From: Ian Campbell <ian.campbell@citrix.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>,
Martin Osterloh <osterlohm@ainfosec.com>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
Subject: Re: Current LibXL Status
Date: Thu, 19 Nov 2015 11:23:15 +0000 [thread overview]
Message-ID: <1447932195.5647.46.camel@citrix.com> (raw)
In-Reply-To: <564DAA8D.5060305@citrix.com>
create !
title it libxl exit() on ENOMEM incompatible with gc'd languages
thanks
On Thu, 2015-11-19 at 10:55 +0000, Andrew Cooper wrote:
> On 19/11/15 09:20, Ian Campbell wrote:
> > On Wed, 2015-11-18 at 18:32 +0000, Martin Osterloh wrote:
> >
> > > I wanted to inquire about the current state of LibXL and in
> > > particular
> > > if there are any issues with using it in long-running processes.
> > It is currently being used by libvirtd which I think has shaken out
> > most of
> > the issues with that environment.
> >
> > There are certain to be other bugs, but nothing show-stopping.
>
> There really is a show-stopper, which I have stated before.
Ah yes, nobody ever made a proposal to fix this so it slipped off my radar.
I've recorded it in the BTS this time.
> Languages such as OCaml use -ENOMEM as a hint to run the garbage
> collector some more. I expect Haskell is the same.
>
> It is not appropriate for libxl (or any library for that matter) to use
> exit() as its method of resolving out-of-memory conditions.
Note that the decision to take this approach was widely consulted at the
time, including with Ocaml folks, it wasn't just done on a whim. That's not
to say we cannot reconsider and find a different, better, approach which
works for such languages.
I think retrofitting all the necessary error paths to libxl to report
memory allocation failures back up to the caller is going to be untenable
and probably a project which would never actually be complete.
But I notice that there are only ~10 calls to libxl__alloc_failed in libxl.
I think it would be possible to turn each of those into a retry loop which
calls an application provided hook function on each iteration.
If no hook is provided by the application then the current behaviour would
remain.
Language bindings for Ocaml/haskel/etc would set the hook and use it to
call into their gc. You'd probably want to limit the number of retry
attempts and provide a way for the app to say "no, we really are out of
memory" if it wants.
Would such an approach work for Ocaml and haskell?
In particular I'd be concerned about things like the ocaml interpreter lock
(caml_enter_blocking_section etc) and calls to libxl not consistently
holding/dropping it potentially leading to deadlocks.
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2015-11-19 11:23 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-18 18:32 Current LibXL Status Martin Osterloh
2015-11-19 9:20 ` Ian Campbell
2015-11-19 10:23 ` George Dunlap
2015-11-19 10:55 ` Andrew Cooper
2015-11-19 11:23 ` Ian Campbell [this message]
2015-11-19 11:30 ` Processed: " xen
2015-11-19 11:33 ` Andrew Cooper
2015-11-19 11:48 ` Ian Campbell
2015-11-19 11:55 ` Ian Campbell
2015-11-19 12:16 ` Ian Campbell
2015-11-20 0:30 ` Yang Hongyang
2016-02-18 17:09 ` George Dunlap
2016-02-18 17:19 ` Ian Jackson
2016-02-18 17:26 ` Ian Campbell
2016-02-18 17:40 ` George Dunlap
2016-02-18 17:24 ` Ian Campbell
2016-02-18 18:30 ` Ian Jackson
2015-11-19 15:34 ` George Dunlap
2016-02-18 17:26 ` George Dunlap
2016-02-18 17:39 ` Ian Campbell
2016-02-18 17:47 ` George Dunlap
2016-02-18 17:50 ` Ian Campbell
2016-02-18 18:15 ` libxl and malloc failure (Re: Current LibXL Status) Ian Jackson
2016-02-19 10:52 ` Ian Campbell
2016-02-19 11:00 ` Processed: " xen
2016-02-22 16:48 ` Ian Jackson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1447932195.5647.46.camel@citrix.com \
--to=ian.campbell@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=osterlohm@ainfosec.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).