Hallvard Breien Furuseth:
On 2014-01-08 18:23, Howard Chu wrote:
> Wietse Venema wrote:
>> Hallvard Breien Furuseth:
>>> Process A may see garbage data.
>
> This is wrong. The fcntl locks will definitely prevent two processes
> from interfering with each other. The reason this bug occurs is
> because fcntl locks cannot prevent two transactions within a single
> process from stomping on each other.
Hmm. OK, after some discussion with Howard:
This was so with Howard's original code, it wrapped each mdb_get() in
a transaction. postfix-2.11-20131228/src/util/slmdb.c breaks this by
preserving the read transaction until an error happens which is bad
enough for the code to notice.
The Postfix first/next iterator has always used a long-term read
transaction, ever since the first LMDB patch for Postfix. This broke
with the switch to MDB_NOLOCK.
Locks around cursors are pointless as well as insufficient from
lmdb's point of view. It is transactions which must be protected.
With MDB_NOLOCK the cursor's read transaction must be protected,
and it must be closed before returning the (key, value) to the
caller.
Wietse