Commit Graph

68609 Commits

Author SHA1 Message Date
Thomas Huth
ae909496e9 hw/i386/pc: Fix crash when hot-plugging nvdimm on older machine types
QEMU currently crashes when you try to hot-plug an "nvdimm" device
on older machine types:

$ qemu-system-x86_64 -monitor stdio -M pc-1.1
QEMU 3.1.92 monitor - type 'help' for more information
(qemu) device_add nvdimm,id=nvdimmn1
qemu-system-x86_64: /home/thuth/devel/qemu/util/error.c:57: error_setv:
 Assertion `*errp == ((void *)0)' failed.
Aborted (core dumped)

The call to hotplug_handler_pre_plug() in pc_memory_pre_plug() has been
added recently before the check whether nvdimm is enabled. It should
be done after the check. And while we're at it, also check the errp
after the hotplug_handler_pre_plug(), otherwise errors are silently
ignored here.

Fixes: 9040e6dfa8
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20190407092314.11066-1-thuth@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:34:21 +02:00
Peter Maydell
77b1757090 include/qemu/bswap.h: Use __builtin_memcpy() in accessor functions
In the accessor functions ld*_he_p() and st*_he_p() we use memcpy()
to perform a load or store to a pointer which might not be aligned
for the size of the type. We rely on the compiler to optimize this
memcpy() into an efficient load or store instruction where possible.
This is required for good performance, but at the moment it is also
required for correct operation, because some users of these functions
require that the access is atomic if the pointer is aligned, which
will only be the case if the compiler has optimized out the memcpy().
(The particular example where we discovered this is the virtio
vring_avail_idx() which calls virtio_lduw_phys_cached() which
eventually ends up calling lduw_he_p().)

Unfortunately some compile environments, such as the fortify-source
setup used in Alpine Linux, define memcpy() to a wrapper function
in a way that inhibits this compiler optimization.

The correct long-term fix here is to add a set of functions for
doing atomic accesses into AddressSpaces (and to other relevant
families of accessor functions like the virtio_*_phys_cached()
ones), and make sure that callsites which want atomic behaviour
use the correct functions.

In the meantime, switch to using __builtin_memcpy() in the
bswap.h accessor functions. This will make us robust against things
like this fortify library in the short term. In the longer term
it will mean that we don't end up with these functions being really
badly-performing even if the semantics of the out-of-line memcpy()
are correct.

Reported-by: Fernando Casas Schössow <casasfernando@outlook.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20190318112938.8298-1-peter.maydell@linaro.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:34:21 +02:00
Philippe Mathieu-Daudé
1cab464136 roms: Allow passing configure options to the EDK2 build tools
Since commit f590a812c2 we build the EDK2 EfiRom utility
unconditionally.

Some distributions require to use extra compiler/linker flags,
i.e. SUSE which enforces the PIE protection (see [*]).

EDK2 build tools already provide a set of variables for that,
use them to allow the caller to easily inject compiler/linker
options..

Now build scripts can pass extra options, example:

  $ make -C roms \
      EDK2_BASETOOLS_OPTFLAGS='-fPIE' \
      efirom

[*] https://lists.opensuse.org/opensuse-factory/2017-06/msg00403.html

Reported-by: Olaf Hering <olaf@aepfle.de>
Suggested-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190409134536.15548-3-philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:33:55 +02:00
Philippe Mathieu-Daudé
d912e795e0 roms: Rename the EFIROM variable to avoid clashing with iPXE
The iPXE's 'veryclean' recipe removes $(EFIROM) even if the EFIROM
macro originates from elsewhere:

  $ git checkout f590a812c21~
  $ make -C roms clean EFIROM=$(type -P EfiRom)
  make: Entering directory '/source/qemu/roms'
  [...]
  make -C ipxe/src veryclean
  make[1]: Entering directory '/source/qemu/roms/ipxe/src'
  rm -f bin{,-*}/*.* bin{,-*}/.certificate.* bin{,-*}/.certificates.* bin{,-*}/.private_key.* bin{,-*}/errors bin{,-*}/NIC ./util/zbin ./util/elf2efi32 ./util/elf2efi64 /usr/bin/EfiRom ./util/efifatbin ./util/iccfix ./util/einfo TAGS bin{,-*}/symtab
  rm: cannot remove '/usr/bin/EfiRom': Permission denied
  make[1]: *** [Makefile.housekeeping:1564: clean] Error 1
  make[1]: Leaving directory '/source/qemu/roms/ipxe/src'
  make: *** [Makefile:152: clean] Error 2
  make: Leaving directory '/source/qemu/roms'

Before f590a812c2 this variable could be overridden or unset,
and the 'veryclean' Makefile rule would not complain.

Commit f590a812c2 enforces this variable to the Intel EfiRom
tool provided by the EDK2 project.

To avoid the name clash and make the difference between the
projects obvious, rename the variable used by the EDK2 project
as EDK2_EFIROM.

Fixes: f590a812c2
Reported-by: Olaf Hering <olaf@aepfle.de>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20190409134536.15548-2-philmd@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2019-04-09 18:33:45 +02:00
Peter Maydell
248987f92c fix gettid() clash with new glibc
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcq6KmAAoJEPMMOL0/L748fAkP/1YcBpk93iLN3/IBNby0LhGZ
 V0TVUEN6cDeGb409ejqszRaJYg83gwNpBFbZnpkP57DbcRf200Iyvi2hwCYGAckh
 otGSSQP/fj/FNZkj7D/TkzitYj3sM1aOA3w9G6fKd6Z3htrY9R2Xitv9/vsDAoDN
 QUh0U6ysjuRmLKPPM63yJQjvMnTWSAy6tvWmbLwcJ6Uf8BKOnxZsPQPWiT/pJRjb
 smCjTa4pJ6tcpQnjd/Uxmbxa9TO8aqkqnLm3WXSXtMEx0TG+XwoX6Y67bUG9Fjll
 wPhxashHp+b0jL2jqFE26ac5siKUwlRXNqeJKTy6d9pP9bcMskbCFgL18hPj549s
 SQDz5zKMnbxoIQaK744cbBN2pikhxG2VNMahyDn+nOsBmqO9we8eiD8cmNLpDIi+
 lGtnYY3imLVBeCxb1kGM/iiDiKKq6cY0W8nwIyYNYbWy+3CuSYYGfxTjs2tI0Rvx
 iOgaqtpGdNB1gme+P8U/I85EhIMTarEdKWJ900T2NdbKUr9Z/3sj8lBBq/aTHJxH
 ARYCm5G9G5WdO3ELiKj1ys4hgyHsrhad6sn1dOyahz/IDP008TJ3YsFTxZyji5Nq
 3Ajgs865L7mne630Gg06oWjk/BreeT6r4uIKKv936LNy8N6NE+QLPlBHYxDfc7Qa
 ZeeXPN2yqTP0fuoc+z4l
 =EX4I
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/vivier2/tags/linux-user-for-4.0-pull-request' into staging

fix gettid() clash with new glibc

# gpg: Signature made Mon 08 Apr 2019 20:36:06 BST
# gpg:                using RSA key F30C38BD3F2FBE3C
# gpg: Good signature from "Laurent Vivier <lvivier@redhat.com>" [full]
# gpg:                 aka "Laurent Vivier <laurent@vivier.eu>" [full]
# gpg:                 aka "Laurent Vivier (Red Hat) <lvivier@redhat.com>" [full]
# Primary key fingerprint: CD2F 75DD C8E3 A4DC 2E4F  5173 F30C 38BD 3F2F BE3C

* remotes/vivier2/tags/linux-user-for-4.0-pull-request:
  linux-user: rename gettid() to sys_gettid() to avoid clash with glibc
  linux-user: assume __NR_gettid always exists

