From mboxrd@z Thu Jan  1 00:00:00 1970
From: =?iso-8859-1?Q?Ga=EBtan?= Rivet <gaetan.rivet@6wind.com>
Subject: Re: [PATCH v3 6/6] net/failsafe: fix removed device
	handling
Date: Mon, 8 Jan 2018 14:46:54 +0100
Message-ID: <20180108134654.wb7svquzhuuvvmh6@bidouze.vm.6wind.com>
References: <1513175370-16583-1-git-send-email-matan@mellanox.com>
 <1513703415-29145-1-git-send-email-matan@mellanox.com>
 <1513703415-29145-7-git-send-email-matan@mellanox.com>
 <20171219222131.plcfn5wqggyn5znw@bidouze.vm.6wind.com>
 <HE1PR0502MB3659A32940C84B489CB82FBCD20C0@HE1PR0502MB3659.eurprd05.prod.outlook.com>
 <20180108105739.qkyejshupojkwyv2@bidouze.vm.6wind.com>
 <AM6PR0502MB3797391096C339436CB280A1D2130@AM6PR0502MB3797.eurprd05.prod.outlook.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Cc: Adrien Mazarguil <adrien.mazarguil@6wind.com>,
 Thomas Monjalon <thomas@monjalon.net>, "dev@dpdk.org" <dev@dpdk.org>
To: Matan Azrad <matan@mellanox.com>
Return-path: <dev-bounces@dpdk.org>
Received: from mail-wm0-f54.google.com (mail-wm0-f54.google.com [74.125.82.54])
 by dpdk.org (Postfix) with ESMTP id AE95C1B1B2
 for <dev@dpdk.org>; Mon,  8 Jan 2018 14:47:07 +0100 (CET)
Received: by mail-wm0-f54.google.com with SMTP id 9so14179065wme.4
 for <dev@dpdk.org>; Mon, 08 Jan 2018 05:47:07 -0800 (PST)
Content-Disposition: inline
In-Reply-To: <AM6PR0502MB3797391096C339436CB280A1D2130@AM6PR0502MB3797.eurprd05.prod.outlook.com>
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

