From owner-svn-src-all@FreeBSD.ORG Thu Jan 8 07:06:07 2015 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4FBFEACE; Thu, 8 Jan 2015 07:06:07 +0000 (UTC) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "gold.funkthat.com", Issuer "gold.funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 1F4411F6; Thu, 8 Jan 2015 07:06:06 +0000 (UTC) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.14.5/8.14.5) with ESMTP id t08760jv050801 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 7 Jan 2015 23:06:00 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.14.5/8.14.5/Submit) id t0875xVI050800; Wed, 7 Jan 2015 23:05:59 -0800 (PST) (envelope-from jmg) Date: Wed, 7 Jan 2015 23:05:59 -0800 From: John-Mark Gurney To: Julian Elischer Subject: Re: svn commit: r276747 - head/sys/netpfil/pf Message-ID: <20150108070558.GA1949@funkthat.com> References: <201501060903.t06934qp081875@svn.freebsd.org> <20150107204631.GG15484@FreeBSD.org> <20150108003146.GL15484@FreeBSD.org> <54ADFB88.1090705@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <54ADFB88.1090705@freebsd.org> X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (gold.funkthat.com [127.0.0.1]); Wed, 07 Jan 2015 23:06:00 -0800 (PST) Cc: Craig Rodrigues , src-committers@freebsd.org, svn-src-all@freebsd.org, Nikos Vassiliadis , Gleb Smirnoff , svn-src-head@freebsd.org, "Bjoern A. Zeeb" X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2015 07:06:07 -0000 Julian Elischer wrote this message on Thu, Jan 08, 2015 at 11:37 +0800: > On 1/8/15 8:31 AM, Gleb Smirnoff wrote: > > On Thu, Jan 08, 2015 at 12:21:57AM +0000, Bjoern A. Zeeb wrote: > > B> > > B> > On 07 Jan 2015, at 20:46 , Gleb Smirnoff wrote: > > B> > > > B> > On Tue, Jan 06, 2015 at 09:03:04AM +0000, Craig Rodrigues wrote: > > B> > C> Author: rodrigc > > B> > C> Date: Tue Jan 6 09:03:03 2015 > > B> > C> New Revision: 276747 > > B> > C> URL: https://svnweb.freebsd.org/changeset/base/276747 > > B> > C> > > B> > C> Log: > > B> > C> Instead of creating a purge thread for every vnet, create > > B> > C> a single purge thread and clean up all vnets from this thread. > > B> > C> > > B> > C> PR: 194515 > > B> > C> Differential Revision: D1315 > > B> > C> Submitted by: Nikos Vassiliadis > > B> > > > B> > I am not sure that this is a good idea. The core idea of VNETs > > B> > is that they are isolated from each other. If we serialize purging, > > B> > then vnets are strongly affecting each other. > > B> > > > B> > AFAIU, from the PR there is some panic fixed. What is the actual bug > > B> > and why couldn't it be fixed with having per-vnet thread? > > B> > > B> You don???t 30000 whatever pf purging threads on a system all running, possibly competing for some resources, e.g., locks? > > > > Isn't a vnet, which is a jail, already a set of a dozen of processes? So, > > if you are speaking of "30000 whatever pf purging threads", then you > > already mean "1 mln whatever processes". > Actually, no. > as we have presetned it, a vnet is part of a jail. > But, it was originally an independnent > thing, like FIBS, and a jail may exist with a single process. > I think one should be enough.. or if that it is not sufficient, then > at maximum, one per cpu We really need to make a library that handles creating/scheduling things like these better so people aren't reinventing them over and over again.. We do this in geli for creating threads for each geli worker... Can't something like taskqueue_start_threads_pinned be used for this? -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."