On 05.02.20 10:35, Wang, Wei W wrote:> On Wednesday, February 5, 2020 5:23 PM, David Hildenbrand wrote: >> So, if you run a TCG guest and use it with free page reporting, the race is >> possible? So the correctness depends on two dirty bitmaps in the hypervisor >> and how they interact. wow this is fragile. >> > > Not sure how TCG tracks the dirty bits. But In whatever implementation, the hypervisor should haveThere is only a single bitmap for that purpose. (well, the one where KVM syncs to)> already dealt with the race between he current round and the previous round dirty recording. > (the race isn't brought by this feature essentially)It is guaranteed to work reliably without this feature as you only clear what *has been migrated*, not what your guest thinks should not been migrated at one point and decides differently at another point. The race is bought forwards by this feature. -- Thanks, David / dhildenb
On Wednesday, February 5, 2020 5:37 PM, David Hildenbrand wrote:> > > > Not sure how TCG tracks the dirty bits. But In whatever > > implementation, the hypervisor should have > > There is only a single bitmap for that purpose. (well, the one where KVM > syncs to) > > > already dealt with the race between he current round and the previous > round dirty recording. > > (the race isn't brought by this feature essentially) > > It is guaranteed to work reliably without this feature as you only clear what > *has been migrated*,Not "clear what has been migrated" (that skips nothing..) Anyway, it's a hint used for optimization. Best, Wei
On 05.02.20 10:49, Wang, Wei W wrote:> On Wednesday, February 5, 2020 5:37 PM, David Hildenbrand wrote: >>> >>> Not sure how TCG tracks the dirty bits. But In whatever >>> implementation, the hypervisor should have >> >> There is only a single bitmap for that purpose. (well, the one where KVM >> syncs to) >> >>> already dealt with the race between he current round and the previous >> round dirty recording. >>> (the race isn't brought by this feature essentially) >> >> It is guaranteed to work reliably without this feature as you only clear what >> *has been migrated*, > > Not "clear what has been migrated" (that skips nothing..) > Anyway, it's a hint used for optimization.Yes, an optimization that might easily lead to data corruption when the two bitmaps are either not in place or don't play along in that specific way (and I suspect this is the case under TCG). -- Thanks, David / dhildenb