|
|
let l = self.db.lock();
|
|
|
|
let d = l.sample_file_dirs_by_id().get(&self.dir_id).unwrap();
|
2018-12-01 03:03:43 -05:00
|
|
|
d.garbage_needs_unlink.iter().map(|id| *id).collect()
|
2018-03-04 15:24:24 -05:00
|
|
|
};
|
|
|
|
if !garbage.is_empty() {
|
|
|
|
// Try to delete files; retain ones in `garbage` that don't exist.
|
|
|
|
let mut errors = 0;
|
|
|
|
for &id in &garbage {
|
|
|
|
if let Err(e) = self.dir.unlink_file(id) {
|
2019-07-12 00:59:01 -04:00
|
|
|
if e != nix::Error::Sys(nix::errno::Errno::ENOENT) {
|
2018-03-04 15:24:24 -05:00
|
|
|
warn!("dir: Unable to unlink {}: {}", id, e);
|
|
|
|
errors += 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if errors > 0 {
|
|
|
|
bail!("Unable to unlink {} files (see earlier warning messages for details)",
|
|
|
|
errors);
|
|
|
|
}
|
|
|
|
self.dir.sync()?;
|
|
|
|
self.db.lock().delete_garbage(self.dir_id, &mut garbage)?;
|
|
|
|
self.db.lock().flush("synchronous garbage collection")?;
|
|
|
|
}
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-03-23 16:31:23 -04:00
|
|
|
impl<C: Clocks + Clone, D: DirWriter> Syncer<C, D> {
|
2019-01-04 19:11:58 -05:00
|
|
|
/// Processes a single command or timeout.
|
|
|
|
///
|
|
|
|
/// Returns true iff the loop should continue.
|
|
|
|
fn iter(&mut self, cmds: &mpsc::Receiver<SyncerCommand<D::File>>) -> bool {
|
|
|
|
// Wait for a command, the next flush timeout (if specified), or channel disconnect.
|
|
|
|
let next_flush = self.planned_flushes.peek().map(|f| f.when);
|
|
|
|
let cmd = match next_flush {
|
|
|
|
None => match cmds.recv() {
|
|
|
|
Err(_) => return false, // all cmd senders are gone.
|
|
|
|
Ok(cmd) => cmd,
|
|
|
|
},
|
|
|
|
Some(t) => {
|
|
|
|
let now = self.db.clocks().monotonic();
|
|
|
|
|
|
|
|
// Calculate the timeout to use, mapping negative durations to 0.
|
|
|
|
let timeout = (t - now).to_std().unwrap_or(StdDuration::new(0, 0));
|
|
|
|
match self.db.clocks().recv_timeout(&cmds, timeout) {
|
|
|
|
Err(mpsc::RecvTimeoutError::Disconnected) => return false, // cmd senders gone.
|
|
|
|
Err(mpsc::RecvTimeoutError::Timeout) => {
|
|
|
|
self.flush();
|
|
|
|
return true;
|
|
|
|
},
|
2018-03-23 18:16:43 -04:00
|
|
|
Ok(cmd) => cmd,
|
2019-01-04 19:11:58 -05:00
|
|
|
}
|
|
|
|
},
|
|
|
|
};
|
2018-03-23 18:16:43 -04:00
|
|
|
|
2019-01-04 19:11:58 -05:00
|
|
|
// Have a command; handle it.
|
|
|
|
match cmd {
|
2020-08-06 08:16:38 -04:00
|
|
|
SyncerCommand::AsyncSaveRecording(id, wall_dur, f) => self.save(id, wall_dur, f),
|
2019-01-04 19:11:58 -05:00
|
|
|
SyncerCommand::DatabaseFlushed => self.collect_garbage(),
|
2019-01-06 10:07:04 -05:00
|
|
|
SyncerCommand::Flush(flush) => {
|
|
|
|
// The sender is waiting for the supplied writer to be dropped. If there's no
|
|
|
|
// timeout, do so immediately; otherwise wait for that timeout then drop it.
|
|
|
|
if let Some(mut f) = self.planned_flushes.peek_mut() {
|
|
|
|
f.senders.push(flush);
|
|
|
|
}
|
|
|
|
},
|
2019-01-04 19:11:58 -05:00
|
|
|
};
|
|
|
|
|
|
|
|
true
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
/// Collects garbage (without forcing a sync). Called from worker thread.
|
|
|
|
fn collect_garbage(&mut self) {
|
2019-01-04 19:11:58 -05:00
|
|
|
trace!("Collecting garbage");
|
2018-03-04 15:24:24 -05:00
|
|
|
let mut garbage: Vec<_> = {
|
|
|
|
let l = self.db.lock();
|
|
|
|
let d = l.sample_file_dirs_by_id().get(&self.dir_id).unwrap();
|
2018-12-01 03:03:43 -05:00
|
|
|
d.garbage_needs_unlink.iter().map(|id| *id).collect()
|
2018-03-04 15:24:24 -05:00
|
|
|
};
|
|
|
|
if garbage.is_empty() {
|
|
|
|
return;
|
|
|
|
}
|
2018-03-23 16:31:23 -04:00
|
|
|
let c = &self.db.clocks();
|
2018-03-04 15:24:24 -05:00
|
|
|
for &id in &garbage {
|
2018-03-09 20:41:53 -05:00
|
|
|
clock::retry_forever(c, &mut || {
|
2018-03-04 15:24:24 -05:00
|
|
|
if let Err(e) = self.dir.unlink_file(id) {
|
2019-07-12 00:59:01 -04:00
|
|
|
if e == nix::Error::Sys(nix::errno::Errno::ENOENT) {
|
2018-03-04 15:24:24 -05:00
|
|
|
warn!("dir: recording {} already deleted!", id);
|
|
|
|
return Ok(());
|
|
|
|
}
|
|
|
|
return Err(e);
|
|
|
|
}
|
|
|
|
Ok(())
|
|
|
|
});
|
|
|
|
}
|
2018-03-09 20:41:53 -05:00
|
|
|
clock::retry_forever(c, &mut || self.dir.sync());
|
|
|
|
clock::retry_forever(c, &mut || self.db.lock().delete_garbage(self.dir_id, &mut garbage));
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
/// Saves the given recording and causes rotation to happen. Called from worker thread.
|
|
|
|
///
|
|
|
|
/// Note that part of rotation is deferred for the next cycle (saved writing or program startup)
|
|
|
|
/// so that there can be only one dir sync and database transaction per save.
|
|
|
|
/// Internal helper for `save`. This is separated out so that the question-mark operator
|
|
|
|
/// can be used in the many error paths.
|
2020-08-06 08:16:38 -04:00
|
|
|
fn save(&mut self, id: CompositeId, wall_duration: recording::Duration, f: D::File) {
|
2019-01-04 19:11:58 -05:00
|
|
|
trace!("Processing save for {}", id);
|
2018-03-04 15:24:24 -05:00
|
|
|
let stream_id = id.stream();
|
|
|
|
|
|
|
|
// Free up a like number of bytes.
|
2018-03-23 16:31:23 -04:00
|
|
|
clock::retry_forever(&self.db.clocks(), &mut || f.sync_all());
|
|
|
|
clock::retry_forever(&self.db.clocks(), &mut || self.dir.sync());
|
2018-03-04 15:24:24 -05:00
|
|
|
let mut db = self.db.lock();
|
|
|
|
db.mark_synced(id).unwrap();
|
|
|
|
delete_recordings(&mut db, stream_id, 0).unwrap();
|
2018-03-23 18:16:43 -04:00
|
|
|
let s = db.streams_by_id().get(&stream_id).unwrap();
|
|
|
|
let c = db.cameras_by_id().get(&s.camera_id).unwrap();
|
|
|
|
|
|
|
|
// Schedule a flush.
|
2020-08-06 08:16:38 -04:00
|
|
|
let how_soon = Duration::seconds(s.flush_if_sec) - wall_duration.to_tm_duration();
|
2018-03-23 18:16:43 -04:00
|
|
|
let now = self.db.clocks().monotonic();
|
2019-01-04 14:56:15 -05:00
|
|
|
let when = now + how_soon;
|
|
|
|
let reason = format!("{} sec after start of {} {}-{} recording {}",
|
2020-08-06 08:16:38 -04:00
|
|
|
s.flush_if_sec, wall_duration, c.short_name, s.type_.as_str(), id);
|
2018-03-23 18:16:43 -04:00
|
|
|
trace!("scheduling flush in {} because {}", how_soon, &reason);
|
2019-01-04 14:56:15 -05:00
|
|
|
self.planned_flushes.push(PlannedFlush {
|
|
|
|
when,
|
|
|
|
reason,
|
|
|
|
recording: id,
|
2019-01-06 10:07:04 -05:00
|
|
|
senders: Vec::new(),
|
2019-01-04 14:56:15 -05:00
|
|
|
});
|
2018-03-23 18:16:43 -04:00
|
|
|
}
|
2018-03-04 15:24:24 -05:00
|
|
|
|
2019-01-04 19:11:58 -05:00
|
|
|
/// Flushes the database if necessary to honor `flush_if_sec` for some recording.
