From: Wei Liu <wei.liu2@citrix.com>
To: Xen-devel <xen-devel@lists.xenproject.org>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>,
Wei Liu <wei.liu2@citrix.com>, Doug Goldstein <cardoe@cardoe.com>,
Andrew Cooper <andrew.cooper3@citrix.com>
Subject: [RFC] Classify and remove (some) abort()s in libxl
Date: Wed, 24 Aug 2016 16:57:05 +0100 [thread overview]
Message-ID: <20160824155705.GO20641@citrix.com> (raw)
Hi all
There has been some interest in removing abort() in libxl in another
thread. I think this topic deserves a dedicated thread.
I've checked most instances of abort() and exit() in code and classify
them as several classes.
* System has entered an impossible to recover state
Can't be removed, there is no meaningful return code to return.
E.g. libxl_utils.c, libxl_event.c, libxl_exec.c and libxl_fork.c
* Used by some stub functions
Can be classified as "impossible to recover state" because caller
shouldn't have use them in the first place. But can be relaxed to
return error code.
* Configuration error
Some internal functions expect sanitised input. Up until now the
expectation (at least AIUI) is that libxl should have sanitised those
values before calling internal functions. I'm not sure if this rule is
strictly followed though.
The abort() in this class can be and turn into error return path.
E.g. various devices and domain configuration options
* Memory allocation failure
Actually exit() is called, but process will exit anyway. Can't be
easily changed without rewriting error handle logic across libxl.
The "configuration error" class is the easiest one to trip over for
library user. I think we can change that class to return error code
provided there is enough interest.
The "stub functions" class can also be dealt with, but I'm not too keen
on changing that.
Wei.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next reply other threads:[~2016-08-24 15:57 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-24 15:57 Wei Liu [this message]
2016-08-26 10:54 ` [RFC] Classify and remove (some) abort()s in libxl Ian Jackson
2016-09-02 14:33 ` Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160824155705.GO20641@citrix.com \
--to=wei.liu2@citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=cardoe@cardoe.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).