From: John Snow <jsnow@redhat.com>
To: qemu-devel@nongnu.org
Cc: kwolf@redhat.com, Eduardo Habkost <ehabkost@redhat.com>,
philmd@redhat.com, Markus Armbruster <armbru@redhat.com>,
Cleber Rosa <crosa@redhat.com>, John Snow <jsnow@redhat.com>
Subject: [PATCH v3 2/3] python/machine.py: refactor shutdown
Date: Thu, 4 Jun 2020 15:52:51 -0400 [thread overview]
Message-ID: <20200604195252.20739-3-jsnow@redhat.com> (raw)
In-Reply-To: <20200604195252.20739-1-jsnow@redhat.com>
This is done primarily to avoid the 'bare except' pattern, which
suppresses ALL exceptions and not just ones that we are anticipating to
see.
Replace this with a pattern that isolates the different kind of shutdown
paradigms and a new fallback shutdown handler that gracefully attempts
one before the other.
Ensure that the main shutdown() function ALWAYS calls the post_shutdown
logic, no matter what kind of error we encountered. Subprocess wait
timeouts are considered expected, everything else is unexpected.
In cases where we encounter an expected error in the graceful shutdown
timeout, we will not re-raise an exception above shutdown(). Otherwise,
after post_shutdown cleanup, we will.
I anticipate that this WILL lead to additional bug reports filed against
this module, but that is unfortunately somewhat the point: This code
shouldn't be hiding failures that exist elsewhere within the python
code.
Signed-off-by: John Snow <jsnow@redhat.com>
---
python/qemu/machine.py | 68 ++++++++++++++++++++++++++++++++----------
1 file changed, 53 insertions(+), 15 deletions(-)
diff --git a/python/qemu/machine.py b/python/qemu/machine.py
index f7e68191c28..a2abd2c35e3 100644
--- a/python/qemu/machine.py
+++ b/python/qemu/machine.py
@@ -359,9 +359,51 @@ def wait(self):
self._qmp.close()
self._post_shutdown()
- def shutdown(self, has_quit=False, hard=False):
+ def _hard_shutdown(self) -> None:
"""
- Terminate the VM and clean up
+ Kill the VM if it is running.
+ """
+ if not self.is_running():
+ return
+
+ self._popen.kill()
+ self._popen.wait(timeout=60)
+
+ def _soft_shutdown(self, has_quit: bool = False, timeout: int = 3) -> None:
+ """
+ Attempt to shutdown the VM gracefully if it is running.
+
+ :param has_quit: When True, don't attempt to issue 'quit' QMP command
+ :param timeout: Timeout for graceful shutdown. Default 3 seconds.
+ """
+ if not self.is_running():
+ return
+
+ if self._qmp is not None:
+ if not has_quit:
+ self._qmp.cmd('quit')
+ self._qmp.close()
+
+ self._popen.wait(timeout=timeout)
+
+ def _do_shutdown(self, has_quit: bool = False, timeout: int = 3) -> None:
+ """
+ Attempt to shutdown the VM gracefully; fallback to a hard shutdown.
+
+ :param has_quit: When True, don't attempt to issue 'quit' QMP command
+ :param timeout: Timeout for graceful shutdown. Default 3 seconds.
+ """
+ try:
+ self._soft_shutdown(has_quit, timeout)
+ except subprocess.TimeoutExpired:
+ self._hard_shutdown()
+ except:
+ self._hard_shutdown()
+ raise
+
+ def shutdown(self, has_quit: bool = False, hard: bool = False) -> None:
+ """
+ Terminate the VM (gracefully if possible) and perform cleanup.
"""
# If we keep the console socket open, we may deadlock waiting
# for QEMU to exit, while QEMU is waiting for the socket to
@@ -370,22 +412,18 @@ def shutdown(self, has_quit=False, hard=False):
self._console_socket.close()
self._console_socket = None
- if self.is_running():
+ try:
if hard:
- self._popen.kill()
- elif self._qmp:
- try:
- if not has_quit:
- self._qmp.cmd('quit')
- self._qmp.close()
- self._popen.wait(timeout=3)
- except:
- self._popen.kill()
- self._popen.wait()
-
- self._post_shutdown()
+ self._hard_shutdown()
+ else:
+ self._do_shutdown(has_quit)
+ finally:
+ self._post_shutdown()
def kill(self):
+ """
+ Terminate the VM forcefully and perform cleanup.
+ """
self.shutdown(hard=True)
def set_qmp_monitor(self, enabled=True):
--
2.21.3
next prev parent reply other threads:[~2020-06-04 19:56 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-04 19:52 [PATCH v3 0/3] python/machine.py: refactor shutdown John Snow
2020-06-04 19:52 ` [PATCH v3 1/3] python/machine.py: consolidate _post_shutdown() John Snow
2020-06-04 19:52 ` John Snow [this message]
2020-06-04 19:52 ` [PATCH v3 3/3] python/machine.py: re-add sigkill warning suppression John Snow
2020-06-05 9:34 ` [PATCH v3 0/3] python/machine.py: refactor shutdown Kevin Wolf
2020-06-09 13:08 ` Philippe Mathieu-Daudé
2020-06-09 21:55 ` John Snow
2020-06-15 15:21 ` Philippe Mathieu-Daudé
2020-06-15 22:21 ` Eduardo Habkost
2020-06-16 15:06 ` John Snow
2020-06-16 15:36 ` Philippe Mathieu-Daudé
2020-06-16 21:49 ` Cleber Rosa
2020-06-17 17:13 ` Philippe Mathieu-Daudé
2020-06-20 10:14 ` Philippe Mathieu-Daudé
2020-06-22 17:51 ` John Snow
2020-06-22 17:55 ` Philippe Mathieu-Daudé
2020-06-22 18:08 ` John Snow
2020-06-22 18:28 ` Philippe Mathieu-Daudé
2020-06-26 17:28 ` John Snow
2020-06-17 17:15 ` Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200604195252.20739-3-jsnow@redhat.com \
--to=jsnow@redhat.com \
--cc=armbru@redhat.com \
--cc=crosa@redhat.com \
--cc=ehabkost@redhat.com \
--cc=kwolf@redhat.com \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).