|
|
|
|
/// Called from worker thread when one of the `planned_flushes` arrives.
|
2019-01-04 14:56:15 -05:00
|
|
|
fn flush(&mut self) {
|
2019-01-04 19:11:58 -05:00
|
|
|
trace!("Flushing");
|
2019-01-04 14:56:15 -05:00
|
|
|
let mut l = self.db.lock();
|
|
|
|
|
|
|
|
// Look through the planned flushes and see if any are still relevant. It's possible
|
|
|
|
// they're not because something else (e.g., a syncer for a different sample file dir)
|
|
|
|
// has flushed the database in the meantime.
|
|
|
|
use std::collections::binary_heap::PeekMut;
|
|
|
|
while let Some(f) = self.planned_flushes.peek_mut() {
|
|
|
|
let s = match l.streams_by_id().get(&f.recording.stream()) {
|
|
|
|
Some(s) => s,
|
|
|
|
None => {
|
|
|
|
// Removing streams while running hasn't been implemented yet, so this should
|
|
|
|
// be impossible.
|
|
|
|
warn!("bug: no stream for {} which was scheduled to be flushed", f.recording);
|
|
|
|
PeekMut::pop(f);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
if s.cum_recordings <= f.recording.recording() { // not yet committed.
|
2019-01-04 14:56:15 -05:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
trace!("planned flush ({}) no longer needed", &f.reason);
|
|
|
|
PeekMut::pop(f);
|
|
|
|
}
|
|
|
|
|
|
|
|
// If there's anything left to do now, try to flush.
|
|
|
|
let f = match self.planned_flushes.peek() {
|
|
|
|
None => return,
|
|
|
|
Some(f) => f,
|
|
|
|
};
|
|
|
|
let now = self.db.clocks().monotonic();
|
|
|
|
if f.when > now {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if let Err(e) = l.flush(&f.reason) {
|
2018-03-23 18:16:43 -04:00
|
|
|
let d = Duration::minutes(1);
|
2019-01-04 14:56:15 -05:00
|
|
|
warn!("flush failure on save for reason {}; will retry after {}: {:?}",
|
|
|
|
f.reason, d, e);
|
|
|
|
self.planned_flushes.peek_mut().expect("planned_flushes is non-empty").when =
|
|
|
|
self.db.clocks().monotonic() + Duration::minutes(1);
|
|
|
|
return;
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
2019-01-04 14:56:15 -05:00
|
|
|
|
|
|
|
// A successful flush should take care of everything planned.
|
|
|
|
self.planned_flushes.clear();
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Struct for writing a single run (of potentially several recordings) to disk and committing its
|
|
|
|
/// metadata to the database. `Writer` hands off each recording's state to the syncer when done. It
|
|
|
|
/// saves the recording to the database (if I/O errors do not prevent this), retries forever,
|
|
|
|
/// or panics (if further writing on this stream is impossible).
|
2018-03-23 16:31:23 -04:00
|
|
|
pub struct Writer<'a, C: Clocks + Clone, D: DirWriter> {
|
2018-03-04 15:24:24 -05:00
|
|
|
dir: &'a D,
|
2018-03-23 16:31:23 -04:00
|
|
|
db: &'a db::Database<C>,
|
2018-03-04 15:24:24 -05:00
|
|
|
channel: &'a SyncerChannel<D::File>,
|
|
|
|
stream_id: i32,
|
|
|
|
video_sample_entry_id: i32,
|
|
|
|
state: WriterState<D::File>,
|
|
|
|
}
|
|
|
|
|
|
|
|
enum WriterState<F: FileWriter> {
|
|
|
|
Unopened,
|
|
|
|
Open(InnerWriter<F>),
|
|
|
|
Closed(PreviousWriter),
|
|
|
|
}
|
|
|
|
|
|
|
|
/// State for writing a single recording, used within `Writer`.
|
|
|
|
///
|
|
|
|
/// Note that the recording created by every `InnerWriter` must be written to the `SyncerChannel`
|
|
|
|
/// with at least one sample. The sample may have zero duration.
|
|
|
|
struct InnerWriter<F: FileWriter> {
|
|
|
|
f: F,
|
|
|
|
r: Arc<Mutex<db::RecordingToInsert>>,
|
|
|
|
e: recording::SampleIndexEncoder,
|
|
|
|
id: CompositeId,
|
2019-01-21 18:58:52 -05:00
|
|
|
|
2020-03-20 23:52:30 -04:00
|
|
|
hasher: blake3::Hasher,
|
2018-03-04 15:24:24 -05:00
|
|
|
|
|
|
|
/// The start time of this segment, based solely on examining the local clock after frames in
|
|
|
|
/// this segment were received. Frames can suffer from various kinds of delay (initial
|
|
|
|
/// buffering, encoding, and network transmission), so this time is set to far in the future on
|
|
|
|
/// construction, given a real value on the first packet, and decreased as less-delayed packets
|
|
|
|
/// are discovered. See design/time.md for details.
|
|
|
|
local_start: recording::Time,
|
|
|
|
|
|
|
|
/// A sample which has been written to disk but not added to `index`. Index writes are one
|
|
|
|
/// sample behind disk writes because the duration of a sample is the difference between its
|
|
|
|
/// pts and the next sample's pts. A sample is flushed when the next sample is written, when
|
|
|
|
/// the writer is closed cleanly (the caller supplies the next pts), or when the writer is
|
|
|
|
/// closed uncleanly (with a zero duration, which the `.mp4` format allows only at the end).
|
|
|
|
///
|
|
|
|
/// Invariant: this should always be `Some` (briefly violated during `write` call only).
|
2020-04-15 01:56:20 -04:00
|
|
|
unindexed_sample: Option<UnindexedSample>,
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Copy, Clone)]
|
2020-04-15 01:56:20 -04:00
|
|
|
struct UnindexedSample {
|
2018-03-04 15:24:24 -05:00
|
|
|
local_time: recording::Time,
|
2020-04-15 01:56:20 -04:00
|
|
|
pts_90k: i64, // relative to the start of the run, not a single recording.
|
2018-03-04 15:24:24 -05:00
|
|
|
len: i32,
|
|
|
|
is_key: bool,
|
|
|
|
}
|
|
|
|
|
|
|
|
/// State associated with a run's previous recording; used within `Writer`.
|
|
|
|
#[derive(Copy, Clone)]
|
|
|
|
struct PreviousWriter {
|
|
|
|
end: recording::Time,
|
|
|
|
run_offset: i32,
|
|
|
|
}
|
|
|
|
|
2018-03-23 16:31:23 -04:00
|
|
|
impl<'a, C: Clocks + Clone, D: DirWriter> Writer<'a, C, D> {
|
2019-01-21 18:58:52 -05:00
|
|
|
/// `db` must not be locked.
|
2018-03-23 16:31:23 -04:00
|
|
|
pub fn new(dir: &'a D, db: &'a db::Database<C>, channel: &'a SyncerChannel<D::File>,
|
2018-03-04 15:24:24 -05:00
|
|
|
stream_id: i32, video_sample_entry_id: i32) -> Self {
|
|
|
|
Writer {
|
|
|
|
dir,
|
|
|
|
db,
|
|
|
|
channel,
|
|
|
|
stream_id,
|
|
|
|
video_sample_entry_id,
|
|
|
|
state: WriterState::Unopened,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Opens a new writer.
|
2018-12-28 13:21:49 -05:00
|
|
|
/// On successful return, `self.state` will be `WriterState::Open(w)` with `w` violating the
|
2020-04-15 01:56:20 -04:00
|
|
|
/// invariant that `unindexed_sample` is `Some`. The caller (`write`) is responsible for
|
2018-12-28 13:21:49 -05:00
|
|
|
/// correcting this.
