On Thu, 2012-09-20 at 15:08 -0400, Etienne Martineau wrote: > On 09/20/2012 02:16 PM, Alex Williamson wrote: > > On Thu, 2012-09-20 at 13:27 -0400, Etienne Martineau wrote: > >> In hw/kvm/pci-assign.c a pread() error part of assigned_dev_pci_read() > >> result in a hw_error(). Similarly a pwrite() error part of > >> assigned_dev_pci_write() also result in a hw_error(). > >> > >> Would there be a way to avoid terminating the guest for those cases? How > >> about we deassign the device upon error? > > > > By terminating the guest we contain the error vs allowing the guest to > > continue running with invalid data. De-assigning the device is > > asynchronous and relies on guest involvement, so damage is potentially > > already done. Is this a theoretical problem or do you actually have > > hardware that hits this? Thanks, > > > > Alex > > > > This problem is in the context of a Hot-pluggable device assigned to the > guest. If the guest rd/wr the config space at the same time than the > device is physically taken out then the guest will terminate with > hw_error(). > > Because this limits the availability of the guest I think we should try > to recover instead. I don't see what other damage can happen since > guest's MMIO access to the stale device will go nowhere?
So you're looking at implementing surprise device removal? There's not just config space, there's slow bar access and mmap'd spaces to worry about too. What does going nowhere mean? If it means reads return -1 and the guest is trying to read the data portion of a packet from the network or an hba, we've now passed bad data to the guest. Thanks, Alex -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
