From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:43576)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <den@openvz.org>) id 1Zgnh9-0001U0-KG
	for qemu-devel@nongnu.org; Tue, 29 Sep 2015 01:43:20 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <den@openvz.org>) id 1Zgnh6-0000hn-9m
	for qemu-devel@nongnu.org; Tue, 29 Sep 2015 01:43:19 -0400
Received: from mx2.parallels.com ([199.115.105.18]:51722)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <den@openvz.org>) id 1Zgnh6-0000gu-3x
	for qemu-devel@nongnu.org; Tue, 29 Sep 2015 01:43:16 -0400
References: <1443440518-4384-1-git-send-email-den@openvz.org>
	<20150929051323.GA21612@grmbl.mre>
From: "Denis V. Lunev" <den@openvz.org>
Message-ID: <560A24E5.60108@openvz.org>
Date: Tue, 29 Sep 2015 08:43:01 +0300
MIME-Version: 1.0
In-Reply-To: <20150929051323.GA21612@grmbl.mre>
Content-Type: text/plain; charset="windows-1252"; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 1/1] migration: fix deadlock
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Amit Shah <amit.shah@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>, Juan Quintela <quintela@redhat.com>, qemu-devel@nongnu.org, Anna Melekhova <annam@virtuozzo.com>

On 09/29/2015 08:13 AM, Amit Shah wrote:
> There have been multiple versions of this patch on the list, can you
> please annotate that this is v3 so it supersedes the earlier v2?
>
> Also, please include a changelog in the description in patch 0 so we
> know what happened between the various versions.
>
> Thanks,
>
> On (Mon) 28 Sep 2015 [14:41:58], Denis V. Lunev wrote:
>> Release qemu global mutex before call synchronize_rcu().
>> synchronize_rcu() waiting for all readers to finish their critical
>> sections. There is at least one critical section in which we try
>> to get QGM (critical section is in address_space_rw() and
>> prepare_mmio_access() is trying to aquire QGM).
>>
>> Both functions (migration_end() and migration_bitmap_extend())
>> are called from main thread which is holding QGM.
>>
>> Thus there is a race condition that ends up with deadlock:
>> main thread     working thread
>> Lock QGA                |
>> |             Call KVM_EXIT_IO handler
>> |                       |
>> |        Open rcu reader's critical section
>> Migration cleanup bh    |
>> |                       |
>> synchronize_rcu() is    |
>> waiting for readers     |
>> |            prepare_mmio_access() is waiting for QGM
>>    \                   /
>>           deadlock
>>
>> The patch changes bitmap freeing from direct g_free after synchronize_rcu
>> to free inside call_rcu.
>>
>> Signed-off-by: Denis V. Lunev <den@openvz.org>
>> Reported-by: Igor Redko <redkoi@virtuozzo.com>
>> Tested-by: Igor Redko <redkoi@virtuozzo.com>
>> CC: Anna Melekhova <annam@virtuozzo.com>
>> CC: Juan Quintela <quintela@redhat.com>
>> CC: Amit Shah <amit.shah@redhat.com>
>> CC: Paolo Bonzini <pbonzini@redhat.com>
>> CC: Wen Congyang <wency@cn.fujitsu.com>
>> ---
>>   migration/ram.c | 44 +++++++++++++++++++++++++++-----------------
>>   1 file changed, 27 insertions(+), 17 deletions(-)
> 		Amit
this one is correct. I am sorry, I have missed v3 here in the subject.

Den