From: "Michael S. Tsirkin" <mst@redhat.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Huangweidong (C)" <weidong.huang@huawei.com>,
"gleb@redhat.com" <gleb@redhat.com>,
Radim Krcmar <rkrcmar@redhat.com>,
"qemu-devel@nongnu.org" <qemu-devel@nongnu.org>,
"Gonglei (Arei)" <arei.gonglei@huawei.com>,
"avi.kivity@gmail.com" <avi.kivity@gmail.com>,
"Herongguang (Stephen)" <herongguang.he@huawei.com>
Subject: Re: [Qemu-devel] [RFC] vhost: Can we change synchronize_rcu to call_rcu in vhost_set_memory() in vhost kernel module?
Date: Mon, 12 May 2014 15:12:52 +0300 [thread overview]
Message-ID: <20140512121252.GA16576@redhat.com> (raw)
In-Reply-To: <5370B48B.6080001@redhat.com>
On Mon, May 12, 2014 at 01:46:19PM +0200, Paolo Bonzini wrote:
> Il 12/05/2014 13:07, Michael S. Tsirkin ha scritto:
> >On Mon, May 12, 2014 at 12:25:35PM +0200, Paolo Bonzini wrote:
> >>Il 12/05/2014 12:18, Michael S. Tsirkin ha scritto:
> >>>On Mon, May 12, 2014 at 12:14:25PM +0200, Paolo Bonzini wrote:
> >>>>Il 12/05/2014 12:08, Michael S. Tsirkin ha scritto:
> >>>>>On Mon, May 12, 2014 at 11:57:32AM +0200, Paolo Bonzini wrote:
> >>>>>>Perhaps we can check for cases where only the address is changing,
> >>>>>>and poke at an existing struct kvm_kernel_irq_routing_entry without
> >>>>>>doing any RCU synchronization?
> >>>>>
> >>>>>I suspect interrupts can get lost then: e.g. if address didn't match any
> >>>>>cpus, now it matches some. No?
> >>>>
> >>>>Can you explain the problem more verbosely? :)
> >>>>
> >>>>Multiple writers would still be protected by the mutex, so you
> >>>>cannot have an "in-place update" writer racing with a "copy the
> >>>>array" writer.
> >>>
> >>>I am not sure really.
> >>>I'm worried about reader vs writer.
> >>>If reader sees a stale msi value msi will be sent to a wrong
> >>>address.
> >>
> >>That shouldn't happen on any cache-coherent system, no?
> >>
> >>Or at least, it shouldn't become any worse than what can already
> >>happen with RCU.
> >
> >Meaning guest must do some synchronization anyway?
>
> Yes, I think so. The simplest would be to mask the interrupt around
> MSI configuration changes. Radim was looking at a similar bug.
Was this with classic assignment or with vfio?
> He
> couldn't replicate on bare metal, but I don't see why it shouldn't
> be possible there too.
I doubt linux does something tricky here, so
I'm not talking about something linux guest does,
I'm talking about an abstract guarantee of the
APIC. If baremetal causes a synchronisation point
and we don't, at some point linux will use it and
this will bite us.
> >But I am not sure this works correctly in all cases,
> >synchronization with guest VCPU does not have to be
> >the same thing as synchronization with host CPU.
> >For example, can not guest VCPU1 detect that
> >VCPU2 is idle and avoid any synchronization?
>
> So guest VCPU1 would be the one that sets the MSI word, and VCPU2
> would be the old destination? That would also be racy, the moment
> after you "check that VCPU2 is idle" an interrupt could come in and
> the VCPU wouldn't be idle anymore.
True but I was talking about something like RCU in guest so
that's not a problem: you check after update.
If it's idle you know next interrupt will be the new one.
> >In any case I'd like to see a patch like this
> >accompanied by some argument explaining why it's
> >a safe thing to do.
>
> Yes, of course.
>
> Paolo
next prev parent reply other threads:[~2014-05-12 12:14 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-09 1:57 [Qemu-devel] [RFC] vhost: Can we change synchronize_rcu to call_rcu in vhost_set_memory() in vhost kernel module? Gonglei (Arei)
2014-05-09 8:14 ` Paolo Bonzini
2014-05-09 9:04 ` Gonglei (Arei)
2014-05-09 9:53 ` Paolo Bonzini
2014-05-12 9:28 ` Gonglei (Arei)
2014-05-12 9:57 ` Paolo Bonzini
2014-05-12 10:08 ` Michael S. Tsirkin
2014-05-12 10:14 ` Paolo Bonzini
2014-05-12 10:18 ` Michael S. Tsirkin
2014-05-12 10:25 ` Paolo Bonzini
2014-05-12 11:07 ` Michael S. Tsirkin
2014-05-12 11:46 ` Paolo Bonzini
2014-05-12 12:12 ` Michael S. Tsirkin [this message]
2014-05-12 12:46 ` Paolo Bonzini
2014-05-12 12:53 ` Michael S. Tsirkin
2014-05-12 13:02 ` Paolo Bonzini
2014-05-12 10:30 ` Michael S. Tsirkin
2014-05-13 7:03 ` Gonglei (Arei)
2014-05-13 8:21 ` Michael S. Tsirkin
2014-05-13 7:01 ` Gonglei (Arei)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140512121252.GA16576@redhat.com \
--to=mst@redhat.com \
--cc=arei.gonglei@huawei.com \
--cc=avi.kivity@gmail.com \
--cc=gleb@redhat.com \
--cc=herongguang.he@huawei.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=rkrcmar@redhat.com \
--cc=weidong.huang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).