Michal Privoznik [Fri, 12 Apr 2019 08:03:36 +0000 (10:03 +0200)]
qemu: Always assume QEMU_CAPS_REALTIME_MLOCK
The '-realtime mlock' cmd line argument was introduced in QEMU
commit v1.5.0-rc0~190 which matches minimal QEMU version we
require. Therefore, the capability will always be present.
Apparently, nearly none of our xml2argv test cases had the
capability hence slightly bigger change under qemuxml2argvdata/.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Pavel Hrdina [Thu, 11 Apr 2019 15:13:16 +0000 (17:13 +0200)]
virresctrl: fix MBA memory leak
The 'bandwidths' variable is allocated using VIR_RESIZE_N so it has to
be freed as well.
==118315== 8 bytes in 1 blocks are definitely lost in loss record 299 of 2,401
==118315== at 0x4C29DAD: malloc (vg_replace_malloc.c:308)
==118315== by 0x4C2C100: realloc (vg_replace_malloc.c:836)
==118315== by 0x52C3FAF: virReallocN (viralloc.c:245)
==118315== by 0x52C4079: virExpandN (viralloc.c:294)
==118315== by 0x532BBA8: virResctrlAllocParseProcessMemoryBandwidth (virresctrl.c:1156)
==118315== by 0x532BBA8: virResctrlAllocParseMemoryBandwidthLine (virresctrl.c:1211)
==118315== by 0x532BBA8: virResctrlAllocParse (virresctrl.c:1414)
==118315== by 0x532BBA8: virResctrlAllocGetGroup (virresctrl.c:1446)
==118315== by 0x532C11D: virResctrlAllocGetDefault (virresctrl.c:1464)
==118315== by 0x532D15E: virResctrlAllocAssign (virresctrl.c:1923)
==118315== by 0x532D15E: virResctrlAllocCreate (virresctrl.c:2042)
==118315== by 0x31E1ABEE: qemuProcessResctrlCreate (qemu_process.c:2596)
==118315== by 0x31E1ABEE: qemuProcessLaunch (qemu_process.c:6444)
==118315== by 0x31E1E341: qemuProcessStart (qemu_process.c:6721)
==118315== by 0x31E81315: qemuDomainObjStart.constprop.50 (qemu_driver.c:7288)
==118315== by 0x31E81A65: qemuDomainCreateWithFlags (qemu_driver.c:7341)
==118315== by 0x54DDB4B: virDomainCreate (libvirt-domain.c:6534)
Andrea Bolognani [Thu, 11 Apr 2019 15:12:02 +0000 (17:12 +0200)]
m4: sasl: Use pkg-config
Since commit 4e75b0a00fb4 we support SASL 2.1.26 and newer
releases only, all of which ship a .pc file. Using pkg-config
allows FreeBSD builds to pick up the dependency automatically.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Andrea Bolognani [Thu, 11 Apr 2019 15:58:24 +0000 (17:58 +0200)]
src: Include SASL_CFLAGS where appropriate
A bunch of files include src/rpc/virnetsaslcontext.h, which
in turn includes <sasl/sasl.h>, and without the corresponding
CFLAGS the compiler can't locate the latter if it happens to
be installed outside of the default include path as is the
case, for example, on FreeBSD.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Laine Stump [Thu, 11 Apr 2019 16:53:54 +0000 (12:53 -0400)]
build: set --without-firewalld-zone in configure commandline for Fedora 30
The firewalld package in Fedora 30 didn't get support for rich rule
priorities, which is required by the libvirt zonefile that's installed
when the build is configured with --with-firewalld-zone, so we need to
set --without-firewalld-zone for that version of Fedora. The needed
feature is already upstream in firewalld, so it just needs another
upstream release to be there. Let's be optimistic and assume that will
happen prior to F31.
