Development discussions about virtio-fs
 help / color / mirror / Atom feed
From: Stefan Hajnoczi <stefanha@redhat.com>
To: Peter Xu <peterx@redhat.com>
Cc: "Alexandr Moshkov" <dtalexundeer@yandex-team.ru>,
	qemu-devel@nongnu.org, "Gonglei (Arei)" <arei.gonglei@huawei.com>,
	"Zhenwei Pi" <pizhenwei@bytedance.com>,
	"Michael S. Tsirkin" <mst@redhat.com>,
	"Stefano Garzarella" <sgarzare@redhat.com>,
	"Raphael Norwitz" <raphael@enfabrica.net>,
	"Kevin Wolf" <kwolf@redhat.com>,
	"Hanna Reitz" <hreitz@redhat.com>,
	"Jason Wang" <jasowang@redhat.com>,
	"Paolo Bonzini" <pbonzini@redhat.com>,
	"Fam Zheng" <fam@euphon.net>,
	"Alex Bennée" <alex.bennee@linaro.org>,
	mzamazal@redhat.com, "Fabiano Rosas" <farosas@suse.de>,
	qemu-block@nongnu.org, virtio-fs@lists.linux.dev,
	"yc-core@yandex-team.ru" <yc-core@yandex-team.ru>,
	"Eric Blake" <eblake@redhat.com>,
	"Markus Armbruster" <armbru@redhat.com>
Subject: Re: [PATCH v6 4/5] vhost: add vmstate for inflight region with inner buffer
Date: Wed, 14 Jan 2026 16:38:17 -0500	[thread overview]
Message-ID: <20260114213817.GA622013@fedora> (raw)
In-Reply-To: <aWfrT6JOMm9MGoIw@x1.local>

[-- Attachment #1: Type: text/plain, Size: 2796 bytes --]

On Wed, Jan 14, 2026 at 02:15:27PM -0500, Peter Xu wrote:
> On Tue, Jan 13, 2026 at 02:58:17PM +0500, Alexandr Moshkov wrote:
> > Prepare for future inflight region migration for vhost-user-blk.
> > We need to migrate size, queue_size, and inner buffer.
> > 
> > So firstly it migrate size and queue_size fields, then allocate memory for buffer with
> > migrated size, then migrate inner buffer itself.
> > 
> > Signed-off-by: Alexandr Moshkov <dtalexundeer@yandex-team.ru>
> > ---
> >  hw/virtio/vhost.c         | 57 +++++++++++++++++++++++++++++++++++++++
> >  include/hw/virtio/vhost.h |  6 +++++
> >  2 files changed, 63 insertions(+)
> > 
> > diff --git a/hw/virtio/vhost.c b/hw/virtio/vhost.c
> > index c46203eb9c..f655c53b67 100644
> > --- a/hw/virtio/vhost.c
> > +++ b/hw/virtio/vhost.c
> > @@ -2028,6 +2028,63 @@ const VMStateDescription vmstate_backend_transfer_vhost_inflight = {
> >      }
> >  };
> >  
> > +static int vhost_inflight_buffer_pre_load(void *opaque, Error **errp)
> > +{
> > +    info_report("vhost_inflight_region_buffer_pre_load");
> > +    struct vhost_inflight *inflight = opaque;
> > +
> > +    int fd = -1;
> > +    void *addr = qemu_memfd_alloc("vhost-inflight", inflight->size,
> > +                                  F_SEAL_GROW | F_SEAL_SHRINK | F_SEAL_SEAL,
> > +                                  &fd, errp);
> > +    if (*errp) {
> > +        return -ENOMEM;
> > +    }
> > +
> > +    inflight->offset = 0;
> > +    inflight->addr = addr;
> > +    inflight->fd = fd;
> > +
> > +    return 0;
> > +}
> > +
> > +const VMStateDescription vmstate_vhost_inflight_region_buffer = {
> > +    .name = "vhost-inflight-region/buffer",
> > +    .pre_load_errp = vhost_inflight_buffer_pre_load,
> > +    .fields = (const VMStateField[]) {
> > +        VMSTATE_VBUFFER_UINT64(addr, struct vhost_inflight, 0, NULL, size),
> > +        VMSTATE_END_OF_LIST()
> > +    }
> > +};
> > +
> > +static int vhost_inflight_region_post_load(void *opaque,
> > +                                           int version_id,
> > +                                           Error **errp)
> > +{
> > +    struct vhost_inflight *inflight = opaque;
> > +
> > +    if (inflight->addr == NULL) {
> 
> IIUC this can never happen because pre_load() must trigger before
> post_load(), and when reaching post_load() it means pre_load() must have
> succeeded..
> 
> So, IIUC we can drop this post_load() completely (or assert addr in
> pre_load instead).