|
|
|
|
fn open(&mut self) -> Result<(), Error> {
|
2018-03-04 15:24:24 -05:00
|
|
|
let prev = match self.state {
|
|
|
|
WriterState::Unopened => None,
|
2018-12-28 13:21:49 -05:00
|
|
|
WriterState::Open(_) => return Ok(()),
|
2018-03-04 15:24:24 -05:00
|
|
|
WriterState::Closed(prev) => Some(prev),
|
|
|
|
};
|
|
|
|
let (id, r) = self.db.lock().add_recording(self.stream_id, db::RecordingToInsert {
|
|
|
|
run_offset: prev.map(|p| p.run_offset + 1).unwrap_or(0),
|
|
|
|
start: prev.map(|p| p.end).unwrap_or(recording::Time(i64::max_value())),
|
|
|
|
video_sample_entry_id: self.video_sample_entry_id,
|
|
|
|
flags: db::RecordingFlags::Growing as i32,
|
|
|
|
..Default::default()
|
|
|
|
})?;
|
2018-03-23 16:31:23 -04:00
|
|
|
let f = clock::retry_forever(&self.db.clocks(), &mut || self.dir.create_file(id));
|
2018-03-04 15:24:24 -05:00
|
|
|
|
|
|
|
self.state = WriterState::Open(InnerWriter {
|
|
|
|
f,
|
|
|
|
r,
|
|
|
|
e: recording::SampleIndexEncoder::new(),
|
|
|
|
id,
|
2020-03-20 23:52:30 -04:00
|
|
|
hasher: blake3::Hasher::new(),
|
2018-03-04 15:24:24 -05:00
|
|
|
local_start: recording::Time(i64::max_value()),
|
2020-04-15 01:56:20 -04:00
|
|
|
unindexed_sample: None,
|
2018-12-28 13:21:49 -05:00
|
|
|
});
|
|
|
|
Ok(())
|
|
|
|
}
|
2018-03-04 15:24:24 -05:00
|
|
|
|
|
|
|
pub fn previously_opened(&self) -> Result<bool, Error> {
|
|
|
|
Ok(match self.state {
|
|
|
|
WriterState::Unopened => false,
|
|
|
|
WriterState::Closed(_) => true,
|
|
|
|
WriterState::Open(_) => bail!("open!"),
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Writes a new frame to this segment.
|
|
|
|
/// `local_time` should be the local clock's time as of when this packet was received.
|
|
|
|
pub fn write(&mut self, pkt: &[u8], local_time: recording::Time, pts_90k: i64,
|
|
|
|
is_key: bool) -> Result<(), Error> {
|
2018-12-28 13:21:49 -05:00
|
|
|
self.open()?;
|
|
|
|
let w = match self.state {
|
|
|
|
WriterState::Open(ref mut w) => w,
|
|
|
|
_ => unreachable!(),
|
|
|
|
};
|
2018-03-04 15:24:24 -05:00
|
|
|
|
2020-04-15 01:56:20 -04:00
|
|
|
// Note w's invariant that `unindexed_sample` is `None` may currently be violated.
|
2018-03-04 15:24:24 -05:00
|
|
|
// We must restore it on all success or error paths.
|
|
|
|
|
2020-04-15 01:56:20 -04:00
|
|
|
if let Some(unindexed) = w.unindexed_sample.take() {
|
|
|
|
let duration = i32::try_from(pts_90k - i64::from(unindexed.pts_90k))?;
|
2018-03-04 15:24:24 -05:00
|
|
|
if duration <= 0 {
|
2020-08-07 18:30:22 -04:00
|
|
|
w.unindexed_sample = Some(unindexed); // restore invariant.
|
2018-03-04 15:24:24 -05:00
|
|
|
bail!("pts not monotonically increasing; got {} then {}",
|
2020-04-15 01:56:20 -04:00
|
|
|
unindexed.pts_90k, pts_90k);
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
2020-08-07 18:30:22 -04:00
|
|
|
if let Err(e) = w.add_sample(duration, unindexed.len, unindexed.is_key,
|
|
|
|
unindexed.local_time, self.db, self.stream_id) {
|
|
|
|
w.unindexed_sample = Some(unindexed); // restore invariant.
|
|
|
|
return Err(e);
|
2019-01-21 18:58:52 -05:00
|
|
|
}
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
let mut remaining = pkt;
|
|
|
|
while !remaining.is_empty() {
|
2018-03-23 16:31:23 -04:00
|
|
|
let written = clock::retry_forever(&self.db.clocks(), &mut || w.f.write(remaining));
|
2018-03-04 15:24:24 -05:00
|
|
|
remaining = &remaining[written..];
|
|
|
|
}
|
2020-04-15 01:56:20 -04:00
|
|
|
w.unindexed_sample = Some(UnindexedSample {
|
2018-03-04 15:24:24 -05:00
|
|
|
local_time,
|
|
|
|
pts_90k,
|
2020-04-15 01:56:20 -04:00
|
|
|
len: i32::try_from(pkt.len()).unwrap(),
|
2018-03-04 15:24:24 -05:00
|
|
|
is_key,
|
|
|
|
});
|
2020-03-20 23:52:30 -04:00
|
|
|
w.hasher.update(pkt);
|
2018-03-04 15:24:24 -05:00
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Cleanly closes the writer, using a supplied pts of the next sample for the last sample's
|
|
|
|
/// duration (if known). If `close` is not called, the `Drop` trait impl will close the trait,
|
|
|
|
/// swallowing errors and using a zero duration for the last sample.
|
make Writer enforce maximum recording duration
My installation recently somehow ended up with a recording with a
duration of 503793844 90,000ths of a second, way over the maximum of 5
minutes. (Looks like the machine was pretty unresponsive at the time
and/or having network problems.)
When this happens, the system really spirals. Every flush afterward (12
per minute with my installation) fails with a CHECK constraint failure
on the recording table. It never gives up on that recording. /var/log
fills pretty quickly as this failure is extremely verbose (a stack
trace, and a line for each byte of video_index). Eventually the sample
file dirs fill up too as it continues writing video samples while GC is
stuck. The video samples are useless anyway; given that they're not
referenced in the database, they'll be deleted on next startup.
This ensures the offending recording is never added to the database, so
we don't get the same persistent problem. Instead, writing to the
recording will fail. The stream will drop and be retried. If the
underlying condition that caused a too-long recording (many
non-key-frames, or the camera returning a crazy duration, or the
monotonic clock jumping forward extremely, or something) has gone away,
the system should recover.
2019-01-29 11:26:36 -05:00
|
|
|
pub fn close(&mut self, next_pts: Option<i64>) -> Result<(), Error> {
|
2018-03-04 15:24:24 -05:00
|
|
|
self.state = match mem::replace(&mut self.state, WriterState::Unopened) {
|
|
|
|
WriterState::Open(w) => {
|
make Writer enforce maximum recording duration
My installation recently somehow ended up with a recording with a
duration of 503793844 90,000ths of a second, way over the maximum of 5
minutes. (Looks like the machine was pretty unresponsive at the time
and/or having network problems.)
When this happens, the system really spirals. Every flush afterward (12
per minute with my installation) fails with a CHECK constraint failure
on the recording table. It never gives up on that recording. /var/log
fills pretty quickly as this failure is extremely verbose (a stack
trace, and a line for each byte of video_index). Eventually the sample
file dirs fill up too as it continues writing video samples while GC is
stuck. The video samples are useless anyway; given that they're not
referenced in the database, they'll be deleted on next startup.
This ensures the offending recording is never added to the database, so
we don't get the same persistent problem. Instead, writing to the
recording will fail. The stream will drop and be retried. If the
underlying condition that caused a too-long recording (many
non-key-frames, or the camera returning a crazy duration, or the
monotonic clock jumping forward extremely, or something) has gone away,
the system should recover.
2019-01-29 11:26:36 -05:00
|
|
|
let prev = w.close(self.channel, next_pts, self.db, self.stream_id)?;
|
2018-03-04 15:24:24 -05:00
|
|
|
WriterState::Closed(prev)
|
|
|
|
},
|
|
|
|
s => s,
|
|
|
|
};
|
make Writer enforce maximum recording duration
My installation recently somehow ended up with a recording with a
duration of 503793844 90,000ths of a second, way over the maximum of 5
minutes. (Looks like the machine was pretty unresponsive at the time
and/or having network problems.)
When this happens, the system really spirals. Every flush afterward (12
per minute with my installation) fails with a CHECK constraint failure
on the recording table. It never gives up on that recording. /var/log
fills pretty quickly as this failure is extremely verbose (a stack
trace, and a line for each byte of video_index). Eventually the sample
file dirs fill up too as it continues writing video samples while GC is
stuck. The video samples are useless anyway; given that they're not
referenced in the database, they'll be deleted on next startup.
This ensures the offending recording is never added to the database, so
we don't get the same persistent problem. Instead, writing to the
recording will fail. The stream will drop and be retried. If the
underlying condition that caused a too-long recording (many
non-key-frames, or the camera returning a crazy duration, or the
monotonic clock jumping forward extremely, or something) has gone away,
the system should recover.
