|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] libxl: error when destroying domain on NetBSD
2011/12/2 Ian Campbell <Ian.Campbell@xxxxxxxxxx>: > On Fri, 2011-12-02 at 10:29 +0000, Roger Pau Monnà wrote: >> 2011/12/2 Ian Campbell <Ian.Campbell@xxxxxxxxxx>: >> > libxl_destroy_domain should be called with force = 1 in the main_destroy >> > case, I suspect. Does that cause the scripts to be run? >> >> Well, with force = 1 hotplug scripts are executed, but devices are >> still busy and they cannot be disconnected (mainly vnd). Also crashed >> the server, but that's NetBSD buggy vnd driver problem. Seeing the >> execution order in libxl_domain_destroy, shouldn't we first destroy >> the domain (xc_domain_destroy) and then remove the devices? > > In the force case, yes, I expect so. > > In the non-force case you want to let the guest shutdown its devices > gracefully so you would do devices first. > > However I'm not entirely sure that a non-forced libxl_domain_destroy > makes much sense. The callsites are: > >   Â* handle_domain_death: The guest has already shutdown at this >    Âpoint. Nothing graceful can happen. >   Â* create_domain: We have failed to start the guest, no chance of >    Âgraceful shutdown. >   Â* destroy_domain: Semantics are explicitly the force case. >   Â* save_domain: Domain has already suspended. There's nothing which >    Âcan be done gracefully. >   Â* migrate_domain: Already forced, domain is gone already, no >    Âchance of a graceful shutdown. >   Â* migrate_receive: Already forced, we have failed to receive the >    Âdomain, no possibility of a graceful shutdown. >   Â* libxl_domain_create, on the failure path so no need for a >    Âgraceful option. >   Â* libxl__destroy_device_model. Maybe this should be doing a >    Âgraceful shutdown but in that case it should either be calling >    Âlibxl_domain_shutdown or writing the qemu-dm control node and >    Âwaiting, at which point after some timeout perhaps a forced >    Âshutdown would be appropriate. > > So it seems to me that the non-forced option in libxl_domain_destroy can > be removed and we should just shoot the domain and then forcibly > teardown the backends, running script as necessary. > > The only wrinkle is the stub device-model case but really that's already > a special domain and should be treated as such. > > Does that make sense to anyone else? > > Ian. > Well, I think I found the underlying problem that was preventing NetBSD from correctly detaching vnd devices when destroying a domain, the frontend state needs to be manually set to 6 (/local/domain/<domid>/device/vbd/<devid>/state and the same for vif to be more "correct") so the kernel closes the device and it can then be correctly unmounted. I will prepare a patch (or a series) to adress this, and change libxl_domain_destroy to use the force when called. Thanks, Roger. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |