On Thu, Jul 28, 2011 at 03:22:52PM -0300, Luiz Capitulino wrote: > On Thu, 28 Jul 2011 20:04:58 +0200 > Jan Kiszka <jan.kis...@web.de> wrote: > > > On 2011-07-28 20:00, Luiz Capitulino wrote: > > > On Thu, 28 Jul 2011 19:52:31 +0200 > > > Jan Kiszka <jan.kis...@web.de> wrote: > > > > > >> On 2011-07-28 19:48, Luiz Capitulino wrote: > > >>> On Thu, 28 Jul 2011 14:39:23 -0300 > > >>> Luiz Capitulino <lcapitul...@redhat.com> wrote: > > >>> > > >>>> On Thu, 28 Jul 2011 17:20:41 +0200 > > >>>> Jan Kiszka <jan.kis...@web.de> wrote: > > >>>> > > >>>>> On 2011-07-28 17:18, Luiz Capitulino wrote: > > >>>>>> On Thu, 28 Jul 2011 16:19:19 +0200 > > >>>>>> Jan Kiszka <jan.kis...@web.de> wrote: > > >>>>>> > > >>>>>>> On 2011-07-28 15:37, Avi Kivity wrote: > > >>>>>>>> On 07/28/2011 04:31 PM, Luiz Capitulino wrote: > > >>>>>>>>> On Thu, 28 Jul 2011 10:23:22 +0300 > > >>>>>>>>> Avi Kivity<a...@redhat.com> wrote: > > >>>>>>>>> > > >>>>>>>>>> On 07/28/2011 12:44 AM, Blue Swirl wrote: > > >>>>>>>>>> > On Wed, Jul 27, 2011 at 9:42 PM, Luiz > > >>>>>>>>> Capitulino<lcapitul...@redhat.com> wrote: > > >>>>>>>>>> > > This function should be used when the VM is not supposed > > >>>>>>>>>> to > > >>>>>>>>> resume > > >>>>>>>>>> > > execution (eg. by issuing 'cont' monitor command). > > >>>>>>>>>> > > > > >>>>>>>>>> > > Today, we allow the user to resume execution even when: > > >>>>>>>>>> > > > > >>>>>>>>>> > > o the guest shuts down and -no-shutdown is used > > >>>>>>>>>> > > o there's a kvm internal error > > >>>>>>>>>> > > o loading the VM state with -loadvm or "loadvm" in the > > >>>>>>>>> monitor fails > > >>>>>>>>>> > > > > >>>>>>>>>> > > I think only badness can happen from the cases above. > > >>>>>>>>>> > > > >>>>>>>>>> > I'd suppose a system_reset should bring the system back to > > >>>>>>>>> sanity and > > >>>>>>>>>> > then clear vm_permanent_stopped (where's -ly?) > > >>>>>>>>> > > >>>>>>>>> What's -ly? > > >>>>>>>>> > > >>>>>>>> > > >>>>>>>> permanent-ly. > > >>>>>>>> > > >>>>>>>>>> > except maybe for KVM > > >>>>>>>>>> > internal error if that can't be recovered. Then it would not > > >>>>>>>>>> very > > >>>>>>>>>> > permanent anymore, so the name would need adjusting. > > >>>>>>>>>> > > >>>>>>>>>> Currently, all kvm internal errors are recoverable by reset (and > > >>>>>>>>>> possibly by fiddling with memory/registers). > > >>>>>>>>> > > >>>>>>>>> Ok, but a poweroff in the guest isn't recoverable with > > >>>>>>>>> system_reset > > >>>>>>>>> right? Or does it depend on the guest? > > >>>>>>>> > > >>>>>>>> Right, it's not recoverable if you shut the power down where the > > >>>>>>>> tractor > > >>>>>>>> beam is coupled to the main reactor. > > >>>>>>> > > >>>>>>> system_reset will bring all emulated devices back into their > > >>>>>>> power-on > > >>>>>>> state - unless we have remaining bugs to fix. Actually, one may > > >>>>>>> consider > > >>>>>>> issuing this reset automatically on vm_start after "permant" > > >>>>>>> vm_stop. > > >>>> > > >>>> The only permanent vm_stop we'd have is poweroff when -no-shutdown is > > >>>> used. > > >>>> > > >>>> Are you saying that system_reset should be able to recover from that > > >>>> too? > > >>> > > >>> It already does, so we don't have permanent stops. > > >> > > >> Exactly. We just have stops over inconsistent states that require a > > >> reset to continue with anything useful. > > > > > > Yes. If I got you right, you suggest that we do the reset automatically. > > > > > > I think it's better to let the user do it, because s/he might want to > > > do something else before resetting. For example, for the kvm error the > > > user might want to save the vm state. > > > > Associating the reset with a cont means requesting an explicit action > > from the user. I'm not suggesting to do the reset when the stop state is > > entered. > > I see. But automatically resetting on cont might be unexpected to the > user, even on a bad state.
I use this feature a lot in testing, i.e. that there is no automatic reset when I run a vm with -no-shutdown and I do a guest initiated shutdown. Very convenient when running with snapshot - great time to do commit ide0. I have a patch I send a month or so ago to make sure you can do this endlessly - currently after the first shutdown the -no-shutdown set flag is reset. > > Another option would be to add a force option to cont, where the reset is > done when the state is invalid (otherwise cont will return an error). > > I still prefer to let the user do it manually though. > > > > For the poweroff case with -no-shutdown it's probably fine, but I don't > > > want to hard code special cases. It's better and easier to treat them all > > > as "require system_reset to recover". > > > > In any case, we need to tag the current state as stopped-and-invalid or > > so vs. a normal stop. That remains a valuable first step. How to deal > > with that information is the second one. >
