On Sun, 06 Nov 2022 21:06:43 +0000, Peter Xu <peterx@xxxxxxxxxx> wrote: > > On Sun, Nov 06, 2022 at 08:12:22PM +0000, Marc Zyngier wrote: > > Hi Peter, > > > > On Sun, 06 Nov 2022 16:22:29 +0000, > > Peter Xu <peterx@xxxxxxxxxx> wrote: > > > > > > Hi, Marc, > > > > > > On Sun, Nov 06, 2022 at 03:43:17PM +0000, Marc Zyngier wrote: > > > > > +Note that the bitmap here is only a backup of the ring structure, and > > > > > +normally should only contain a very small amount of dirty pages, which > > > > > > > > I don't think we can claim this. It is whatever amount of memory is > > > > dirtied outside of a vcpu context, and we shouldn't make any claim > > > > regarding the number of dirty pages. > > > > > > The thing is the current with-bitmap design assumes that the two logs are > > > collected in different windows of migration, while the dirty log is only > > > collected after the VM is stopped. So collecting dirty bitmap and sending > > > the dirty pages within the bitmap will be part of the VM downtime. > > > > > > It will stop to make sense if the dirty bitmap can contain a large portion > > > of the guest memory, because then it'll be simpler to just stop the VM, > > > transfer pages, and restart on dest node without any tracking mechanism. > > > > Oh, I absolutely agree that the whole vcpu dirty ring makes zero sense > > in general. It only makes sense if the source of the dirty pages is > > limited to the vcpus, which is literally a corner case. Look at any > > real machine, and you'll quickly realise that this isn't the case, and > > that DMA *is* a huge source of dirty pages. > > > > Here, we're just lucky enough not to have much DMA tracking yet. Once > > that happens (and I have it from people doing the actual work that it > > *is* happening), you'll realise that the dirty ring story is of very > > limited use. So I'd rather drop anything quantitative here, as this is > > likely to be wrong. > > Is it a must that arm64 needs to track device DMAs using the same dirty > tracking interface rather than VFIO or any other interface? What does it change? At the end of the day, you want a list of dirty pages. How you obtain it is irrelevant. > It's > definitely not the case for x86, but if it's true for arm64, then could the > DMA be spread across all the guest pages? If it's also true, I really > don't know how this will work.. Of course, all pages can be the target of DMA. It works the same way it works for the ITS: you sync the state, you obtain the dirty bits, you move on. And mimicking what x86 does is really not my concern (if you still think that arm64 is just another flavour of x86, stay tuned! ;-). > > We're only syncing the dirty bitmap once right now with the protocol. If > that can cover most of the guest mem, it's same as non-live. If we sync it > periodically, then it's the same as enabling dirty-log alone and the rings > are useless. I'm glad that you finally accept it: the ring *ARE* useless in the general sense. Only limited, CPU-only workloads can make any use of the current design. This probably covers a large proportion of what the cloud vendors do, but this doesn't work for general situations where you have a stream of dirty pages originating outside of the CPUs. [...] > > > I wanted to make it clear that we don't need CLEAR_LOG at all in this case, > > > as fundamentally clear log is about re-protect the guest pages, but if > > > we're with the restriction of above (having the dirty bmap the last to > > > collect and once and for all) then it'll make no sense to protect the guest > > > page at all at this stage since src host shouldn't run after the GET_LOG > > > then the CLEAR_LOG will be a vain effort. > > > > That's not for you to decide, but userspace. I can perfectly expect > > userspace saving an ITS, getting the bitmap, saving the pages and then > > *clearing the log* before processing the next ITS. Or anything else. > > I think I can get your point on why you're not happy with the document, but > IMHO how we document is one thing, how it'll work is another. I preferred > explicit documentation because it'll help the app developer to support the > interface, also more docs to reference in the future; no strong opinion, > though. Here's my beef with the current documentation: it sets quantitative expectations. This is wrong. It also introduces undefined behaviours where there should be none. This is even worse, because there shouldn't be *any* undefined behaviour today, and I cannot see why the dirty rings would influence this. > However if there's fundamental statement that was literally wrong, then > it's another thing, and we may need to rethink. See above. If the undefined behaviour was just a mistake, let's drop it and move on. If you have spotted something that is indeed an undefined behaviour in using CLEAR_LOG when the VM is stopped, then live migration is already broken on arm64 *today*. And if that's the case, we should fix it now instead of adding the dirty ring stuff. Thanks, M. -- Without deviation from the norm, progress is not possible.