On 14/01/2020 16:12, Ian Jackson wrote: > Andrew Cooper writes ("Re: [PATCH 10/12] docs/migration: Specify > X86_{CPUID,MSR}_POLICY records"): >> The migration stream is split into records with no playload (markers >> with external control flow meaning), and data records, which have a payload. > I remember thinking at the time you specified this (some time ago, in > migration v2) that this was anomalous.
It was, and remains, very deliberate. > Whether a record is a marker ought to be inferred from its type. All records have explicit semantics as specified by their types. This includes the semantics as to whether it shall have zero or non-zero payload. A data record with no payload is nonsensical. It is prohibited specifically because it helps the protocol verification logic spot bugs, and we really did spot several hypercall (preexiting) and save-side bugs because of this rule. If a plausible use for payload-less data appears, then we can take a judgement call as to whether it outweighs the utility of improved error detection. Making this change would require a change to the spec, and an adjustment to the pre-exiting receive side logic. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel