[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#7775) LMDB terminates Postfix daemon process without logfile record
Full_Name: Wietse Venema
Version: All LMDB versions
OS: Linux, BSD
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (70.104.130.26)
Subject: LMDB terminates Postfix daemon process without logfile record
The LMDB library uses assert() which will abort() the program after
writing a message to stderr. In the case of the Postfix MTA, the
symptom is a that a daemon process falls out of the sky without
logfile record.
- This frustrates sysadmins (no logfile message).
- This frustrates my efforts to make Postfix automatically recover
from non-catastrophic error. In many cases the database is only
a cache, a mere optimization. I want the option to just blow it
away when LMDB has a problem with it.
- Library modules should not abort programs after error. They should
return an error result such as EINVAL, or use some other strategy
that leaves control with the application.
- Writing diagnostics to stderr is not useful for daemon programs
in the general case.
To fix this problem I suggest that LMDB provide way to notify the
application that it was unable to complete a request, so that the
application can make proper arrangements.
A few alternatives:
- When a request fails, return a distinct error code such as
MDB_PANIC, and allow the application to look up the text for the
error.
- Invoke an application call-back function with the error code and
problem description text. If the error code is MDB_PANIC then
the application knows that it needs to make final arrangements.
The second option preserves 100% backwards compatibility. The first
option may cause functions to return a result that they didn't
return previously.
Wietse