On 14/01/2020 16:12, Ian Jackson wrote:
> Andrew Cooper writes ("Re: [PATCH 10/12] docs/migration: Specify
> X86_{CPUID,MSR}_POLICY records"):
>> The migration stream is split into records with no playload (markers
>> with external control flow meaning), and data records, which have a payload.
> I remember thinking at the time you specified this (some time ago, in
> migration v2) that this was anomalous.
It was, and remains, very deliberate.
> Whether a record is a marker ought to be inferred from its type.
All records have explicit semantics as specified by their types. This
includes the semantics as to whether it shall have zero or non-zero payload.
A data record with no payload is nonsensical. It is prohibited
specifically because it helps the protocol verification logic spot bugs,
and we really did spot several hypercall (preexiting) and save-side bugs
because of this rule.
If a plausible use for payload-less data appears, then we can take a
judgement call as to whether it outweighs the utility of improved error
detection. Making this change would require a change to the spec, and
an adjustment to the pre-exiting receive side logic.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
