Howard Chu wrote:
Howard Chu wrote:
> Please test... At the moment I've only run it with BDB 4.7.25. I'll be
testing
> with older releases over the next couple of days. In particular, take note of
> any LDAP_OTHER/Internal Error results in the test suite. Right now it passes
> all tests for me on bdb and hdb.
I'm occasionally seeing the read-only transaction getting selected for
deadlock recovery, which makes the transaction unusable after that point. I'm
looking into how to configure the environment so that the reader transactions
never get selected for deadlock recovery, otherwise we need to add a lot more
abort/recovery code.
My approach for that was to set the NOWAIT flag on the read txns, but that
eats up too much CPU because most of our code immediately retries whenever it
sees the DB_LOCK_NOTGRANTED result. I've removed the NOWAIT flag again. Still
looking at the impact of this change.
While investigating this, I noticed another problem - currently
whenever the
search code gets a LOCK_DEADLOCK or LOCK_NOTGRANTED result, it just
immediately retries. That's only correct when the search is a standalone
operation. But, the search can also be invoked during ACL processing of a
write operation if an ACL specifies some group or other complex condition.
We've correctly propagated the write's TXN into the search using the
bdb_opinfo, but if we're acting in this situation and get a DEADLOCK, we need
to give up and return back to the caller.
This is now fixed in search.c. The most obvious case where it would cause
problems is evaluating an ACL set during a write operation; if the set caused
a search that hit a BDB deadlock, the search would retry once and get an
internal error on the retry, causing the ACL evaluation to fail. Whether that
caused the write op to be erroneously allowed or denied really depends on how
the set was defined... (For typical ACL group comparisons, we were already
doing the correct error recovery.)
--
-- Howard Chu
CTO, Symas Corp.
http://www.symas.com
Director, Highland Sun
http://highlandsun.com/hyc/
Chief Architect, OpenLDAP
http://www.openldap.org/project/