2019-01-29 11:26:36 -05:00
|
|
|
Ok(())
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-08-06 08:16:38 -04:00
|
|
|
fn clamp(v: i64, min: i64, max: i64) -> i64 {
|
|
|
|
std::cmp::min(std::cmp::max(v, min), max)
|
|
|
|
}
|
|
|
|
|
2018-03-04 15:24:24 -05:00
|
|
|
impl<F: FileWriter> InnerWriter<F> {
|
2020-08-07 18:30:22 -04:00
|
|
|
fn add_sample<C: Clocks + Clone>(&mut self, duration_90k: i32, bytes: i32, is_key: bool,
|
|
|
|
pkt_local_time: recording::Time, db: &db::Database<C>,
|
|
|
|
stream_id: i32)
|
|
|
|
-> Result<(), Error> {
|
2018-03-04 15:24:24 -05:00
|
|
|
let mut l = self.r.lock();
|
2020-08-06 08:16:38 -04:00
|
|
|
|
|
|
|
// design/time.md explains these time manipulations in detail.
|
2020-08-07 18:30:22 -04:00
|
|
|
let prev_media_duration_90k = l.media_duration_90k;
|
2020-08-06 08:16:38 -04:00
|
|
|
let media_duration_90k = l.media_duration_90k + duration_90k;
|
|
|
|
let local_start =
|
|
|
|
cmp::min(self.local_start,
|
|
|
|
pkt_local_time - recording::Duration(i64::from(media_duration_90k)));
|
|
|
|
let limit = i64::from(media_duration_90k / 2000); // 1/2000th, aka 500 ppm.
|
|
|
|
let start = if l.run_offset == 0 {
|
|
|
|
// Start time isn't anchored to previous recording's end; adjust.
|
|
|
|
local_start
|
|
|
|
} else {
|
|
|
|
l.start
|
|
|
|
};
|
|
|
|
let wall_duration_90k =
|
|
|
|
media_duration_90k +
|
|
|
|
i32::try_from(clamp(local_start.0 - start.0, -limit, limit)).unwrap();
|
|
|
|
if wall_duration_90k > i32::try_from(MAX_RECORDING_WALL_DURATION).unwrap() {
|
|
|
|
bail!("Duration {} exceeds maximum {}", wall_duration_90k,
|
|
|
|
MAX_RECORDING_WALL_DURATION);
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
2020-08-06 08:16:38 -04:00
|
|
|
l.wall_duration_90k = wall_duration_90k;
|
|
|
|
l.start = start;
|
|
|
|
self.local_start = local_start;
|
|
|
|
self.e.add_sample(duration_90k, bytes, is_key, &mut l);
|
2020-08-07 18:30:22 -04:00
|
|
|
drop(l);
|
|
|
|
db.lock().send_live_segment(stream_id, db::LiveSegment {
|
|
|
|
recording: self.id.recording(),
|
|
|
|
is_key,
|
|
|
|
media_off_90k: prev_media_duration_90k .. media_duration_90k,
|
|
|
|
}).unwrap();
|
|
|
|
Ok(())
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
2019-01-21 18:58:52 -05:00
|
|
|
fn close<C: Clocks + Clone>(mut self, channel: &SyncerChannel<F>, next_pts: Option<i64>,
|
make Writer enforce maximum recording duration
My installation recently somehow ended up with a recording with a
duration of 503793844 90,000ths of a second, way over the maximum of 5
minutes. (Looks like the machine was pretty unresponsive at the time
and/or having network problems.)
When this happens, the system really spirals. Every flush afterward (12
per minute with my installation) fails with a CHECK constraint failure
on the recording table. It never gives up on that recording. /var/log
fills pretty quickly as this failure is extremely verbose (a stack
trace, and a line for each byte of video_index). Eventually the sample
file dirs fill up too as it continues writing video samples while GC is
stuck. The video samples are useless anyway; given that they're not
referenced in the database, they'll be deleted on next startup.
This ensures the offending recording is never added to the database, so
we don't get the same persistent problem. Instead, writing to the
recording will fail. The stream will drop and be retried. If the
underlying condition that caused a too-long recording (many
non-key-frames, or the camera returning a crazy duration, or the
monotonic clock jumping forward extremely, or something) has gone away,
the system should recover.
2019-01-29 11:26:36 -05:00
|
|
|
db: &db::Database<C>, stream_id: i32) -> Result<PreviousWriter, Error> {
|
2020-04-15 01:56:20 -04:00
|
|
|
let unindexed = self.unindexed_sample.take().expect("should always be an unindexed sample");
|
2018-03-23 18:16:43 -04:00
|
|
|
let (last_sample_duration, flags) = match next_pts {
|
2020-08-06 08:16:38 -04:00
|
|
|
None => (0, db::RecordingFlags::TrailingZero as i32),
|
|
|
|
Some(p) => (i32::try_from(p - unindexed.pts_90k)?, 0),
|
2018-03-04 15:24:24 -05:00
|
|
|
};
|
2020-03-20 23:52:30 -04:00
|
|
|
let blake3 = self.hasher.finalize();
|
2020-08-06 08:16:38 -04:00
|
|
|
let (run_offset, end);
|
2020-08-07 18:30:22 -04:00
|
|
|
self.add_sample(last_sample_duration, unindexed.len, unindexed.is_key,
|
|
|
|
unindexed.local_time, db, stream_id)?;
|
2019-01-21 18:58:52 -05:00
|
|
|
|
|
|
|
// This always ends a live segment.
|
2020-08-06 08:16:38 -04:00
|
|
|
let wall_duration;
|
2018-03-04 15:24:24 -05:00
|
|
|
{
|
|
|
|
let mut l = self.r.lock();
|
|
|
|
l.flags = flags;
|
2020-08-06 08:16:38 -04:00
|
|
|
l.local_time_delta = self.local_start - l.start;
|
2020-03-20 23:52:30 -04:00
|
|
|
l.sample_file_blake3 = Some(blake3.as_bytes().clone());
|
2020-08-06 08:16:38 -04:00
|
|
|
wall_duration = recording::Duration(i64::from(l.wall_duration_90k));
|
2018-03-04 15:24:24 -05:00
|
|
|
run_offset = l.run_offset;
|
2020-08-06 08:16:38 -04:00
|
|
|
end = l.start + wall_duration;
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
drop(self.r);
|
2020-08-06 08:16:38 -04:00
|
|
|
channel.async_save_recording(self.id, wall_duration, self.f);
|
make Writer enforce maximum recording duration
My installation recently somehow ended up with a recording with a
duration of 503793844 90,000ths of a second, way over the maximum of 5
minutes. (Looks like the machine was pretty unresponsive at the time
and/or having network problems.)
When this happens, the system really spirals. Every flush afterward (12
per minute with my installation) fails with a CHECK constraint failure
on the recording table. It never gives up on that recording. /var/log
fills pretty quickly as this failure is extremely verbose (a stack
trace, and a line for each byte of video_index). Eventually the sample
file dirs fill up too as it continues writing video samples while GC is
stuck. The video samples are useless anyway; given that they're not
referenced in the database, they'll be deleted on next startup.
This ensures the offending recording is never added to the database, so
we don't get the same persistent problem. Instead, writing to the
recording will fail. The stream will drop and be retried. If the
underlying condition that caused a too-long recording (many
non-key-frames, or the camera returning a crazy duration, or the
monotonic clock jumping forward extremely, or something) has gone away,
the system should recover.
2019-01-29 11:26:36 -05:00
|
|
|
Ok(PreviousWriter {
|
2018-03-04 15:24:24 -05:00
|
|
|
end,
|
|
|
|
run_offset,
|
make Writer enforce maximum recording duration
My installation recently somehow ended up with a recording with a
duration of 503793844 90,000ths of a second, way over the maximum of 5
minutes. (Looks like the machine was pretty unresponsive at the time
and/or having network problems.)
When this happens, the system really spirals. Every flush afterward (12
per minute with my installation) fails with a CHECK constraint failure
on the recording table. It never gives up on that recording. /var/log
fills pretty quickly as this failure is extremely verbose (a stack
trace, and a line for each byte of video_index). Eventually the sample
file dirs fill up too as it continues writing video samples while GC is
stuck. The video samples are useless anyway; given that they're not
referenced in the database, they'll be deleted on next startup.
This ensures the offending recording is never added to the database, so
we don't get the same persistent problem. Instead, writing to the
recording will fail. The stream will drop and be retried. If the
underlying condition that caused a too-long recording (many
non-key-frames, or the camera returning a crazy duration, or the
monotonic clock jumping forward extremely, or something) has gone away,
the system should recover.
2019-01-29 11:26:36 -05:00
|
|
|
})
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-03-23 16:31:23 -04:00
|
|
|
impl<'a, C: Clocks + Clone, D: DirWriter> Drop for Writer<'a, C, D> {
|
2018-03-04 15:24:24 -05:00
|
|
|
fn drop(&mut self) {
|
|
|
|
if ::std::thread::panicking() {
|
|
|
|
// This will probably panic again. Don't do it.
