When connecting to qemu's monitor the @vm object is unlocked.
This is justified - connecting may take a long time and we don't
want to wait with the domain object locked. However, just before
the domain object is locked again, the monitor's FD is registered
in the event loop. Therefore, there is a small window where the
event loop has a chance to call a handler for an event that
occurred on the monitor FD but vm is not initalized properly just
yet (i.e. priv->mon is not set). For instance, if there's an
incoming migration, qemu creates its socket but then fails to
initialize (for various reasons, I'm reproducing this by using
hugepages but leaving the HP pool empty) then the following may
happen:

1) qemuConnectMonitor() unlocks @vm

2) qemuMonitorOpen() connects to the monitor socket and by
   calling qemuMonitorOpenInternal() which subsequently calls
   qemuMonitorRegister() the event handler is installed

3) qemu fails to initialize and exit()-s, which closes the
   monitor

4) The even loop sees EOF on the monitor and the control gets to
   qemuProcessEventHandler() which locks @vm and calls
   processMonitorEOFEvent() which then calls
   qemuMonitorLastError(priv->mon). But priv->mon is not set just
   yet.

5) qemuMonitorLastError() dereferences NULL pointer

The solution is to unlock the domain object for a shorter time
and most importantly, register event handler with domain object
locked so that any possible event processing is done only after
@vm's private data was properly initialized.

This issue is also mentioned in v4.2.0-99-ga5a777a8.

Since we are unlocking @vm and locking it back, another thread
might have destroyed the domain meanwhile. Therefore we have to
check if domain is still active, and we have to do it at the
same place where domain lock is acquired back, i.e. in
qemuMonitorOpen(). This creates a small problem for our test
suite which calls qemuMonitorOpen() directly and passes @vm which
has no definition. This makes virDomainObjIsActive() call crash.
Fortunately, allocating empty domain definition is sufficient.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>

QEMU 2.11 for ppc64 changed all CPU model names to lower case. Since
libvirt can't change the model names for compatibility reasons, we need
to translate the matching lower case models to the names known by
libvirt.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

This reverts commit 2d8721e2.

This fix was both incomplete and too general. It only fixed domain
startup, but libvirt would still report empty list of supported CPU
models with recent QEMU for ppc64. On the other hand, while ppc64 QEMU
ignores case when looking up CPU model names, x86_64 QEMU does case
sensitive lookup. Without reverting this patch, libvirt could happily
accept CPU model names which are not supported by QEMU.
Signed-off-by: NJiri Denemark <jdenemar@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>

Clang's gnu99 mode is not quite the same as GCC's. It will complain
about redefined typedefs being a C11 feature, while GCC does not
complain and allows them in gnu99 mode.
Reviewed-by: NFabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

This reverts commit 61b4e8aa.

After previous commits this is no longer needed.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

https://bugzilla.redhat.com/show_bug.cgi?id=1755303

With the recent work in daemon split and socket activation
daemons can come and go. They can and will be started many times
during a session which results in objects being autostarted
multiple times. This is not optimal. Use
virDriverShouldAutostart() to determine if autostart should be
done or not.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

Some of objects we manage can be autostarted on libvirtd startup
(e.g. domains, network, storage pools). The idea was that when
the host is started up these objects are started too without need
of user intervention. However, with the latest daemon split and
switch to socket activated, short lived daemons (we put --timeout
120 onto each daemon's command line) this doesn't do what we want
it to. The problem is not new though, we already had the session
daemon come and go and we circumvented this problem by
documenting it (see v4.10.0-92-g61b4e8aa). But now that we meet
the same problem at all fronts it's time to deal with it.

The solution implemented in this commit is to have a file (one
per each driver) that:

  1) if doesn't exist, is created and autostart is allowed for
     given driver,

  2) if it does exist, then autostart is suppressed for given
     driver.

All the files live in a location that doesn't survive host
reboots (/var/run/ for instance) and thus the file is
automatically not there on fresh host boot.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

The comment says that the function kills domains and networks.
This is obviously not the case.
Signed-off-by: NMichal Privoznik <mprivozn@redhat.com>
Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>

When adding the -std=gnu99 flag, we set $wantwarn instead
of appending to it. This meant all the compiler warnings
were accidentally discarded.
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

We previously got -std=gnu99 secretly enabled as a side-effect
of requesting the 'stdarg' gnulib module. We rely on some
extensions from c99/gnu99 and while RHEL-7 supports this, it
still defaults to gnu89.  RHEL-7 also supports some newer
standards but declares them experimental/incomplete, so sticking
with gnu99 is best bet for now & matches historical usage.
Reviewed-by: NFabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The 'make distcheck' target validates that a tarball builds and
is ready for release. We expect that libvirt builds cleanly on
all supported platforms, so we should be enabling -Werror when
running distcheck.

