On 07/15/20 15:43, Igor Mammedov wrote: > On Wed, 15 Jul 2020 14:38:00 +0200 > Laszlo Ersek <[email protected]> wrote: > >> On 07/14/20 17:19, Igor Mammedov wrote: >>> On Tue, 14 Jul 2020 14:41:28 +0200 >>> Laszlo Ersek <[email protected]> wrote: >>> >>>> On 07/14/20 14:28, Laszlo Ersek wrote: >>>>> (CC'ing Peter Krempa due to virsh setvcpu (singular) / setvcpus (plural) >>>>> references) >>>>> >>>>> On 07/10/20 18:17, Igor Mammedov wrote: >>>>>> In case firmware has negotiated CPU hotplug SMI feature, generate >>>>>> AML to describe SMI IO port region and send SMI to firmware >>>>>> on each CPU hotplug SCI. >>>>>> >>>>>> It might be not really usable, but should serve as a starting point to >>>>>> discuss how better to deal with split hotplug sequence during hot-add >>>>>> ( >>>>>> ex scenario where it will break is: >>>>>> hot-add >>>>>> -> (QEMU) add CPU in hotplug regs >>>>>> -> (QEMU) SCI >>>>>> -1-> (OS) scan >>>>>> -1-> (OS) SMI >>>>>> -1-> (FW) pull in CPU1 *** >>>>>> -1-> (OS) start iterating hotplug regs >>>>>> hot-add >>>>>> -> (QEMU) add CPU in hotplug regs >>>>>> -> (QEMU) SCI >>>>>> -2-> (OS) scan (blocked on mutex till previous scan is >>>>>> finished) >>>>>> -1-> (OS) 1st added CPU1 send device check event -> >>>>>> INIT/SIPI >>>>>> -1-> (OS) 1st added CPU2 send device check event -> >>>>>> INIT/SIPI >>>>>> that's where it explodes, since FW didn't see CPU2 >>>>>> when SMI was called >>>>>> ) >>>>>> >>>>>> hot remove will throw in yet another set of problems, so lets discuss >>>>>> both here and see if we can really share hotplug registers block between >>>>>> FW and AML or we should do something else with it. >>>>> >>>>> This issue is generally triggered by management applications such as >>>>> libvirt that issue device_add commands in quick succession. For libvirt, >>>>> the command is "virsh setvcpus" (plural) with multiple CPUs specified >>>>> for plugging. The singular "virsh setvcpu" command, which is more >>>>> friendly towards guest NUMA, does not run into the symptom. >>>>> >>>>> The scope of the scan method lock is not large enough, with SMI in the >>>>> picture. >>>>> >>>>> I suggest that we not uproot the existing AML code or the hotplug >>>>> register block. Instead, I suggest that we add serialization at a higher >>>>> level, with sufficient scope. >>>>> >>>>> QEMU: >>>>> >>>>> - introduce a new flag standing for "CPU plug operation in progress" >>>>> >>>>> - if ICH9_LPC_SMI_F_BROADCAST_BIT has been negotiated: >>>>> >>>>> - "device_add" and "device_del" should enforce >>>>> ICH9_LPC_SMI_F_CPU_HOTPLUG_BIT and >>>>> ICH9_LPC_SMI_F_CPU_HOT_UNPLUG_BIT, respectively >>>>> >>>>> - both device_add and device_del (for VCPUs) should set check the >>>>> "in progress" flag. >>>>> >>>>> - If set, reject the request synchronously >>>>> >>>>> - Otherwise, set the flag, and commence the operation >>>>> >>>>> - in cpu_hotplug_wr(), where we emit the ACPI_DEVICE_OST event with >>>>> qapi_event_send_acpi_device_ost(), clear the "in-progress" flag. >>>>> >>>>> - If QEMU executes the QMP command processing and the cpu_hotplug_wr() >>>>> function on different (host OS) threads, then perhaps we should use an >>>>> atomic type for the flag. (Not sure about locking between QEMU threads, >>>>> sorry.) I don't really expect race conditions, but in case we ever get >>>>> stuck with the flag, we should make sure that the stuck state is "in >>>>> progress", and not "not in progress". (The former state can prevent >>>>> further plug operations, but cannot cause the guest to lose state.) >>>> >>>> Furthermore, the "CPU plug operation in progress" flag should be: >>>> - either migrated, >>>> - or a migration blocker. >>>> >>>> Because on the destination host, device_add should be possible if and >>>> only if the plug operation completed (either still on the source host, >>>> or on the destination host). >>> >>> I have a way more simple alternative idea, which doesn't involve libvirt. >>> >>> We can change AML to >>> 1. cache hotplugged CPUs from controller >>> 2. send SMI >>> 3. send Notify event to OS to online cached CPUs >>> this way we never INIT/SIPI cpus that FW hasn't seen yet >>> as for FW, it can relocate extra CPU that arrived after #1 >>> it won't cause any harm as on the next SCI AML will pick up those >>> CPUs and SMI upcall will be just NOP. >>> >>> I'll post a patch here on top of this series for you to try >>> (without any of your comments addressed yet, as it's already written >>> and I was testing it for a while to make sure it won't explode >>> with various windows versions) >> >> Sounds good, I'll be happy to test it. >> >> Indeed "no event" is something that the fw deals with gracefully. (IIRC >> I wanted to cover a "spurious SMI" explicitly.) > is it possible to distinguish "spurious SMI" vs hotplug SMI, > if yes then we probably do not care about any other SMIs except hotplug one.
Sorry, I was unclear. By "spurious SMI", I meant that the hotplug SMI (command value 4) is raised, but then the hotplug register block reports no CPUs with pending events. The fw code handles that. > >> It didn't occur to me that you could dynamically size e.g. a package >> object in AML. Based on my reading of the ACPI spec, "VarPackageOp" can >> take a *runtime* "NumElements", so if you did two loops, the first loop >> could count the pending stuff, and then a VarPackageOp could be used >> with just the right NumElements... Anyway, I digress :) > > well, it's mine field since Windows implement only a subset of spec > and VarPackageOp is not avalable on all version that support hotplug. Ugh. :/ > I think, I've narrowed language down to supported subset, so I need > to complete another round of testing to see if I didn't break anything > by accident. Thanks. Laszlo > >>> >>>> I guess that the "migration blocker" option is easier. >>>> >>>> Anyway I assume this is already handled with memory hotplug somehow >>>> (i.e., migration attempt between device_add and ACPI_DEVICE_OST). >>> >>> Thanks for comments, >>> I'll need some time to ponder on other comments and do some >>> palaeontology research to answer questions >>> (aka. I need to make up excuses for the code I wrote :) ) >> >> haha, thanks :) >> Laszlo >
