Xen project Mailing List

Re: [Xen-devel] [RFC v5 024/126] error: auto propagated local_err

To: Markus Armbruster <armbru@xxxxxxxxxx>

From: Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx>

Date: Thu, 5 Dec 2019 16:36:42 +0000

Accept-language: ru-RU, en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=virtuozzo.com; dmarc=pass action=none header.from=virtuozzo.com; dkim=pass header.d=virtuozzo.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BYFcZEZvWhTiSAbFQyG3vTsddaFK3yn9mr+VXoBleB4=; b=mys6kURJ5U/S8z9ERRIk8VTzLrAyDpPnsZJVJlNyrbku93kha415V3wrsvxGrNkB+RA2m1cXSqQsRgd1MwuBVSjyuzE6wxJGV5CoUPq6Ot3B6x1UsepDw+PZSQUb0FuUdwxN5QoTt0v7yGuMYcpDnT7FrDDx4YnFYH17AhjxpvCExhJIEelUZwlHvkD3BF3bwoJxqc6wUDQ2RQQjKLsNCGHHx+O0cynyAlbG+kgAaAgohx6wqJNN0O3Ug61bjp1O26ouOTlhdmBd9fceEwaxPXIw8J4WL2s6HxHndSP44mVcAaDEJZeUXqOwoZMNNt+n1IVihMiKJ1EPoxBoi/+2AQ==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fr4ykQT3Ewm21lon3aUQPxSwSL/JLevYNelkzsFKTG4Y9mHz3lenYYAstffgZ0XvEWLG8C68hdl1OUTFIOOn1wEeRZGj6byBiLIX4AhW+TV+EmbD0OUtf5mWkdrNrJsDyflV7vPgxORQtKUirTtqZ1HdzbrPhYfA8jAhPF2w//ArWuq3UwS2xrc8BIiNLL1TZwwZg6vSZt3k09LHK4kMo4773HHqTOaWaNKx8+Hlug+xOs+MzmTF0qqK4iS5PNdpMoD+29Mr9vXclRUfysQhQl6B/TuoMy841W/Hhtndvy85xC4AonEqbpgL/xsv0+VtXrNQ7qy1E0dYoIUCFD2f7w==

Authentication-results: spf=none (sender IP is ) smtp.mailfrom=vsementsov@xxxxxxxxxxxxx;

Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx>, Jeff Cody <codyprime@xxxxxxxxx>, Jan Kiszka <jan.kiszka@xxxxxxxxxxx>, Alberto Garcia <berto@xxxxxxxxxx>, Hailiang Zhang <zhang.zhanghailiang@xxxxxxxxxx>, "qemu-block@xxxxxxxxxx" <qemu-block@xxxxxxxxxx>, Aleksandar Rikalo <arikalo@xxxxxxxxxxxx>, Halil Pasic <pasic@xxxxxxxxxxxxx>, Hervé Poussineau <hpoussin@xxxxxxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>, Samuel Thibault <samuel.thibault@xxxxxxxxxxxx>, Laszlo Ersek <lersek@xxxxxxxxxx>, Jason Wang <jasowang@xxxxxxxxxx>, Laurent Vivier <lvivier@xxxxxxxxxx>, Eduardo Habkost <ehabkost@xxxxxxxxxx>, Xie Changlong <xiechanglong.d@xxxxxxxxx>, Peter Lieven <pl@xxxxxxx>, "Dr. David Alan Gilbert" <dgilbert@xxxxxxxxxx>, Beniamino Galvani <b.galvani@xxxxxxxxx>, Eric Auger <eric.auger@xxxxxxxxxx>, Alex Williamson <alex.williamson@xxxxxxxxxx>, Ronnie Sahlberg <ronniesahlberg@xxxxxxxxx>, John Snow <jsnow@xxxxxxxxxx>, Richard Henderson <rth@xxxxxxxxxxx>, Kevin Wolf <kwolf@xxxxxxxxxx>, Andrew Jeffery <andrew@xxxxxxxx>, Chris Wulff <crwulff@xxxxxxxxx>, Subbaraya Sundeep <sundeep.lkml@xxxxxxxxx>, Michael Walle <michael@xxxxxxxx>, "qemu-ppc@xxxxxxxxxx" <qemu-ppc@xxxxxxxxxx>, Bastian Koppelmann <kbastian@xxxxxxxxxxxxxxxxxxxxx>, Igor Mammedov <imammedo@xxxxxxxxxx>, Fam Zheng <fam@xxxxxxxxxx>, Peter Maydell <peter.maydell@xxxxxxxxxx>, "sheepdog@xxxxxxxxxxxxxx" <sheepdog@xxxxxxxxxxxxxx>, Matthew Rosato <mjrosato@xxxxxxxxxxxxx>, David Hildenbrand <david@xxxxxxxxxx>, Palmer Dabbelt <palmer@xxxxxxxxxx>, Eric Farman <farman@xxxxxxxxxxxxx>, Max Filippov <jcmvbkbc@xxxxxxxxx>, Hannes Reinecke <hare@xxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, "Gonglei \(Arei\)" <arei.gonglei@xxxxxxxxxx>, Liu Yuan <namei.unix@xxxxxxxxx>, Artyom Tarasenko <atar4qemu@xxxxxxxxx>, Thomas Huth <thuth@xxxxxxxxxx>, Amit Shah <amit@xxxxxxxxxx>, Stefan Weil <sw@xxxxxxxxxxx>, Greg Kurz <groug@xxxxxxxx>, Yuval Shaia <yuval.shaia@xxxxxxxxxx>, "qemu-s390x@xxxxxxxxxx" <qemu-s390x@xxxxxxxxxx>, "qemu-arm@xxxxxxxxxx" <qemu-arm@xxxxxxxxxx>, Peter Chubb <peter.chubb@xxxxxxxxxxxx>, Cédric Le Goater <clg@xxxxxxxx>, Stafford Horne <shorne@xxxxxxxxx>, "qemu-riscv@xxxxxxxxxx" <qemu-riscv@xxxxxxxxxx>, Cornelia Huck <cohuck@xxxxxxxxxx>, Aleksandar Markovic <amarkovic@xxxxxxxxxxxx>, Aurelien Jarno <aurelien@xxxxxxxxxxx>, Paul Burton <pburton@xxxxxxxxxxxx>, Sagar Karandikar <sagark@xxxxxxxxxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Anthony Green <green@xxxxxxxxxxxxxx>, Gerd Hoffmann <kraxel@xxxxxxxxxx>, "Edgar E. Iglesias" <edgar.iglesias@xxxxxxxxx>, Guan Xuetao <gxt@xxxxxxxxxxxxxxx>, Ari Sundholm <ari@xxxxxxxxxx>, Juan Quintela <quintela@xxxxxxxxxx>, Michael Roth <mdroth@xxxxxxxxxxxxxxxxxx>, Christian Borntraeger <borntraeger@xxxxxxxxxx>, Joel Stanley <joel@xxxxxxxxx>, Jason Dillaman <dillaman@xxxxxxxxxx>, Antony Pavlov <antonynpavlov@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "integration@xxxxxxxxxxx" <integration@xxxxxxxxxxx>, Philippe Mathieu-Daudé <philmd@xxxxxxxxxx>, "Richard W.M. Jones" <rjones@xxxxxxxxxx>, Andrew Baumann <Andrew.Baumann@xxxxxxxxxxxxx>, Max Reitz <mreitz@xxxxxxxxxx>, Denis Lunev <den@xxxxxxxxxxxxx>, "Michael S. Tsirkin" <mst@xxxxxxxxxx>, Mark Cave-Ayland <mark.cave-ayland@xxxxxxxxxxxx>, "qemu-devel@xxxxxxxxxx" <qemu-devel@xxxxxxxxxx>, Vincenzo Maffione <v.maffione@xxxxxxxxx>, Marek Vasut <marex@xxxxxxx>, Marc-André Lureau <marcandre.lureau@xxxxxxxxxx>, Alistair Francis <alistair@xxxxxxxxxxxxx>, Pavel Dovgalyuk <pavel.dovgaluk@xxxxxxxxx>, Giuseppe Lettieri <g.lettieri@xxxxxxxxxxxx>, Luigi Rizzo <rizzo@xxxxxxxxxxxx>, David Gibson <david@xxxxxxxxxxxxxxxxxxxxx>, Tony Krowiak <akrowiak@xxxxxxxxxxxxx>, Daniel P. Berrangé <berrange@xxxxxxxxxx>, Xiao Guangrong <xiaoguangrong.eric@xxxxxxxxx>, Pierre Morel <pmorel@xxxxxxxxxxxxx>, Wen Congyang <wencongyang2@xxxxxxxxxx>, Jean-Christophe Dubois <jcd@xxxxxxxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, Stefan Berger <stefanb@xxxxxxxxxxxxx>

Delivery-date: Fri, 06 Dec 2019 05:53:44 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHVgE3c5dwPNEl0z0OyUhbNfTU1EqeqZpzagAFqo4D///+mMYAAWcgA///pCIA=