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-09 10:02:30 +01:00
Peter Maydell
7fe1427b57 nbd patches for 2019-04-08
- Fix minor issues in recent alignment patches
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABCAAGBQJcq5i8AAoJEKeha0olJ0NqYnwH/ijn04VFDiJs2UJ/Xbc8xIof
 QcwwTB1GaHGxkptmWPndJgtApqJEKCpoY7lMWLEfoulthNLydv5IUwqjWNUrBYL+
 c76oItDlrCZYfR6DJMKtGceANOW4avBBdh1SCYHSw+DTwg5vq5zv1uGkrSsRYWe6
 5w3Qb3I9M/7F/Y/2bLzHe8SanVRYoLk+ouVo22wIj59LBYKrQ0oRa04k1kDhJ6Qv
 HWtkRUSEMfd6WuV3P8n93MDSNii7CNw9gr5tWCH5bxPv4evNhukd6eyE0EMTso0C
 Mmby+rjdlzSLi5KJbvke6c4HQ1geQyrdrt4KKj4AOKioZRc9FmjuuctXqwfZTx4=
 =HeBS
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/ericb/tags/pull-nbd-2019-04-08' into staging

nbd patches for 2019-04-08

- Fix minor issues in recent alignment patches

# gpg: Signature made Mon 08 Apr 2019 19:53:48 BST
# gpg:                using RSA key A7A16B4A2527436A
# gpg: Good signature from "Eric Blake <eblake@redhat.com>" [full]
# gpg:                 aka "Eric Blake (Free Software Programmer) <ebb9@byu.net>" [full]
# gpg:                 aka "[jpeg image of size 6874]" [full]
# Primary key fingerprint: 71C2 CC22 B1C4 6029 27D2  F3AA A7A1 6B4A 2527 436A

* remotes/ericb/tags/pull-nbd-2019-04-08:
  nbd/client: Fix error message for server with unusable sizing
  nbd/server: Don't fail NBD_OPT_INFO for byte-aligned sources
  nbd/server: Trace client noncompliance on unaligned requests
  nbd/server: Fix blockstatus trace

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-08 20:10:21 +01:00
Eric Blake
e53f88df77 nbd/client: Fix error message for server with unusable sizing
Add a missing space to the error message used when giving up on a
server that insists on an alignment which renders the last few bytes
of the export unreadable.

Fixes: 3add3ab78
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190404145226.32649-1-eblake@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
2019-04-08 13:51:25 -05:00
Eric Blake
099fbcd65c nbd/server: Don't fail NBD_OPT_INFO for byte-aligned sources
In commit 0c1d50bd, I added a couple of TODO comments about whether we
consult bl.request_alignment when responding to NBD_OPT_INFO. At the
time, qemu as server was hard-coding an advertised alignment of 512 to
clients that promised to obey constraints, and there was no function
for getting at a device's preferred alignment. But in hindsight,
advertising 512 when the block device prefers 1 caused other
compliance problems, and commit b0245d64 changed one of the two TODO
comments to advertise a more accurate alignment. Time to fix the other
TODO.  Doesn't really impact qemu as client (our normal client doesn't
use NBD_OPT_INFO, and qemu-nbd --list promises to obey block sizes),
but it might prove useful to other clients.

Fixes: b0245d64
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190403030526.12258-4-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-04-08 13:49:25 -05:00
Eric Blake
6e280648d2 nbd/server: Trace client noncompliance on unaligned requests
We've recently added traces for clients to flag server non-compliance;
let's do the same for servers to flag client non-compliance. According
to the spec, if the client requests NBD_INFO_BLOCK_SIZE, it is
promising to send all requests aligned to those boundaries.  Of
course, if the client does not request NBD_INFO_BLOCK_SIZE, then it
made no promises so we shouldn't flag anything; and because we are
willing to handle clients that made no promises (the spec allows us to
use NBD_REP_ERR_BLOCK_SIZE_REQD if we had been unwilling), we already
have to handle unaligned requests (which the block layer already does
on our behalf).  So even though the spec allows us to return EINVAL
for clients that promised to behave, it's easier to always answer
unaligned requests.  Still, flagging non-compliance can be useful in
debugging a client that is trying to be maximally portable.

Qemu as client used to have one spot where it sent non-compliant
requests: if the server sends an unaligned reply to
NBD_CMD_BLOCK_STATUS, and the client was iterating over the entire
disk, the next request would start at that unaligned point; this was
fixed in commit a39286dd when the client was taught to work around
server non-compliance; but is equally fixed if the server is patched
to not send unaligned replies in the first place (yes, qemu 4.0 as
server still has few such bugs, although they will be patched in
4.1). Fortunately, I did not find any more spots where qemu as client
was non-compliant. I was able to test the patch by using the following
hack to convince qemu-io to run various unaligned commands, coupled
with serving 512-byte alignment by intentionally omitting '-f raw' on
the server while viewing server traces.

| diff --git i/nbd/client.c w/nbd/client.c
| index 427980bdd22..1858b2aac35 100644
| --- i/nbd/client.c
| +++ w/nbd/client.c
| @@ -449,6 +449,7 @@ static int nbd_opt_info_or_go(QIOChannel *ioc, uint32_t opt,
|                  nbd_send_opt_abort(ioc);
|                  return -1;
|              }
| +            info->min_block = 1;//hack
|              if (!is_power_of_2(info->min_block)) {
|                  error_setg(errp, "server minimum block size %" PRIu32
|                             " is not a power of two", info->min_block);

Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190403030526.12258-3-eblake@redhat.com>
[eblake: address minor review nits]
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-04-08 13:42:24 -05:00
Eric Blake
2178a569be nbd/server: Fix blockstatus trace
Don't increment remaining_bytes until we know that we will actually be
including the current block status extent in the reply; otherwise, the
value traced will include a bytes value that is oversized by the
length of the next block status extent which did not get sent because
it instead ended the loop.

Fixes: fb7afc79
Signed-off-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190403030526.12258-2-eblake@redhat.com>
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
2019-04-08 13:36:04 -05:00
Peter Maydell
5263724b78 Block layer patches:
- hmp: Fix drive_add ... format=help crash
 - block: Forward 'discard' to temporary overlay
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJcq2wYAAoJEH8JsnLIjy/Wqm4QAL8tJ4xfa6FEoLMwsWCLN5rR
 U0ii9QwGDFMjG3hHRuzFvcKVnh0A2uNKAJ5XYAbE+HD468pfZFNQJs5ITyTU1MJF
 bxn2MLORWydRTefkdqvZ4ZLLbz+H0uIwvu5VJr6j4nRUiSOeOeayJjhGny3ezbzy
 IDQF1Hzb44mzeQsePS8YvFBjrMHQL4jVydylV1nwde63x5qWtiFBQenT8n7x0Msh
 UbzLuZbd/iQOFiyNIYz1pEtcn5uuBdHn5Go6B4PA7fAEDLqB5CGrzC1uk5JeAKKV
 BqJHUrpbqRSNVbj5bN2jTT33w3L/eTMS9XHiSmpZvPDjpfZPJQ9ANBgsiZ5zSFZp
 4lNbq1JVl5IAQWzdfZk2l1rTasJ98Yp86YstsE4LennjyyXbmP0UVZCZ8nDCvZYb
 UGok93Ff3r4Tk0ZOPkqyJ8HG8NdIb/FxukvEtkuhdhKbt+zSxCtyr/PE7E/1Mzb9
 w+6toWgMoU09r8q6P2zcnS59JUTpp7d5UNvSe7xwGzDTwXLC8Yr6f5r0bprFofZA
 Pf3Ehf8ruI50R3JgDSYWm9gY3y4mlLtZSR6LQA+/v9a6IxpDQUuGP19tGXXnFXJu
 THvDCOpjtBIJY80puMH6gF7K2mus50XBhJDQprAhQ+DK8RB5qHiKe1MmH+b9qU8t
 8huofCNGZsUjt50cYajV
 =fs3y
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- hmp: Fix drive_add ... format=help crash
- block: Forward 'discard' to temporary overlay

# gpg: Signature made Mon 08 Apr 2019 16:43:20 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  hmp: Fix drive_add ... format=help crash
  block: Forward 'discard' to temporary overlay

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-08 17:53:18 +01:00
Markus Armbruster
ab63817119 hmp: Fix drive_add ... format=help crash
drive_new() returns null without setting an error when it provided
help.  add_init_drive() assumes null means failure, and crashes trying
to report a null error.

