[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [qemu-s390x] [PATCH v2] s390x/tod: Properly stop the KVM TOD while t
|
From: |
Cornelia Huck |
|
Subject: |
Re: [qemu-s390x] [PATCH v2] s390x/tod: Properly stop the KVM TOD while the guest is not running |
|
Date: |
Thu, 29 Nov 2018 11:18:21 +0100 |
On Wed, 28 Nov 2018 10:59:39 +0100
David Hildenbrand <address@hidden> wrote:
> Just like on other architectures, we should stop the clock while the guest
> is not running. This is already properly done for TCG. Right now, doing an
> offline migration (stop, migrate, cont) can easily trigger stalls in the
> guest.
>
> Even doing a
> (hmp) stop
> ... wait 2 minutes ...
> (hmp) cont
> will already trigger stalls.
>
> So whenever the guest stops, backup the KVM TOD. When continuing to run
> the guest, restore the KVM TOD.
>
> One special case is starting a simple VM: Reading the TOD from KVM to
> stop it right away until the guest is actually started means that the
> time of any simple VM will already differ to the host time. We can
> simply leave the TOD running and the guest won't be able to recognize
> it.
>
> For migration, we actually want to keep the TOD stopped until really
> starting the guest. To be able to catch most errors, we should however
> try to set the TOD in addition to simply storing it. So we can still
> catch basic migration problems.
>
> If anything goes wrong while backing up/restoring the TOD, we have to
> ignore it (but print a warning). This is then basically a fallback to
> old behavior (TOD remains running).
>
> I tested this very basically with an initrd:
> 1. Start a simple VM. Observed that the TOD is kept running. Old
> behavior.
> 2. Ordinary live migration. Observed that the TOD is temporarily
> stopped on the destination when setting the new value and
> correctly started when finally starting the guest.
> 3. Offline live migration. (stop, migrate, cont). Observed that the
> TOD will be stopped on the source with the "stop" command. On the
> destination, the TOD is temporarily stopped when setting the new
> value and correctly started when finally starting the guest via
> "cont".
> 4. Simple stop/cont correctly stops/starts the TOD. (multiple stops
> or conts in a row have no effect, so works as expected)
>
> In the future, we might want to send the guest a special kind of time sync
> interrupt under some conditions, so it can synchronize its tod to the
> host tod. This is interesting for migration scenarios but also when we
> get time sync interrupts ourselves. This however will most probably have
> to be handled in KVM (e.g. when the tods differ too much) and is not
> desired e.g. when debugging the guest. (single stepping should not
I'll drop the period after 'guest' when applying.
> result in permanent time syncs). I consider something like that an add-on
> on top of this basic "don't break the guest" handling.
>
> Signed-off-by: David Hildenbrand <address@hidden>
> ---
>
> v1 -> v2:
> - Add time sync idea suggested by Christian to description
> - Drop one unnecessary "return"
> - Register in realize() and not in instance_init()
>
>
> hw/s390x/tod-kvm.c | 91 +++++++++++++++++++++++++++++++++++++++++-
> hw/s390x/tod.c | 5 +++
> include/hw/s390x/tod.h | 8 +++-
> 3 files changed, 101 insertions(+), 3 deletions(-)
>
(...)
> +static void kvm_s390_tod_realize(S390TODState *td, Error **errp)
> +{
> + /*
> + * We need to know when the VM gets started/stopped to start/stop the
> TOD.
> + * As we can never have more than one TOD instance (and that will never
> be
> + * removed), registering here and never unregistering is good enough.
> + */
> + qemu_add_vm_change_state_handler(kvm_s390_tod_vm_state_change, td);
> +}
> +
Yes, this should work. If we were really paranoid, we could add some
code that fails realizing a second instance, but that's probably
overkill.
(...)
Patch looks good to me, but I'd like to have a review before queuing.