From: "Daniel P. Berrange" <berrange@redhat.com>
To: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
Cc: Markus Armbruster <armbru@redhat.com>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] chardev's and fd's in monitors
Date: Wed, 19 Oct 2016 11:16:16 +0100 [thread overview]
Message-ID: <20161019101616.GL11194@redhat.com> (raw)
In-Reply-To: <20161019100552.GD2035@work-vm>
On Wed, Oct 19, 2016 at 11:05:53AM +0100, Dr. David Alan Gilbert wrote:
> * Markus Armbruster (armbru@redhat.com) wrote:
> > "Daniel P. Berrange" <berrange@redhat.com> writes:
> >
> > > On Wed, Oct 19, 2016 at 09:12:11AM +0100, Dr. David Alan Gilbert wrote:
> > >> * Markus Armbruster (armbru@redhat.com) wrote:
> > >> > "Daniel P. Berrange" <berrange@redhat.com> writes:
> > >> >
> > >> > > On Tue, Oct 18, 2016 at 02:52:13PM +0100, Dr. David Alan Gilbert wrote:
> > [...]
> > >> > >> I already use error_report's in places in migration threads of various
> > >> > >> types; I'm not sure if that's a problem.
> > >> > >
> > >> > > Unless those places are protected by the big qemu lock, that sounds
> > >> > > not good. error_report calls into error_vprintf which checks the
> > >> > > 'cur_mon' global "Monitor" pointer. This variable is updated at
> > >> > > runtime - eg in qmp_human_monitor_command(), monitor_qmp_read(),
> > >> > > monitor_read(), etc. So if migration threads outside the BQL are
> > >> > > calling error_report() that could well cause problems. If you
> > >> > > are lucky messages will merely end up going to stderr instead of
> > >> > > the monitor, but in worst case I wouldn't be surprised if there
> > >> > > is a crash possibility in some race conditions.
> > >> >
> > >> > cur_mon dates back to single-threaded times.
> > >> >
> > >> > The idea is to print to the monitor when running within an HMP command,
> > >> > else to stderr.
> > >> >
> > >> > The current solution is to set cur_mon around monitor commands. Fine
> > >> > with a single thread, not fine at all with multiple threads.
> > >> >
> > >> > Making cur_mon thread-local should fix things.
> > >> >
> > >> > If you do want to report errors from another thread in a monitor, you
> > >> > should use error_setg() & friends to get them into the monitor, in my
> > >> > opinion. Asynchronously barfing output to a monitor doesn't strike me
> > >> > as a sensible design. Not least because it doesn't work at all with
> > >> > QMP! If an error message is important enough for the human monitor's
> > >> > user to make use route it to the human monitor, why is hiding it from
> > >> > the QMP client okay?
> > >> >
> > >> > If I'm wrong and it is sensible, we need locking.
> > >>
> > >> The difficulty is that we've long tried to be consistent and use error_report
> > >> rather than fprintf's; now that is turning out to be wrong if we're in
> > >> other threads.
> >
> > No, the two are equally wrong as wrong as far as threading is concerned:
> > unless that other thread is executing an HMP command, error_report()
> > calls vfprintf().
> >
> > >> It's even trickier for the cases of routines that might
> > >> be called in either the main thread or another thread - we have no
> > >> right answer as to how they should print na error.
> > >
> > > Pretty much all code should be using error_setg together with an Error **errp
> > > parameter to the method. The only places that should use error_report are at
> > > top of the call chain where they unambigously know that the printed result
> > > is going to the right place.
> >
> > When you know your code's running on behalf of startup code, a monitor
> > command or similar, go ahead and error_report().
> >
> > When you don't know your context, error reporting should be left to
> > something up the stack that does. This means returning a suitable error
> > value in simple cases (null, -1, -errno, whatever makes sense, just
> > document it), and error_setg() when error values don't provide enough
> > information to the caller to report the error in a useful way.
