[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to
|
From: |
Paolo Bonzini |
|
Subject: |
Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize |
|
Date: |
Tue, 17 Sep 2013 18:58:37 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130805 Thunderbird/17.0.8 |
Il 17/09/2013 18:29, Michael S. Tsirkin ha scritto:
> > BTW, qemu_del_nic is another one that I forgot to mention. You could
> > have MMIO that triggers a transmit while the device is going down, for
> > example.
>
> Wait a second. This API simply does not make sense.
> If region is not visible it's MMIO really mustn't trigger,
> exit or no exit. Disabling region and still getting op callbacks
> afterwards is not what any caller of this API expects.
>
> I'm not sure what to do about the bounce buffer thing
> but it needs to be fixed some other way without
> breaking API.
I don't think it's breaking the API. The very same thing can happen
with RAM. The only difference is that MMIO calls ops.
Also, this problem is subject to race conditions from buggy or
misbehaving guests. If you want to have any hope of breaking devices
free of the BQL and do "simple" register I/O without taking a lock,
there is simply no precise moment to stop MMIO at.
All these problems do not happen in real hardware because real hardware
has buffers between the PHY and DMA circuitries, and because bus master
transactions transfer few bytes at a time (for example in PCI even when
a device does burst transactions, the other party can halt them with
such a small granularity). A device can be quiesced in a matter of
microseconds, and other times (the time for the OS to react to hotplug
requests, the time for the driver to shut down, the time for the human
to physically unplug the connector) can be several order of magnitudes
larger.
Instead we have the opposite scenario, because we want to have as few
buffers as possible and map large amounts of memory (even 4K used by the
bounce buffer is comparatively large) for the host OS's benefit. When
we do so, and the host backend fails (e.g. a disk is on NFS and there is
a networking problem), memory can remain mapped for a long time.
DMA-to-MMIO may be a theoretical problems only, but if we don't cover it
we have a bogus solution to the problem, because exactly the same thing
can and will happen for memory hot-unplug.
Paolo
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, (continued)
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Wenchao Xia, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Paolo Bonzini, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Paolo Bonzini, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Paolo Bonzini, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize,
Paolo Bonzini <=
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Paolo Bonzini, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Paolo Bonzini, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Paolo Bonzini, 2013/09/17
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/18
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Paolo Bonzini, 2013/09/18
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Michael S. Tsirkin, 2013/09/18
- Re: [Qemu-devel] [PATCH v2 00/38] Delay destruction of memory regions to instance_finalize, Paolo Bonzini, 2013/09/18