From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org> To: Cyrill Gorcunov <gorcunov@gmail.com> Cc: tarantool-patches@dev.tarantool.org Subject: Re: [Tarantool-patches] [PATCH 2/4] raft: initialize raft completely at runtime Date: Tue, 10 Nov 2020 00:59:58 +0100 [thread overview] Message-ID: <1b0cd1da-1d54-4cd6-9888-3e34e0477bfc@tarantool.org> (raw) In-Reply-To: <20201109145933.GK2339@grain> Thanks for the review! On 09.11.2020 15:59, Cyrill Gorcunov wrote: > On Sun, Nov 08, 2020 at 07:03:55PM +0100, Vladislav Shpilevoy wrote: >> Global raft object was created mostly at compile time with >> constant values assigned to all raft fields. But it won't work >> soon because raft will be moved to a separate library, and it >> will provide methods for raft creation and destruction. >> >> This patch makes raft not rely on compile time initialization, >> and moves it entirely to raft_init(). Also there are added some >> validations via new raft_validate() function, which should ensure >> raft is not used before creation. >> >> This may be hard to support, since raft is used by recovery and >> replication, even before instance has an ID. The validation should >> help to catch bugs related to the initialization order of these >> subsystems. >> >> Part of #5303 > ... >> @@ -1079,6 +1081,11 @@ raft_schedule_broadcast(void) >> void >> raft_init(void) >> { >> + memset(&raft, 0, sizeof(raft)); >> + raft.state = RAFT_STATE_FOLLOWER; >> + raft.volatile_term = 1; >> + raft.term = 1; >> + raft.election_timeout = 5; > > Please provide a separate helper instead, just like you did > for qsync (ie limbo), say I am not sure I understand what do you mean as 'helper'. If you mean raft_create() for a non-global raft object, it is done in the next patch. Because this one is not about not accessing the global variable. It is about its initialization at runtime. > void > raft_init(struct raft *raft) > { > *raft = (struct raft) { > .state = RAFT_STATE_FOLLOWER, > .volatile_term = 1, > .term = 1, > .election_timeout = 5, > }; > } > > this way you could provide some "raft_defaults" options in future > and simply pass it via arguments if needed. Same time this eliminate > needless memset call, let the compiler do its work. If you mean this = {}, then I don't mind. Except that I won't use this extra alignment. I find it hard to follow all these spaces, when I found a needed member name in the struct, and need to find its value now. ==================== @@ -1089,11 +1089,12 @@ raft_schedule_broadcast(void) void raft_init(void) { - memset(&raft, 0, sizeof(raft)); - raft.state = RAFT_STATE_FOLLOWER; - raft.volatile_term = 1; - raft.term = 1; - raft.election_timeout = 5; + raft = (struct raft) { + .state = RAFT_STATE_FOLLOWER, + .volatile_term = 1, + .term = 1, + .election_timeout = 5, + }; ev_timer_init(&raft.timer, raft_sm_schedule_new_election_cb, 0, 0); rlist_create(&raft.on_update); } ==================== >> +/** >> + * Ensure the raft node can be used. I.e. that it is properly initialized. >> + * Entirely for debug purposes. >> + */ >> +static inline void >> +raft_validate(void) >> +{ >> + assert(raft.state != 0); >> +} >> + > > It should be rather called raft_assert(&raft) pointing that this won't has > any effect on nondebug builds. On the other hands if you plan to add more tests > here then we need to deside what to do when raft is screwed? Should we panic? It is only a debug check. It validates the most trivial cases, which for sure will explode in any test in case they are broken. > Same time calling this helper on that many operations is ugly :( In next patches > you made operations to work with box_raft instance so what we could do is instead > of passing &box_raft we provide an inline helper which would fetch the pointer > and verify its state instead. Say > > static struct raft box_raft; > > static inline struct raft * > box_raft(void) > { > raft_assert(&box_raft); > return &box_raft; > } > > > box_init() > { > ... > raft_init(&box_raft); > ... > } > > Hm? I'm not insisting though, just to share ideas. Indeed. That would look better. Raft_validate() won't be useful for non-global raft objects, because we won't be able to initialize their state as 0 at compile time. In that way we can keep the "validation" out of src/lib/raft.
next prev parent reply other threads:[~2020-11-10 0:00 UTC|newest] Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-11-08 18:03 [Tarantool-patches] [PATCH 0/4] Raft module, part 1 - explicit argument Vladislav Shpilevoy 2020-11-08 18:03 ` [Tarantool-patches] [PATCH 1/4] fiber: introduce fiber.arg Vladislav Shpilevoy 2020-11-09 12:49 ` Serge Petrenko 2020-11-09 14:27 ` Cyrill Gorcunov 2020-11-09 23:59 ` Vladislav Shpilevoy 2020-11-08 18:03 ` [Tarantool-patches] [PATCH 2/4] raft: initialize raft completely at runtime Vladislav Shpilevoy 2020-11-09 12:50 ` Serge Petrenko 2020-11-09 14:59 ` Cyrill Gorcunov 2020-11-09 23:59 ` Vladislav Shpilevoy [this message] 2020-11-08 18:03 ` [Tarantool-patches] [PATCH 3/4] raft: add explicit raft argument to all functions Vladislav Shpilevoy 2020-11-09 13:46 ` Serge Petrenko 2020-11-10 0:00 ` Vladislav Shpilevoy 2020-11-08 18:03 ` [Tarantool-patches] [PATCH 4/4] vclock: move to src/lib Vladislav Shpilevoy 2020-11-09 14:12 ` Serge Petrenko 2020-11-09 15:01 ` Cyrill Gorcunov 2020-11-10 21:06 ` [Tarantool-patches] [PATCH 0/4] Raft module, part 1 - explicit argument Alexander V. Tikhonov
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=1b0cd1da-1d54-4cd6-9888-3e34e0477bfc@tarantool.org \ --to=v.shpilevoy@tarantool.org \ --cc=gorcunov@gmail.com \ --cc=tarantool-patches@dev.tarantool.org \ --subject='Re: [Tarantool-patches] [PATCH 2/4] raft: initialize raft completely at runtime' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox