[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [RFC v5 024/126] error: auto propagated local_err
- To: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx>, Markus Armbruster <armbru@xxxxxxxxxx>
- From: Eric Blake <eblake@xxxxxxxxxx>
- Date: Thu, 5 Dec 2019 11:32:41 -0600
- Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx>, Jan Kiszka <jan.kiszka@xxxxxxxxxxx>, Hailiang Zhang <zhang.zhanghailiang@xxxxxxxxxx>, "qemu-block@xxxxxxxxxx" <qemu-block@xxxxxxxxxx>, Aleksandar Rikalo <arikalo@xxxxxxxxxxxx>, Halil Pasic <pasic@xxxxxxxxxxxxx>, Hervé Poussineau <hpoussin@xxxxxxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>, Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>, Laszlo Ersek <lersek@xxxxxxxxxx>, Jason Wang <jasowang@xxxxxxxxxx>, Laurent Vivier <lvivier@xxxxxxxxxx>, Eduardo Habkost <ehabkost@xxxxxxxxxx>, Xie Changlong <xiechanglong.d@xxxxxxxxx>, Peter Lieven <pl@xxxxxxx>, "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx>, Beniamino Galvani <b.galvani@xxxxxxxxx>, Eric Auger <eric.auger@xxxxxxxxxx>, Alex Williamson <alex.williamson@xxxxxxxxxx>, Ronnie Sahlberg <ronniesahlberg@xxxxxxxxx>, Richard Henderson <rth@xxxxxxxxxxx>, Kevin Wolf <kwolf@xxxxxxxxxx>, Andrew Jeffery <andrew@xxxxxxxx>, Chris Wulff <crwulff@xxxxxxxxx>, Subbaraya Sundeep <sundeep.lkml@xxxxxxxxx>, Michael Walle <michael@xxxxxxxx>, "qemu-ppc@xxxxxxxxxx" <qemu-ppc@xxxxxxxxxx>, Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>, Igor Mammedov <imammedo@xxxxxxxxxx>, Fam Zheng <fam@xxxxxxxxxx>, Peter Maydell <peter.maydell@xxxxxxxxxx>, "sheepdog@xxxxxxxxxxxxxx" <sheepdog@xxxxxxxxxxxxxx>, Matthew Rosato <mjrosato@xxxxxxxxxxxxx>, David Hildenbrand <david@xxxxxxxxxx>, Palmer Dabbelt <palmer@xxxxxxxxxx>, Max Filippov <jcmvbkbc@xxxxxxxxx>, Hannes Reinecke <hare@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, "Gonglei \(Arei\)" <arei.gonglei@xxxxxxxxxx>, Liu Yuan <namei.unix@xxxxxxxxx>, Artyom Tarasenko <atar4qemu@xxxxxxxxx>, Thomas Huth <thuth@xxxxxxxxxx>, Amit Shah <amit@xxxxxxxxxx>, Stefan Weil <sw@xxxxxxxxxxx>, Greg Kurz <groug@xxxxxxxx>, Yuval Shaia <yuval.shaia@xxxxxxxxxx>, "qemu-s390x@xxxxxxxxxx" <qemu-s390x@xxxxxxxxxx>, "qemu-arm@xxxxxxxxxx" <qemu-arm@xxxxxxxxxx>, Peter Chubb <peter.chubb@xxxxxxxxxxxx>, Cédric Le Goater <clg@xxxxxxxx>, Stafford Horne <shorne@xxxxxxxxx>, "qemu-riscv@xxxxxxxxxx" <qemu-riscv@xxxxxxxxxx>, Cornelia Huck <cohuck@xxxxxxxxxx>, Aleksandar Markovic <amarkovic@xxxxxxxxxxxx>, Aurelien Jarno <aurelien@xxxxxxxxxxx>, Paul Burton <pburton@xxxxxxxxxxxx>, Sagar Karandikar <sagark@xxxxxxxxxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Anthony Green <green@xxxxxxxxxxxxxx>, Gerd Hoffmann <kraxel@xxxxxxxxxx>, "Edgar E. Iglesias" <edgar.iglesias@xxxxxxxxx>, Guan Xuetao <gxt@xxxxxxxxxxxxxxx>, Juan Quintela <quintela@xxxxxxxxxx>, Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>, Christian Borntraeger <borntraeger@xxxxxxxxxx>, Joel Stanley <joel@xxxxxxxxx>, Antony Pavlov <antonynpavlov@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "integration@xxxxxxxxxxx" <integration@xxxxxxxxxxx>, Philippe Mathieu-Daudé <philmd@xxxxxxxxxx>, Andrew Baumann <Andrew.Baumann@xxxxxxxxxxxxx>, Max Reitz <mreitz@xxxxxxxxxx>, Denis Lunev <den@xxxxxxxxxxxxx>, "Michael S. Tsirkin" <mst@xxxxxxxxxx>, Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx>, "qemu-devel@xxxxxxxxxx" <qemu-devel@xxxxxxxxxx>, Vincenzo Maffione <v.maffione@xxxxxxxxx>, Marek Vasut <marex@xxxxxxx>, Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>, Alistair Francis <alistair@xxxxxxxxxxxxx>, Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx>, Giuseppe Lettieri <g.lettieri@xxxxxxxxxxxx>, Luigi Rizzo <rizzo@xxxxxxxxxxxx>, David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>, Tony Krowiak <akrowiak@xxxxxxxxxxxxx>, Daniel P. Berrangé <berrange@xxxxxxxxxx>, Xiao Guangrong <xiaoguangrong.eric@xxxxxxxxx>, Pierre Morel <pmorel@xxxxxxxxxxxxx>, Wen Congyang <wencongyang2@xxxxxxxxxx>, Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Stefan Berger <stefanb@xxxxxxxxxxxxx>
- Delivery-date: Thu, 05 Dec 2019 17:33:29 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 12/5/19 8:58 AM, Vladimir Sementsov-Ogievskiy wrote:
What about you provide the examples, and then I try to polish the prose?
1: error_fatal problem
Assume the following code flow:
int f1(errp) {
...
ret = f2(errp);
if (ret < 0) {
error_append_hint(errp, "very useful hint");
return ret;
}
...
}
Now, if we call f1 with &error_fatal argument and f2 fails, the program
will exit immediately inside f2, when setting the errp. User will not
see the hint.
So, in this case we should use local_err.
How does this example look after the transformation?
Without ERRP_AUTO_PROPAGATE(), the transformation is a lot of boilerplate:
int f1(errp) {
Error *err = NULL;
ret = f2(&err);
if (ret < 0) {
error_append_hint(&err, "very useful hint");
error_propagate(errp, err);
return ret;
}
}
what's worse, that boilerplate to solve problem 1 turns out to be...
Good point.
int f1(errp) {
ERRP_AUTO_PROPAGATE();
...
ret = f2(errp);
if (ret < 0) {
error_append_hint(errp, "very useful hint");
return ret;
}
...
}
- nothing changed, only add macro at start. But now errp is safe, if it was
error_fatal it is wrapped by local error, and will only call exit on automatic
propagation on f1 finish.
2: error_abort problem
Now, consider functions without return value. We normally use local_err
variable to catch failures:
void f1(errp) {
Error *local_err = NULL;
...
f2(&local_err);
if (local_err) {
error_propagate(errp, local_err);
return;
}
...
}
the very same code as the cause of problem 2.
Now, if we call f2 with &error_abort and f2 fails, the stack in resulting
crash dump will point to error_propagate, not to the failure point in f2,
which complicates debugging.
So, we should never wrap error_abort by local_err.
Likewise.
And here:
void f1(errp) {
ERRP_AUTO_PROPAGATE();
...
f2(errp);
if (*errp) {
return;
}
...
- if errp was NULL, it is wrapped, so dereferencing errp is safe. On return,
local error is automatically propagated to original one.
So, the use of ERRP_AUTO_PROPAGATE() solves BOTH problems 1 and 2 - we
avoid the boilerplate that trades one problem for another, by
consolidating ALL of the boilerplate into a single-line macro, such that
error_propagate() no longer needs to be called anywhere except inside
the ERRP_AUTO_PROPAGATE macro.
===
Our solution:
- Fixes [1.], adding invocation of new macro into functions with
error_appen_hint/error_prepend,
New macro will wrap error_fatal.
- Fixes [2.], by switching from hand-written local_err to smart macro, which
never
wraps error_abort.
- Handles [3.], by switching to macro, which is less code
- Additionally, macro doesn't wrap normal non-zero errp, to avoid extra
propagations
(in fact, error_propagate is called, but returns immediately on first if
(!local_err))
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3226
Virtualization: qemu.org | libvirt.org
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
