From owner-svn-src-head@FreeBSD.ORG Wed Jan 21 21:44:50 2015 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 74065733; Wed, 21 Jan 2015 21:44:50 +0000 (UTC) Received: from cell.glebius.int.ru (glebius.int.ru [81.19.69.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cell.glebius.int.ru", Issuer "cell.glebius.int.ru" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id F03D8275; Wed, 21 Jan 2015 21:44:49 +0000 (UTC) Received: from cell.glebius.int.ru (localhost [127.0.0.1]) by cell.glebius.int.ru (8.14.9/8.14.9) with ESMTP id t0LLiket081992 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 22 Jan 2015 00:44:46 +0300 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.glebius.int.ru (8.14.9/8.14.9/Submit) id t0LLijNW081991; Thu, 22 Jan 2015 00:44:45 +0300 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Thu, 22 Jan 2015 00:44:45 +0300 From: Gleb Smirnoff To: Craig Rodrigues , Nikos Vassiliadis Subject: Re: svn commit: r276747 - head/sys/netpfil/pf Message-ID: <20150121214445.GL15484@FreeBSD.org> References: <201501060903.t06934qp081875@svn.freebsd.org> <20150107204631.GG15484@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150107204631.GG15484@FreeBSD.org> User-Agent: Mutt/1.5.23 (2014-03-12) Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Jan 2015 21:44:50 -0000 On Wed, Jan 07, 2015 at 11:46:31PM +0300, Gleb Smirnoff wrote: T> On Tue, Jan 06, 2015 at 09:03:04AM +0000, Craig Rodrigues wrote: T> C> Author: rodrigc T> C> Date: Tue Jan 6 09:03:03 2015 T> C> New Revision: 276747 T> C> URL: https://svnweb.freebsd.org/changeset/base/276747 T> C> T> C> Log: T> C> Instead of creating a purge thread for every vnet, create T> C> a single purge thread and clean up all vnets from this thread. T> C> T> C> PR: 194515 T> C> Differential Revision: D1315 T> C> Submitted by: Nikos Vassiliadis T> T> I am not sure that this is a good idea. The core idea of VNETs T> is that they are isolated from each other. If we serialize purging, T> then vnets are strongly affecting each other. T> T> AFAIU, from the PR there is some panic fixed. What is the actual bug T> and why couldn't it be fixed with having per-vnet thread? So, after closer inspection, this commit is a completely messed up. You blindly remove kproc_exit(). What do you think would happen on 'kldunload -f pf'? You removed PF_RULES_RLOCK(). Cool! Now the purging thread doesn't acquire the pf lock. You substitute rw_sleep() with tsleep(). And the latter requires Giant to be held. If you tried your change with INVARIANTS, it would panic immediately. -- Totus tuus, Glebius.