We're continually telling people: "don't recover your repository unless you're
SURE that no other processes are accessing it! It could be dangerous!" For
example, we tell admins to always shut down httpd before running recovery.
But at the same time, we have already have some kind of pseudo locking-code in
libsvn_repos/repos.c:get_repos(). So what's the story? Is it working correctly
or not? The whole point of that locking code so that we *don't* have to
shutdown apache or svnserve in order to run recovery.
The theory is that recovery would attempt to grab an exclusive write lock at the
level of the BDB API, and block until this was possible. Once it has that lock,
no other BDB-using program in the universe is able to write to the database.
After recovery completes, we release the lock.
So this issue is basically a task: someone needs to verify whether we have this
behavior already, and if not, make it so.
Task
Critical