race-free exit-on-idle (redux)
Lennart Poettering
mzqohf at 0pointer.de
Wed May 13 11:27:09 PDT 2015
On Wed, 13.05.15 14:10, Colin Walters (walters at verbum.org) wrote:
> Hi,
>
> Regarding: https://bugs.freedesktop.org/show_bug.cgi?id=11454
> (But posting here as I spend too much of my life waiting for
> Bugzilla instances - we can summarize there after, link to this thread)
>
> We were talking about having a daemon for rpm-ostree in
> https://github.com/projectatomic/rpm-ostree/pull/116
>
> I would like to not have a persistent in memory daemon, for a variety
> of reasons.
>
> Now several systemd services do exit-on-idle. I dug into how that's
> supposed to work (mainly via `sd_notify("STOPPING=1")` ), and came up
> with this example of a (hopefully) standalone race-free stateful service:
>
> https://github.com/cgwalters/test-exit-on-idle
>
> Now...is this actually race free? There are a lot of subtleties involved
> here, so I'd like to tap the collective brainpower here - was
> sd_notify(STOPPING=1) and the fact that systemd can track process
> state and ensure there's only one, synchronized with the bus name
> ownership the missing piece on top of the designs in https://bugs.freedesktop.org/show_bug.cgi?id=11454
> ?
It's race-free. But it only works for services which do not create
context objects based on method calls. The algorithm gives up the
busname, then continues to process all queued method calls. As long as
these method calls are context-free, all is good, they can simply be
processed and a reply passed back to the client. As soon as you have a
bus service that knows context objects though things become
problematic: if you decide you are idle, give up your name, and then
when end up processing a final message that sets up a new context
object then you are fucked, since you cannot really dispatch that
anymore, since you are about to go down...
Lennart
--
Lennart Poettering, Red Hat
More information about the dbus
mailing list