From nobody Wed May 14 12:22:22 2025
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.28
 as permitted sender) client-ip=209.132.183.28;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx1.redhat.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.28 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=fail(p=none dis=none)  header.from=virtuozzo.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by
 mx.zohomail.com
	with SMTPS id 1524063027178172.36233686421747;
 Wed, 18 Apr 2018 07:50:27 -0700 (PDT)
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com
 [10.5.11.16])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id B0CA62F30B9;
	Wed, 18 Apr 2018 14:50:25 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 7EAB881F1B;
	Wed, 18 Apr 2018 14:50:25 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 8E79610481F;
	Wed, 18 Apr 2018 14:50:07 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com
	[10.5.11.11])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id w3IEo500030973 for <libvir-list@listman.util.phx.redhat.com>;
	Wed, 18 Apr 2018 10:50:05 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 24C286C353; Wed, 18 Apr 2018 14:50:05 +0000 (UTC)
Received: from mx1.redhat.com (ext-mx08.extmail.prod.ext.phx2.redhat.com
	[10.5.110.32])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 13FB075CFC
	for <libvir-list@redhat.com>; Wed, 18 Apr 2018 14:49:34 +0000 (UTC)
Received: from relay.sw.ru (relay.sw.ru [185.231.240.75])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 72FF1C034DF4
	for <libvir-list@redhat.com>; Wed, 18 Apr 2018 14:44:53 +0000 (UTC)
Received: from msk-vpn.virtuozzo.com ([195.214.232.6] helo=dim-vz7.qa.sw.ru)
	by relay.sw.ru with esmtp (Exim 4.90_1)
	(envelope-from <nshirokovskiy@virtuozzo.com>) id 1f8oKI-0002Qh-LQ
	for libvir-list@redhat.com; Wed, 18 Apr 2018 17:44:50 +0300
From: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
To: libvir-list@redhat.com
Date: Wed, 18 Apr 2018 17:44:44 +0300
Message-Id: <1524062684-854425-6-git-send-email-nshirokovskiy@virtuozzo.com>
In-Reply-To: <1524062684-854425-1-git-send-email-nshirokovskiy@virtuozzo.com>
References: <1524062684-854425-1-git-send-email-nshirokovskiy@virtuozzo.com>
X-Greylist: Sender passed SPF test, ACL 227 matched, not delayed by
	milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]);
	Wed, 18 Apr 2018 14:45:14 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com
 [10.5.110.32]);
	Wed, 18 Apr 2018 14:45:14 +0000 (UTC) for IP:'185.231.240.75'
	DOMAIN:'relay.sw.ru' HELO:'relay.sw.ru'
	FROM:'nshirokovskiy@virtuozzo.com' RCPT:''
X-RedHat-Spam-Score: -0.001 (SPF_PASS) 185.231.240.75 relay.sw.ru
	185.231.240.75 relay.sw.ru <nshirokovskiy@virtuozzo.com>
X-Scanned-By: MIMEDefang 2.78 on 10.5.110.32
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH REBASE 5/5] qemu: fix races in beingDestroyed usage
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16
X-Greylist: Sender IP whitelisted,
 not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]);
 Wed, 18 Apr 2018 14:50:26 +0000 (UTC)
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Clearing beingDestroyed right after acquiring job condition is racy.
It is not known when EOF will be delivired. Let's keep this flag
set. This makes possible to make a clear distinction between monitor
errors/eofs and domain being destroyed in qemuDomainObjWait.

Also let's move setting destroyed flag out of qemuProcessBeginStopJob
as the function is called from eof handler too.

Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
---
 src/qemu/qemu_domain.c  |  4 ++--
 src/qemu/qemu_domain.h  |  2 +-
 src/qemu/qemu_driver.c  |  8 +++++++-
 src/qemu/qemu_process.c | 24 ++++++++++++------------
 4 files changed, 22 insertions(+), 16 deletions(-)

diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 1f40ff1..431901c 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -11913,9 +11913,9 @@ qemuDomainObjWait(virDomainObjPtr vm, unsigned long=
 long until)
         return -1;
     }
=20
-    if (!virDomainObjIsActive(vm)) {
+    if (priv->destroyed) {
         virReportError(VIR_ERR_OPERATION_FAILED, "%s",
-                       _("domain is not running"));
+                       _("domain is destroyed"));
         return -1;
     }
=20
diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h
index 494ed35..69112ea 100644
--- a/src/qemu/qemu_domain.h
+++ b/src/qemu/qemu_domain.h
@@ -269,7 +269,7 @@ struct _qemuDomainObjPrivate {
     bool agentError;
=20
     bool gotShutdown;
-    bool beingDestroyed;
+    bool destroyed;
     char *pidfile;
=20
     virDomainPCIAddressSetPtr pciaddrs;
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 03969d8..4356c0d 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -2227,7 +2227,13 @@ qemuDomainDestroyFlags(virDomainPtr dom,
     state =3D virDomainObjGetState(vm, &reason);
     starting =3D (state =3D=3D VIR_DOMAIN_PAUSED &&
                 reason =3D=3D VIR_DOMAIN_PAUSED_STARTING_UP &&
-                !priv->beingDestroyed);
+                !priv->destroyed);
+
+    /* We need to prevent monitor EOF callback from doing our work (and
+     * sending misleading events) while the vm is unlocked inside
+     * BeginJob/ProcessKill API
+     */
+    priv->destroyed =3D true;
=20
     if (qemuProcessBeginStopJob(driver, vm, QEMU_JOB_DESTROY,
                                 !(flags & VIR_DOMAIN_DESTROY_GRACEFUL)) < =
0)
diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index d76809e..689fc8b 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -143,8 +143,8 @@ qemuProcessHandleAgentEOF(qemuAgentPtr agent,
         goto unlock;
     }
=20
-    if (priv->beingDestroyed) {
-        VIR_DEBUG("Domain is being destroyed, agent EOF is expected");
+    if (priv->destroyed) {
+        VIR_DEBUG("Domain is destroyed, agent EOF is expected");
         goto unlock;
     }
=20
@@ -286,6 +286,7 @@ qemuProcessNotifyMonitorError(virDomainObjPtr vm,
     virFreeError(err);
 }
=20
+
 /*
  * This is a callback registered with a qemuMonitorPtr instance,
  * and to be invoked when the monitor console hits an end of file
@@ -308,8 +309,8 @@ qemuProcessHandleMonitorEOF(qemuMonitorPtr mon,
     VIR_DEBUG("Received EOF on %p '%s'", vm, vm->def->name);
=20
     priv =3D vm->privateData;
-    if (priv->beingDestroyed) {
-        VIR_DEBUG("Domain is being destroyed, EOF is expected");
+    if (priv->destroyed) {
+        VIR_DEBUG("Domain is destroyed, EOF is expected");
         goto cleanup;
     }
=20
@@ -5750,6 +5751,7 @@ qemuProcessPrepareDomain(virQEMUDriverPtr driver,
     virResetError(&priv->monError);
     priv->monStart =3D 0;
     priv->gotShutdown =3D false;
+    priv->destroyed =3D false;
=20
     VIR_DEBUG("Updating guest CPU definition");
     if (qemuProcessUpdateGuestCPU(vm->def, priv->qemuCaps, caps, flags) < =
0)
@@ -6490,16 +6492,9 @@ qemuProcessBeginStopJob(virQEMUDriverPtr driver,
                         qemuDomainJob job,
                         bool forceKill)
 {
-    qemuDomainObjPrivatePtr priv =3D vm->privateData;
     unsigned int killFlags =3D forceKill ? VIR_QEMU_PROCESS_KILL_FORCE : 0;
     int ret =3D -1;
=20
-    /* We need to prevent monitor EOF callback from doing our work (and
-     * sending misleading events) while the vm is unlocked inside
-     * BeginJob/ProcessKill API
-     */
-    priv->beingDestroyed =3D true;
-
     if (qemuProcessKill(vm, killFlags) < 0)
         goto cleanup;
=20
@@ -6509,7 +6504,6 @@ qemuProcessBeginStopJob(virQEMUDriverPtr driver,
     ret =3D 0;
=20
  cleanup:
-    priv->beingDestroyed =3D false;
     return ret;
 }
=20
@@ -7088,6 +7082,12 @@ qemuProcessAutoDestroy(virDomainObjPtr dom,
=20
     VIR_DEBUG("Killing domain");
=20
+    /* We need to prevent monitor EOF callback from doing our work (and
+     * sending misleading events) while the vm is unlocked inside
+     * BeginJob/ProcessKill API
+     */
+    priv->destroyed =3D true;
+
     if (qemuProcessBeginStopJob(driver, dom, QEMU_JOB_DESTROY, true) < 0)
         return;
=20
--=20
1.8.3.1

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list