1. GemStone/S 64 Bit 3.3.4 Release Notes
Overview
GemStone/S 64 Bit 3.3.4 is a new version of the GemStone/S 64 Bit object server. This release fixes a number of significant bugs, includes several feature improvements, and adds support for Ubuntu 16.04.
These release notes describe changes between the previous version of GemStone/S 64 Bit, version 3.3.3, and version 3.3.4. If you are upgrading from a version prior to 3.3.3, review the release notes for each intermediate release to see the full set of changes.
The Installation Guide has not been updated for this release. For installation, upgrade and conversion instructions, use the Installation Guide for version 3.3.1.
Supported Platforms
Platforms for Version 3.3.4
GemStone/S 64 Bit version 3.3.4 is supported on the following platforms:
- Solaris 10 and 11 on SPARC
- Solaris 10 on x86
- AIX 6.1 on POWER6 and POWER7 and AIX 7.1 on POWER7 and POWER8
-
Red Hat Enterprise Linux Server 6.4, 6.5, 6.7, and 7.1;
Ubuntu 14.04 and 16.04; and SUSE Linux Enterprise 12, all on x86 -
OS X 10.9.5 (Mavericks) with Darwin 13.4.0 kernel, and OS X 10.11.2 (El Capitan)
with Darwin 15.2.0 kernel, on x86 (Mac is supported for development only)
Supported Windows client platforms are
Note that Solaris/SPARC support is being deprecated and will be available for development only. Solaris on x86 will continue to be fully supported.
For more information and detailed requirements for each supported platforms, please refer to the GemStone/S 64 Bit v3.3.1 Installation Guide for that platform.
GemBuilder for Smalltalk (GBS) Versions
The following versions of GBS are certified with GemStone/S 64 Bit version 3.3.4:
GBS version 8.2
GBS version 8.1
GBS version 5.4.3
For more details on supported GBS and client Smalltalk platforms and requirements, see the GemBuilder for Smalltalk Installation Guide for that version of GBS. Consult the matrices on the website, gemtalksystems.com/products/gbs-vw or gemtalksystems.com/products/gbs-va, for the latest updates.
Changes in this release
Updated Libraries
Improved handling of CR backlog on stone startup.
When the stone recovers after an unexpected shutdown, and there is a large number of commit records to process, it can delay making the stone available for users for a significant period of time.
In this release, the way recovery from a commit record backlog is handled on startup has been modified to reduce this delay. Now, while some critical work is done during the initial recovery and startup, the final commit record processing and disposal is done in the background, after the stone is available to users.
The startup messages in the stone log under these circumstances have been updated to describe the new behavior.
GsSecureSocket additional Peer Authentication options
GsSecureSocket server sockets now support the verification modes SSL_VERIFY_FAIL_IF_NO_PEER_CERT and SSL_VERIFY_CLIENT_ONCE, which can be used when server certificate verification is enabled.
New methods in the image allow you to set options, by passing in an array that may include:
- #SSL_VERIFY_FAIL_IF_NO_PEER_CERT -- if the client did not return a certificate, the TLS/SSL handshake is immediately terminated with a 'handshake failure' alert.
- #SSL_VERIFY_CLIENT_ONCE -- only request a client certificate on the initial TLS/SSL handshake. Do not ask for a client certificate again in case of a renegotiation.
These options are only supported for server sockets; there are no verification options for client sockets.
The following methods have been added
GsSecureSocket class >> fetchCertificateVerificationOptionsForServer
Answers an Array of Symbols which represent the certificate verification options that can be used by server sockets.
GsSecureSocket class >> setCertificateVerificationOptionsForServer: anArray
Sets the certificate verification options for server sockets using an Array of Symbols. If anArray is empty then any previously set options are cleared. Certificate verification for server sockets must be enabled before executing this method. Only applies for sockets created after this method is executed.
GsSecureSocket >> fetchCertificateVerificationOptions
Answers an Array of Symbols which represent the certificate verification options that can be used by the receiver. Certificate verification options are only supported by server sockets.
GsSecureSocket >> setCertificateVerificationOptions: anArray
Sets the certificate verification options for the receiver, which must be a server socket, using an Array of Symbols. If anArray is empty then any previously set options are cleared. The receiver must enable certificate verification before this method is executed, and must use this method before the receiver attempts a connection with its peer.
The following are added protocol to check for the current status of verification:
GsSecureSocket class >> certificateVerificationEnabledOnClient
Answer true if certificate verification is enabled for client sockets.
GsSecureSocket class >> certificateVerificationEnabledOnServer
Answer true if certificate verification is enabled for server sockets.
GsSecureSocket >> certificateVerificationEnabled
Answer true if certificate verification is enabled on the receiver.
Methods have also been added to specify a certificate directory.
GsSecureSocket class >> useCACertificateDirectoryForClients: aDirectoryString
Specifies a directory where trusted certificate authority (CA) certificates in PEM format are located. The certificates in this directory will be used to authenticate certificates provided by servers during the SSL handshake. The directory may contain more than one certificate.
Certificates are loaded into the internal SSL state which is valid for the current session only; the SSL state is not committed to the repository. Has no effect on instances created before the method was called nor server sockets.
