Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> On Sun, Oct 01, 2023 at 11:08:16PM +0200, Florian Westphal wrote:
> > Element E1, times out in 1 hour
> > Element E2, times out in 1 second
> > Element E3, timed out (1 second ago, 3 minutes ago, doesn't matter).
> >
> > Userspace batch to kernel:
> > Update Element E1 to time out in 2 hours.
> > Update Element E2 to time out in 1 hour.
> > Update Element E3 to time out in 1 hour.
> >
> > What is the expected outcome of this request?
> >
> > Ignore E3 being reaped already and refresh the timeout (resurrection?)
>
> No resurrection, the element might have counters, it already expired.
OK.
> > Ignore E3 being reaped already and ignore the request?
> > Fail the transaction as E3 timed out already ("does not exist")?
>
> Add a new E3. If NLM_F_EXCL is specified, then fail with "does not exist"
OK.
> > Now, what about E2? If transaction is large, it could become
> > like E3 *during the transaction* unless we introduce some freezing
> > mechanism. Whats the expected outcome?
> >
> > Whats the expected outcome if there is some other, unrelated
> > failure? I assume we have to roll back all the timeout updates, right?
>
> We annotate the new timeout in transaction object, then refresh the
> timeout update in the commit phase.
OK, so as per "E3-example", you're saying that if E2 expires during
the transaction, then if F_EXCL is given the transaction will fail while
otherwise it will be re-added.
> > If so, why not temporarily make the timeouts effective right away
> > and then roll back?
>
> You mean, from the preparation phase? Then we need to undo what has
> been done, in case of --check / abort path is exercised, this might
> just create a bogus element listing.
True. Am I correct that we can't implement the "expand" via
del+add because of stateful objects?
I fear we will need to circle back to rbtree then, I'll followup
there (wrt. on-demand gc).
> No need for rollback if new timeout is store in the transaction
> object, we just set the new timeout from _commit() step in the
> NEWSETELEM case, which has to deal with updates. Other objects follow
> a similar approach.
Got it.