Resolves: https://bugzilla.redhat.com/1699051 Signed-off-by: Laine Stump <laine@laine.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Acked-by: Eric Garver <eric@garver.life>
travis: put macOS script inline in the macOS matrix entry
Now that we don't have separate scripts defined for native and mingw
builds, there is no point having one for macOS. It can just be inlined
at the one place it is needed.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
travis: convert Ubuntu, CentOS & MinGW builds to use new make rules
Change the Travis CI configuration to invoke the new ci-build@$IMAGE
target instead of directly running Docker. This guarantees that when a
developer runs ci-build@$IMAGE locally, the container build setup is
identical to that used in Travis CI, with exception of the host kernel
and Docker version.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
tests: add targets for building libvirt inside Docker containers
The Travis CI system uses Docker containers for its build environment.
These are pre-built and hosted under quay.io/libvirt so that developers
can use them for reproducing problems locally.
Getting the right Docker command syntax to use them, however, is not
entirely easy. This patch addresses that usability issue by introducing
some make targets. To run a simple build (aka 'make all') using the
Fedora 28 container:
make ci-build@fedora-28
To also run unit tests
make ci-check@fedora-28
This is just syntax sugar for calling the previous command with a
custom make target
make ci-build@fedora-28 CI_MAKE_ARGS="check"
To do a purely interactive build it is possible to request a shell
make ci-shell@fedora-28
To do a MinGW build, it is currently possible to use the fedora-rawhide
image and request a different configure script
make ci-build@fedora-rawhide CI_CONFIGURE=mingw32-configure
It is also possible to do cross compiled builds via the Debian containers
make ci-build@debian-9-cross-s390x
In all cases the GIT source tree is cloned locally into a 'ci-tree/src'
sub-directory which is then exposed to the container at '/src'. It is
setup to use a separate build directory so the build takes place in a
subdir '/src/build'. A source tree build can be requested instead
by passing an empty string CI_VPATH= arg to make.
The make rules are kept in a standalone file that is included into the
main Makefile.am, so that it is possible to run them without having to
invoke autotools first.
It is neccessary to disable the gnulib submodule commit check because
this fails due to the way we have manually cloned submodule repos as
primary git repos with their own .git directory, instead of letting
git treat them as submodules in the top level .git directory.
make[1]: Entering directory '/src/build'
fatal: Not a valid object name origin
fatal: run_command returned non-zero status for .gnulib
.
maint.mk: found non-public submodule commit
make: *** [/src/maint.mk:1448: public-submodule-commit] Error 1
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Cole Robinson [Sat, 16 Mar 2019 18:20:32 +0000 (14:20 -0400)]
Always put _LAST enums on second line of VIR_ENUM_IMPL
Standardize on putting the _LAST enum value on the second line
of VIR_ENUM_IMPL invocations. Later patches that add string labels
to VIR_ENUM_IMPL will push most of these to the second line anyways,
so this saves some noise.
remote: enforce ACL write permission for getting guest time & hostname
Getting the guest time and hostname both require use of guest agent
commands. These must not be allowed for read-only users, so the
permissions check must validate "write" permission not "read".
Fixes CVE-2019-3886 Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
api: disallow virDomainGetHostname for read-only connections
The virDomainGetHostname API is fetching guest information and this may
involve use of an untrusted guest agent. As such its use must be
forbidden on a read-only connection to libvirt.