On Mon, Jan 08, 2018 at 12:55:49PM +0000, Matan Azrad wrote:
> Hi Gaetan
> 
> From: Gaëtan Rivet, Monday, January 8, 2018 12:58 PM
> > Hi Matan,
> > 
> > Sorry for the delay on this.
> > 
> 
> It's OK in spite of I need to fetch it back :)
> 
> > On Wed, Dec 20, 2017 at 10:58:29AM +0000, Matan Azrad wrote:
> > > Hi Gaetan
> > >
> > > > -----Original Message-----
> > > > From: Gaëtan Rivet [mailto:gaetan.rivet@6wind.com]
> > > > Sent: Wednesday, December 20, 2017 12:22 AM
> > > > To: Matan Azrad <matan@mellanox.com>
> > > > Cc: Adrien Mazarguil <adrien.mazarguil@6wind.com>; Thomas Monjalon
> > > > <thomas@monjalon.net>; dev@dpdk.org
> > > > Subject: Re: [PATCH v3 6/6] net/failsafe: fix removed device
> > > > handling
> > > >
> > > > Hi Matan,
> > > >
> > > > On Tue, Dec 19, 2017 at 05:10:15PM +0000, Matan Azrad wrote:
> > > > > There is time between the physical removal of the device until
> > > > > sub-device PMDs get a RMV interrupt. At this time DPDK PMDs and
> > > > > applications still don't know about the removal and may call
> > > > > sub-device control operation which should return an error.
> > > > >
> > > > > In previous code this error is reported to the application
> > > > > contrary to fail-safe principle that the app should not be aware of
> > device removal.
> > > > >
> > > > > Add an removal check in each relevant control command error flow
> > > > > and prevent an error report to application when the sub-device is
> > removed.
> > > > >
> > > > > Fixes: a46f8d5 ("net/failsafe: add fail-safe PMD")
> > > > > Fixes: b737a1e ("net/failsafe: support flow API")
> > 
> > As stated previously, please do not include those fixes lines.
> > 
> > > > >
> > > > > Signed-off-by: Matan Azrad <matan@mellanox.com>
> > > > > ---
> > > >
> > > > <snip>
> > > >
> > > > > +/*
> > > > > + * Check if error should be reported to the user.
> > > > > + */
> > > > > +static inline bool
> > > > > +fs_is_error(struct sub_device *sdev, int err) {
> > > > > +	/* A device removal shouldn't be reported as an error. */
> > > > > +	if (err == 0 || sdev->remove == 1 || err == -EIO)
> > > > > +		return false;
> > > > > +	return true;
> > > > > +}
> > > >
> > > > This is better, thanks.
> > > >
> > > > However is there a reason you did not follow the same pattern as
> > > > ethdev with eth_err? I see the two functions as similar in their
> > > > intent, making them close to each other would be clearer to a reader
> > > > being familiar with the ethdev API and that would be interested in fail-
> > safe.
> > > >
> > > > What do you think?
> > > >
> > >
> > > I think that there is a real different between eth_err function to
> > fs_is_error:
> > > ethdev uses eth_err function to adjust removal return value to be -EIO.
> > > fail-safe uses fs_is_error function to check if an error should be reported to
> > the user to save the fail-safe principle that the app should not be aware of
> > device removal  -  this is the main idea that also causes me to change the
> > name from fs_is_removed to fs_is_error.
> > 
> > I would have preferred if it followed the same pattern as ethdev (that
> > function be used to adjust the return value, not performing a flag check).
> > 
> > While better on its own, the pattern:
> > 
> >     if (fs_is_error(sdev, err)) {
> >             ERROR("xxxx");
> >             return err;
> >     }
> > 
> > is dangerous, as then the author is forbidden from returning err, assuming
> > err could be -EIO. He or she would be forced to return an explicit "0".
> > To be clear, here would be an easy mistake to do:
> > 
> >     if (fs_is_error(sdev, err)) {
> >             ERROR("xxxx");
> >     }
> >     return err;
> > 
> > And this kind of code-flow is not unusual, or even unwanted.
> > I dislike having this kind of implicit rule derived from using a helper such as
> > fs_is_error().
> > 
> > The alternative
> > 
> >     if ((err = fs_err(sdev, err))) {
> >             ERROR("xxxx");
> >             return err;
> >     }
> > 
> > Forces the value err to be set to the correct one.
> > 
> Good point, will change it.
> 
> > This mistake can already be found in your patch:
> > 
> > > @@ -150,7 +150,7 @@
> > >                         continue;
> > >                 local_ret = rte_flow_destroy(PORT_ID(sdev),
> > >                                 flow->flows[i], error);
> > > -               if (local_ret) {
> > > +               if (fs_is_error(sdev, local_ret)) {
> > >                         ERROR("Failed to destroy flow on sub_device %d: %d",
> > >                                         i, local_ret);
> > >                         if (ret == 0)
> > 
> 
> Sorry, I can't see any issue here.
> 

You're right, actually the code would still be correct.
I checked again the rest of the edit, there shouldn't be any issue,
usually "0" is explicitly returned.

Still, the point stands.

> > Your environment does not include the function, but this is within
> > fs_flow_destroy (please update to include the context by the way it helps a
> > lot the review :). Afterward, line 162 ret is directly used as return value.
> > 
> I don't understand what do you mean.
> 
> > Also, fs_err() would need to transform rte_errno when relevant (mostly in
> > failsafe_flow.c I think).
> > 
> Your suggestion is always to update rte_errno to 0 in case the error is because of removal?
> 

If the error is indeed due to the device being absent, then rte_errno
should be set back to its previous value I think.

-- 
Gaëtan Rivet
6WIND