Add CTASSERTs for where CTLFLAG_MPSAFE is redundant.
Needs ReviewPublic

Authored by mjoras on Mar 7 2018, 12:39 AM.

Details

Reviewers
rstone
rpokala
imp
Group Reviewers
transport
Summary

This also fixes up the build breaks that result from this change. Most
of the sysctl(9) macros besides _PROC are MPSAFE by default, so we might
as well catch pointless uses of the flag.

Test Plan

make tinderbox

Diff Detail

Repository
rS FreeBSD src repository
Lint
Lint OK
Unit
No Unit Test Coverage
Build Status
Buildable 15406
Build 15456: arc lint + arc unit
mjoras created this revision.Mar 7 2018, 12:39 AM
rpokala accepted this revision.Mar 7 2018, 12:52 AM
rpokala added a subscriber: rpokala.

Looks fine to my relatively-untrained eye.

imp accepted this revision.Mar 7 2018, 4:49 PM
jtl added a subscriber: jtl.Mar 7 2018, 5:19 PM

I agree with eliminating the pointless uses of the flag; however, I don't understand why we need a CTASSERT to catch this. It doesn't break anything. At most, it seems like it is simply a style violation. And, I don't think CTASSERTs are necessary to enforce style.

If you think there is a really good reason to add CTASSERTs, please update the man page to indicate this. At least, that will document it for developers (like me :-) ) who regularly add them out of habit.

In D14604#306835, @jtl wrote:

I agree with eliminating the pointless uses of the flag; however, I don't understand why we need a CTASSERT to catch this. It doesn't break anything. At most, it seems like it is simply a style violation. And, I don't think CTASSERTs are necessary to enforce style.

If you think there is a really good reason to add CTASSERTs, please update the man page to indicate this. At least, that will document it for developers (like me :-) ) who regularly add them out of habit.

imp actually just added stating not to use it to the man page in r330371, is that good enough? :) I agree that it is basically a style problem, but I don't know how else we are supposed to catch these other than periodically grepping the tree.

jtl added a comment.Mar 8 2018, 1:17 AM

imp actually just added stating not to use it to the man page in r330371, is that good enough? :) I agree that it is basically a style problem, but I don't know how else we are supposed to catch these other than periodically grepping the tree.

IMHO, the man page should also state that there is a CTASSERT for it. And, the man page should also explain why this is serious enough that we are going to CTASSERT on style violations.

Ideally, this would be in some sort of linter that we encourage people to run before they commit. Or, you can make the CTASSERT only be active for LINT builds. Or, we can deal with it the same way we deal with most other style violations: peer pressure by emailing the offender after a commit.

A CTASSERT just seems like too heavy of a hammer for this. But, maybe I'm missing the importance?

mjoras added a comment.Mar 8 2018, 1:34 AM
In D14604#307002, @jtl wrote:

imp actually just added stating not to use it to the man page in r330371, is that good enough? :) I agree that it is basically a style problem, but I don't know how else we are supposed to catch these other than periodically grepping the tree.

IMHO, the man page should also state that there is a CTASSERT for it. And, the man page should also explain why this is serious enough that we are going to CTASSERT on style violations.

Ideally, this would be in some sort of linter that we encourage people to run before they commit. Or, you can make the CTASSERT only be active for LINT builds. Or, we can deal with it the same way we deal with most other style violations: peer pressure by emailing the offender after a commit.

A CTASSERT just seems like too heavy of a hammer for this. But, maybe I'm missing the importance?

Yeah, I see your point. I guess I don't view a CTASSERT as catastrophic as that. Generally people use it for things that are very "big hammery" (e.g. the size of this on-wire struct must be exactly 14 bytes), but breaking the build itself doesn't seem like that big of a deal?

The point about putting it in the LINT build is an interestng one. Would you oppose using CTASSERTs in that context? I'd much prefer to just plug this into some pre-existing linter, but we unfortunately lack such a capability :(.