On 10/31/2013 08:47 AM, Michael S. Tsirkin wrote:
>>> if (event & PVPANIC_PANICKED) {
>>> panicked_mon_event("pause");
>>> - vm_stop(RUN_STATE_GUEST_PANICKED);
>>
>> Don't you still need to halt the guest on a panic event, for management
>> to have a chance to choose what to do about the panic?
>
> Guest can just call hlt to do this. Most guests do this on a panic
> already.On the one hand, the fact that the guest already has to inform the host means we are already trusting the guest behavior on a panic. On the other hand, assuming that the guest will ALWAYS halt after triggering a panic is putting a lot more trust in the guest, compared to qemu explicitly halting the guest so that management has a chance to choose to dump the guest's state at the moment the panic was flagged. The biggest argument for either removing all auto-pvpanic, or reverting pvpanic altogether, is that no one seems to be actively using pvpanic in the field yet. I wish we could get more feedback from Fujitsu as the original patch authors on what they are looking for in a working solution, rather than repeatedly second-guessing everything downstream and delaying the eradication of the buggy behavior even longer. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