Fixes CVE-2019-3886 Reviewed-by: Jim Fehlig <jfehlig@suse.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Allow targetting the search scope to the website, wiki or mailing lists
only. When javascript is disabled this should gracefully fallback to
only searching the website.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
build-aux: ensure all scripts are included in EXTRA_DIST
Few of the scripts in build-aux are included in EXTRA_DIST. This is not
a serious problem since they are primarily tools intended for developers
upstream, and downstream builds won't need them. Having them missing,
however, complicates downstream patching because it means patches that
are auto-exported from git will fail to apply if they include a change
to a file in build-aux/. By bundling all these scripts in the dist we
make patching more straightforward.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Cole Robinson [Sun, 31 Mar 2019 15:32:18 +0000 (11:32 -0400)]
tests: qemuxml2argv: Rename testInfo* to testQemuInfo*
In preparation for moving these bits to a shared place, rename them
to match one of the testutilsqemu.c function prefixes. Rename
info->flags handling too as it will need to be moved
testInfoSetPaths isn't renamed because it will stay local
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Cole Robinson <crobinso@redhat.com>
Cole Robinson [Sun, 31 Mar 2019 15:08:19 +0000 (11:08 -0400)]
tests: qemuxml2argv: add testInfoSetPaths
This moves infile and outfile building outside the test case,
which better fits the pattern of qemuxml2xmltest. It also lets us
drop the qemuxml2argtest-specific 'suffix' from testInfo
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Cole Robinson <crobinso@redhat.com>
Cole Robinson [Sun, 31 Mar 2019 14:59:30 +0000 (10:59 -0400)]
tests: qemuxml2argv: Add info->{in,out}file
Track infile and outfile in testInfo. This is step towards moving path
creation out of the test case, which will eventually help sharing more
code with qemuxml2xmltest.c
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Cole Robinson <crobinso@redhat.com>
Peter Krempa [Fri, 5 Apr 2019 15:29:40 +0000 (17:29 +0200)]
internal: Introduce VIR_RETURN_PTR
With the introduction of more and more internal data types which support
VIR_AUTOPTR it's becoming common to see the following pattern:
VIR_AUTOPTR(virSomething) some = NULL
virSomethingPtr ret = NULL;
... (ret is not touched ) ...
VIR_STEAL_PTR(ret, some);
return ret;
This patch introduces a macro named VIR_RETURN_PTR which returns the
pointer directly without the need for an explicitly defined return
variable and use of VIR_STEAL_PTR. Internally obviously a temporary
pointer is created to allow setting the original pointer to NULL so that
the VIR_AUTOPTR function does not free the memory which we want to
actually return.
The name of the temporary variable is deliberately long and complex to
minimize the possibility of collision.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Andrea Bolognani [Wed, 10 Apr 2019 13:08:46 +0000 (15:08 +0200)]
tests: Fix MinGW build for domaincapstest
Commit 5b9819eedc71 started using the virFileWrapper APIs in
the test program, and correctly called them only in the section
of code guarded by WITH_QEMU; however, a single call to the
virFileWrapperClearPrefixes() function ended up in the
hypervisor-agnostic section, causing a build failure on MinGW.
Move the call to the QEMU-only section; while at it, also drop
the virFileWrapperRemovePrefix() calls, which are entirely
redundant since we'd drop all prefixes immediately afterwards
anyway.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Acked-by: Michal Privoznik <mprivozn@redhat.com>
domain capabilities: Expose firmware auto selection feature
If a management application wants to use firmware auto selection
feature it can't currently know if the libvirtd it's talking to
support is or not. Moreover, it doesn't know which values that
are accepted for the @firmware attribute of <os/> when parsing
will allow successful start of the domain later, i.e. if the mgmt
application wants to use 'bios' whether there exists a FW
descriptor in the system that describes bios.
This commit then adds 'firmware' enum to <os/> element in
<domainCapabilities/> XML like this:
We can see both 'bios' and 'efi' listed which means that there
are descriptors for both found in the system (matched with the
machine type and architecture reported in the domain capabilities
earlier and not shown here).
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
The point of this API is to fetch all FW descriptors, parse them
and return list of supported interfaces and SMM feature for given
combination of machine type and guest architecture.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Acked-by: Laszlo Ersek <lersek@redhat.com>
Getting rid of unistd.h from our headers will require more work than
just fixing the broken mingw build. Revert it until I have a more
complete proposal.
Peter Krempa [Mon, 1 Apr 2019 13:14:30 +0000 (15:14 +0200)]
util: Move the VIR_AUTO(CLEAN|PTR) helper macros into a separate header
Keeping them with viralloc.h forcibly pulls in the other stuff from
viralloc.h into other header files. This in turn creates a mess
as more and more headers pull in the 'viral' header file.
If we want to make 'viralloc.h' omnipresent we should pick a different
approach.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Han Han [Tue, 9 Apr 2019 10:01:25 +0000 (18:01 +0800)]
vmx: Define VMX_CONFIG_FORMAT_ARGV
Define VMX_CONFIG_FORMAT_ARGV to replace the hardcoded 'vmware-vmx'
string used by the domxml-X-native APIs. This follows the pattern used
by other drivers.
Reviewed-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Han Han <hhan@redhat.com>
Peter Krempa [Tue, 2 Apr 2019 15:35:42 +0000 (17:35 +0200)]
rpc: Refactor cleanup paths in virNetLibsshAuthenticatePassword
Now that the memory disposal is handled automatically we can simplify
the cleanup paths. In this case it's not as simple as sometimes the
value of the called function is returned.
While at it fix the initialization value of the returned variable.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
Julio Faracco [Mon, 8 Apr 2019 20:32:14 +0000 (17:32 -0300)]
util: Fix uninitalized variable to avoid garbage
This commit fixes an unitialized variable to avoid garbage value
when virNetDevBridgeGet method returns error. When, that method fails
before initialize 'val' variable, it can cause problems related to
that.
Signed-off-by: Julio Faracco <jcfaracco@gmail.com> Reviewed-by: Erik Skultety <eskultet@redhat.com>
Eric Blake [Mon, 8 Apr 2019 16:45:47 +0000 (11:45 -0500)]
snapshot: Fix use-after-free during snapshot delete
Commit b647d2195 introduced a use-after-free situation when the caller
is trying to delete a snapshot and its children: if the callback
function deletes the parent, it is no longer safe to query the parent
to learn which children also need to be deleted (where we previously
saved deleting the parent for last). To fix the problem, while still
maintaining support for topological visits of callback functions, we
have to stash off any information needed for later traversal prior to
using a callback function (virDomainMomentForEachChild already does
this, it is only virDomainMomentActOnDescendant that was running into
problems).
Sadly, the testsuite did not cover the problem at the time. Worse,
even though I later added commit 280a2b41e to catch problems like
this, and even though that test is indeed sufficient to detect the
problem when run under valgrind or suitable MALLOC_PERTURB_ settings,
I'm guilty of not running the test in such an environment. Thus,
v5.2.0 has a regression that could have been prevented had we used the
testsuite to its full power. On the bright side, deleting snapshots
requires ACL domain:snapshot, which is arguably as powerful as
domain:write, so I don't think this use-after-free forms a security
hole.
At some point, it would be nice to convert virDomainMomentObj into a
virObject, at which point, the solution is even simpler: add
virObjectRef/Unref around the callback. But as that will require
auditing even more places in the code, I went with the simplest patch
for the regression fix.
Fixes: b647d2195 Reported-by: Roman Bogorodskiy <bogorodskiy@gmail.com> Signed-off-by: Eric Blake <eblake@redhat.com> Tested-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
The microcode version checks are used to invalidate cached CPU data we
get from QEMU. To minimize /proc/cpuinfo parsing the microcode version
was only read when libvirtd started and cached for the daemon's
lifetime. However, the CPU microcode can change anytime (updating the
microcode package can automatically upload it to the CPU) and we need to
stop caching it to avoid using stale CPU model data.
Signed-off-by: Jiri Denemark <jdenemar@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
The example currently assumes that a NULL URI will open Xen and thus
also assumes that a domain with ID 0 exists. Change it to require the
URI and a domain name as command line arguments.