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if let WriterState::Open(w) = mem::replace(&mut self.state, WriterState::Unopened) {
|
|
|
|
// Swallow any error. The caller should only drop the Writer without calling close()
|
|
|
|
// if there's already been an error. The caller should report that. No point in
|
|
|
|
// complaining again.
|
2019-01-21 18:58:52 -05:00
|
|
|
let _ = w.close(self.channel, None, self.db, self.stream_id);
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#[cfg(test)]
|
|
|
|
mod tests {
|
2019-01-04 19:11:58 -05:00
|
|
|
use base::clock::{Clocks, SimulatedClocks};
|
2020-03-20 00:35:42 -04:00
|
|
|
use crate::db::{self, CompositeId, VideoSampleEntryToInsert};
|
2018-12-28 13:21:49 -05:00
|
|
|
use crate::recording;
|
2018-12-28 22:53:29 -05:00
|
|
|
use parking_lot::Mutex;
|
2019-01-04 19:11:58 -05:00
|
|
|
use log::{trace, warn};
|
2018-03-04 15:24:24 -05:00
|
|
|
use std::collections::VecDeque;
|
|
|
|
use std::io;
|
|
|
|
use std::sync::Arc;
|
|
|
|
use std::sync::mpsc;
|
2020-08-06 08:16:38 -04:00
|
|
|
use super::Writer;
|
2018-12-28 13:21:49 -05:00
|
|
|
use crate::testutil;
|
2018-03-04 15:24:24 -05:00
|
|
|
|
|
|
|
#[derive(Clone)]
|
|
|
|
struct MockDir(Arc<Mutex<VecDeque<MockDirAction>>>);
|
|
|
|
|
|
|
|
enum MockDirAction {
|
2019-07-12 00:59:01 -04:00
|
|
|
Create(CompositeId, Box<dyn Fn(CompositeId) -> Result<MockFile, nix::Error> + Send>),
|
|
|
|
Sync(Box<dyn Fn() -> Result<(), nix::Error> + Send>),
|
|
|
|
Unlink(CompositeId, Box<dyn Fn(CompositeId) -> Result<(), nix::Error> + Send>),
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
impl MockDir {
|
|
|
|
fn new() -> Self { MockDir(Arc::new(Mutex::new(VecDeque::new()))) }
|
|
|
|
fn expect(&self, action: MockDirAction) { self.0.lock().push_back(action); }
|
|
|
|
fn ensure_done(&self) { assert_eq!(self.0.lock().len(), 0); }
|
|
|
|
}
|
|
|
|
|
|
|
|
impl super::DirWriter for MockDir {
|
|
|
|
type File = MockFile;
|
|
|
|
|
2019-07-12 00:59:01 -04:00
|
|
|
fn create_file(&self, id: CompositeId) -> Result<Self::File, nix::Error> {
|
2018-03-04 15:24:24 -05:00
|
|
|
match self.0.lock().pop_front().expect("got create_file with no expectation") {
|
|
|
|
MockDirAction::Create(expected_id, ref f) => {
|
|
|
|
assert_eq!(id, expected_id);
|
|
|
|
f(id)
|
|
|
|
},
|
|
|
|
_ => panic!("got create_file({}), expected something else", id),
|
|
|
|
}
|
|
|
|
}
|
2019-07-12 00:59:01 -04:00
|
|
|
fn sync(&self) -> Result<(), nix::Error> {
|
2018-03-04 15:24:24 -05:00
|
|
|
match self.0.lock().pop_front().expect("got sync with no expectation") {
|
|
|
|
MockDirAction::Sync(f) => f(),
|
|
|
|
_ => panic!("got sync, expected something else"),
|
|
|
|
}
|
|
|
|
}
|
2019-07-12 00:59:01 -04:00
|
|
|
fn unlink_file(&self, id: CompositeId) -> Result<(), nix::Error> {
|
2018-03-04 15:24:24 -05:00
|
|
|
match self.0.lock().pop_front().expect("got unlink_file with no expectation") {
|
|
|
|
MockDirAction::Unlink(expected_id, f) => {
|
|
|
|
assert_eq!(id, expected_id);
|
|
|
|
f(id)
|
|
|
|
},
|
|
|
|
_ => panic!("got unlink({}), expected something else", id),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
impl Drop for MockDir {
|
|
|
|
fn drop(&mut self) {
|
|
|
|
if !::std::thread::panicking() {
|
|
|
|
assert_eq!(self.0.lock().len(), 0);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Clone)]
|
|
|
|
struct MockFile(Arc<Mutex<VecDeque<MockFileAction>>>);
|
|
|
|
|
|
|
|
enum MockFileAction {
|
2019-06-14 11:47:11 -04:00
|
|
|
SyncAll(Box<dyn Fn() -> Result<(), io::Error> + Send>),
|
|
|
|
Write(Box<dyn Fn(&[u8]) -> Result<usize, io::Error> + Send>),
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
impl MockFile {
|
|
|
|
fn new() -> Self { MockFile(Arc::new(Mutex::new(VecDeque::new()))) }
|
|
|
|
fn expect(&self, action: MockFileAction) { self.0.lock().push_back(action); }
|
|
|
|
fn ensure_done(&self) { assert_eq!(self.0.lock().len(), 0); }
|
|
|
|
}
|
|
|
|
|
|
|
|
impl super::FileWriter for MockFile {
|
|
|
|
fn sync_all(&self) -> Result<(), io::Error> {
|
|
|
|
match self.0.lock().pop_front().expect("got sync_all with no expectation") {
|
|
|
|
MockFileAction::SyncAll(f) => f(),
|
|
|
|
_ => panic!("got sync_all, expected something else"),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
fn write(&mut self, buf: &[u8]) -> Result<usize, io::Error> {
|
|
|
|
match self.0.lock().pop_front().expect("got write with no expectation") {
|
|
|
|
MockFileAction::Write(f) => f(buf),
|
|
|
|
_ => panic!("got write({:?}), expected something else", buf),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
struct Harness {
|
2018-03-23 16:31:23 -04:00
|
|
|
db: Arc<db::Database<SimulatedClocks>>,
|
2018-03-04 15:24:24 -05:00
|
|
|
dir_id: i32,
|
|
|
|
_tmpdir: ::tempdir::TempDir,
|
|
|
|
dir: MockDir,
|
|
|
|
channel: super::SyncerChannel<MockFile>,
|
2019-01-04 19:11:58 -05:00
|
|
|
syncer: super::Syncer<SimulatedClocks, MockDir>,
|
|
|
|
syncer_rcv: mpsc::Receiver<super::SyncerCommand<MockFile>>,
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
2019-01-04 19:11:58 -05:00
|
|
|
fn new_harness(flush_if_sec: i64) -> Harness {
|
2018-03-23 16:31:23 -04:00
|
|
|
let clocks = SimulatedClocks::new(::time::Timespec::new(0, 0));
|
2019-01-04 19:11:58 -05:00
|
|
|
let tdb = testutil::TestDb::new_with_flush_if_sec(clocks, flush_if_sec);
|
2018-03-04 15:24:24 -05:00
|
|
|
let dir_id = *tdb.db.lock().sample_file_dirs_by_id().keys().next().unwrap();
|
|
|
|
|
|
|
|
// This starts a real fs-backed syncer. Get rid of it.
|
|
|
|
tdb.db.lock().clear_on_flush();
|
|
|
|
drop(tdb.syncer_channel);
|
|
|
|
tdb.syncer_join.join().unwrap();
|
|
|
|
|
|
|
|
// Start a mocker syncer.
|
|
|
|
let dir = MockDir::new();
|
2019-01-04 19:11:58 -05:00
|
|
|
let syncer = super::Syncer {
|
2018-03-04 15:24:24 -05:00
|
|
|
dir_id: *tdb.db.lock().sample_file_dirs_by_id().keys().next().unwrap(),
|
|
|
|
dir: dir.clone(),
|
|
|
|
db: tdb.db.clone(),
|
2019-01-04 14:56:15 -05:00
|
|
|
planned_flushes: std::collections::BinaryHeap::new(),
|
2018-03-04 15:24:24 -05:00
|
|
|
};
|
2019-01-04 19:11:58 -05:00
|
|
|
let (syncer_snd, syncer_rcv) = mpsc::channel();
|
2018-03-04 15:24:24 -05:00
|
|
|
tdb.db.lock().on_flush(Box::new({
|
2019-01-04 19:11:58 -05:00
|
|
|
let snd = syncer_snd.clone();
|
2018-03-04 15:24:24 -05:00
|
|
|
move || if let Err(e) = snd.send(super::SyncerCommand::DatabaseFlushed) {
|
|
|
|
warn!("Unable to notify syncer for dir {} of flush: {}", dir_id, e);
|
|
|
|
}
|
|
|
|
}));
|
|
|
|
Harness {
|
|
|
|
dir_id,
|
|
|
|
dir,
|
|
|
|
db: tdb.db,
|
|
|
|
_tmpdir: tdb.tmpdir,
|
2019-01-04 19:11:58 -05:00
|
|
|
channel: super::SyncerChannel(syncer_snd),
|
|
|
|
syncer,
|
|
|
|
syncer_rcv,
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
fn eio() -> io::Error { io::Error::new(io::ErrorKind::Other, "got EIO") }
|
2019-07-12 00:59:01 -04:00
|
|
|
fn nix_eio() -> nix::Error { nix::Error::Sys(nix::errno::Errno::EIO) }
|
2018-03-04 15:24:24 -05:00
|
|
|
|
2018-12-01 03:03:43 -05:00
|
|
|
/// Tests the database flushing while a syncer is still processing a previous flush event.
|
|
|
|
#[test]
|
|
|
|
fn double_flush() {
|
|
|
|
testutil::init();
|
2019-01-04 19:11:58 -05:00
|
|
|
let mut h = new_harness(0);
|
2018-12-01 03:03:43 -05:00
|
|
|
h.db.lock().update_retention(&[db::RetentionChange {
|
|
|
|
stream_id: testutil::TEST_STREAM_ID,
|
|
|
|
new_record: true,
|
2020-07-12 19:51:39 -04:00
|
|
|
new_limit: 0,
|
2018-12-01 03:03:43 -05:00
|
|
|
}]).unwrap();
|
|
|
|
|
|
|
|
// Setup: add a 3-byte recording.
|
2020-03-20 00:35:42 -04:00
|
|
|
let video_sample_entry_id = h.db.lock().insert_video_sample_entry(VideoSampleEntryToInsert {
|
|
|
|
width: 1920,
|
|
|
|
height: 1080,
|
|
|
|
pasp_h_spacing: 1,
|
|
|
|
pasp_v_spacing: 1,
|
|
|
|
data: [0u8; 100].to_vec(),
|
|
|
|
rfc6381_codec: "avc1.000000".to_owned(),
|
|
|
|
}).unwrap();
|
2019-01-04 19:11:58 -05:00
|
|
|
let mut w = Writer::new(&h.dir, &h.db, &h.channel, testutil::TEST_STREAM_ID,
|
|
|
|
video_sample_entry_id);
|
|
|
|
let f = MockFile::new();
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Create(CompositeId::new(1, 0),
|
2019-01-04 19:11:58 -05:00
|
|
|
Box::new({ let f = f.clone(); move |_id| Ok(f.clone()) })));
|
|
|
|
f.expect(MockFileAction::Write(Box::new(|buf| { assert_eq!(buf, b"123"); Ok(3) })));
|
|
|
|
f.expect(MockFileAction::SyncAll(Box::new(|| Ok(()))));
|
|
|
|
w.write(b"123", recording::Time(2), 0, true).unwrap();
|
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
make Writer enforce maximum recording duration
My installation recently somehow ended up with a recording with a
duration of 503793844 90,000ths of a second, way over the maximum of 5
minutes. (Looks like the machine was pretty unresponsive at the time
and/or having network problems.)
When this happens, the system really spirals. Every flush afterward (12
per minute with my installation) fails with a CHECK constraint failure
on the recording table. It never gives up on that recording. /var/log
fills pretty quickly as this failure is extremely verbose (a stack
trace, and a line for each byte of video_index). Eventually the sample
file dirs fill up too as it continues writing video samples while GC is
stuck. The video samples are useless anyway; given that they're not
referenced in the database, they'll be deleted on next startup.
This ensures the offending recording is never added to the database, so
we don't get the same persistent problem. Instead, writing to the
recording will fail. The stream will drop and be retried. If the
underlying condition that caused a too-long recording (many
non-key-frames, or the camera returning a crazy duration, or the
monotonic clock jumping forward extremely, or something) has gone away,
the system should recover.
2019-01-29 11:26:36 -05:00
|
|
|
w.close(Some(1)).unwrap();
|
2019-01-04 19:11:58 -05:00
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // AsyncSave
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 1);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // planned flush
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 0);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
f.ensure_done();
|
|
|
|
h.dir.ensure_done();
|
|
|
|
|
|
|
|
// Then a 1-byte recording.
|
|
|
|
let f = MockFile::new();
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Create(CompositeId::new(1, 1),
|
2019-01-04 19:11:58 -05:00
|
|
|
Box::new({ let f = f.clone(); move |_id| Ok(f.clone()) })));
|
|
|
|
f.expect(MockFileAction::Write(Box::new(|buf| { assert_eq!(buf, b"4"); Ok(1) })));
|
|
|
|
f.expect(MockFileAction::SyncAll(Box::new(|| Ok(()))));
|
|
|
|
w.write(b"4", recording::Time(3), 1, true).unwrap();
|
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Unlink(CompositeId::new(1, 0), Box::new({
|
2019-01-04 19:11:58 -05:00
|
|
|
let db = h.db.clone();
|
|
|
|
move |_| {
|
|
|
|
// The drop(w) below should cause the old recording to be deleted (moved to
|
|
|
|
// garbage). When the database is flushed, the syncer forces garbage collection
|
|
|
|
// including this unlink.
|
|
|
|
|
|
|
|
// Do another database flush here, as if from another syncer.
|
|
|
|
db.lock().flush("another syncer running").unwrap();
|
2018-12-01 03:03:43 -05:00
|
|
|
Ok(())
|
2019-01-04 19:11:58 -05:00
|
|
|
}
|
|
|
|
})));
|
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
|
|
|
drop(w);
|
|
|
|
|
|
|
|
trace!("expecting AsyncSave");
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // AsyncSave
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 1);
|
|
|
|
trace!("expecting planned flush");
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // planned flush
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 0);
|
|
|
|
trace!("expecting DatabaseFlushed");
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
trace!("expecting DatabaseFlushed again");
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed again
|
|
|
|
f.ensure_done();
|
|
|
|
h.dir.ensure_done();
|
|
|
|
|
|
|
|
// Garbage should be marked collected on the next database flush.
|
2018-12-01 03:03:43 -05:00
|
|
|
{
|
|
|
|
let mut l = h.db.lock();
|
2019-01-04 19:11:58 -05:00
|
|
|
let dir = l.sample_file_dirs_by_id().get(&h.dir_id).unwrap();
|
|
|
|
assert!(dir.garbage_needs_unlink.is_empty());
|
|
|
|
assert!(!dir.garbage_unlinked.is_empty());
|
2018-12-01 03:03:43 -05:00
|
|
|
l.flush("forced gc").unwrap();
|
2019-01-04 19:11:58 -05:00
|
|
|
let dir = l.sample_file_dirs_by_id().get(&h.dir_id).unwrap();
|
|
|
|
assert!(dir.garbage_needs_unlink.is_empty());
|
|
|
|
assert!(dir.garbage_unlinked.is_empty());
|
2018-12-01 03:03:43 -05:00
|
|
|
}
|
|
|
|
|
2019-01-04 19:11:58 -05:00
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 0);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
|
2018-12-01 03:03:43 -05:00
|
|
|
// The syncer should shut down cleanly.
