[libvirt] Re: [Qemu-devel] [PATCH 1/6] Allow multiple monitor devices (v2)
Avi Kivity wrote:
> Fine, let's say we did that, it's *still* racy because at
time 3, the
> guest may hot remove cpu 2 on it's own since the guests VCPUs get to
> run in parallel to the monitor.
A guest can't hotremove a vcpu. It may offline a vcpu, but that's not
the same.
Obviously, if both the guest and the management application can
initiate the same action, then there will be races. But I don't think
that's how things should be -- the guest should request a vcpu to be
removed (or added), management thinks and files forms in triplicate,
then hotadds or hotremoves the vcpu (most likely after it is no longer
needed).
With the proper beaurocracy, there is no race.
You still have the same basic problem:
time 0: (qemu) notify-enable vnc-events
time 1: (qemu) foo <no newline>
time 4: <newline>
time 5: notification: client connected
time 0: vnc client connects
time 2: vnc client disconnects
At time 5, when the management app gets the notification, it cannot make
any assumptions about the state of the system. You still need timestamps.
>
> And even if you somehow eliminate the issue around masking
> notifications, you still have socket buffering that introduces the
> same problem.
If you have one monitor, the problem is much simpler, since events
travelling in the same direction (command acknowledge and a
notification) cannot be reordered. With a command+wait, the problem
is inherent.
Command acknowledge is not an event. Events are out-of-band. Command
completions are in-band. Right now, they are synchronous and I expect
that in the short term future, we'll have a non-human monitor mode that
allows commands to be asynchronous.
However, it's a mistake to muddle the distinction between an in-band
completion and an out-of-band event. You cannot relate the out-of-band
events commands.
>
> The best you can do is stick a time stamp on a notification and make
> sure the management tool understands that the notification is
> reflectively of the state when the event happened, not of the current
> state.
Timestamps are really bad. They don't work at all if the management
application is not on the same host. They work badly if it is on the
same host, since commands and events will be timestamped at different
processes.
Timestamps are relative, not absolutely. They should not be used to
associate anything with the outside world. In fact, I have no problem
making the timestamps relative to QEMU startup just to ensure that noone
tries to do something silly like associate notification timestamps with
system time.
> FWIW, this problem is not at all unique to QEMU and is generally
true
> of most protocols that support an out-of-band notification mechanism.
>
command+wait makes it worse. Let's stick with established practice.
What's the established practice? Do you know of any protocol that is
line based that does notifications like this?
IMAP IDLE is pretty close to "wait-forever".
Regards,
Anthony Liguori
--
Regards,
Anthony Liguori