Reviewed-by: Ján Tomko <jtomko@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
libvirt.org/search.php drops into some kind of screen which I guess
is supposed to show a search bar with options, but presently for me
renders as nothing but the following text:
Search the documentation on Libvirt.org
The search service indexes the libvirt APIs and documentation as well as the libvir-list@redhat.com mailing-list archives. To use it simply provide a set of keywords:
The main page search bar now redirects to google, this page is broken,
I say we just remove it and move on.
Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Cole Robinson <crobinso@redhat.com>
The website search is perpetually broken, has had XSS issues in the
past, and I suspect when it's working it's not as fast or capable as
a simple google site:libvirt.org search
Replace the <form> implementation with one that sends the user to
google.com with 'site:libvirt.org' appended to the search string
Reviewed-by: Daniel P. Berrange <berrange@redhat.com> Signed-off-by: Cole Robinson <crobinso@redhat.com>
Eric Blake [Wed, 27 Mar 2019 18:42:45 +0000 (13:42 -0500)]
tests: Avoid writing into $HOME during virsh-snapshot
In a constrained CI environment, where it is intentional that attempts
to write outside the current directory will fail, virsh-snapshot was
failing:
@@ -1,2 +1,3 @@
error: invalid argument: parent s3 for snapshot s2 not found
error: marker
+error: Failed to create '/home/travis/.cache/libvirt/virsh': Permission denied
FAIL virsh-snapshot (exit status: 1)
But we've already solved the problem in virsh-uriprecedence: tell
virsh to use XDG locations pointing to somewhere we can write rather
than its default of falling back to $HOME with the test being at risk
of breaking due to the user's environment and/or unacceptably altering
the user's normal cache. Hoist that solution into test-lib.sh, so
that all scripts can use it as needed. While at it, fix a latent typo
where XDG_RUNTIME_HOME was set to a literal relative directory name
"XDG_CACHE_HOME" (the typo did not affect virsh-uriprecedence, but
could matter to other clients).
Fixes: 280a2b41 Fixes: 398de147 Reported-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
docs: stop advertizing FTP or HTTP for downloads of libvirt
On the modern internet it is not credible to continue to advertize
software downloads over unencrypted connections. Even if users could
theoretically use GPG to verify the signatures, not all our downloads
are signed and few people know how to correctly verify signatures.
Reviewed-by: Andrea Bolognani <abologna@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Andrea Bolognani [Thu, 21 Mar 2019 15:35:27 +0000 (16:35 +0100)]
tests: Refresh capabilities for QEMU 4.0.0 on RISC-V
There are a few differences, but the one we're interested in is
that PCIe Root Ports are finally available: as a result of this,
our riscv64-virt-headless guest will switch from virtio-mmio to
virtio-pci.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Cole Robinson <crobinso@redhat.com>
Andrea Bolognani [Thu, 21 Mar 2019 15:50:18 +0000 (16:50 +0100)]
qemu: Require PCIe Root Port for PCI by default on ARM virt
Our PCIe topology depends on the availability of PCIe Root Ports,
so if none of the suitable devices (pcie-root-port, ioh3420) is
compiled into QEMU we should fall back to virtio-mmio rather than
trying to use PCI addresses only to fail immediately afterwards
when we realize we can't use the necessary controllers.
Note that this additional check is basically moot for ARM virt
guests, because PCIe Root Ports were enabled in QEMU builds for
the architecture well before guest OS support had been widely
available; however, the opposite is true for RISC-V, and tweaking
the code this way will allow us to share it between architectures.
Signed-off-by: Andrea Bolognani <abologna@redhat.com> Reviewed-by: Cole Robinson <crobinso@redhat.com>
If the console was disconnected due to a connection problem or a problem on the
server side it is convinient to provide the cause to the user. If the error
come from the API then the error is saved in a virsh global variable. However,
since success is returned from virshRunConsole after we reach the waiting stage,
then the error is never reported. Let's track the error in the event loop.
Next after failure we do a cleanup and this cleanup can overwrite
root cause. Thus let's save root cause immediately and then set it to
virsh error after all cleanup is done.