|
|
|
|
drop(h.channel);
|
|
|
|
h.db.lock().clear_on_flush();
|
2019-01-04 19:11:58 -05:00
|
|
|
assert_eq!(h.syncer_rcv.try_recv().err(),
|
|
|
|
Some(std::sync::mpsc::TryRecvError::Disconnected));
|
|
|
|
assert!(h.syncer.planned_flushes.is_empty());
|
2018-12-01 03:03:43 -05:00
|
|
|
}
|
|
|
|
|
2018-03-04 15:24:24 -05:00
|
|
|
#[test]
|
|
|
|
fn write_path_retries() {
|
|
|
|
testutil::init();
|
2019-01-04 19:11:58 -05:00
|
|
|
let mut h = new_harness(0);
|
2020-03-20 00:35:42 -04:00
|
|
|
let video_sample_entry_id = h.db.lock().insert_video_sample_entry(VideoSampleEntryToInsert {
|
|
|
|
width: 1920,
|
|
|
|
height: 1080,
|
|
|
|
pasp_h_spacing: 1,
|
|
|
|
pasp_v_spacing: 1,
|
|
|
|
data: [0u8; 100].to_vec(),
|
|
|
|
rfc6381_codec: "avc1.000000".to_owned(),
|
|
|
|
}).unwrap();
|
2019-01-04 19:11:58 -05:00
|
|
|
let mut w = Writer::new(&h.dir, &h.db, &h.channel, testutil::TEST_STREAM_ID,
|
|
|
|
video_sample_entry_id);
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Create(CompositeId::new(1, 0), Box::new(|_id| Err(nix_eio()))));
|
2019-01-04 19:11:58 -05:00
|
|
|
let f = MockFile::new();
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Create(CompositeId::new(1, 0),
|
2019-01-04 19:11:58 -05:00
|
|
|
Box::new({ let f = f.clone(); move |_id| Ok(f.clone()) })));
|
|
|
|
f.expect(MockFileAction::Write(Box::new(|buf| {
|
|
|
|
assert_eq!(buf, b"1234");
|
|
|
|
Err(eio())
|
|
|
|
})));
|
|
|
|
f.expect(MockFileAction::Write(Box::new(|buf| {
|
|
|
|
assert_eq!(buf, b"1234");
|
|
|
|
Ok(1)
|
|
|
|
})));
|
|
|
|
f.expect(MockFileAction::Write(Box::new(|buf| {
|
|
|
|
assert_eq!(buf, b"234");
|
|
|
|
Err(eio())
|
|
|
|
})));
|
|
|
|
f.expect(MockFileAction::Write(Box::new(|buf| {
|
|
|
|
assert_eq!(buf, b"234");
|
|
|
|
Ok(3)
|
|
|
|
})));
|
|
|
|
f.expect(MockFileAction::SyncAll(Box::new(|| Err(eio()))));
|
|
|
|
f.expect(MockFileAction::SyncAll(Box::new(|| Ok(()))));
|
|
|
|
w.write(b"1234", recording::Time(1), 0, true).unwrap();
|
2019-07-12 00:59:01 -04:00
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Err(nix_eio()))));
|
2019-01-04 19:11:58 -05:00
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
|
|
|
drop(w);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // AsyncSave
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 1);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // planned flush
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 0);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
f.ensure_done();
|
|
|
|
h.dir.ensure_done();
|
2018-03-04 15:24:24 -05:00
|
|
|
|
|
|
|
{
|
|
|
|
let l = h.db.lock();
|
|
|
|
let s = l.streams_by_id().get(&testutil::TEST_STREAM_ID).unwrap();
|
|
|
|
assert_eq!(s.bytes_to_add, 0);
|
|
|
|
assert_eq!(s.sample_file_bytes, 4);
|
|
|
|
}
|
2019-01-04 19:11:58 -05:00
|
|
|
|
|
|
|
// The syncer should shut down cleanly.
|
2018-03-04 15:24:24 -05:00
|
|
|
drop(h.channel);
|
|
|
|
h.db.lock().clear_on_flush();
|
2019-01-04 19:11:58 -05:00
|
|
|
assert_eq!(h.syncer_rcv.try_recv().err(),
|
|
|
|
Some(std::sync::mpsc::TryRecvError::Disconnected));
|
|
|
|
assert!(h.syncer.planned_flushes.is_empty());
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn gc_path_retries() {
|
|
|
|
testutil::init();
|
2019-01-04 19:11:58 -05:00
|
|
|
let mut h = new_harness(0);
|
2018-03-04 15:24:24 -05:00
|
|
|
h.db.lock().update_retention(&[db::RetentionChange {
|
|
|
|
stream_id: testutil::TEST_STREAM_ID,
|
|
|
|
new_record: true,
|
2020-07-12 19:51:39 -04:00
|
|
|
new_limit: 0,
|
2018-03-04 15:24:24 -05:00
|
|
|
}]).unwrap();
|
|
|
|
|
|
|
|
// Setup: add a 3-byte recording.
|
2020-03-20 00:35:42 -04:00
|
|
|
let video_sample_entry_id = h.db.lock().insert_video_sample_entry(VideoSampleEntryToInsert {
|
|
|
|
width: 1920,
|
|
|
|
height: 1080,
|
|
|
|
pasp_h_spacing: 1,
|
|
|
|
pasp_v_spacing: 1,
|
|
|
|
data: [0u8; 100].to_vec(),
|
|
|
|
rfc6381_codec: "avc1.000000".to_owned(),
|
|
|
|
}).unwrap();
|
2019-01-04 19:11:58 -05:00
|
|
|
let mut w = Writer::new(&h.dir, &h.db, &h.channel, testutil::TEST_STREAM_ID,
|
|
|
|
video_sample_entry_id);
|
|
|
|
let f = MockFile::new();
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Create(CompositeId::new(1, 0),
|
2019-01-04 19:11:58 -05:00
|
|
|
Box::new({ let f = f.clone(); move |_id| Ok(f.clone()) })));
|
|
|
|
f.expect(MockFileAction::Write(Box::new(|buf| { assert_eq!(buf, b"123"); Ok(3) })));
|
|
|
|
f.expect(MockFileAction::SyncAll(Box::new(|| Ok(()))));
|
|
|
|
w.write(b"123", recording::Time(2), 0, true).unwrap();
|
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
make Writer enforce maximum recording duration
My installation recently somehow ended up with a recording with a
duration of 503793844 90,000ths of a second, way over the maximum of 5
minutes. (Looks like the machine was pretty unresponsive at the time
and/or having network problems.)
When this happens, the system really spirals. Every flush afterward (12
per minute with my installation) fails with a CHECK constraint failure
on the recording table. It never gives up on that recording. /var/log
fills pretty quickly as this failure is extremely verbose (a stack
trace, and a line for each byte of video_index). Eventually the sample
file dirs fill up too as it continues writing video samples while GC is
stuck. The video samples are useless anyway; given that they're not
referenced in the database, they'll be deleted on next startup.
This ensures the offending recording is never added to the database, so
we don't get the same persistent problem. Instead, writing to the
recording will fail. The stream will drop and be retried. If the
underlying condition that caused a too-long recording (many
non-key-frames, or the camera returning a crazy duration, or the
monotonic clock jumping forward extremely, or something) has gone away,
the system should recover.
2019-01-29 11:26:36 -05:00
|
|
|
w.close(Some(1)).unwrap();
|
2019-01-04 19:11:58 -05:00
|
|
|
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // AsyncSave
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 1);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // planned flush
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 0);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
f.ensure_done();
|
|
|
|
h.dir.ensure_done();
|
|
|
|
|
|
|
|
// Then a 1-byte recording.
|
|
|
|
let f = MockFile::new();
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Create(CompositeId::new(1, 1),
|
2019-01-04 19:11:58 -05:00
|
|
|
Box::new({ let f = f.clone(); move |_id| Ok(f.clone()) })));
|
|
|
|
f.expect(MockFileAction::Write(Box::new(|buf| { assert_eq!(buf, b"4"); Ok(1) })));
|
|
|
|
f.expect(MockFileAction::SyncAll(Box::new(|| Ok(()))));
|
|
|
|
w.write(b"4", recording::Time(3), 1, true).unwrap();
|
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Unlink(CompositeId::new(1, 0), Box::new({
|
2019-01-04 19:11:58 -05:00
|
|
|
let db = h.db.clone();
|
|
|
|
move |_| {
|
|
|
|
// The drop(w) below should cause the old recording to be deleted (moved to
|
|
|
|
// garbage). When the database is flushed, the syncer forces garbage collection
|
|
|
|
// including this unlink.
|
|
|
|
|
|
|
|
// This should have already applied the changes to sample file bytes, even
|
|
|
|
// though the garbage has yet to be collected.
|
|
|
|
let l = db.lock();
|
|
|
|
let s = l.streams_by_id().get(&testutil::TEST_STREAM_ID).unwrap();
|
|
|
|
assert_eq!(s.bytes_to_delete, 0);
|
|
|
|
assert_eq!(s.bytes_to_add, 0);
|
|
|
|
assert_eq!(s.sample_file_bytes, 1);
|
2019-07-12 00:59:01 -04:00
|
|
|
Err(nix_eio()) // force a retry.
|
2019-01-04 19:11:58 -05:00
|
|
|
}
|
|
|
|
})));
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Unlink(CompositeId::new(1, 0), Box::new(|_| Ok(()))));
|
2019-07-12 00:59:01 -04:00
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Err(nix_eio()))));
|
2019-01-04 19:11:58 -05:00
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
2018-03-23 18:16:43 -04:00
|
|
|
|
2019-01-04 19:11:58 -05:00
|
|
|
drop(w);
|
2018-03-23 18:16:43 -04:00
|
|
|
|
2019-01-04 19:11:58 -05:00
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // AsyncSave
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 1);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // planned flush
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 0);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
f.ensure_done();
|
|
|
|
h.dir.ensure_done();
|
2018-03-04 15:24:24 -05:00
|
|
|
|
|
|
|
// Garbage should be marked collected on the next flush.