Thread-topic: [RFC v5 024/126] error: auto propagated local_err

05.12.2019 17:58, Vladimir Sementsov-Ogievskiy wrote: > 05.12.2019 15:36, Markus Armbruster wrote: >> Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> writes: >> >>> 04.12.2019 17:59, Markus Armbruster wrote: >>>> Vladimir Sementsov-Ogievskiy <vsementsov@xxxxxxxxxxxxx> writes: >>>> >>>>> Here is introduced ERRP_AUTO_PROPAGATE macro, to be used at start of >>>>> functions with errp OUT parameter. >>>>> >>>>> It has three goals: >>>>> >>>>> 1. Fix issue with error_fatal & error_prepend/error_append_hint: user >>>>> can't see this additional information, because exit() happens in >>>>> error_setg earlier than information is added. [Reported by Greg Kurz] >>>>> >>>>> 2. Fix issue with error_abort & error_propagate: when we wrap >>>>> error_abort by local_err+error_propagate, resulting coredump will >>>>> refer to error_propagate and not to the place where error happened. >>>> >>>> I get what you mean, but I have plenty of context. >>>> >>>>> (the macro itself doesn't fix the issue, but it allows to [3.] drop all >>>>> local_err+error_propagate pattern, which will definitely fix the issue) >>>> >>>> The parenthesis is not part of the goal. >>>> >>>>> [Reported by Kevin Wolf] >>>>> >>>>> 3. Drop local_err+error_propagate pattern, which is used to workaround >>>>> void functions with errp parameter, when caller wants to know resulting >>>>> status. (Note: actually these functions could be merely updated to >>>>> return int error code). >>>>> >>>>> To achieve these goals, we need to add invocation of the macro at start >>>>> of functions, which needs error_prepend/error_append_hint (1.); add >>>>> invocation of the macro at start of functions which do >>>>> local_err+error_propagate scenario the check errors, drop local errors >>>>> from them and just use *errp instead (2., 3.). >>>> >>>> The paragraph talks about two cases: 1. and 2.+3. >>> >>> Hmm, I don't think so.. 1. and 2. are issues. 3. is a refactoring.. We just >>> fix achieve 2 and 3 by one action. >>> >>>> Makes me think we >>>> want two paragraphs, each illustrated with an example. >>>> >>>> What about you provide the examples, and then I try to polish the prose? >>> >>> 1: error_fatal problem >>> >>> Assume the following code flow: >>> >>> int f1(errp) { >>> ... >>> ret = f2(errp); >>> if (ret < 0) { >>> error_append_hint(errp, "very useful hint"); >>> return ret; >>> } >>> ... >>> } >>> >>> Now, if we call f1 with &error_fatal argument and f2 fails, the program >>> will exit immediately inside f2, when setting the errp. User will not >>> see the hint. >>> >>> So, in this case we should use local_err. >> >> How does this example look after the transformation? > > Good point. > > int f1(errp) { > ERRP_AUTO_PROPAGATE(); > ... > ret = f2(errp); > if (ret < 0) { > error_append_hint(errp, "very useful hint"); > return ret; > } > ... > } > > - nothing changed, only add macro at start. But now errp is safe, if it was > error_fatal it is wrapped by local error, and will only call exit on automatic > propagation on f1 finish. > >> >>> 2: error_abort problem >>> >>> Now, consider functions without return value. We normally use local_err >>> variable to catch failures: >>> >>> void f1(errp) { >>> Error *local_err = NULL; >>> ... >>> f2(&local_err); >>> if (local_err) { >>> error_propagate(errp, local_err); >>> return; >>> } >>> ... >>> } >>> >>> Now, if we call f2 with &error_abort and f2 fails, the stack in resulting >>> crash dump will point to error_propagate, not to the failure point in f2, >>> which complicates debugging. >>> >>> So, we should never wrap error_abort by local_err. >> >> Likewise. > > And here: > > void f1(errp) { > ERRP_AUTO_PROPAGATE(); > ... > f2(errp); > if (*errp) { > return; > } > ... > > - if errp was NULL, it is wrapped, so dereferencing errp is safe. On return, > local error is automatically propagated to original one. and if it was error_abort, it is not wrapped, so will crash where failed. > >> >>> >>> === >>> >>> Our solution: >>> >>> - Fixes [1.], adding invocation of new macro into functions with >>> error_appen_hint/error_prepend, >>> New macro will wrap error_fatal. >>> - Fixes [2.], by switching from hand-written local_err to smart macro, >>> which never >>> wraps error_abort. >>> - Handles [3.], by switching to macro, which is less code >>> - Additionally, macro doesn't wrap normal non-zero errp, to avoid extra >>> propagations >>> (in fact, error_propagate is called, but returns immediately on first >>> if (!local_err)) >> > > -- Best regards, Vladimir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.