From nobody Fri Oct 18 08:43:39 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 8.43.85.245 as permitted sender) client-ip=8.43.85.245;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=fail;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as
 permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=fail(p=none dis=none)  header.from=redhat.com
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by
 mx.zohomail.com
	with SMTPS id 1718291679412483.8251781484091;
 Thu, 13 Jun 2024 08:14:39 -0700 (PDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id BECF6121A; Thu, 13 Jun 2024 11:14:37 -0400 (EDT)
Received: from lists.libvirt.org (localhost [IPv6:::1])
	by lists.libvirt.org (Postfix) with ESMTP id 5B8BCE8B;
	Thu, 13 Jun 2024 11:12:17 -0400 (EDT)
Received: by lists.libvirt.org (Postfix, from userid 996)
	id F111511C0; Thu, 13 Jun 2024 11:12:08 -0400 (EDT)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 131911173
	for <devel@lists.libvirt.org>; Thu, 13 Jun 2024 11:11:59 -0400 (EDT)
Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com
 (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
 cipher=TLS_AES_256_GCM_SHA384) id us-mta-353-Un3Rx3FKP-SaxcEezi-eBg-1; Thu,
 13 Jun 2024 11:11:56 -0400
Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com
 (mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.17])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS
 id 696041956080
	for <devel@lists.libvirt.org>; Thu, 13 Jun 2024 15:11:55 +0000 (UTC)
Received: from speedmetal.lan (unknown [10.45.242.20])
	by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP
 id 82C981956050
	for <devel@lists.libvirt.org>; Thu, 13 Jun 2024 15:11:54 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lists.libvirt.org
X-Spam-Level: ***
X-Spam-Status: No, score=3.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,RCVD_IN_SBL_CSS,SPF_HELO_NONE,
	T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.4
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1718291518;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=IrOfKwBIgnuqFu+AFk7V/UfouLfdXfI22/WFGoFynJ0=;
	b=TupFAUmN6DqDrs8hulye2fkC8g5NwevZfBiNXIrGzUuJbb5UFK7XlY8ZdWsPJfb814avtV
	iSFj/wp+qfHTMMbPdfKhTovlDc62uOaK6OmD3K1+Om4NCkeoK0JucDHReqGQ9HX7cVewDt
	t4dZLAxCPtBYabyWmwmL7YWr9ayWUqU=
X-MC-Unique: Un3Rx3FKP-SaxcEezi-eBg-1
From: Peter Krempa <pkrempa@redhat.com>
To: devel@lists.libvirt.org
Subject: [PATCH 07/12] qemu: process: Ensure that 'beingDestroyed' gets
 cleared only after VM id is reset
Date: Thu, 13 Jun 2024 17:11:39 +0200
Message-ID: 
 <d481df6c6c83d227b3f740a17488abae1b71f27f.1718291410.git.pkrempa@redhat.com>
In-Reply-To: <cover.1718291410.git.pkrempa@redhat.com>
References: <cover.1718291410.git.pkrempa@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: LAGWFRQPQKUOANFUBGCEFJTP4DON2DVA
X-Message-ID-Hash: LAGWFRQPQKUOANFUBGCEFJTP4DON2DVA
X-MailFrom: pkrempa@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-config-1;
 header-match-config-2; header-match-config-3;
 header-match-devel.lists.libvirt.org-0; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 suspicious-header
X-Mailman-Version: 3.2.2
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/LAGWFRQPQKUOANFUBGCEFJTP4DON2DVA/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
X-ZohoMail-DKIM: fail (Header signature does not verify)
X-ZM-MESSAGEID: 1718291680016100001
Content-Type: text/plain; charset="utf-8"

Prevent the possibility that a VM could be considered as alive while
inside qemuProcessStop.

A recently fixed bug which unlocked the domain object while inside
qemuProcessStop showed that there's possibility to confuse the state of
the VM to be considered active while 'qemuProcessStop' is processing
shutdown of the VM. Ensure that this doesn't happen by clearing the
'beingDestroyed' flag only after the VM id is cleared.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 src/qemu/qemu_process.c | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c
index 3187f0a9a2..8736738a5b 100644
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -8413,29 +8413,31 @@ qemuProcessBeginStopJob(virDomainObj *vm,
 {
     qemuDomainObjPrivate *priv =3D vm->privateData;
     unsigned int killFlags =3D forceKill ? VIR_QEMU_PROCESS_KILL_FORCE : 0;
-    int ret =3D -1;

     /* We need to prevent monitor EOF callback from doing our work (and
      * sending misleading events) while the vm is unlocked inside
-     * BeginJob/ProcessKill API
-     */
+     * BeginJob/ProcessKill API or any other code path before 'vm->def->id=
' is
+     * cleared inside qemuProcessStop */
     priv->beingDestroyed =3D true;

     if (qemuProcessKill(vm, killFlags) < 0)
-        goto cleanup;
+        goto error;

     /* Wake up anything waiting on domain condition */
     VIR_DEBUG("waking up all jobs waiting on the domain condition");
     virDomainObjBroadcast(vm);

     if (virDomainObjBeginJob(vm, job) < 0)
-        goto cleanup;
+        goto error;

-    ret =3D 0;
+    /* priv->beingDestroyed is deliberately left set to 'true' here. Caller
+     * is supposed to call qemuProcessStop, which will reset it after
+     * 'vm->def->id' is set to -1 */
+    return 0;

- cleanup:
+ error:
     priv->beingDestroyed =3D false;
-    return ret;
+    return -1;
 }


@@ -8522,7 +8524,13 @@ void qemuProcessStop(virQEMUDriver *driver,

     qemuDBusStop(driver, vm);

+    /* Only after this point we can reset 'priv->beingDestroyed' so that
+     * there's no point at which the VM could be considered as alive betwe=
en
+     * entering the destroy job and this point where the active "flag" is
+     * cleared.
+     */
     vm->def->id =3D -1;
+    priv->beingDestroyed =3D false;

     /* Wake up anything waiting on domain condition */
     virDomainObjBroadcast(vm);
--=20
2.45.2