|
|
|
|
{
|
|
|
|
let mut l = h.db.lock();
|
2019-01-04 19:11:58 -05:00
|
|
|
let dir = l.sample_file_dirs_by_id().get(&h.dir_id).unwrap();
|
|
|
|
assert!(dir.garbage_needs_unlink.is_empty());
|
|
|
|
assert!(!dir.garbage_unlinked.is_empty());
|
2018-03-04 15:24:24 -05:00
|
|
|
l.flush("forced gc").unwrap();
|
2019-01-04 19:11:58 -05:00
|
|
|
let dir = l.sample_file_dirs_by_id().get(&h.dir_id).unwrap();
|
|
|
|
assert!(dir.garbage_needs_unlink.is_empty());
|
|
|
|
assert!(dir.garbage_unlinked.is_empty());
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
|
2019-01-04 19:11:58 -05:00
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
|
|
|
|
// The syncer should shut down cleanly.
|
|
|
|
drop(h.channel);
|
|
|
|
h.db.lock().clear_on_flush();
|
|
|
|
assert_eq!(h.syncer_rcv.try_recv().err(),
|
|
|
|
Some(std::sync::mpsc::TryRecvError::Disconnected));
|
|
|
|
assert!(h.syncer.planned_flushes.is_empty());
|
|
|
|
}
|
|
|
|
|
|
|
|
#[test]
|
|
|
|
fn planned_flush() {
|
|
|
|
testutil::init();
|
|
|
|
let mut h = new_harness(60); // flush_if_sec=60
|
|
|
|
|
|
|
|
// There's a database constraint forbidding a recording starting at t=0, so advance.
|
|
|
|
h.db.clocks().sleep(time::Duration::seconds(1));
|
|
|
|
|
|
|
|
// Setup: add a 3-byte recording.
|
2020-03-20 00:35:42 -04:00
|
|
|
let video_sample_entry_id = h.db.lock().insert_video_sample_entry(VideoSampleEntryToInsert {
|
|
|
|
width: 1920,
|
|
|
|
height: 1080,
|
|
|
|
pasp_h_spacing: 1,
|
|
|
|
pasp_v_spacing: 1,
|
|
|
|
data: [0u8; 100].to_vec(),
|
|
|
|
rfc6381_codec: "avc1.000000".to_owned(),
|
|
|
|
}).unwrap();
|
2019-01-04 19:11:58 -05:00
|
|
|
let mut w = Writer::new(&h.dir, &h.db, &h.channel, testutil::TEST_STREAM_ID,
|
|
|
|
video_sample_entry_id);
|
|
|
|
let f1 = MockFile::new();
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Create(CompositeId::new(1, 0),
|
2019-01-04 19:11:58 -05:00
|
|
|
Box::new({ let f = f1.clone(); move |_id| Ok(f.clone()) })));
|
|
|
|
f1.expect(MockFileAction::Write(Box::new(|buf| { assert_eq!(buf, b"123"); Ok(3) })));
|
|
|
|
f1.expect(MockFileAction::SyncAll(Box::new(|| Ok(()))));
|
|
|
|
w.write(b"123", recording::Time(recording::TIME_UNITS_PER_SEC), 0, true).unwrap();
|
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
|
|
|
drop(w);
|
|
|
|
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // AsyncSave
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 1);
|
|
|
|
|
|
|
|
// Flush and let 30 seconds go by.
|
|
|
|
h.db.lock().flush("forced").unwrap();
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 1);
|
|
|
|
h.db.clocks().sleep(time::Duration::seconds(30));
|
|
|
|
|
|
|
|
// Then, a 1-byte recording.
|
|
|
|
let mut w = Writer::new(&h.dir, &h.db, &h.channel, testutil::TEST_STREAM_ID,
|
|
|
|
video_sample_entry_id);
|
|
|
|
let f2 = MockFile::new();
|
track cumulative duration and runs
This is useful for a combo scrub bar-based UI (#32) + live view UI (#59)
in a non-obvious way. When constructing a HTML Media Source Extensions
API SourceBuffer, the caller can specify a "mode" of either "segments"
or "sequence":
In "sequence" mode, playback assumes segments are added sequentially.
This is good enough for a live view-only UI (#59) but not for a scrub
bar UI in which you may want to seek backward to a segment you've never
seen before. You will then need to insert a segment out-of-sequence.
Imagine what happens when the user goes forward again until the end of
the segment inserted immediately before it. The user should see the
chronologically next segment or a pause for loading if it's unavailable.
The best approximation of this is to track the mapping of timestamps to
segments and insert a VTTCue with an enter/exit handler that seeks to
the right position. But seeking isn't instantaneous; the user will
likely briefly see first the segment they seeked to before. That's
janky. Additionally, the "canplaythrough" event will behave strangely.
In "segments" mode, playback respects the timestamps we set:
* The obvious choice is to use wall clock timestamps. This is fine if
they're known to be fixed and correct. They're not. The
currently-recording segment may be "unanchored", meaning its start
timestamp is not yet fixed. Older timestamps may overlap if the system
clock was stepped between runs. The latter isn't /too/ bad from a user
perspective, though it's confusing as a developer. We probably will
only end up showing the more recent recording for a given
timestamp anyway. But the former is quite annoying. It means we have
to throw away part of the SourceBuffer that we may want to seek back
(causing UI pauses when that happens) or keep our own spare copy of it
(memory bloat). I'd like to avoid the whole mess.
* Another approach is to use timestamps that are guaranteed to be in
the correct order but that may have gaps. In particular, a timestamp
of (recording_id * max_recording_duration) + time_within_recording.
But again seeking isn't instantaneous. In my experiments, there's a
visible pause between segments that drives me nuts.
* Finally, the approach that led me to this schema change. Use
timestamps that place each segment after the one before, possibly with
an intentional gap between runs (to force a wait where we have an
actual gap). This should make the browser's natural playback behavior
work properly: it never goes to an incorrect place, and it only waits
when/if we want it to. We have to maintain a mapping between its
timestamps and segment ids but that's doable.
This commit is only the schema change; the new data aren't exposed in
the API yet, much less used by a UI.
Note that stream.next_recording_id became stream.cum_recordings. I made
a slight definition change in the process: recording ids for new streams
start at 0 rather than 1. Various tests changed accordingly.
The upgrade process makes a best effort to backfill these new fields,
but of course it doesn't know the total duration or number of runs of
previously deleted rows. That's good enough.
2020-06-09 19:17:32 -04:00
|
|
|
h.dir.expect(MockDirAction::Create(CompositeId::new(1, 1),
|
2019-01-04 19:11:58 -05:00
|
|
|
Box::new({ let f = f2.clone(); move |_id| Ok(f.clone()) })));
|
|
|
|
f2.expect(MockFileAction::Write(Box::new(|buf| { assert_eq!(buf, b"4"); Ok(1) })));
|
|
|
|
f2.expect(MockFileAction::SyncAll(Box::new(|| Ok(()))));
|
|
|
|
w.write(b"4", recording::Time(31*recording::TIME_UNITS_PER_SEC), 1, true).unwrap();
|
|
|
|
h.dir.expect(MockDirAction::Sync(Box::new(|| Ok(()))));
|
|
|
|
|
|
|
|
drop(w);
|
|
|
|
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // AsyncSave
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 2);
|
|
|
|
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 2);
|
|
|
|
let db_flush_count_before = h.db.lock().flushes();
|
|
|
|
assert_eq!(h.db.clocks().monotonic(), time::Timespec::new(31, 0));
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // planned flush (no-op)
|
|
|
|
assert_eq!(h.db.clocks().monotonic(), time::Timespec::new(61, 0));
|
|
|
|
assert_eq!(h.db.lock().flushes(), db_flush_count_before);
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 1);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // planned flush
|
|
|
|
assert_eq!(h.db.clocks().monotonic(), time::Timespec::new(91, 0));
|
|
|
|
assert_eq!(h.db.lock().flushes(), db_flush_count_before + 1);
|
|
|
|
assert_eq!(h.syncer.planned_flushes.len(), 0);
|
|
|
|
assert!(h.syncer.iter(&h.syncer_rcv)); // DatabaseFlushed
|
|
|
|
|
|
|
|
f1.ensure_done();
|
|
|
|
f2.ensure_done();
|
|
|
|
h.dir.ensure_done();
|
|
|
|
|
2018-03-04 15:24:24 -05:00
|
|
|
// The syncer should shut down cleanly.
|
|
|
|
drop(h.channel);
|
|
|
|
h.db.lock().clear_on_flush();
|
2019-01-04 19:11:58 -05:00
|
|
|
assert_eq!(h.syncer_rcv.try_recv().err(),
|
|
|
|
Some(std::sync::mpsc::TryRecvError::Disconnected));
|
|
|
|
assert!(h.syncer.planned_flushes.is_empty());
|
2018-03-04 15:24:24 -05:00
|
|
|
}
|
|
|
|
}
|