From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: Wei Liu <wei.liu2@citrix.com>,
Ian Campbell <Ian.Campbell@citrix.com>,
Xen-devel <xen-devel@lists.xen.org>
Subject: Re: [PATCH v2 for-4.6 3/3] tools/libxl: Only continue stream operations if the stream is still in progress
Date: Tue, 28 Jul 2015 14:56:49 +0100 [thread overview]
Message-ID: <55B78A21.3070402@citrix.com> (raw)
In-Reply-To: <21943.34423.586101.713988@mariner.uk.xensource.com>
On 28/07/15 14:41, Ian Jackson wrote:
> Andrew Cooper writes ("[PATCH v2 for-4.6 3/3] tools/libxl: Only continue stream operations if the stream is still in progress"):
>> Part of the callback contract with check_all_finished() is that each
>> running parallel task shall call it exactly once.
> ...
>> @@ -738,14 +738,16 @@ void libxl__xc_domain_restore_done(libxl__egc *egc, void *dcs_void,
>> goto err;
>> }
>>
>> - /*
>> - * Libxc has indicated that it is done with the stream. Resume reading
>> - * libxl records from it.
>> - */
>> - stream_continue(egc, stream);
>> -
>> err:
>> check_all_finished(egc, stream, rc);
>> +
>> + if (libxl__stream_read_inuse(stream)) {
>> + /*
>> + * Libxc has indicated that it is done with the stream. Resume re\
> ading
>> + * libxl records from it.
>> + */
>> + stream_continue(egc, stream);
>> + }
> This doesn't look convincing to me. (Also, wrap damage in the
> comment.) It may be possible to prove that it's not buggy, but it's
> certainly confusing. In general the the which sets up the next
> callback should be at the end of functions, because that way
> reentrancy hazards are more easily seen to be avoided.
>
> Why not just do this:
>
> /*
> * Libxc has indicated that it is done with the stream. Resume reading
> * libxl records from it.
> */
> stream_continue(egc, stream);
> + return;
>
> err:
> check_all_finished(egc, stream, rc);
>
> ?
>
> And the same in the next one.
That was my first attempt to fix this issue (as observed in v1), but it
is buggy.
libxl__xc_domain_restore_done() is required to call check_all_finished()
exactly once, as part of its callback contract.
Imagine a scenario whereby some error has occured and
check_all_finished() has _abort()'ed the tasks, but the save helper was
already on the way out, signalling success.
In such a case, we would both omit the check_all_finished() call, thus
omitting the eventual stream callback, and start a further action on a
now-defunct stream.
It is only save to stream_continue() if the stream is currently in use,
which is not a guaranteed situation in this function even if rc is 0.
~Andrew
next prev parent reply other threads:[~2015-07-28 13:56 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-27 16:47 [PATCH v2 for-4.6 0/3] Fixes to stream v2 task joining logic Andrew Cooper
2015-07-27 16:47 ` [PATCH v2 for-4.6 1/3] tools/libxl: Do not set stream->rc in stream_complete() Andrew Cooper
2015-07-28 10:26 ` Ian Jackson
2015-07-27 16:47 ` [PATCH v2 for-4.6 2/3] tools/libxl: Do not fire the stream callback multiple times Andrew Cooper
2015-07-28 10:27 ` Ian Jackson
2015-07-27 16:47 ` [PATCH v2 for-4.6 3/3] tools/libxl: Only continue stream operations if the stream is still in progress Andrew Cooper
2015-07-28 13:41 ` Ian Jackson
2015-07-28 13:56 ` Andrew Cooper [this message]
2015-07-28 15:12 ` Ian Jackson
2015-07-28 15:21 ` Andrew Cooper
2015-07-28 15:59 ` Ian Jackson
2015-07-28 16:52 ` Andrew Cooper
2015-07-28 17:07 ` Ian Jackson
2015-07-29 14:17 ` Ian Campbell
2015-07-29 14:18 ` Ian Campbell
2015-07-28 13:27 ` [PATCH v2 for-4.6 0/3] Fixes to stream v2 task joining logic Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55B78A21.3070402@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=Ian.Campbell@citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).