[OpenAFS-devel] Re: Callbacks on shutdown -- release-team minutes 2014-02-12

[Jeffrey Hutzelman]

On Wed, 2014-02-19 at 19:33 -0600, Andrew Deason wrote:
> On Wed, 19 Feb 2014 20:25:14 -0500
> drosih@rpi.edu wrote:
> 
> > I'm sorry, but I didn't notice this topic come up before.  What
> > problems would be seen when these clients connect/disconnect to those
> > ancient versions of file servers?  I'm not asking that the change be
> > skipped, but just wondering what behavior would be seen.
> 
> "Undefined behavior". In theory, anything could happen, but the most
> likely result is that the fileserver just crashes (SIGSEGV, SIGBUS,
> SIGABRT, etc). If I recall correctly, the busier the server is, the more
> likely it will have a problem.

Pushing out a client change that causes fileservers -- especially
pre-DAFS fileservers -- to mysteriously crash is kind of poor.
Announcements to people who are actively following things and likely to
install new clients won't help server operators whose fileservers
suddenly start crashing with little or no warning.  I certainly wouldn't
want to be forced into a "surprise" upgrade.

It seems like the right way to handle this is to define a capability
flag to indicate that RXAFS_GiveUpAllCallBacks() is safe, and make the
call only when the fileserver advertises that flag.  Of course, ideally
the flag would have been introduced back when the bug was fixed, but
that ship sailed years ago.

I'm also a little concerned at the insistence on introducing a
potentially disruptive, backward-incompatible behavior into what's
supposed to be a stable release series with no mechanism to turn it off.
Did we become GNOME when I wasn't looking?

-- Jeff