All of lore.kernel.org
 help / color / mirror / Atom feed
From: BALATON Zoltan <balaton@eik.bme.hu>
To: Markus Armbruster <armbru@redhat.com>
Cc: "Peter Maydell" <peter.maydell@linaro.org>,
	"Vladimir Sementsov-Ogievskiy" <vsementsov@virtuozzo.com>,
	"Philippe Mathieu-Daudé" <philmd@redhat.com>,
	"QEMU Developers" <qemu-devel@nongnu.org>
Subject: Re: Questionable aspects of QEMU Error's design
Date: Thu, 2 Apr 2020 17:28:15 +0200 (CEST)	[thread overview]
Message-ID: <alpine.BSF.2.22.395.2004021716130.78264@zero.eik.bme.hu> (raw)
In-Reply-To: <87pncq0xdt.fsf@dusky.pond.sub.org>

[-- Attachment #1: Type: text/plain, Size: 4603 bytes --]

On Thu, 2 Apr 2020, Markus Armbruster wrote:
> Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> writes:
>> 02.04.2020 12:36, BALATON Zoltan wrote:
>>> On Thu, 2 Apr 2020, Vladimir Sementsov-Ogievskiy wrote:
>>>> 01.04.2020 23:15, Peter Maydell wrote:
>>>>> On Wed, 1 Apr 2020 at 10:03, Markus Armbruster <armbru@redhat.com> wrote:
>>>>>>
>>>>>> QEMU's Error was patterned after GLib's GError.  Differences include:
>>>>>
>>>>>  From my POV the major problem with Error as we have it today
>>>>> is that it makes the simple process of writing code like
>>>>> device realize functions horrifically boilerplate heavy;
>>>>> for instance this is from hw/arm/armsse.c:
>>>>>
>>>>>          object_property_set_link(cpuobj, OBJECT(&s->cpu_container[i]),
>>>>>                                   "memory", &err);
>>>>>          if (err) {
>>>>>              error_propagate(errp, err);
>>>>>              return;
>>>>>          }
>>>>>          object_property_set_link(cpuobj, OBJECT(s), "idau", &err);
>>>>>          if (err) {
>>>>>              error_propagate(errp, err);
>>>>>              return;
>>>>>          }
>>>>>          object_property_set_bool(cpuobj, true, "realized", &err);
>>>>>          if (err) {
>>>>>              error_propagate(errp, err);
>>>>>              return;
>>>>>          }
>>>>>
>>>>> 16 lines of code just to set 2 properties on an object
>>>>> and realize it. It's a lot of boilerplate and as
>>>>> a result we frequently get it wrong or take shortcuts
>>>>> (eg forgetting the error-handling entirely, calling
>>>>> error_propagate just once for a whole sequence of
>>>>> calls, taking the lazy approach and using err_abort
>>>>> or err_fatal when we ought really to be propagating
>>>>> an error, etc). I haven't looked at 'auto propagation'
>>>>> yet, hopefully it will help?
>>>>
>>>> Yes, after it the code above will look like this:
>>>>
>>>> ... some_func(..., errp)
>>>> {
>>>>    ERRP_AUTO_PROPAGATE(); # magic macro at function start, and no "Error *err" definition
>>>>
>>>> ...
>>>>          object_property_set_link(cpuobj, OBJECT(&s->cpu_container[i]),
>>>>                                   "memory", errp);
>>>>          if (*errp) {
>>>>              return;
>>>>          }
>>>>          object_property_set_link(cpuobj, OBJECT(s), "idau", errp);
>>>>          if (*errp) {
>>>>              return;
>>>>          }
>>>>          object_property_set_bool(cpuobj, true, "realized", errp);
>>>>          if (*errp) {
>>>>              return;
>>>>          }
>>>> ...
>>>> }
>>>>
>>>> - propagation is automatic, errp is used directly and may be safely dereferenced.
>>>
>>> Not much better. Could it be something like:
>>
>> Actually, much better, as it solves some real problems around error propagation.
>
> The auto propagation patches' stated aim is to fix &error_fatal not to
> eat hints, and to provide more useful stack backtraces with
> &error_abort.  The slight shrinking of boilerplate is a welcome bonus.
>
> For a bigger improvement, have the functions return a useful value, as
> discussed elsewhere in this thread.
>
>>>
>>>      ERRP_RET(object_property_set_link(cpuobj, OBJECT(&s->cpu_container[i]),
>>>                                        "memory", errp));
>>>      ERRP_RET(object_property_set_link(cpuobj, OBJECT(s), "idau", errp));
>>>      ERRP_RET(object_property_set_bool(cpuobj, true, "realized", errp));
>>>
>>
>> and turn all
>>
>> ret = func(...);
>> if (ret < 0) {
>>     return ret;
>> }
>>
>> into
>>
>> FAIL_RET(func(...))
>>
>> ?
>>
>> Not a problem to make such macro.. But I think it's a bad idea to turn all the code
>> into sequence of macro invocations. It's hard to debug and follow.
>
> Yes.  Hiding control flow in macros is almost always too much magic.
> There are exceptions, but this doesn't look like one.

I did't like this idea of mine too much either so I agree but I see no 
other easy way to simplify this. If you propose changing function return 
values maybe these should return errp instead of passing it as a func 
parameter? Could that result in simpler code and less macro magic needed?

Regards,
BALATON Zoltan

  reply	other threads:[~2020-04-02 15:29 UTC|newest]

Thread overview: 41+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-01  9:02 Questionable aspects of QEMU Error's design Markus Armbruster
2020-04-01 12:10 ` Vladimir Sementsov-Ogievskiy
2020-04-01 12:14   ` Vladimir Sementsov-Ogievskiy
2020-04-01 14:01   ` Alex Bennée
2020-04-01 15:49     ` Markus Armbruster
2020-04-01 15:05   ` Markus Armbruster
2020-04-01 12:44 ` Daniel P. Berrangé
2020-04-01 12:47   ` Vladimir Sementsov-Ogievskiy
2020-04-01 15:34   ` Markus Armbruster
2020-04-01 20:15 ` Peter Maydell
2020-04-02  5:31   ` Vladimir Sementsov-Ogievskiy
2020-04-02  9:36     ` BALATON Zoltan
2020-04-02 14:11       ` Vladimir Sementsov-Ogievskiy
2020-04-02 14:34         ` Markus Armbruster
2020-04-02 15:28           ` BALATON Zoltan [this message]
2020-04-03  7:09             ` Markus Armbruster
2020-04-02  5:54   ` Markus Armbruster
2020-04-02  6:11     ` Vladimir Sementsov-Ogievskiy
2020-04-02  8:11       ` Peter Maydell
2020-04-02  8:49         ` Daniel P. Berrangé
2020-04-02  8:55         ` Markus Armbruster
2020-04-02 14:35           ` Vladimir Sementsov-Ogievskiy
2020-04-02 15:06             ` Markus Armbruster
2020-04-02 17:17               ` Vladimir Sementsov-Ogievskiy
2020-04-03  7:48                 ` Markus Armbruster
2020-04-02 18:57           ` Paolo Bonzini
2020-04-02  8:47     ` Daniel P. Berrangé
2020-04-02  9:19       ` Alex Bennée
2020-04-02 14:33     ` Eric Blake
2020-04-04  7:59 ` Markus Armbruster
2020-04-04 10:59   ` Markus Armbruster
2020-04-06 14:05     ` Eduardo Habkost
2020-04-06 14:38       ` Eduardo Habkost
2020-04-06 14:10     ` Daniel P. Berrangé
2020-04-27 15:36   ` Markus Armbruster
2020-04-28  5:20     ` Vladimir Sementsov-Ogievskiy
2020-05-14  7:59       ` Vladimir Sementsov-Ogievskiy
2020-05-15  4:28         ` Markus Armbruster
2020-07-03  7:38           ` Markus Armbruster
2020-07-03  9:07             ` Vladimir Sementsov-Ogievskiy
2020-07-03 12:21   ` Markus Armbruster

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=alpine.BSF.2.22.395.2004021716130.78264@zero.eik.bme.hu \
    --to=balaton@eik.bme.hu \
    --cc=armbru@redhat.com \
    --cc=peter.maydell@linaro.org \
    --cc=philmd@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=vsementsov@virtuozzo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.