Fixes: c4f26c9f37
Cc: qemu-stable@nongnu.org
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2019-04-08 17:42:06 +02:00
Daniel P. Berrangé
71ba74f67e linux-user: rename gettid() to sys_gettid() to avoid clash with glibc
The glibc-2.29.9000-6.fc31.x86_64 package finally includes the gettid()
function as part of unistd.h when __USE_GNU is defined. This clashes
with linux-user code which unconditionally defines this function name
itself.

/home/berrange/src/virt/qemu/linux-user/syscall.c:253:16: error: static declaration of ‘gettid’ follows non-static declaration
  253 | _syscall0(int, gettid)
      |                ^~~~~~
/home/berrange/src/virt/qemu/linux-user/syscall.c:184:13: note: in definition of macro ‘_syscall0’
  184 | static type name (void)   \
      |             ^~~~
In file included from /usr/include/unistd.h:1170,
                 from /home/berrange/src/virt/qemu/include/qemu/osdep.h:107,
                 from /home/berrange/src/virt/qemu/linux-user/syscall.c:20:
/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here
   34 | extern __pid_t gettid (void) __THROW;
      |                ^~~~~~
  CC      aarch64-linux-user/linux-user/signal.o
make[1]: *** [/home/berrange/src/virt/qemu/rules.mak:69: linux-user/syscall.o] Error 1
make[1]: *** Waiting for unfinished jobs....
make: *** [Makefile:449: subdir-aarch64-linux-user] Error 2

While we could make our definition conditional and rely on glibc's impl,
this patch simply renames our definition to sys_gettid() which is a
common pattern in this file.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20190320161842.13908-3-berrange@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-04-08 17:27:13 +02:00
Daniel P. Berrangé
184943d827 linux-user: assume __NR_gettid always exists
The gettid syscall was introduced in Linux 2.4.11. This is old enough
that we can assume it always exists and thus not bother with the
conditional backcompat logic.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20190320161842.13908-2-berrange@redhat.com>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-04-08 17:26:44 +02:00
Kevin Wolf
3f48686fac block: Forward 'discard' to temporary overlay
When bdrv_temp_snapshot_options() is called for snapshot=on, the
'discard' option in the options QDict hasn't been parsed and merged into
the flags yet. So copy the dict entry to make sure that the temporary
overlay enables discard when it was requested for the drive.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Reviewed-by: Alberto Garcia <berto@igalia.com>
2019-04-08 16:48:46 +02:00
Peter Maydell
2c57310627 - Fix a crash in libqos with GCC 9
- Fix usage of wrong boolean types in libqos
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
 iQIcBAABAgAGBQJcqycYAAoJEC7Z13T+cC218ScQAKJPgQ5x4b+EdKQJt0dWWuXm
 OL/xxj1RV0XJzMOftxIXJDz8hHEbSlC26VMGjJPi/pLn+5kjum/HqZ/3NotiavbF
 I5ijhAPm0OkgCQ7/KCLGrrczVN3IribKp/ZnsL+4uzGO2dBulW/bnK1O0AOFgWj3
 jRIf2Jhn84y23CRn5TiIyTeLFzCbJyKk013qqSs/kxHHKcfFOJKg/4gwgof8LA2i
 tSXEtSGL00Lo4mwxdJmfTHO9mefNXcM58Dp2SFSvMQpk3OnBi1DR62PqKQrJ1MMt
 XEzolqZrUsF813PdX2g9isEQh0tBBLBS1v1MofYRX1ngm0rKH9xkTE9hbYSfNoHM
 QRZmceTaGaNN+K8nsdHFz9OHU1wpgwcKFSniaWd7gMK0UQb0Z/HkUBeyZC2uP/QN
 n1GI8/fNcD8/g5pEgkQDz0BHtKM/owiiHEEz+8qvnWjnZmuKEu89mlkCmNzfVbKP
 luDtXyibxq0mdPloWm+f72W/eyGlxiTCnO6+j1gxA0wpB2LSnIyJNuy5M4aQqI/O
 lIoSSoqRLnN5yGJ7pxtCdNbmUIrJBkoo6cEPBKlgn2BsBAaVQLpBQ01dMXJwQc/S
 d2jXEcElKPNPCi9+ebmuIaz/q5owISppeSRu1amy/GO+ozgPN6RJb3kRUfHXnzde
 jTmS8dVlXOMfwnAulII+
 =frEw
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/huth-gitlab/tags/pull-request-2019-04-08' into staging

- Fix a crash in libqos with GCC 9
- Fix usage of wrong boolean types in libqos

# gpg: Signature made Mon 08 Apr 2019 11:48:56 BST
# gpg:                using RSA key 2ED9D774FE702DB5
# gpg: Good signature from "Thomas Huth <th.huth@gmx.de>" [full]
# gpg:                 aka "Thomas Huth <thuth@redhat.com>" [full]
# gpg:                 aka "Thomas Huth <huth@tuxfamily.org>" [full]
# gpg:                 aka "Thomas Huth <th.huth@posteo.de>" [unknown]
# Primary key fingerprint: 27B8 8847 EEE0 2501 18F3  EAB9 2ED9 D774 FE70 2DB5

* remotes/huth-gitlab/tags/pull-request-2019-04-08:
  test qgraph.c: Fix segs due to out of scope default
  tests/libqos: fix usage of bool in pci-spapr.c
  tests/libqos: fix usage of bool in pci-pc.c

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-08 15:21:11 +01:00
Dr. David Alan Gilbert
c19f2b711e test qgraph.c: Fix segs due to out of scope default
The test uses the trick:
   if (!opts) {
     opts = &(QOSGraph...Options) { };
   }

  in a couple of places, however the temporary created
by the &() {}  goes out of scope at the bottom of the if,
and results in a seg or assert when opts-> fields are
used (on fedora 30's gcc 9).

Fixes: fc281c8020
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20190405184037.16799-1-dgilbert@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-04-08 12:38:07 +02:00
Jafar Abdi
c098aac7dc tests/libqos: fix usage of bool in pci-spapr.c
Clean up wrong usage of FALSE and TRUE in places that use "bool" from stdbool.h.

FALSE and TRUE (with capital letters) are the constants defined by glib for
being used with the "gboolean" type of glib. But some parts of the code also use
TRUE and FALSE for variables that are declared as "bool" (the type from <stdbool.h>).

Signed-off-by: Jafar Abdi <cafer.abdi@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Acked-by: David Gibson <david@gibson.dropbear.id.au>
Message-Id: <1553351197-14581-4-git-send-email-cafer.abdi@gmail.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-04-08 12:38:07 +02:00
Jafar Abdi
08f7ad1b00 tests/libqos: fix usage of bool in pci-pc.c
Clean up wrong usage of FALSE and TRUE in places that use "bool" from stdbool.h.

FALSE and TRUE (with capital letters) are the constants defined by glib for
being used with the "gboolean" type of glib. But some parts of the code also use
TRUE and FALSE for variables that are declared as "bool" (the type from <stdbool.h>).

Signed-off-by: Jafar Abdi <cafer.abdi@gmail.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <1553351197-14581-3-git-send-email-cafer.abdi@gmail.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2019-04-08 12:38:07 +02:00
Peter Maydell
f55a585d10 pci, pc, virtio: fixes
intel-iommu fixes
 virtio typo fixes
 linker: a couple of asserts for consistency/security
 
 Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 -----BEGIN PGP SIGNATURE-----
 
 iQEcBAABAgAGBQJco4T3AAoJECgfDbjSjVRpjQEIAJCV8n+KFTXhFYxLkVmmp9K6
 d4QMXvd8MSP/zJwjBFhCHX+pi0N+HrKzTf5c1fqY0FtWGg0cT4rZam+7gX4QlCxH
 fJ4de3cs2qit3FbkSjwHbao+uha/Nzso79XXkQsTkMdhmq+W1xLM4QbVa+RyGb+f
 UjpYSX0kD6go8B7kAUB5PyGMAsNBL2drj/Er8v7vMu7ai1ti7DnmBPITY9bHgAld
 PdMEN79BI5Sz+WHiaG5AVagFxh1iAdHVcjlx5xNncuZrZPKW2I847lzK5GLzchav
 mBRts8xOjOwEdCt02K8aAv9PXidc7SiNvZqf1CpGt6mH2REhl+FWkbfJZSTswV4=
 =gH9R
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/mst/tags/for_upstream' into staging

pci, pc, virtio: fixes

intel-iommu fixes
virtio typo fixes
linker: a couple of asserts for consistency/security

Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

# gpg: Signature made Tue 02 Apr 2019 16:51:19 BST
# gpg:                using RSA key 281F0DB8D28D5469
# gpg: Good signature from "Michael S. Tsirkin <mst@kernel.org>" [full]
# gpg:                 aka "Michael S. Tsirkin <mst@redhat.com>" [full]
# Primary key fingerprint: 0270 606B 6F3C DF3D 0B17  0970 C350 3912 AFBE 8E67
#      Subkey fingerprint: 5D09 FD08 71C8 F85B 94CA  8A0D 281F 0DB8 D28D 5469

* remotes/mst/tags/for_upstream:
  intel_iommu: Drop extended root field
  intel_iommu: Fix root_scalable migration breakage
  virtio-net: Fix typo in comment
  intel_iommu: Correct caching-mode error message
  acpi: verify file entries in bios_linker_loader_add_pointer()

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-07 14:54:55 +01:00
Peter Maydell
90fb864a7d Migration fixes pull for 4.0
A couple of fixes for crashes in colo and
 migration parameters.
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEERfXHG0oMt/uXep+pBRYzHrxb/ecFAlyneJoACgkQBRYzHrxb
 /edbEQ//R+uAspJym78EJEKeCts75CnEM8WYFRecS2our4KWVC6sihD4BAPbIddE
 5Xe9QDfZZ1ihbY8VyMTiqgwxa3EIxdVja3rTze8tFFlH7MTQsQE8r+r2Erz9lyGl
 UAsFo3gTxY8BCwv51oowu87iyE3psDoa3C+Iq4HRL0Pr+BAdnxyygwLpNnOd1TlZ
 tpORsLU7/irULqy0NKXfF0mVZha9jMUmA4mVUgEwIS8TD0q/GLyFyd1dzE1cOrmk
 vh7BfyyeD3yPVbJL4M0Zggs/HdQsiihF1j60BYpFRbD8io4KnGBYCTorWoz+pF0y
 y4q++UxSwFWsYEYWhiRemfZcK/THCUhh3BKs4ti5xY4dga8M0GSqbuKBl+QjErYO
 LahX2bs72HV6SzRwgw4HFaJn2KQs7vyd+ejcjwSiAZw8P0P/8urTkTOevmz1VeFj
 nXjqDrp9CTvZrMiFbs6QAxTQbMBwprv8RP+hUsGXjD7FaeqFrRBzwp/Z80Xr0NT+
 TzScRd4J9LvQXgSNKEWk+fTHW1bXWBXd3Ap5IixXZPaPq8kB76NOc6TLeZyhQu6o
 qnnPOXDpSXPAVYKdv0xfwGkxNxbqU4mcxQbrdFvZ6/pCIfeYkB55RZPzu/9fIHx/
 Dqxy/+73xOAL3jdBZJlOw7j8eajwLJZhpHr1N6twExs8eLA/WOQ=
 =2DS8
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/dgilbert/tags/pull-migration-20190405a' into staging

Migration fixes pull for 4.0

A couple of fixes for crashes in colo and
migration parameters.

# gpg: Signature made Fri 05 Apr 2019 16:47:38 BST
# gpg:                using RSA key 45F5C71B4A0CB7FB977A9FA90516331EBC5BFDE7
# gpg: Good signature from "Dr. David Alan Gilbert (RH2) <dgilbert@redhat.com>" [full]
# Primary key fingerprint: 45F5 C71B 4A0C B7FB 977A  9FA9 0516 331E BC5B FDE7

* remotes/dgilbert/tags/pull-migration-20190405a:
  migration: Fix migrate_set_parameter
  migration/ram.c: Fix codes conflict about bitmap_mutex

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-06 00:22:34 +01:00
Juan Quintela
d013283a46 migration: Fix migrate_set_parameter
Otherwise we are setting err twice, what is wrong and causes an abort.

Signed-off-by: Juan Quintela <quintela@redhat.com>
Message-Id: <20190403114958.3705-2-quintela@redhat.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-04-05 15:32:13 +01:00
Zhang Chen
c6e5bafb6f migration/ram.c: Fix codes conflict about bitmap_mutex
I found upstream codes conflict with COLO and lead to crash,
and I located to this patch:

commit 386a907b37
Author: Wei Wang <wei.w.wang@intel.com>
Date:   Tue Dec 11 16:24:49 2018 +0800

migration: use bitmap_mutex in migration_bitmap_clear_dirty

My colleague Wei's patch add bitmap_mutex in migration_bitmap_clear_dirty,
but COLO didn't initialize the bitmap_mutex. So we always get an error
when COLO start up. like that:
qemu-system-x86_64: util/qemu-thread-posix.c:64: qemu_mutex_lock_impl: Assertion `mutex->initialized' failed.

This patch add the bitmap_mutex initialize and destroy in COLO
lifecycle.

Signed-off-by: Zhang Chen <chen.zhang@intel.com>
Message-Id: <20190329222951.28945-1-chen.zhang@intel.com>
Reviewed-by: Wei Wang <wei.w.wang@intel.com>
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-04-05 15:29:48 +01:00
Peter Maydell
10546e09e1 RISC-V Patches for 4.0-rc3, v2
This patch set contains a pair of tightly coupled PLIC bug fixes:
 
 * We were calculating the PLIC addresses incorrectly.
 * We were installing the wrong number of PLIC interrupts.
 
 The two bugs togther resulted in a mostly-working system, but they're
 impossible to seperate because fixing one bug would result in
 significant breakage.  As a result they're in the same patch.
 
 There is also a cleanup to use qemu_log_mask(LOG_GUEST_ERROR,...) for
 error reporting.
 
 As far as I know these are the last outstanding RISC-V patches for 4.0.
 
 v2 no longer fails "make check" for me... sorry!
 -----BEGIN PGP SIGNATURE-----
 
 iQJHBAABCAAxFiEEAM520YNJYN/OiG3470yhUCzLq0EFAlymonUTHHBhbG1lckBk
 YWJiZWx0LmNvbQAKCRDvTKFQLMurQX+kD/wIOSTb7ZBAu5Jbs9JckaGhom9Kfu1+
 D9Pxs+QHnXxvxzksTYIWtOVJ8otYvoz/zt8OntbBO9J5eHeHe5aQQ1B+L8+2+Z8Z
 yVcKwu7UPHTY0u6gsE7tAGIhw/pPK+bSM0BA7jOTV6VB4wjLB4KnHbNZytiBTgg7
 OzFDqxCgjva8lNjjUJO1vfdGBHfacHEEfVOGxWkotaXw6mXaSzd+lbPGtnwLsca+
 NJOObR5Z25BIzS7R8Ud9epT84sK/iwffbZbfEUZ/cIu3Ghd57xl0diieZGCBJ5Xf
 6Ngq8Pae6hP0mK4DhpKdN+OMpEqX95Vd+azBxxOLY2ITNaKC+v68t6k58a/kTL77
 reBAGU8VKgcHTFx1atG7Sbfq/aOm53McVHOleWZL4W+peqhH2z5TUcGrSfvhIs/4
 4rp7d2zo4J7R42TI2RO8HeLF9+fX857Qwz4GICaFrSZ5m7eoiZirt27YzjUutf6b
 D1wTb0ZEJh3b2WZrne+mrV0p/nT1lgCk5byOjk20RTXeWVC5zEX8JiMt47qx1VVx
 1KvnNy35aGUc872Fsa7zNvtErBXQ7UosuWZlLQh1dLBPXQ85/YY6W9fkgYLc8/LD
 Lc5W6kf3vfWYajeVYLpFB/kF9QuU3f0OzZrnG+K/Vr68IhBuPlJTox7vQERlmp2S
 bRzEh/91Indv0w==
 =APjM
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/palmer/tags/riscv-for-master-4.0-rc3-v2' into staging

RISC-V Patches for 4.0-rc3, v2

This patch set contains a pair of tightly coupled PLIC bug fixes:

* We were calculating the PLIC addresses incorrectly.
* We were installing the wrong number of PLIC interrupts.

