On 2011-10-10 11:34, Richard W.M. Jones wrote: > On Mon, Oct 10, 2011 at 10:10:21AM +0100, Daniel P. Berrange wrote: >> On Mon, Oct 10, 2011 at 10:08:26AM +0100, Daniel P. Berrange wrote: >>> On Mon, Oct 10, 2011 at 10:21:02AM +0800, Wen Congyang wrote: >>>> At 10/09/2011 06:23 PM, Richard W.M. Jones Write: >>>>> On Sun, Oct 09, 2011 at 10:49:57AM +0200, Jan Kiszka wrote: >>>>>> As explained in the other replies: It is way more future-proof to use an >>>>>> interface for this which was designed for it (remote gdb) instead of >>>>>> artificially relaxing reasonable constraints of the migration mechanism >>>>>> plus having to follow that format with the post-processing tool. >>>>> >>>>> Any interface that isn't "get this information off my production >>>>> server *now*" so that I can get the server restarted, and send it to >>>>> an expert to analyse -- is a poor interface, whether it was designed >>>>> like that or not. Perhaps we don't have the right interface at all, >>>>> but remote gdb is not it. >>>> >>>> What about the following idea? >>>> >>>> Introduce a new monitor command named dump, and this command accepts a >>>> filename. >>>> We can use almost all migration's code. We use this command to dump guest's >>>> memory, so there is no need to check whether the guest has a unmigratable >>>> device. >>> >>> I think it would be a good idea of QEMU had a dedicated 'dump' command >>> for this purpose, even if it was just an alias for 'migrate' initially. >>> I have never really liked the fact that we abuse the 'migrate' command >>> to generate a core dump. The resulting data file from this is more >>> complex than it really needs to be, causing complexity for post-processing >>> it. The needs of migration, are not entirely aligned with the needs of >>> core dumping in the long term, so we should allow the possibility of >>> their impls diverging without impacting apps using them. >>> >>> So adding a 'dump' command which wrote out data in a format that was >>> optimized for offline processing by tools like 'crash' (or the windows >>> equivalent) would be a good improvement, even if it just reuses the >>> migrate code for now. >> >> The other reason why it would be good, is that we would then have a clearly >> defined standard "QEMU dump format", instead of "libvirt dump format for >> QEMU" > > Other reasons why this is a good idea: > > - so you don't need 3 processes doing a dance in order to capture a > core dump
If it made the overall implementation simpler, that would have been no valid reason. The key is only that banning of gdb on certain systems (though I wonder if you cannot configure it to only support remote targets, thus making it useless for potential attackers). > > - so that qemu can initiate a core dump itself (from watchdog events) This is a management tool decision. A dump command would not have any pre-condition or auto-trigger. > > - so that two qemu processes can do a core dump at the same time > without trying to use conflicting ports That is a non-issue (just like you can have multiple monitors of multiple VMs listening on different TCP ports). Jan -- Siemens AG, Corporate Technology, CT T DE IT 1 Corporate Competence Center Embedded Linux