From owner-svn-src-all@FreeBSD.ORG Wed May 28 14:56:24 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C341E10F; Wed, 28 May 2014 14:56:24 +0000 (UTC) Received: from cell.glebius.int.ru (glebius.int.ru [81.19.69.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "cell.glebius.int.ru", Issuer "cell.glebius.int.ru" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 308E32FB0; Wed, 28 May 2014 14:56:23 +0000 (UTC) Received: from cell.glebius.int.ru (localhost [127.0.0.1]) by cell.glebius.int.ru (8.14.8/8.14.8) with ESMTP id s4SEuJ7p083952 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 28 May 2014 18:56:19 +0400 (MSK) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.glebius.int.ru (8.14.8/8.14.8/Submit) id s4SEuJPS083951; Wed, 28 May 2014 18:56:19 +0400 (MSK) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.glebius.int.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Wed, 28 May 2014 18:56:19 +0400 From: Gleb Smirnoff To: Julian Elischer Subject: Re: svn commit: r266806 - head/sys/netgraph Message-ID: <20140528145619.GM50679@FreeBSD.org> References: <201405281315.s4SDFEvc061176@svn.freebsd.org> <5385EED0.1010506@freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5385EED0.1010506@freebsd.org> User-Agent: Mutt/1.5.23 (2014-03-12) Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, dmitryluhtionov@gmail.com X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 May 2014 14:56:24 -0000 On Wed, May 28, 2014 at 10:12:32PM +0800, Julian Elischer wrote: J> On 5/28/14, 9:15 PM, Gleb Smirnoff wrote: J> > Author: glebius J> > Date: Wed May 28 13:15:14 2014 J> > New Revision: 266806 J> > URL: http://svnweb.freebsd.org/changeset/base/266806 J> > J> > Log: J> > Use M_WAITOK for the NGM_PIPE_SET_CFG control message. We expect it to J> > arrive from userland only. J> > J> > Submitted by: Dmitry Luhtionov J> what's to stop another node from generating it and sending it on? J> generally a message may come from anywhere. J> Just becasue YOU don't have module that J> sends messages to ng_pipe, doesn't mean there never will be.. J> also there are cases when the locking may force a message to be J> delivered asynchronously. I know that. After resolving many issues with netgraph, I feel that our policy should be towards putting some invariants on what events SHOULD come from userland only and which events SHOULD be serviced without memory failures. Current paradigma that messages are fully symmetrical and can come from anywhere are quite a curious thought experiment. I liked that for a long time. But in practice if we want to build a robust software we should make more strict rules of using it. You could disagree, but if you try to fix this particular one liner in the paradigma of "messages come from anywhere", then you will end up with smth like 20 lines of code to this particular module. Next comes the need to fix any software or script that sends NGM_PIPE_SET_CFG, it now should be taught of dealing with ENOMEM. So, instead of one liner you will bury yourself under tons of work. -- Totus tuus, Glebius.