On Fri, 31 Aug 2007, Ken Murchison wrote:
I think your patch makes sense, but I'm not sure when "The cyrus index file format has this clever "ignore" junk at the end until the exists count changes trick" means. I know we leave junk in the cache file as a result of delayed expunge which gets cleaned up later, but I'm pretty sure the the index file is always tightly packed. The is extra space in the index header, but there shouldn't be any between the index records.
I think that the danger is that if sync_server gets shut down uncleanly (which I know was happening to Fastmail a lot at one point) then then you can end up with a bogus entry at the end of a cyrus.index file which is not overwritten by the next sync_append_commit() on that mailbox.
The race condition is that the exists count in the header can only be updated after the index record has been written.
An explicit seek using mailbox->exists is definitely more robust, although it probably doesn't help if power fails halfway through the fsync() on the cyrus.index file after both updates have been made (data=journal maybe?)
-- David Carter Email: [EMAIL PROTECTED] University Computing Service, Phone: (01223) 334502 New Museums Site, Pembroke Street, Fax: (01223) 334679 Cambridge UK. CB2 3QH.