The two bugs togther resulted in a mostly-working system, but they're
impossible to seperate because fixing one bug would result in
significant breakage.  As a result they're in the same patch.

There is also a cleanup to use qemu_log_mask(LOG_GUEST_ERROR,...) for
error reporting.

As far as I know these are the last outstanding RISC-V patches for 4.0.

v2 no longer fails "make check" for me... sorry!

# gpg: Signature made Fri 05 Apr 2019 01:33:57 BST
# gpg:                using RSA key 00CE76D1834960DFCE886DF8EF4CA1502CCBAB41
# gpg:                issuer "palmer@dabbelt.com"
# gpg: Good signature from "Palmer Dabbelt <palmer@dabbelt.com>" [unknown]
# gpg:                 aka "Palmer Dabbelt <palmer@sifive.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 00CE 76D1 8349 60DF CE88  6DF8 EF4C A150 2CCB AB41

* remotes/palmer/tags/riscv-for-master-4.0-rc3-v2:
  riscv: plic: Log guest errors
  riscv: plic: Fix incorrect irq calculation

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-05 04:50:30 +01:00
Peter Maydell
bc939abe00 Xen queue
xen-block fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQFOBAABCgA4FiEE+AwAYwjiLP2KkueYDPVXL9f7Va8FAlymOSYaHGFudGhvbnku
 cGVyYXJkQGNpdHJpeC5jb20ACgkQDPVXL9f7Va931Qf+Mo2DsmZ+SjUYMaUJdtEz
 Z8BAZfJyeYarWYb1JwJA2d2ammrIiXBIa9iqmJAbw9z5EyTmrVLJP36M3Do7HMqz
 TlMnQdSzz/YcLV+/72BGoxkwmYxX/KqSk2WnKleg7K20gmp3S31uxjSPKp40zGVj
 zj9NYmnvAjwtsG2Twp2xUcEz//vm4u4bra+M5sYBBWNw0mWnqkT0yCLOxEM9ukGt
 zVyqEdO0N9pLm3flxPJAoEP+aU7GHWSmFq+ofqQ6R4B15v9c7YzV2ckKC75v0Bml
 3MsJwmdJQmITYWykitjrQdCXWzUoKc4aroFaR0h7TLGbkFBsh+FdF0f6oWChS9DW
 3Q==
 =JA/8
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/aperard/tags/pull-xen-20190404' into staging

Xen queue

xen-block fixes

# gpg: Signature made Thu 04 Apr 2019 18:04:38 BST
# gpg:                using RSA key F80C006308E22CFD8A92E7980CF5572FD7FB55AF
# gpg:                issuer "anthony.perard@citrix.com"
# gpg: Good signature from "Anthony PERARD <anthony.perard@gmail.com>" [marginal]
# gpg:                 aka "Anthony PERARD <anthony.perard@citrix.com>" [marginal]
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 5379 2F71 024C 600F 778A  7161 D8D5 7199 DF83 42C8
#      Subkey fingerprint: F80C 0063 08E2 2CFD 8A92  E798 0CF5 572F D7FB 55AF

* remotes/aperard/tags/pull-xen-20190404:
  xen-block: scale sector based quantities correctly
  xen-block: only advertize discard to the frontend when it is enabled...

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-05 03:52:05 +01:00
Alistair Francis
79bcac250f
riscv: plic: Log guest errors
Instead of using error_report() to print guest errors let's use
qemu_log_mask(LOG_GUEST_ERROR,...) to log the error.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-04-04 16:36:21 -07:00
Alistair Francis
0feb4a7129
riscv: plic: Fix incorrect irq calculation
This patch fixes four different things, to maintain bisectability they
have been merged into a single patch. The following fixes are below:

sifive_plic: Fix incorrect irq calculation
The irq is incorrectly calculated to be off by one. It has worked in the
past as the priority_base offset has also been set incorrectly. We are
about to fix the priority_base offset so first first the irq
calculation.

sifive_u: Fix PLIC priority base offset and numbering
According to the FU540 manual the PLIC source priority address starts at
an offset of 0x04 and not 0x00. The same manual also specifies that the
PLIC only has 53 source priorities. Fix these two incorrect header
files.

We also need to over extend the plic_gpios[] array as the PLIC sources
count from 1 and not 0.

riscv: sifive_e: Fix PLIC priority base offset
According to the FE31 manual the PLIC source priority address starts at
an offset of 0x04 and not 0x00.

riscv: virt: Fix PLIC priority base offset
Update the virt offsets based on the newly updated SiFive U and SiFive E
offsets.

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Palmer Dabbelt <palmer@sifive.com>
2019-04-04 16:36:19 -07:00
Paul Durrant
2bcd05cf24 xen-block: scale sector based quantities correctly
The Xen blkif protocol requires that sector based quantities should be
interpreted strictly as multiples of 512 bytes. Specifically:

"first_sect and last_sect in blkif_request_segment, as well as
sector_number in blkif_request, are always expressed in 512-byte units."

Commit fcab2b464e "xen: add header and build dataplane/xen-block.c"
incorrectly modified behaviour to use the block device logical_block_size
property as the scale, instead of correctly shifting values by the
hardcoded BDRV_SECTOR_BITS (and hence scaling them to 512 byte units).
This patch undoes that change and restores compliance with the spec.

Furthermore, this patch also restores the original xen_disk behaviour
of advertizing a hardcoded 'sector-size' value of 512 in xenstore and
scaling 'sectors' accordingly. The realize() method is also modified to
fail if logical_block_size is set to anything other than 512.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Message-Id: <20190401121719.27208-1-paul.durrant@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2019-04-04 18:00:07 +01:00
Paul Durrant
15f084505a xen-block: only advertize discard to the frontend when it is enabled...
...and properly enable it when synthesizing a drive.

The Xen toolstack sets 'discard-enable' to '1' in xenstore when it wants
to enable discard on a specified image. The code in
xen_block_drive_create() correctly parses this and uses it to set
'discard' to 'unmap' for the file_layer, but fails to do the same for the
driver_layer (which effectively disables it). Meanwhile the code in
xen_block_realize() advertizes discard support to the frontend in the
default case (because conf->discard_granularity defaults to -1), even when
the underlying image may not handle it.

This patch adds the missing option to the driver_layer in
xen_block_driver_create() and checks whether BDRV_O_UNMAP is actually
set on the block device before advertizing discard to the frontend.
In the case that discard is supported it also makes sure that the
granularity is set to the physical block size.

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>
Message-Id: <20190320142825.24565-1-paul.durrant@citrix.com>
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
2019-04-04 12:41:23 +01:00
Peter Maydell
f4b3717137 Fix taking address of fields in packed structs warnings
by gcc 9
 -----BEGIN PGP SIGNATURE-----
 
 iQJGBAABCAAwFiEEw9DWbcNiT/aowBjO3s9rk8bwL68FAlykg9ISHGNvaHVja0By
 ZWRoYXQuY29tAAoJEN7Pa5PG8C+vQnkQAJ+1E7/dSkWnfJ9Vu2V9dmlZl7RFFwwh
 SEbzaow0m6TARAdPua8FuSyGiZSEZ3ZgjahaemnCOtMJkpsftDTKY0PXM+eeHNLJ
 59Oh1ZQWel6vUHbJv+EcZF2DdkGBKdhjuTQHqpFgZ0u5ahFNGdOy1rOdDzuagJ03
 gSOyC+v5KEPT0e8uucfoNppFFYhvbT1dVLYl+S6E1h86UueU2WigroHGZZt3Z18p
 CVdm8Kjb8/tuJ09gzEt3gO/9TJUAvattCqK3FFV3FCqfYgSRT2oIUll+6KVuJ+q2
 ktdGhMNSjhdDbROKlbesGImSbROHLjAUPh6f/yZO0msysQsbd8d7Aj0nDRBqH+fy
 wMK0rCUKChuhQhbrm/lOs2kxGzv/JZV8xnLfxP5O5TVhA+2pTFj07Pzc0sJuZBZ7
 gfa6ZsoEO5z/2CKiJH3vJVCN3gwI5UnsH3AmuATfcX2GH7bhar3Zj2oR9J5NprXl
 IPWV0mbBgumZxd9RG38a8tnwkcGHCRqd0x2q8cpD05XWvrl13GamVNwBYvyTvb5L
 MbBGIevDfj0cNgZZ0SKXW4YLgEGMMA4x4hEOi8cvW2pJLnm/YGF2atz1u6Tf4E1V
 /Gcptv/6Qf9cAXrwfTm4lCXWQtSbQRHKa2AynQijR6NpNUvZ4ItMlavsuSkTu+4a
 PMWNL88bUMAr
 =vFLX
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/cohuck/tags/s390x-20190403' into staging

