Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > Hi Florian, > > I am collecting here your comments for the model we are defining for > set elements: > > https://people.netfilter.org/pablo/setelems-timeout.txt LGTM. I think your proposal to snapshot current time and remove the "moving target" is key. > Let me know if you have more possible scenarios that you think that > might not be address by this model: > > - Annotate current time at the beginning of the transaction, use it > in _expired() check (=> timeout is not a moving target anymore). > - Annotate element timeout update in transaction, update timeout from > _commit() path not to refresh it. Right, I think that will work. For rbtree, sync gc is kept in place, elements are not zapped, they get tagged as DEAD, including the end element. Then from commit, do full scan and remove any and all elements that are flagged as DEAD or have expired.