>
> We need a way to be able to report an error without plumbing error_setg
> up the stack; if you're saying error_report isn't suitable then we
> should just recommend we switch everything in migration back to
> fprintf(stderr,
Well both error_report() + fprintf are broken from POV of anything
using QMP. error_report() is slightly less broken for HMP, but doesn't
help QMP.
In the short term we should just make error_report be threadsafe in
its usage of the monitor. Beyond the short term we have no choice but
to plumb in error_setg throughout, otherwise QMP will continue to
have useless error reporting in this area of code.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
next prev parent reply other threads:[~2016-10-19 10:16 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-12 19:15 [Qemu-devel] chardev's and fd's in monitors Dr. David Alan Gilbert
2016-10-12 20:02 ` Marc-André Lureau
2016-10-13 15:47 ` Dr. David Alan Gilbert
2016-10-18 10:04 ` Daniel P. Berrange
2016-10-18 11:32 ` Dr. David Alan Gilbert
2016-10-18 11:41 ` Marc-André Lureau
2016-10-18 11:44 ` Marc-André Lureau
2016-10-18 12:01 ` Daniel P. Berrange
2016-10-18 13:25 ` Dr. David Alan Gilbert
2016-10-18 13:35 ` Daniel P. Berrange
2016-10-18 13:52 ` Dr. David Alan Gilbert
2016-10-18 14:01 ` Daniel P. Berrange
2016-10-18 18:53 ` Dr. David Alan Gilbert
2016-10-19 7:45 ` Daniel P. Berrange
2016-10-19 8:00 ` Markus Armbruster
2016-10-19 8:12 ` Dr. David Alan Gilbert
2016-10-19 8:42 ` Daniel P. Berrange
2016-10-19 9:48 ` Markus Armbruster
2016-10-19 10:05 ` Dr. David Alan Gilbert
2016-10-19 10:16 ` Daniel P. Berrange [this message]
2016-10-19 12:16 ` Markus Armbruster
2016-10-19 12:21 ` Daniel P. Berrange
2016-10-19 18:06 ` Dr. David Alan Gilbert
2016-10-20 8:37 ` Daniel P. Berrange
2016-10-20 8:53 ` Marc-André Lureau
2016-10-20 10:45 ` Markus Armbruster
2016-10-20 16:56 ` Paolo Bonzini
2016-10-21 9:12 ` Markus Armbruster
2016-10-21 21:06 ` Paolo Bonzini
2016-10-24 7:07 ` Markus Armbruster
2016-10-21 9:35 ` Daniel P. Berrange
2016-10-20 16:59 ` Dr. David Alan Gilbert
2016-10-20 8:55 ` Markus Armbruster
2016-10-20 9:03 ` Daniel P. Berrange
2016-10-20 9:58 ` Dr. David Alan Gilbert
2016-10-20 10:42 ` Markus Armbruster
2016-10-20 11:01 ` Dr. David Alan Gilbert
2016-10-20 11:10 ` Daniel P. Berrange
2016-10-20 11:45 ` Markus Armbruster
2016-10-20 11:08 ` Daniel P. Berrange
2016-10-20 11:57 ` Markus Armbruster
2016-10-20 17:56 ` Dr. David Alan Gilbert
2016-10-21 9:06 ` Markus Armbruster
2016-10-21 9:37 ` Daniel P. Berrange
2016-10-21 11:56 ` Dr. David Alan Gilbert
2016-10-21 9:45 ` Dr. David Alan Gilbert
2016-10-19 12:26 ` Paolo Bonzini
2016-10-19 17:01 ` Dr. David Alan Gilbert
2016-10-19 20:51 ` Paolo Bonzini
2016-10-20 8:34 ` Daniel P. Berrange
2016-10-18 12:08 ` Markus Armbruster
2016-10-18 12:13 ` Daniel P. Berrange
2016-10-18 12:43 ` Dr. David Alan Gilbert
2016-10-18 10:06 ` Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161019101616.GL11194@redhat.com \
--to=berrange@redhat.com \
--cc=armbru@redhat.com \
--cc=dgilbert@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).