Fix taking address of fields in packed structs warnings
by gcc 9

# gpg: Signature made Wed 03 Apr 2019 10:58:42 BST
# gpg:                using RSA key C3D0D66DC3624FF6A8C018CEDECF6B93C6F02FAF
# gpg:                issuer "cohuck@redhat.com"
# gpg: Good signature from "Cornelia Huck <conny@cornelia-huck.de>" [unknown]
# gpg:                 aka "Cornelia Huck <huckc@linux.vnet.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cornelia.huck@de.ibm.com>" [full]
# gpg:                 aka "Cornelia Huck <cohuck@kernel.org>" [unknown]
# gpg:                 aka "Cornelia Huck <cohuck@redhat.com>" [unknown]
# Primary key fingerprint: C3D0 D66D C362 4FF6 A8C0  18CE DECF 6B93 C6F0 2FAF

* remotes/cohuck/tags/s390x-20190403:
  hw/s390x/3270-ccw: avoid taking address of fields in packed struct
  hw/s390x/ipl: avoid taking address of fields in packed struct
  hw/s390/css: avoid taking address members in packed structs
  hw/vfio/ccw: avoid taking address members in packed structs

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-03 13:13:30 +01:00
Daniel P. Berrangé
7357b22159 hw/s390x/3270-ccw: avoid taking address of fields in packed struct
Compiling with GCC 9 complains

hw/s390x/3270-ccw.c: In function ‘emulated_ccw_3270_cb’:
hw/s390x/3270-ccw.c:81:19: error: taking address of packed member of ‘struct SCHIB’ may result in an unaligned pointer value [-Werror=address-of-packed-member]
   81 |         SCSW *s = &sch->curr_status.scsw;
      |                   ^~~~~~~~~~~~~~~~~~~~~~

This local variable is only present to save a little bit of
typing when setting the field later. Get rid of this to avoid
the warning about unaligned accesses.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190329111104.17223-15-berrange@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-04-03 11:19:57 +02:00
Daniel P. Berrangé
5d45a33292 hw/s390x/ipl: avoid taking address of fields in packed struct
Compiling with GCC 9 complains

hw/s390x/ipl.c: In function ‘s390_ipl_set_boot_menu’:
hw/s390x/ipl.c:256:25: warning: taking address of packed member of ‘struct QemuIplParameters’ may result in an unaligned pointer value [-Waddress-of-packed-member]
  256 |     uint32_t *timeout = &ipl->qipl.boot_menu_timeout;
      |                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~

This local variable is only present to save a little bit of
typing when setting the field later. Get rid of this to avoid
the warning about unaligned accesses.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190329111104.17223-14-berrange@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Farhan Ali <alifm@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-04-03 11:19:57 +02:00
Daniel P. Berrangé
bea0279b72 hw/s390/css: avoid taking address members in packed structs
The GCC 9 compiler complains about many places in s390 code
that take the address of members of the 'struct SCHIB' which
is marked packed:

hw/s390x/css.c: In function ‘sch_handle_clear_func’:
hw/s390x/css.c:698:15: warning: taking address of packed member of ‘struct SCHIB’ may result in an unaligned pointer val\
ue [-Waddress-of-packed-member]
  698 |     PMCW *p = &sch->curr_status.pmcw;
      |               ^~~~~~~~~~~~~~~~~~~~~~
hw/s390x/css.c:699:15: warning: taking address of packed member of ‘struct SCHIB’ may result in an unaligned pointer val\
ue [-Waddress-of-packed-member]
  699 |     SCSW *s = &sch->curr_status.scsw;
      |               ^~~~~~~~~~~~~~~~~~~~~~

...snip many more...

Almost all of these are just done for convenience to avoid
typing out long variable/field names when referencing struct
members. We can get most of this convenience by taking the
address of the 'struct SCHIB' instead, avoiding triggering
the compiler warnings.

In a couple of places we copy via a local variable which is
a technique already applied elsewhere in s390 code for this
problem.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190329111104.17223-13-berrange@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-04-03 11:19:57 +02:00
Daniel P. Berrangé
e1d0b37261 hw/vfio/ccw: avoid taking address members in packed structs
The GCC 9 compiler complains about many places in s390 code
that take the address of members of the 'struct SCHIB' which
is marked packed:

hw/vfio/ccw.c: In function ‘vfio_ccw_io_notifier_handler’:
hw/vfio/ccw.c:133:15: warning: taking address of packed member of ‘struct SCHIB’ may result in an unaligned pointer value \
[-Waddress-of-packed-member]
  133 |     SCSW *s = &sch->curr_status.scsw;
      |               ^~~~~~~~~~~~~~~~~~~~~~
hw/vfio/ccw.c:134:15: warning: taking address of packed member of ‘struct SCHIB’ may result in an unaligned pointer value \
[-Waddress-of-packed-member]
  134 |     PMCW *p = &sch->curr_status.pmcw;
      |               ^~~~~~~~~~~~~~~~~~~~~~

...snip many more...

Almost all of these are just done for convenience to avoid
typing out long variable/field names when referencing struct
members. We can get most of this convenience by taking the
address of the 'struct SCHIB' instead, avoiding triggering
the compiler warnings.

In a couple of places we copy via a local variable which is
a technique already applied elsewhere in s390 code for this
problem.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20190329111104.17223-12-berrange@redhat.com>
Reviewed-by: Eric Farman <farman@linux.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Reviewed-by: Farhan Ali <alifm@linux.ibm.com>
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
2019-04-03 11:19:57 +02:00
Peter Maydell
061b51e919 Update version for v4.0.0-rc2 release
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-02 17:01:20 +01:00
Peter Xu
81fb1e646e intel_iommu: Drop extended root field
VTD_RTADDR_RTT is dropped even by the VT-d spec, so QEMU should
probably do the same thing (after all we never really implemented it).
Since we've had a field for that in the migration stream, to keep
compatibility we need to fill the hole up.

Please refer to VT-d spec 10.4.6.

Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20190329061422.7926-3-peterx@redhat.com>
Reviewed-by: Liu, Yi L <yi.l.liu@intel.com>
Acked-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-04-02 11:49:14 -04:00
Peter Xu
2811af3b49 intel_iommu: Fix root_scalable migration breakage
When introducing the initial support for scalable mode we added a
new field into vmstate however we blindly migrate that field without
notice.  That'll break migration no matter forward or backward.

The normal way should be that we use something like
VMSTATE_UINT32_TEST() or subsections for the new vmstate field however
for this case of vt-d we can even make it simpler because we've
already migrated all the registers and it'll be fairly simple that we
re-generate root_scalable field from the register values during post
load of the device.

Fixes: fb43cf739e ("intel_iommu: scalable mode emulation")
Reviewed-by: Yi Sun <yi.y.sun@linux.intel.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
Message-Id: <20190329061422.7926-2-peterx@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-04-02 11:49:14 -04:00
Yuval Shaia
20f86a75a7 virtio-net: Fix typo in comment
Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
Message-Id: <20190321161832.10533-1-yuval.shaia@oracle.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-04-02 11:49:14 -04:00
Alex Williamson
75c5626c88 intel_iommu: Correct caching-mode error message
If we try to use the intel-iommu device with vfio-pci devices without
caching mode enabled, we're told:

  qemu-system-x86_64: We need to set caching-mode=1 for intel-iommu to enable
  device assignment with IOMMU protection.

But to enable caching mode, the option is actually "caching-mode=on".