If successful, this method also enables certificate verification for client sockets as if the #enableCertificateVerificationOnClient method had been called.
GsSecureSocket class >> useCACertificateDirectoryForServers: aDirectoryString
Specifies a directory where trusted certificate authority (CA) certificates in PEM format are located. The certificates in this directory will be used to authenticate certificates provided by client during the SSL handshake. The directory may contain more than one certificate.
Certificates are loaded into the internal SSL state which is valid for the current session only; the SSL state is not committed to the repository. Has no effect on instances created before the method was called or client sockets.
If successful, this method also enables certificate verification for server sockets as if the #enableCertificateVerificationOnServer method has been called.
Also, GsSecureSocket >> useCACertificateFileForClients: and useCACertificateFileForServers: now enable cerificateVerification; previously this required an additional step for clients.
Bugs Fixed
Idle Gems not terminated by STN_GEM_TIMEOUT
The configuration parameter STN_GEM_TIMEOUT is designed to terminate gems that have had no interaction with the stone for some period of time. There was a logic error that prevented the check from running, with the result that idle gems were not terminated. (#46723)
Hang in restore when repository oop high water mark exceeded 4 billion
When the repository’s oop number high water mark exceeded 4 billion, it was possible for a restore from full backup to hot hang. (#46252)
Reaching max session limit due to excessive Gem exits during login
If a Gem exits prematurely during the wrong point in the Gem-to-Stone login handshake, a counter in the Stone that was incremented did not get the appropriate decrement. This reduced the maximum possible sessions that could log in (from the limit set by STN_MAX_SESSIONS or license limits). (#46817)
Tranlog record containing only one selectiveAbort skipped by restore
When a tranlog record contains only one record, a single selective abort, the size of the record is small enough that it is skipped by restore. (#46695)
GsFile>>position: failures for arguments over 2 billion
Calling GsFile >> position: with a argument greater or equal to 231 (2147483648) returned nil, and caused subsequent calls to GsFile >> position to return incorrect values. (#46750)
Last line of configuration file is ignored if it does not end in a linefeed
If the last line of a configuration file contains a parameter setting, and this line does not end in a linefeed, then that final parameter setting was not used. (#46716)
Fraction passivate/activate is broken for Fractions in the SmallFraction range
Particularly in upgraded repositories, it was possible to have Fractions (normal POM objects with OOPs) that are in the range of the recently added SmallFraction type (special objects in which the value is encoded in the OOP). Passivate/activate did not work correctly for these instances. Conversion to SmallFraction is automatic, while handling of POM objects and specials during passivate/active are done differently. (#46784).
Symbol Garbage Collection does not collect Double and Quad ByteSymbols
Symbol garbage collection can be run manually to remove unreferenced Symbols, per the instructions in the System Administration Guide. This code did not identify and mark for removal symbols that contain characters over 255 and so are instances of DoubleByteSsymbol or QuadByteSymbol. (#46614)
listReferences failed to find object in large IdentityBags/Sets
If an object is in an IdentityBag or IdentitySet with more than about 1015 or 2030 elements, respectively, a listReferences: or fastListReferences: operation did not detect the reference. (#46645)
Upgrade errors during postconv on SortedCollections
During an upgrade from 3.2.x or earlier, the postconv step recompiles sortBlocks in persistent SortedCollections. If postconv specifies more gems to perform recompilation than there are instances of SortedCollection, postconv reports errors. (#46575)
Page server may run hot on startup
When the multithreaded pageserver starts up, it has a number of tasks to complete, and was running hot attempting to find a port to listen on. The code now does a better job of port selection, and has improved reporting when unable to find a port to listen on. (#46818)
STN_PGSVR_PORT_RANGE default has been changed
Now the default (when STN_PGSVR_PORT_RANGE is not set), defaults to use random ports within the range for ephemeral ports. On Linux, ephemeral ports are defined by /proc/sys/net/ipv4/ip_local_port_range.
Also, setting STN_PGSVR_PORT_RANGE to a value of 10000, 65535 will be interpreted as use random ports.
beginNestedTransaction can result in corrupt object error
GemStone allows you to create nested in-memory transactions, using the method System class>>beginNestedTransaction. This method was creating a internal reference to a hidden object, an instance of GsMethodLookupCache. While commit of the in-memory transaction reported success, the subsequent commit of the actual transaction resulted in an error, which disabled further commits. (#46805)
Remote shared cache shutdown
When a remote shared page cache was shutdown while there was a read in progress, the gem handling was incorrect, resulting in the gem hanging. This prevented the complete shutdown of the remote cache. (#46708)
allSelectors result included duplicates for inherited methods
The results of allSelectors could return duplicate symbols, if the superclass implemented the same method. (#46621)
Unicode string at:put: handling of invalid index argument
The primitive failure handling code for the at: anIndex argument was incorrect, resulting in an meaningless error message. (#46537)
IcuLibraryVersion as Unicode String in non-Unicode comparison mode
If the IcuLibraryVersion was manually set to an instance of Unicode string, but the repository was not in Unicode comparison mode (StringComparison is set to String, not Unicode16), then logins failed due to a disallowed comparison. (#46813)