Re: [Qemu-devel] [PATCH] migration: avoid copying ignore-shared ramblock when in incoming migration

[Dr. David Alan Gilbert]

* Peter Maydell (address@hidden) wrote:
> On Fri, 22 Mar 2019 at 10:12, Dr. David Alan Gilbert
> <address@hidden> wrote:
> > Right, so in Catherine's patch there's a simple in_incoming_migration
> > and checking ramblock_is_ignored
> 
> Mmm, but I think it is in the wrong place. It is being checked
> in address_space_write_rom_internal(). Either we want to
> suppress any and all writes to these RAM blocks, in which
> case I don't think that function covers all the ways that
> code can get hold of a RAM block and write to it; or we are
> confident that only the ROM blobs are an issue, in which
> case it is too low in the call stack and we should do the
> check in rom_reset().
> 
> Are there any other cases where we might write to RAM
> during reset/migration ? I thought of "user write via
> the debug stub or monitor", but perhaps those either
> can't happen or we define them as user error. But I
> there might be some other obscure cases, which perhaps
> argues for doing this at the lowest level possible.

Right, the thought of the 'might be other obscure cases'
is why in Yury's 'QEMU may write to system_memory before guest starts'
patch he marks all shared regions as read-only to see what
hits it.

I'm not sure; tbh inserting this type of check at the lowest
level seems a bit invasive so I'd prefer doing it at the ROM blocks
level; but we are bound to hit those obscure cases and then
the failure is a real pain to debug when you find something
has overwritten some of the RAM.

Dave

> thanks
> -- PMM
--
Dr. David Alan Gilbert / address@hidden / Manchester, UK