Since we'll be sending the error to the consumer, each failure path from
the event handlers needs to be augmented to provide what error generated
the failure.
Reviewed-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
tools: console: check if console was shutdown in callbacks
On error in main thread virConsoleShutdown is called which
deletes fd watches/stream callback and yet callbacks can
be called after. Thus we can incorrectly allocate
terminalToStream.data memory and get memory leak for example.
Let's check if console was shutdown in the very beginning of
callbacks.
Reviewed-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
Stream/fd callbacks accessing console object are called from the
event loop thread and the console object is also accessed from
the main thread so we are better add locking to handlers.
Reviewed-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
tools: console: cleanup console on errors in main thread
We only check now for virObjectWait failures in virshRunConsole but
we'd better check and for other failures too. And we need to shutdown
console on error in the main thread.
Reviewed-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
We need to turn console into virObject object because stream/fd callbacks
can be called from the event loop thread after freeing console
in main thread. It is convinient to turn into virLockableObject as
we have mutex in console object.
Reviewed-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
qemu: Don't duplicate suspend events and state changes
Since the STOP event handler can use the pausedReason as sent to
qemuProcessStopCPUs, we no longer need to send duplicate suspended
lifecycle events because we know what caused the stop along with extra
details. This processing allows us to also remove the duplicated state
change from qemuProcessStopCPUs.
Reviewed-by: John Ferlan <jferlan@redhat.com> Signed-off-by: Nikolay Shirokovskiy <nshirokovskiy@virtuozzo.com>
qemu: Pass stop reason from qemuProcessStopCPUs to stop handler
Similar to commit [1] which saves and passes the running reason to
the RESUME event handler, during qemuProcessStopCPUs let's save and pass
the pause reason in the domain private data so that the STOP event
handler can use it.
Michal Privoznik [Tue, 19 Mar 2019 13:39:20 +0000 (14:39 +0100)]
virNWFilterBindingObjListAddLocked: Produce better error message than 'Duplicate key'
If there are two concurrent threads, one of which is removing an
nwfilter from the list and the other is trying to add it back they
may serialize in the following order:
1) obj->removing is set and @obj is unlocked.
2) The tread that's trying to add the nwfilter onto the list locks
the list and tries to find, if the nwfilter already exists.
3) Our lookup functions say it doesn't, so the thread proceeds to
virHashAddEntry() which fails with 'Duplicate key' error.
This is obviously not helpful error message at all.
The problem lies in our lookup function
(virNWFilterBindingObjListFindByPortDevLocked()) which return
NULL even if the object is still on the list. They do this so
that the object is not mistakenly looked up by some API. The fix
consists of moving 'removing' check one level up and thus
allowing virNWFilterBindingObjListAddLocked() to produce
meaningful error message.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Cole Robinson <crobinso@redhat.com>
Michal Privoznik [Tue, 19 Mar 2019 12:26:21 +0000 (13:26 +0100)]
virDomainObjListAddLocked: Produce better error message than 'Duplicate key'
If there are two concurrent threads, one of which is removing a
domain from the list and the other is trying to add it back they
may serialize in the following order:
1) vm->removing is set and @vm is unlocked.
2) The tread that's trying to add the domain onto the list locks
the list and tries to find, if the domain already exists.
3) Our lookup functions say it doesn't, so the thread proceeds to
virHashAddEntry() which fails with 'Duplicate key' error.
This is obviously not helpful error message at all.
The problem lies in our lookup functions
(virDomainObjListFindByUUIDLocked() and
virDomainObjListFindByNameLocked()) which return NULL even if the
object is still on the list. They do this so that the object is
not mistakenly looked up by some driver. The fix consists of
moving 'removing' check one level up and thus allowing
virDomainObjListAddLocked() to produce meaningful error message.
Signed-off-by: Michal Privoznik <mprivozn@redhat.com> Reviewed-by: Cole Robinson <crobinso@redhat.com>
projects / libvirt.git / log