Re: [Qemu-devel] [PATCH 1/3] virtio: Introduce VirtIODevice.broken

[Michael S. Tsirkin]

On Sun, Apr 27, 2014 at 09:34:06AM +0100, Peter Maydell wrote:
> On 27 April 2014 09:29, Michael S. Tsirkin <address@hidden> wrote:
> > On Tue, Apr 22, 2014 at 04:55:15PM +0800, Fam Zheng wrote:
> >> If guest driver behaves abnormally, emulation code could mark the device
> >> as "broken".
> >>
> >> Once "broken" is set, device emulation will typically wait for a reset
> >> command and ignore any other operations, but it could also return error
> >> responds. In other words, whether and how does guest know about this
> >> error status is device specific.
> >>
> >> Signed-off-by: Fam Zheng <address@hidden>
> >
> > I'm assuming the idea is to make debugging guest drivers easier
> > for people not familiar with qemu?
> 
> As a general rule, guests shouldn't be able to cause QEMU to
> just randomly exit. We have a bunch of code in tree which does
> handle guest errors this way, of course, but cleanups to fix it
> are worth having.

OK so by using a wrong address an MMIO handler can e.g. start
MMIO on the device itself instead of doing DMA,
this will cause an infinite loop.
Any idea how to fix this?

> The benefits include that one duff device
> driver doesn't take out your whole VM, that you have a chance
> for a clean shutdown, and reboot might restore the operation of
> the offending device.
> 
> There was a thread about this a little while back.
> 
> thanks
> -- PMM

I agree, but I'd like the change to be done in a way that does not make
debugging harder.

-- 
MST