From: Eric Blake <eblake@redhat.com>
To: Markus Armbruster <armbru@redhat.com>,
Peter Crosthwaite <crosthwaitepeter@gmail.com>
Cc: peter.maydell@linaro.org, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [RFC PATCH v1 00/25] error: Automatic error concatenation and prefixing
Date: Fri, 11 Sep 2015 09:53:58 -0600 [thread overview]
Message-ID: <55F2F916.8010605@redhat.com> (raw)
In-Reply-To: <87y4gdzcb1.fsf@blackfin.pond.sub.org>
[-- Attachment #1: Type: text/plain, Size: 1825 bytes --]
On 09/11/2015 12:42 AM, Markus Armbruster wrote:
> Quick initial high-level feedback, since I'm afraid real review will
> take a while (series is long, and I'm still swamped).
>
>>
>> So the net result for these ARM machines, is error behaviour that is
>> something like a compiler. If any one thing fails, then machine-init
>> (compilation) fails. But an early fail does not stop machine-init
>> (compilation), instead it proceeds to the end collecting subsequent
>> errors as it goes.
>
> Simple compilers stop on first error. Not as bad as it may sound when
> your machine gets from running "make" to compiler dying on the first
> error real fast.
>
> More ambitious compilers continue to diagnose more errors. This isn't
> trivial. The compiler has to satisfy post conditions even after an
> error, typically by synthesizing suitable error values. It has to take
> pains to avoid error cascades. Experienced users recognize when that
> effort fails, and typically ignore the remaining errors wholesale then.
>
> In QEMU, error cascades might be less of a problem than with compilers.
> To tell for sure, we'd have to try.
>
> However, satisfying post conditions is at least as much of a problem.
> More so since they're generally unstated. Can you explain your strategy
> for solving this one?
And that's why I'm arguing that error chaining has to be an explicit
opt-in, and not the default. Code that has been audited to be safe
against cascading errors can use error chaining to reduce boilerplate,
but the default behavior should continue to be treating the first error
as fatal rather than getting the system into a worse state due to failed
postconditions.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 604 bytes --]
next prev parent reply other threads:[~2015-09-11 15:54 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-11 5:33 [Qemu-devel] [RFC PATCH v1 00/25] error: Automatic error concatenation and prefixing Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 01/25] exec: convert error_report to error_report_err Peter Crosthwaite
2015-09-11 15:28 ` Eric Blake
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 02/25] s390x: virtio-ccw: Remove un-needed if guard Peter Crosthwaite
2015-09-11 15:28 ` Eric Blake
2015-09-14 7:09 ` Cornelia Huck
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 03/25] error: Factor out common error setter logic Peter Crosthwaite
2015-09-11 15:30 ` Eric Blake
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 04/25] error: Add support for multiple errors Peter Crosthwaite
2015-09-11 15:49 ` Eric Blake
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 05/25] error: Add error prefix API Peter Crosthwaite
2015-09-11 16:04 ` Eric Blake
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 06/25] error: Add error_printf_fn() Peter Crosthwaite
2015-09-11 16:10 ` Eric Blake
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 07/25] sysbus: mmio_map+mmio_get_region: ignore range OOB errors Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 08/25] memory: nop APIs when they have NULL arguments Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 09/25] qdev: gpio: Ignore unconnectable GPIOs Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 10/25] arm: xlnx-zynqmp: Update error API usages Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 11/25] arm: fsl-imx*: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 12/25] arm: netduino: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 13/25] arm: allwinner: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 14/25] arm: digic: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 15/25] cpu: arm: Remove un-needed error checking Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 16/25] ppc: Update error API usages Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 17/25] i386: pc: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 18/25] monitor: update " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 19/25] qdev: Update " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 20/25] block: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 21/25] tests: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 22/25] usb: bus: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 23/25] scsi: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 24/25] migration: savevm: " Peter Crosthwaite
2015-09-11 5:33 ` [Qemu-devel] [RFC PATCH v1 25/25] core: " Peter Crosthwaite
2015-09-11 6:42 ` [Qemu-devel] [RFC PATCH v1 00/25] error: Automatic error concatenation and prefixing Markus Armbruster
2015-09-11 15:53 ` Eric Blake [this message]
2015-09-11 15:27 ` Eric Blake
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55F2F916.8010605@redhat.com \
--to=eblake@redhat.com \
--cc=armbru@redhat.com \
--cc=crosthwaitepeter@gmail.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).