Timer is a complex struct, allow adding it to a struct that
uses #[derive(ToMigrationState)]; similar to vmstate_timer, only
the expiration time has to be preserved.
In fact, because it is thread-safe, ToMigrationStateShared can
also be implemented without needing a cell or mutex that wraps
the timer.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
rust/hw/timer/hpet/src/device.rs | 1 -
rust/migration/src/migratable.rs | 31 +++++++++++++++++++++++++++++++
rust/util/src/timer.rs | 10 +++++++++-
3 files changed, 40 insertions(+), 2 deletions(-)
diff --git a/rust/hw/timer/hpet/src/device.rs b/rust/hw/timer/hpet/src/device.rs
index 5bcf151a680..373ec37bbd3 100644
--- a/rust/hw/timer/hpet/src/device.rs
+++ b/rust/hw/timer/hpet/src/device.rs
@@ -250,7 +250,6 @@ const fn get_individual_route(&self) -> usize {
}
/// HPET Timer Abstraction
-#[repr(C)]
#[derive(Debug)]
pub struct HPETTimer {
/// timer N index within the timer block (`HPETState`)
diff --git a/rust/migration/src/migratable.rs b/rust/migration/src/migratable.rs
index 02efe31d72c..c82a6b9a7cf 100644
--- a/rust/migration/src/migratable.rs
+++ b/rust/migration/src/migratable.rs
@@ -140,6 +140,26 @@ fn restore_migrated_state_mut(
impl_for_primitive!(u8, u16, u32, u64, i8, i16, i32, i64, bool);
+impl ToMigrationState for util::timer::Timer {
+ type Migrated = i64;
+
+ fn snapshot_migration_state(&self, target: &mut i64) -> Result<(), InvalidError> {
+ // SAFETY: as_ptr() is unsafe to ensure that the caller reasons about
+ // the pinning of the data inside the Opaque<>. Here all we do is
+ // access a field.
+ *target = self.expire_time_ns().unwrap_or(-1);
+ Ok(())
+ }
+
+ fn restore_migrated_state_mut(
+ &mut self,
+ source: Self::Migrated,
+ version_id: u8,
+ ) -> Result<(), InvalidError> {
+ self.restore_migrated_state(source, version_id)
+ }
+}
+
impl<T: ToMigrationState, const N: usize> ToMigrationState for [T; N]
where
[T::Migrated; N]: Default,
@@ -237,6 +257,17 @@ fn restore_migrated_state(
) -> Result<(), InvalidError>;
}
+impl ToMigrationStateShared for util::timer::Timer {
+ fn restore_migrated_state(&self, source: i64, _version_id: u8) -> Result<(), InvalidError> {
+ if source >= 0 {
+ self.modify(source as u64);
+ } else {
+ self.delete();
+ }
+ Ok(())
+ }
+}
+
impl<T: ToMigrationStateShared, const N: usize> ToMigrationStateShared for [T; N]
where
[T::Migrated; N]: Default,
diff --git a/rust/util/src/timer.rs b/rust/util/src/timer.rs
index 829f52d111e..4109d84c398 100644
--- a/rust/util/src/timer.rs
+++ b/rust/util/src/timer.rs
@@ -10,7 +10,8 @@
use common::{callbacks::FnCall, Opaque};
use crate::bindings::{
- self, qemu_clock_get_ns, timer_del, timer_init_full, timer_mod, QEMUClockType,
+ self, qemu_clock_get_ns, timer_del, timer_expire_time_ns, timer_init_full, timer_mod,
+ QEMUClockType,
};
/// A safe wrapper around [`bindings::QEMUTimer`].
@@ -88,6 +89,13 @@ pub fn init_full<T, F>(
}
}
+ pub fn expire_time_ns(&self) -> Option<i64> {
+ // SAFETY: the only way to obtain a Timer safely is via methods that
+ // take a Pin<&mut Self>, therefore the timer is pinned
+ let ret = unsafe { timer_expire_time_ns(self.as_ptr()) };
+ i64::try_from(ret).ok()
+ }
+
pub fn modify(&self, expire_time: u64) {
// SAFETY: the only way to obtain a Timer safely is via methods that
// take a Pin<&mut Self>, therefore the timer is pinned
--
2.51.1On Mon, Nov 17, 2025 at 09:47:51AM +0100, Paolo Bonzini wrote:
> Date: Mon, 17 Nov 2025 09:47:51 +0100
> From: Paolo Bonzini <pbonzini@redhat.com>
> Subject: [PATCH 4/5] rust: migration: implement ToMigrationState for Timer
> X-Mailer: git-send-email 2.51.1
>
> Timer is a complex struct, allow adding it to a struct that
> uses #[derive(ToMigrationState)]; similar to vmstate_timer, only
> the expiration time has to be preserved.
>
> In fact, because it is thread-safe, ToMigrationStateShared can
> also be implemented without needing a cell or mutex that wraps
> the timer.
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> rust/hw/timer/hpet/src/device.rs | 1 -
> rust/migration/src/migratable.rs | 31 +++++++++++++++++++++++++++++++
> rust/util/src/timer.rs | 10 +++++++++-
> 3 files changed, 40 insertions(+), 2 deletions(-)
I just, based on previous discussion, try to complete the timer's
ToMigrationState - use modify_ns() instead of modify(). This is on top
of this series.
From eb8b99a45ffccba7e0508141553c2c24c5efa410 Mon Sep 17 00:00:00 2001
From: Zhao Liu <zhao1.liu@intel.com>
Date: Thu, 20 Nov 2025 22:26:35 +0800
Subject: [PATCH] rust/timer: Use modify_ns() in restore_migrated_state()
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
---
include/qemu/timer.h | 11 +++++++++++
rust/migration/src/migratable.rs | 2 +-
rust/util/src/timer.rs | 21 +++++++++++++++++----
util/qemu-timer.c | 4 ++++
4 files changed, 33 insertions(+), 5 deletions(-)
diff --git a/include/qemu/timer.h b/include/qemu/timer.h
index 8b561cd6960b..4c6a51d600fb 100644
--- a/include/qemu/timer.h
+++ b/include/qemu/timer.h
@@ -392,6 +392,17 @@ int64_t timerlistgroup_deadline_ns(QEMUTimerListGroup *tlg);
* QEMUTimer
*/
+/**
+ * timer_get_scale
+ * @ts: the timer to be accessed
+ *
+ * Get the scale value of the specified timer. The scale represents
+ * the number of nanoseconds per unit of time for this timer.
+ *
+ * Returns: the scale of the timer (nanoseconds per unit)
+ */
+int timer_get_scale(QEMUTimer *ts);
+
/**
* timer_init_full:
* @ts: the timer to be initialised
diff --git a/rust/migration/src/migratable.rs b/rust/migration/src/migratable.rs
index c82a6b9a7cf2..7748aac2f27d 100644
--- a/rust/migration/src/migratable.rs
+++ b/rust/migration/src/migratable.rs
@@ -260,7 +260,7 @@ fn restore_migrated_state(
impl ToMigrationStateShared for util::timer::Timer {
fn restore_migrated_state(&self, source: i64, _version_id: u8) -> Result<(), InvalidError> {
if source >= 0 {
- self.modify(source as u64);
+ self.modify_ns(source as u64);
} else {
self.delete();
}
diff --git a/rust/util/src/timer.rs b/rust/util/src/timer.rs
index 4109d84c398a..6114892f084f 100644
--- a/rust/util/src/timer.rs
+++ b/rust/util/src/timer.rs
@@ -10,8 +10,8 @@
use common::{callbacks::FnCall, Opaque};
use crate::bindings::{
- self, qemu_clock_get_ns, timer_del, timer_expire_time_ns, timer_init_full, timer_mod,
- QEMUClockType,
+ self, qemu_clock_get_ns, timer_del, timer_expire_time_ns, timer_get_scale, timer_init_full,
+ timer_mod_ns, QEMUClockType,
};
/// A safe wrapper around [`bindings::QEMUTimer`].
@@ -96,10 +96,23 @@ pub fn expire_time_ns(&self) -> Option<i64> {
i64::try_from(ret).ok()
}
- pub fn modify(&self, expire_time: u64) {
+ fn scale(&self) -> u32 {
+ // SAFETY: the only way to obtain a Timer safely is via methods that
+ // take a Pin<&mut Self>, therefore the timer is pinned. And when Timer
+ // is created, its fields (including scale) are initialized to zero.
+ unsafe { timer_get_scale(self.as_mut_ptr()) }
+ .try_into()
+ .unwrap()
+ }
+
+ pub fn modify_ns(&self, expire_time: u64) {
// SAFETY: the only way to obtain a Timer safely is via methods that
// take a Pin<&mut Self>, therefore the timer is pinned
- unsafe { timer_mod(self.as_mut_ptr(), expire_time as i64) }
+ unsafe { timer_mod_ns(self.as_mut_ptr(), expire_time.try_into().unwrap()) }
+ }
+
+ pub fn modify(&self, expire_time: u64) {
+ self.modify_ns(expire_time * u64::from(self.scale()))
}
pub fn delete(&self) {
diff --git a/util/qemu-timer.c b/util/qemu-timer.c
index 2a6be4c7f958..233fdb2aa847 100644
--- a/util/qemu-timer.c
+++ b/util/qemu-timer.c
@@ -346,6 +346,10 @@ int qemu_poll_ns(GPollFD *fds, guint nfds, int64_t timeout)
#endif
}
+int timer_get_scale(QEMUTimer *ts)
+{
+ return ts->scale;
+}
void timer_init_full(QEMUTimer *ts,
QEMUTimerListGroup *timer_list_group, QEMUClockType type,
--
2.34.1
© 2016 - 2025 Red Hat, Inc.