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Message-Id: <155364147432.16467.15898335025013220939.stgit@gimli.home>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Alex Williamson &lt;<a href="mailto:alex.williamson@redhat.com" target="_blank" rel="noreferrer">alex.williamson@redhat.com</a>&gt;<br>
Reviewed-by: Eric Auger <eric.auger@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-04-02 11:49:14 -04:00
Liam Merwick
22132828d1 acpi: verify file entries in bios_linker_loader_add_pointer()
The callers to bios_linker_find_file() assert that the file entry returned
is not NULL, except for those in bios_linker_loader_add_pointer().  Add two
asserts in that case for completeness and to facilitate static code analysis.

Signed-off-by: Liam Merwick <liam.merwick@oracle.com>
Message-Id: <1553199229-25318-1-git-send-email-liam.merwick@oracle.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2019-04-02 11:49:14 -04:00
Peter Maydell
37301a8d0f Miscellaneous patches for 2019-04-02
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJco01zAAoJEDhwtADrkYZTzJkP/1izIRaWBMOwhwwDORgdxIro
 Qgd8cgXSiC2WAPtagEdaQQRtYdEwlBTCcnRBqXQixWnJ52FnaijwRdUx2cwTXP2x
 rX0G0inhS7xE7P9Zr9sPhTMafLN5kUyFsm5WsZZbLDcimXMZtAYm7vZAdvneMfMj
 MjOu7FXLtlwvU2Gg1z8Kog3+ShkafHsUm1lQnAp2YQSsSCHRIazTuyyqIpqZEyUt
 ie7zI7GMA0arIJfNQSfrgLiquD4Rj+Cn4RHp4RnKeGTExhNrZJcSk3+IUz25MJIK
 O+Rlftr+iHk/FzoAa0NeASaNuI+cUjbxTEJwvz+sbulSVLBX58pP22vxh4wauslm
 VjrHzj5xRo6w6RKPmkJn0CgJnIAGc7Ulzyt/gpVT+Qm2SRY5EnV3KoEtYcU7xtHw
 uK8YRWThadkG+nHc2LOR8DjjT/h+JitpjwvPadt2NZpoGZkrvGuKZAJ4TKf8Yv0z
 eiyfxV4trZisCEInIcMOVa7cAhO7i7/eUO1/IFNrD+X++/BTWFAlW3cqj41PUl+E
 exGWHHP+Z08TFV2kKobmee1xrv1RRhdFYk8BcWHS83fxqHNGCoPHE/dfB/kJGCMr
 96JE6LTDVIRmMHQjzs0nMHtTZPfaONvdjHuv9kuQj6wnbjYAE8z0ZlcnEa9sSZZQ
 CcaSZLqGJstkoUJwRZQx
 =yOO7
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/armbru/tags/pull-misc-2019-04-02' into staging

Miscellaneous patches for 2019-04-02

# gpg: Signature made Tue 02 Apr 2019 12:54:27 BST
# gpg:                using RSA key 3870B400EB918653
# gpg: Good signature from "Markus Armbruster <armbru@redhat.com>" [full]
# gpg:                 aka "Markus Armbruster <armbru@pond.sub.org>" [full]
# Primary key fingerprint: 354B C8B3 D7EB 2A6B 6867  4E5F 3870 B400 EB91 8653

* remotes/armbru/tags/pull-misc-2019-04-02:
  accel: Unbreak accelerator fallback
  vl: Document dependencies hiding in global and compat props
  migration: Support adding migration blockers earlier
  Revert "migration: move only_migratable to MigrationState"
  Revert "vl: Fix to create migration object before block backends again"
  qapi/migration.json: Rename COLOStatus last_mode to last-mode
  qapi/migration.json: Fix ColoStatus member last_mode's version
  vl: Fix error location of positional arguments

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-02 16:13:59 +01:00
Peter Maydell
436960c959 filemon: various fixes / improvements to file monitor for USB MTP
Ensure watch IDs unique within a monitor and avoid integer wraparound
 issues when many watches are set & unset over time.
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCAAGBQJco1tUAAoJEL6G67QVEE/f9xYP/2OTsAk6dHCcWqc///jXN0JW
 OLcnpmjuh5KgUmOrs7NIRYRo2DARrhNDDXckHjDuX2HmnzoTB5p7DXLWMPgAzxj6
 o83yxYT0Qqw79wxqbDmJ1y3kUVka1r94wCmmvUmxQZjLbDk8u2ytNUDbEOVlM0VJ
 R7T800j8PhbY1pg9PiJJZonm7dxZAVNSCF4AgkrJVIes6MqhvNUhVsck5q/CC3yi
 0jkglsiVTyXjKpJsioM9VhQXeqiHfFl3qjcPi0XQ99lVpTMFysNd4UdnVXhNs9NI
 Xe52yQ7NG3fEggUivtFBmvVplNOg09K6U2vkyk9z8S1WTLZsbabwvwSvkVPW3Ty0
 QaDgI6wNSiBb7Lfl2bbUR6X3j9QXUn8bhlczBsorS4uU4+NdHGyERsZLKLZazYYz
 5t+xm4YBGJhtlt8IglNBjtaJFBuqgjrBEuBkfpevB2ocioWnU6APOdwWkKlSe3+r
 EuKFUcbhRiRAGO05DjntNkePigb66IVkSiJXd4uSid/+akn5kQ19PSD8tXdfvZ7h
 8HYTnWZa3OSLd7tZlwRzimnKuVSIsSnj+NobkIs8HSS3N7oN1t4FC5jH9D6GmK0R
 djQs6a5mHQbonrc0dXxlb+P8u6I+ppxznPpfL/aQJ4pFM18V6gmcZEQluhwALNe9
 rdPUnCudC/9SUNpMf3rI
 =qriK
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/filemon-next-pull-request' into staging

filemon: various fixes / improvements to file monitor for USB MTP

Ensure watch IDs unique within a monitor and avoid integer wraparound
issues when many watches are set & unset over time.

# gpg: Signature made Tue 02 Apr 2019 13:53:40 BST
# gpg:                using RSA key BE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full]
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>" [full]
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/filemon-next-pull-request:
  filemon: fix watch IDs to avoid potential wraparound issues
  filemon: ensure watch IDs are unique to QFileMonitor scope
  tests: refactor file monitor test to make it more understandable

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-02 14:52:17 +01:00
Peter Maydell
9a363f0bcc Block layer patches:
- file-posix: Ignore unlock failure instead of crashing
 - gluster: Limit the transfer size to 512 MiB
 - stream: Fix backing chain freezing
 - qemu-img: Enable BDRV_REQ_MAY_UNMAP for zero writes in convert
 - iotests fixes
 -----BEGIN PGP SIGNATURE-----
 
 iQIcBAABAgAGBQJco1nvAAoJEH8JsnLIjy/WKSAP/AyAGt4DFbsfVq1SbX2MB/3F
 QtLi3q3Yjy71OaNyMJsqgd8dxoqO1bWKC7MmLxwFZwvwmXhgq7EVbJ6vJ7kzuHw5
 FMsVavm61mL/vsKypFieYHbahiKC31R7sw4Vl7yeKG02oDgi/0SnIQxxO0rmIZxG
 Jx+p5tBDmrJ2WpgCWI0yr3VuYeJ/gJyw8la3Ubf1OzTBuTyfg94vSCsECX7GWm1w
 0YkcRODct96mmqKCf6haHXQs9tTa6FnC9fsReenYcQg7nyqTttyXJz08fuqGQwWm
 sNcmMp2/YxAg2Z85Aq21fmTkXbGopEHtoC2fg71WET1DzpqMvvJPFBIOneBSzUon
 KHrZfZnziAzUESHDqenCQcHlbtWXxPY+7H0lojvhsLVzyEns6eLOSer093HqAh4s
 +av55+ucTUYRl9Uk8/vFPdFBh0bNJRJB2yazp0Fk5Yoo8y70TXePQ8ZkpjH9VSpb
 uQXy+FBc7LXYHB1KW/vhtuVoKgftbHi29rQ3imb9y6HYuJoJYZS9uGgrFpzF0YBN
 /mBG17YqE8Imfuavt0WQqNLSub/km9eqFrejnMqDBka1hZblecOB+3Ujcud5C7Vk
 HtKDdr2/Z+M1KApFMKhNZzEksXwhOVQ6VVZZfRGCjc/EXMOZ2gg8YlqOtotUzA0i
 vV2wMgpqE2Ihx1gIIqw/
 =a4LV
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/kevin/tags/for-upstream' into staging

