Re: [PATCH 1/2] migration: Make all helpers in misc.h safe to use without migration

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: "Cédric Le Goater" <clg@redhat.com>
To: Peter Xu <peterx@redhat.com>, qemu-devel@nongnu.org
Cc: Avihai Horon <avihaih@nvidia.com>,
	Alex Williamson <alex.williamson@redhat.com>,
	Fabiano Rosas <farosas@suse.de>,
	"Dr . David Alan Gilbert" <dave@treblig.org>
Subject: Re: [PATCH 1/2] migration: Make all helpers in misc.h safe to use without migration
Date: Tue, 22 Oct 2024 18:11:19 +0200	[thread overview]
Message-ID: <519f0ed8-5346-463b-979a-a4c6f4c38a8b@redhat.com> (raw)
In-Reply-To: <20241022160720.1013543-2-peterx@redhat.com>

On 10/22/24 18:07, Peter Xu wrote:
> Migration object can be freed before some other device codes run, while we
> do have a bunch of migration helpers exported in migration/misc.h that
> logically can be invoked at any time of QEMU, even during destruction of a
> VM.
> 
> Make all these functions safe to be called, especially, not crashing after
> the migration object is freed.
> 
> Add a rich comment in the header explaining how to guarantee thread safe on
> using these functions, and we choose BQL because fundamentally that's how
> it's working now.  We can move to other things (e.g. RCU) whenever
> necessary in the future but it's an overkill if we have BQL anyway in
> most/all existing callers.
> 
> When at it, update some comments, e.g. migrate_announce_params() is

While ?

> exported from options.c now.
> 
> Cc: Cédric Le Goater <clg@redhat.com>
> Cc: Avihai Horon <avihaih@nvidia.com>
> Cc: Fabiano Rosas <farosas@suse.de>
> Cc: Dr. David Alan Gilbert <dave@treblig.org>
> Signed-off-by: Peter Xu <peterx@redhat.com>


Reviewed-by: Cédric Le Goater <clg@redhat.com>

Thanks,

C.


> ---
>   include/migration/misc.h | 33 ++++++++++++++++++++++++++++-----
>   migration/migration.c    | 22 +++++++++++++++++++++-
>   2 files changed, 49 insertions(+), 6 deletions(-)
> 
> diff --git a/include/migration/misc.h b/include/migration/misc.h
> index bfadc5613b..8d6812b8c7 100644
> --- a/include/migration/misc.h
> +++ b/include/migration/misc.h
> @@ -19,8 +19,26 @@
>   #include "qapi/qapi-types-net.h"
>   #include "migration/client-options.h"
>   
> -/* migration/ram.c */
> +/*
> + * Misc migration functions exported to be used in QEMU generic system
> + * code outside migration/.
> + *
> + * By default, BQL is required to use below functions to avoid race
> + * conditions (e.g. concurrent free of the migration object).  It's
> + * caller's responsibility to make sure it's thread safe otherwise when
> + * below helpers are used without BQL held.
> + *
> + * One example of the special case is migration_thread(), who will take a
> + * refcount of the migration object.  The refcount will make sure the
> + * migration object will not be freed concurrently when accessing through
> + * below helpers.
> + *
> + * When unsure, always take BQL first before using the helpers.
> + */
>   
> +/*
> + * migration/ram.c
> + */
>   typedef enum PrecopyNotifyReason {
>       PRECOPY_NOTIFY_SETUP = 0,
>       PRECOPY_NOTIFY_BEFORE_BITMAP_SYNC = 1,
> @@ -43,14 +61,19 @@ void ram_mig_init(void);
>   void qemu_guest_free_page_hint(void *addr, size_t len);
>   bool migrate_ram_is_ignored(RAMBlock *block);
>   
> -/* migration/block.c */
> -
> +/*
> + * migration/options.c
> + */
>   AnnounceParameters *migrate_announce_params(void);
> -/* migration/savevm.c */
>   
> +/*
> + * migration/savevm.c
> + */
>   void dump_vmstate_json_to_file(FILE *out_fp);
>   
> -/* migration/migration.c */
> +/*
> + * migration/migration.c
> + */
>   void migration_object_init(void);
>   void migration_shutdown(void);
>   bool migration_is_idle(void);
> diff --git a/migration/migration.c b/migration/migration.c
> index bcb735869b..27341eed50 100644
> --- a/migration/migration.c
> +++ b/migration/migration.c
> @@ -1121,6 +1121,10 @@ bool migration_is_setup_or_active(void)
>   {
>       MigrationState *s = current_migration;
>   
> +    if (!s) {
> +        return false;
> +    }
> +
>       switch (s->state) {
>       case MIGRATION_STATUS_ACTIVE:
>       case MIGRATION_STATUS_POSTCOPY_ACTIVE:
> @@ -1136,7 +1140,6 @@ bool migration_is_setup_or_active(void)
>   
>       default:
>           return false;
> -
>       }
>   }
>   
> @@ -1685,6 +1688,10 @@ bool migration_is_active(void)
>   {
>       MigrationState *s = current_migration;
>   
> +    if (!s) {
> +        return false;
> +    }
> +
>       return (s->state == MIGRATION_STATUS_ACTIVE ||
>               s->state == MIGRATION_STATUS_POSTCOPY_ACTIVE);
>   }
> @@ -1693,6 +1700,10 @@ bool migration_is_device(void)
>   {
>       MigrationState *s = current_migration;
>   
> +    if (!s) {
> +        return false;
> +    }
> +
>       return s->state == MIGRATION_STATUS_DEVICE;
>   }
>   
> @@ -1700,6 +1711,11 @@ bool migration_thread_is_self(void)
>   {
>       MigrationState *s = current_migration;
>   
> +    /* If no migration object, must not be the migration thread */
> +    if (!s) {
> +        return false;
> +    }
> +
>       return qemu_thread_is_self(&s->thread);
>   }
>   
> @@ -3077,6 +3093,10 @@ void migration_file_set_error(int ret, Error *err)
>   {
>       MigrationState *s = current_migration;
>   
> +    if (!s) {
> +        return;
> +    }
> +
>       WITH_QEMU_LOCK_GUARD(&s->qemu_file_lock) {
>           if (s->to_dst_file) {
>               qemu_file_set_error_obj(s->to_dst_file, ret, err);

next prev parent reply	other threads:[~2024-10-22 16:11 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-10-22 16:07 [PATCH 0/2] Migration: Make misc.h helpers available for whole VM lifecycle Peter Xu
2024-10-22 16:07 ` [PATCH 1/2] migration: Make all helpers in misc.h safe to use without migration Peter Xu
2024-10-22 16:11   ` Cédric Le Goater [this message]
2024-10-22 21:52     ` Peter Xu
2024-10-23  8:30   ` Avihai Horon
2024-10-23 15:14     ` Peter Xu
2024-10-23 15:25       ` Peter Xu
2024-10-22 16:07 ` [PATCH 2/2] migration: Unexport dirty_bitmap_mig_init() in misc.h Peter Xu
2024-10-22 16:13   ` Cédric Le Goater

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=519f0ed8-5346-463b-979a-a4c6f4c38a8b@redhat.com \
    --to=clg@redhat.com \
    --cc=alex.williamson@redhat.com \
    --cc=avihaih@nvidia.com \
    --cc=dave@treblig.org \
    --cc=farosas@suse.de \
    --cc=peterx@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).