<fix>[vm]: ZSTAC-84158 handle StopVmGC host mismatch

[MatheMatrix]

• StopVmGC 下发 stop 时设置 ignoreNotFound。
• stop 返回后只在 VM 仍属于 GC host 时改为 Stopped。
• StopVmOnHypervisorMsg/StopVmCmd 透传 ignoreNotFound。

sync from gitlab !9888

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: http://open.zstack.ai:20001/code-reviews/zstack-cloud.yaml (via .coderabbit.yaml)

Review profile: CHILL

Plan: Pro

Run ID: d9eb6de2-b857-4f23-ba36-7455650e1516

📥 Commits

Reviewing files that changed from the base of the PR and between 0641951 and 0488d4d.

📒 Files selected for processing (4)

• compute/src/main/java/org/zstack/compute/vm/StopVmGC.java
• header/src/main/java/org/zstack/header/vm/StopVmOnHypervisorMsg.java
• plugin/kvm/src/main/java/org/zstack/kvm/KVMAgentCommands.java
• plugin/kvm/src/main/java/org/zstack/kvm/KVMHost.java

🚧 Files skipped from review as they are similar to previous changes (4)

• compute/src/main/java/org/zstack/compute/vm/StopVmGC.java
• plugin/kvm/src/main/java/org/zstack/kvm/KVMHost.java
• header/src/main/java/org/zstack/header/vm/StopVmOnHypervisorMsg.java
• plugin/kvm/src/main/java/org/zstack/kvm/KVMAgentCommands.java

---

Walkthrough

在StopVmGC中将StopVmOnHypervisorMsg.ignoreNotFound设为true并在更新VM为stopped前校验VM当前的vmHostUuid是否仍在GC host；新增消息与agent命令的ignoreNotFound字段并在KVMHost中传递该标志到StopVmCmd。

变更说明

VM停止操作ignoreNotFound功能

层级 / 文件(s)	说明
消息和命令ignoreNotFound字段定义 header/src/main/java/org/zstack/header/vm/StopVmOnHypervisorMsg.java, plugin/kvm/src/main/java/org/zstack/kvm/KVMAgentCommands.java	在StopVmOnHypervisorMsg和StopVmCmd中新增ignoreNotFound布尔字段及其公开getter/setter方法，建立ignoreNotFound属性的消息和命令数据契约。
ignoreNotFound标志在执行流程中的传播 plugin/kvm/src/main/java/org/zstack/kvm/KVMHost.java	在KVMHost.stopVm()方法中将StopVmOnHypervisorMsg的ignoreNotFound标志传递给StopVmCmd，实现标志从消息层到agent命令层的传播。
StopVmGC中ignoreNotFound的设置与主机一致性验证 compute/src/main/java/org/zstack/compute/vm/StopVmGC.java	在StopVmGC.triggerNow()中将StopVmOnHypervisorMsg.ignoreNotFound设为true；在变更VM状态为stopped之前查询VM的当前vmHostUuid并与GC的hostUuid做一致性校验，若不一致则记录debug并提前跳过状态更新。

Sequence Diagram

sequenceDiagram
  participant StopVmGC
  participant KVMHost
  participant KVMAgent
  participant VMDB
  StopVmGC->>KVMHost: send StopVmOnHypervisorMsg (ignoreNotFound=true)
  KVMHost->>KVMAgent: StopVmCmd (ignoreNotFound)
  KVMAgent->>KVMHost: reply (stop result)
  StopVmGC->>VMDB: query vmHostUuid
  VMDB-->>StopVmGC: vmHostUuid
  alt vmHostUuid != GC.hostUuid
    StopVmGC->>StopVmGC: log debug and trigger.next() (skip state change)
  else
    StopVmGC->>StopVmGC: update VM state -> stopped
  end

Loading

评估复杂度

🎯 2 (简单) | ⏱️ ~12分钟

诗歌

🐰 标志传播层层递，
消息命令合作力，
主机检查显妙思，
容错优雅又精准！✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	PR 标题遵循要求的 [scope]: 格式，包含 JIRA Key，长度 52 字符（≤72），清晰总结了主要变更内容。
Description check	✅ Passed	PR 描述与变更集相关联，列出了三项主要改动，与代码变更内容相符。
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sync/zstackio/fix/ZSTAC-84158@@3

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ast-grep (0.42.2)

plugin/kvm/src/main/java/org/zstack/kvm/KVMHost.java

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

compute/src/main/java/org/zstack/compute/vm/StopVmGC.java (1)

70-84: ⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

主机一致性校验存在竞态窗口，仍可能误置 Stopped 状态

Line 70-83 先查询 hostUuid，随后 Line 84 异步发送 ChangeVmStateMsg；两步之间 VM 仍可迁移，导致校验通过后在新主机场景下仍被置为 Stopped。建议把“期望主机”作为状态变更前置条件，由状态处理端做原子校验（例如带 expectedHostUuid 的条件更新/校验）以消除 TOCTOU 风险。

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@compute/src/main/java/org/zstack/compute/vm/StopVmGC.java` around lines 70 -
84, StopVmGC does a TOCTOU check by reading VmInstanceVO.hostUuid then
asynchronously sending ChangeVmStateMsg, so the VM can move between check and
state change; modify the flow to include the expected host UUID as part of the
state-change request (e.g. add an expectedHostUuid field to ChangeVmStateMsg)
and update the VM state-change handler (the code that processes ChangeVmStateMsg
/ the VM state transition logic) to perform an atomic conditional
update/validation using that expectedHostUuid (reject or no-op if current
hostUuid != expectedHostUuid) instead of relying on the prior read in StopVmGC;
reference StopVmGC, ChangeVmStateMsg, VmInstanceVO/VmInstanceVO_.hostUuid and
VmInstanceConstant service handling to locate where to add the field and where
to enforce the atomic check.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@compute/src/main/java/org/zstack/compute/vm/StopVmGC.java`:
- Around line 70-84: StopVmGC does a TOCTOU check by reading
VmInstanceVO.hostUuid then asynchronously sending ChangeVmStateMsg, so the VM
can move between check and state change; modify the flow to include the expected
host UUID as part of the state-change request (e.g. add an expectedHostUuid
field to ChangeVmStateMsg) and update the VM state-change handler (the code that
processes ChangeVmStateMsg / the VM state transition logic) to perform an atomic
conditional update/validation using that expectedHostUuid (reject or no-op if
current hostUuid != expectedHostUuid) instead of relying on the prior read in
StopVmGC; reference StopVmGC, ChangeVmStateMsg,
VmInstanceVO/VmInstanceVO_.hostUuid and VmInstanceConstant service handling to
locate where to add the field and where to enforce the atomic check.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: http://open.zstack.ai:20001/code-reviews/zstack-cloud.yaml (via .coderabbit.yaml)

Review profile: CHILL

Plan: Pro

Run ID: a84ac299-9006-4fc3-8510-18c3a7df9f5c

📥 Commits

Reviewing files that changed from the base of the PR and between 39c155a and 0641951.

📒 Files selected for processing (4)

• compute/src/main/java/org/zstack/compute/vm/StopVmGC.java
• header/src/main/java/org/zstack/header/vm/StopVmOnHypervisorMsg.java
• plugin/kvm/src/main/java/org/zstack/kvm/KVMAgentCommands.java
• plugin/kvm/src/main/java/org/zstack/kvm/KVMHost.java