Block layer patches:

- file-posix: Ignore unlock failure instead of crashing
- gluster: Limit the transfer size to 512 MiB
- stream: Fix backing chain freezing
- qemu-img: Enable BDRV_REQ_MAY_UNMAP for zero writes in convert
- iotests fixes

# gpg: Signature made Tue 02 Apr 2019 13:47:43 BST
# gpg:                using RSA key 7F09B272C88F2FD6
# gpg: Good signature from "Kevin Wolf <kwolf@redhat.com>" [full]
# Primary key fingerprint: DC3D EB15 9A9A F95D 3D74  56FE 7F09 B272 C88F 2FD6

* remotes/kevin/tags/for-upstream:
  tests/qemu-iotests/235: Allow fallback to tcg
  block: test block-stream with a base node that is used by block-commit
  block: freeze the backing chain earlier in stream_start()
  block: continue until base is found in bdrv_freeze_backing_chain() et al
  block/file-posix: do not fail on unlock bytes
  tests/qemu-iotests: Remove redundant COPYING file
  block/gluster: limit the transfer size to 512 MiB
  qemu-img: Enable BDRV_REQ_MAY_UNMAP in convert
  iotests: Fix test 200 on s390x without virtio-pci

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2019-04-02 14:03:11 +01:00
Daniel P. Berrangé
b4682a63f8 filemon: fix watch IDs to avoid potential wraparound issues
Watch IDs are allocated from incrementing a int counter against
the QFileMonitor object. In very long life QEMU processes with
a huge amount of USB MTP activity creating & deleting directories
it is just about conceivable that the int counter can wrap
around. This would result in incorrect behaviour of the file
monitor watch APIs due to clashing watch IDs.

Instead of trying to detect this situation, this patch changes
the way watch IDs are allocated. It is turned into an int64_t
variable where the high 32 bits are set from the underlying
inotify "int" ID. This gives an ID that is guaranteed unique
for the directory as a whole, and we can rely on the kernel
to enforce this. QFileMonitor then sets the low 32 bits from
a per-directory counter.

The USB MTP device only sets watches on the directory as a
whole, not files within, so there is no risk of guest
triggered wrap around on the low 32 bits.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-02 13:52:02 +01:00
Daniel P. Berrangé
ff3dc8fefe filemon: ensure watch IDs are unique to QFileMonitor scope
The watch IDs are mistakenly only unique within the scope of the
directory being monitored. This is not useful for clients which are
monitoring multiple directories. They require watch IDs to be unique
globally within the QFileMonitor scope.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Tested-by: Bandan Das <bsd@redhat.com>
Reviewed-by: Bandan Das <bsd@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-02 13:46:33 +01:00
Daniel P. Berrangé
b26c3f9cbd tests: refactor file monitor test to make it more understandable
The current file monitor unit tests are too clever for their own good
making it hard to understand the desired output.

Instead of trying to infer the expected events, explicitly list the
events we expect in the operation sequence.

Instead of dynamically building a matrix of tests, just have one giant
operation sequence that validates all scenarios in a single test.

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-04-02 13:46:33 +01:00
Markus Armbruster
79b9d4bde7 accel: Unbreak accelerator fallback
When the user specifies a list of accelerators, we pick the first one
that initializes successfully.  Recent commit 1a3ec8c156 broke that.
Reproducer:

    $ qemu-system-x86_64 --machine accel=xen:tcg
    xencall: error: Could not obtain handle on privileged command interface: No such file or directory
    xen be core: xen be core: can't open xen interface
    can't open xen interface
    qemu-system-x86_64: failed to initialize Xen: Operation not permitted
    qemu-system-x86_64: /home/armbru/work/qemu/qom/object.c:436: object_set_accelerator_compat_props: Assertion `!object_compat_props[0]' failed.

Root cause: we register accelerator compat properties even when the
accelerator fails.  The failed assertion is
object_set_accelerator_compat_props() telling us off.  Fix by calling
it only for the accelerator that succeeded.

Fixes: 1a3ec8c156
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20190401090827.20793-6-armbru@redhat.com>
2019-04-02 13:50:09 +02:00
Markus Armbruster
0427b6257e vl: Document dependencies hiding in global and compat props
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190401090827.20793-5-armbru@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2019-04-02 13:50:01 +02:00
Markus Armbruster
daff7f0bbe migration: Support adding migration blockers earlier
migrate_add_blocker() asserts we have a current_migration object, in
migrate_get_current().  We do only after migration_object_init().

This contributes to the following dependency cycle:

* configure_blockdev() must run before machine_set_property()
  so machine properties can refer to block backends

* machine_set_property() before configure_accelerator()
  so machine properties like kvm-irqchip get applied

* configure_accelerator() before migration_object_init()
  so that Xen's accelerator compat properties get applied.

* migration_object_init() before configure_blockdev()
  so configure_blockdev() can add migration blockers

The cycle was closed when recent commit cda4aa9a5a "Create block
backends before setting machine properties" added the first
dependency, and satisfied it by violating the last one.  Broke block
backends that add migration blockers, as demonstrated by qemu-iotests
055.

To fix it, break the last dependency: make migrate_add_blocker()
usable before migration_object_init().

The previous commit already removed the use of migrate_get_current()
from migrate_add_blocker() itself.  Didn't quite do the trick, as
there's another one hiding in migration_is_idle().

The use there isn't actually necessary: when no migration object has
been created yet, migration is surely idle.  Make migration_is_idle()
return true then.

Fixes: cda4aa9a5a
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190401090827.20793-4-armbru@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2019-04-02 13:49:36 +02:00
Markus Armbruster
811f865271 Revert "migration: move only_migratable to MigrationState"
This reverts commit 3df663e575.
This reverts commit b605c47b57.

Command line option --only-migratable is for disallowing any
configuration that can block migration.

Initially, --only-migratable set global variable @only_migratable.

Commit 3df663e575 "migration: move only_migratable to MigrationState"
replaced it by MigrationState member @only_migratable.  That was a
mistake.

First, it doesn't make sense on the design level.  MigrationState
captures the state of an individual migration, but --only-migratable
isn't a property of an individual migration, it's a restriction on
QEMU configuration.  With fault tolerance, we could have several
migrations at once.  --only-migratable would certainly protect all of
them.  Storing it in MigrationState feels inappropriate.

Second, it contributes to a dependency cycle that manifests itself as
a bug now.

Putting @only_migratable into MigrationState means its available only
after migration_object_init().

We can't set it before migration_object_init(), so we delay setting it
with a global property (this is fixup commit b605c47b57 "migration:
fix handling for --only-migratable").

We can't get it before migration_object_init(), so anything that uses
it can only run afterwards.

Since migrate_add_blocker() needs to obey --only-migratable, any code
adding migration blockers can run only afterwards.  This contributes
to the following dependency cycle:

* configure_blockdev() must run before machine_set_property()
  so machine properties can refer to block backends

* machine_set_property() before configure_accelerator()
  so machine properties like kvm-irqchip get applied

* configure_accelerator() before migration_object_init()
  so that Xen's accelerator compat properties get applied.

* migration_object_init() before configure_blockdev()
  so configure_blockdev() can add migration blockers

The cycle was closed when recent commit cda4aa9a5a "Create block
backends before setting machine properties" added the first
dependency, and satisfied it by violating the last one.  Broke block
backends that add migration blockers.

Moving @only_migratable into MigrationState was a mistake.  Revert it.

This doesn't quite break the "migration_object_init() before
configure_blockdev() dependency, since migrate_add_blocker() still has
another dependency on migration_object_init().  To be addressed the
next commit.

Note that the reverted commit made -only-migratable sugar for -global
migration.only-migratable=on below the hood.  Documentation has only
ever mentioned -only-migratable.  This commit removes the arcane &
undocumented alternative to -only-migratable again.  Nobody should be
using it.

Conflicts:
	include/migration/misc.h
	migration/migration.c
	migration/migration.h
	vl.c

Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190401090827.20793-3-armbru@redhat.com>
Reviewed-by: Igor Mammedov <imammedo@redhat.com>
2019-04-02 13:38:05 +02:00