I asked for this input validation check. If the migration stream is
inconsistent (e.g. broken or malicious source QEMU), then the subsection
might be missing but size could be non-zero. The destination QEMU should
fail cleanly and not run into undefined behavior.

Stefan

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

  reply	other threads:[~2026-01-14 21:38 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-01-13  9:58 [PATCH v6 0/5] support inflight migration Alexandr Moshkov
2026-01-13  9:58 ` [PATCH v6 1/5] vhost-user.rst: specify vhost-user back-end action on GET_VRING_BASE Alexandr Moshkov
2026-01-13  9:58 ` [PATCH v6 2/5] vhost-user: introduce protocol feature for skip drain " Alexandr Moshkov
2026-01-13 18:00   ` Stefan Hajnoczi
2026-01-13  9:58 ` [PATCH v6 3/5] vmstate: introduce VMSTATE_VBUFFER_UINT64 Alexandr Moshkov
2026-01-13  9:58 ` [PATCH v6 4/5] vhost: add vmstate for inflight region with inner buffer Alexandr Moshkov
2026-01-14 19:15   ` Peter Xu
2026-01-14 21:38     ` Stefan Hajnoczi [this message]
2026-01-14 21:57       ` Peter Xu
2026-01-13  9:58 ` [PATCH v6 5/5] vhost-user-blk: support inter-host inflight migration Alexandr Moshkov
2026-01-14 12:26   ` Peter Xu
2026-01-13 18:12 ` [PATCH v6 0/5] support " Stefan Hajnoczi
2026-01-13 18:56   ` Peter Xu
2026-01-14  6:19     ` Vladimir Sementsov-Ogievskiy
2026-01-14 12:22       ` Peter Xu
2026-01-14 14:35         ` Vladimir Sementsov-Ogievskiy
2026-01-14 15:17           ` Peter Xu
2026-01-14 17:54             ` Vladimir Sementsov-Ogievskiy
2026-01-14 19:10               ` Peter Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260114213817.GA622013@fedora \
    --to=stefanha@redhat.com \
    --cc=alex.bennee@linaro.org \
    --cc=arei.gonglei@huawei.com \
    --cc=armbru@redhat.com \
    --cc=dtalexundeer@yandex-team.ru \
    --cc=eblake@redhat.com \
    --cc=fam@euphon.net \
    --cc=farosas@suse.de \
    --cc=hreitz@redhat.com \
    --cc=jasowang@redhat.com \
    --cc=kwolf@redhat.com \
    --cc=mst@redhat.com \
    --cc=mzamazal@redhat.com \
    --cc=pbonzini@redhat.com \
    --cc=peterx@redhat.com \
    --cc=pizhenwei@bytedance.com \
    --cc=qemu-block@nongnu.org \
    --cc=qemu-devel@nongnu.org \
    --cc=raphael@enfabrica.net \
    --cc=sgarzare@redhat.com \
    --cc=virtio-fs@lists.linux.dev \
    --cc=yc-core@yandex-team.ru \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox