From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Keir Fraser <keir@xen.org>
Cc: Ian Campbell <Ian.Campbell@citrix.com>,
Jan Beulich <JBeulich@suse.com>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
Subject: Re: [PATCH RFC] hvm: Allow triple fault to imply crash rather than reboot
Date: Mon, 4 Feb 2013 17:12:21 +0000 [thread overview]
Message-ID: <510FEBF5.1060708@citrix.com> (raw)
In-Reply-To: <CD359666.59FAD%keir@xen.org>
On 04/02/13 16:46, Keir Fraser wrote:
> On 04/02/2013 15:26, "Ian Campbell" <Ian.Campbell@citrix.com> wrote:
>
>> On Mon, 2013-02-04 at 14:25 +0000, Andrew Cooper wrote:
>>> While the triple fault action on native hardware will result in a system
>>> reset, any modern operating system can and will make use of less violent
>>> reboot methods. As a result, the most likely cause of a triple fault is a
>>> fatal software bug.
>>>
>>> This patch allows the toolstack to indicate that a triple fault should mean a
>>> crash rather than a reboot. The default of reboot still remains the same.
>> Just a random thought -- what about adding SHUTDOWN_triple_fault as an
>> explicit thing, then the toolstack can decide what to do?
> I kind of prefer that, although it will require changes to every toolstack.
>
> An alternative would be to do that, *and* still have the new HVM_PARAM, so
> that any SHUTDOWN_* code can be generated by a triple fault (including new
> SHUTDOWN_triple_fault) -- but defaulting to SHUTDOWN_reboot so that the
> default behaviour is still unchanged.
>
> Or, in any case, I'm not dead against the existing patch, it just seems less
> flexible than it could be. But maybe that flexibility is pointless.
>
> -- Keir
I considered this approach originally, but decided against it.
SHUTDOWN_triple_fault would be meaningless as a standard SCHOP_shutdown
parameter, and having the toolstack differentiate between _crash and
_triple_fault seems pointless.
I thought that the ideal end result would be specifying
on_triple_fault="reboot"|"crash"
In the vm.cfg file
The on_{crash,reboot} actions would still then take effect as usual.
Having said that, if _triple_fault is preferred, I am not overly
attached to this specific implementation.
If it isn't obvious, the motivation behind this patch is because I am
currently chasing a windows triple fault on Xen-4.2. It appears machine
specific, but related to our PV driver, and takes a long time to
reproduce. Having automated tests fail soon with a triple fault is
better than having the domain in question sit in a reboot loop until the
hour long timeout kicks in.
~Andrew
next prev parent reply other threads:[~2013-02-04 17:12 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-04 14:25 [PATCH RFC] hvm: Allow triple fault to imply crash rather than reboot Andrew Cooper
2013-02-04 14:46 ` Jan Beulich
2013-02-04 14:50 ` Andrew Cooper
2013-02-04 15:26 ` Ian Campbell
2013-02-04 16:46 ` Keir Fraser
2013-02-04 17:12 ` Andrew Cooper [this message]
2013-02-04 17:55 ` Keir Fraser
-- strict thread matches above, loose matches on Subject: below --
2016-11-07 12:56 Xuquan (Quan Xu)
2016-11-07 13:12 ` Andrew Cooper
2016-11-07 13:18 ` Xuquan (Quan Xu)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=510FEBF5.1060708@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=Ian.Campbell@citrix.com \
--cc=JBeulich@suse.com \
--cc=keir@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).