[Dovecot] How to get rid of locks

Daniel L. Miller dmiller at amfes.com
Sun Apr 8 10:29:09 EEST 2007 

Timo Sirainen wrote:
> Although Dovecot is already read-lockless and it uses only short-lived 
> write locks, it's be really nice to just get rid of the locking 
> completely. :)
>
> I just figured out that O_APPEND is pretty great. If the operating 
> system updates seek position after writing to a file opened with 
> O_APPEND, writes to Dovecot's transaction log file can be made 
> lockless. I see that this works with Linux and Solaris, but not with 
> OS X. Could you BSD people try if it works there? 
> http://dovecot.org/tmp/append.c and see if it says "offset = 0" (bad) 
> or non-zero (yay). The O_APPEND at least doesn't work with NFS, so 
> it'll have to be optional anyway.
>
> Currently Dovecot always updates dovecot.index file after it has done 
> any changes. This isn't really necessary, because the changes are 
> already in transaction log, so the dovecot.index file can be read to 
> memory and the new changes applied on top of it from transaction log 
> (this is pretty much how mmap_disable=yes works). So I'm going to 
> change this to work so that the dovecot.index is updated only if a) 
> there are enough changes in transaction log (eg. 8kB or so) and b) it 
> can be write-locked without waiting.
>
> Maildir then. It has this annoying problem that readdir() can skip 
> files if another process is rename()ing them, causing Dovecot to think 
> that the message was expunged. The only way I could avoid this by 
> locking the maildir while synchronizing it. Today I noticed that this 
> doesn't happen with OS X. I'm not sure if I was just lucky or if there 
> really is something special implemented in it, because it doesn't work 
> anywhere else. I'm not sure if this is tied to HFS+, or if it will 
> work with zfs also (Solaris+zfs didn't work). So perhaps the locking 
> could be disabled while running with OS X.
>
> More importantly I figured out that it can also be avoided with 
> Linux+inotify. As long as the inotify event buffer doesn't overflow, 
> the full list of files can be read by combining the readdir() output 
> and files listed by inotify events. If the inotify buffer overflows 
> (highly unlikely), the operation can just be retried and it most 
> likely works the next time.
>
> So with these changes in place, changing a message flag or expunging a 
> message would usually result in:
>
>  - lockless write() call to dovecot.index.log
>  - lockless read()ing (or looking into mmaped) dovecot.index.log to 
> see if there's some new data besides what we just wrote that needs to 
> be synchronized to maildir
>  - rename() or unlink() calls to maildir. If a call return ENOENT, the 
> maildir needs to be readdir()ed with inotify enabled to find the new 
> filename.
>
> Not a single lock in the operation, assuming that dovecot.index file 
> wasn't updated.
>
> Assigning UIDs to newly delivered mails would require locking though. 
> dovecot-uidlist needs to be locked, and the UIDs need to be written to 
> dovecot.index.log file in the correct order, which can also be done 
> with dovecot-uidlist locking.
>
> Actually a single write() to dovecot.index.log isn't enough. I think 
> there needs to be some kind of a flag written to the beginning of the 
> transaction which marks the transaction as truly finished. If the flag 
> isn't there, any reader knows to stop and wait until the flag is set. 
> So this means that the writer needs to:
>
> 1. Do a single O_APPENDed write() call writing the whole transaction
> 2. Get the current offset with lseek(fd, 0, SEEK_CUR) (this is what 
> the append.c tester checks)
> 3. pwrite() the finished-flag to beginning of the transaction Except 
> at least with Linux pwrite() doesn't work if O_APPEND is enabled. 
> There are two ways to work around this:
>  a) fcntl(disable O_APPEND) + pwrite() + fcntl(enable O_APPEND)
>  b) Keep two file descriptors open for the transaction log. First with 
> O_APPEND flag and second without. pwrite() to the second one.
>
> a) is probably better because it doesn't waste file descriptors.
This is probably a scary thought, but . . . what would it take for the 
indexing part of Dovecot to be implemented via an API/plug-in model?  
I'm curious about the effect of using an external SQL engine (my vote 
would be Firebird) for processing these, and using a open plug-in method 
would allow for that without binding Dovecot to a particular implementation.

-- 
Daniel

More information about the dovecot mailing list