This ensures that our CI systems in turn also use -Werror.
Reviewed-by: NFabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The 'sched' module provides a sched.h header file for platforms which
lack it. We already check for the functions we need in configure, and
protect the use of sched.h where relevant, so don't need the compat
header in libvirt.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The isatty gnulib module adds a fix for Win32 platforms where it doesn't
work correctly with character devices like NUL. This is not a compelling
enough problem for libvirt to be concerned with.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The ldexp gnulib module adds "-lm" to the $LIBS variable if-and-only-if
the ldexp() function require linking to libm. There is no harm in
linking to libm even if it isn't required for ldexp(), so simply drop
the gnulib module.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

We don't need to care about very old GCC versions, so implementing the
ignore_value macro directly is not a significant burden.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

We're using gnulib to get ffs, ffsl, rotl32, count_one_bits,
and count_leading_zeros. Except for rotl32 they can all be
replaced with gcc/clangs builtins. rotl32 is a one-line
trivial function.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

virDomainGetBlockInfo() returns error if called on a disk with no
source (a sourceless disk might be a removable media drive with no
media in it, for instance an empty CDROM or floppy drive).

So far this caused the virsh domblkinfo --all command to abort and
ignore any remaining (not yet displayed) disk devices.  This patch
fixes the problem by first checking for existence of a <source>
element in the corresponding XML.  If none is found, we avoid calling
virDomainGetBlockInfo() altogether as we know it's bound to fail in
that case.

https://bugzilla.redhat.com/show_bug.cgi?id=1619625Signed-off-by: NPavel Mores <pmores@redhat.com>
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NJán Tomko <jtomko@redhat.com>

Commit fb973cfb added versioned test outputs for the above mentioned
tests but didn't actually enable them. Fix that mistake and fix the
output of the tsc-frequency test.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

The test data was modernized to use actual caps but commit 4dadcaa9
forgot to delete this test data.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

The last use was removed in 7b604379 when we deleted the old
commandline parser.

The argv generator tests are provided by:
machine-aeskeywrap-on-caps
machine-aeskeywrap-on-cap
machine-aeskeywrap-off-caps
machine-aeskeywrap-off-cap
machine-deakeywrap-on-caps
machine-deakeywrap-on-cap
machine-deakeywrap-off-caps
machine-deakeywrap-off-cap
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

The last use was removed in 7b604379 when we deleted the old
commandline parser. The same functionality is tested by many tests for
pseries guests.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

The last use was removed in 7b604379 when we deleted the old
commandline parser. The same functionality is tested by
'serial-pty-chardev'.
Signed-off-by: NPeter Krempa <pkrempa@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

This was fixing a problem with old versions of mingw which had a
pthread.h that polluted the namespace with random symbols. This is no
longer relevant on our mingw platform targets.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

This fixes a problem on mingw where it doesn't know how to report
certain errnos defined by POSIX, but not used on Windows. These are
not a real problem for libvirt.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The use of this script was discontinued when we stopped providing a full
ChangeLog in the dist with:

  commit ce97c33a
  Author: Andrea Bolognani <abologna@redhat.com>
  Date:   Mon Apr 1 17:33:03 2019 +0200

    maint: Stop generating ChangeLog from git
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

gnulib fixes a portability problem on AIX which is a platform we have
never targetted.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

This reverts commit 83aca30f.

While the motivation of the original commit is fine, we are intending to
drop autoconf in favour of meson, and similarly wish to drop use of
gnulib. Removing this feature is part of that conversion work.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

stpcpy returns a pointer to the end of the string just copied
which in theory makes it easier to then copy another string
after it. We only use stpcpy in one place though and that
is trivially rewritten to avoid stpcpy with no loss in code
clarity or efficiency.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The mktempd module in gnulib provides an equivalent to 'mktemp -d' on
platforms which lack this shell command. All platforms on which libvirt
runs the affected tests have 'mktemp -d' support, so the gnulib module
is not required.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

All use of this function was purged a long time ago in favour
of getaddrinfo

  commit a8ae7d19
  Author: Daniel P. Berrange <berrange@redhat.com>
  Date:   Thu Oct 21 11:13:05 2010 +0100

    Remove all use of inet_pton and inet_ntop
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The getopt-posix module fixes a problem with optind being incorrectly
set after a failed option parse. It was also previously used to allow
the bhyve driver to access a private internal reentrant getopt impl.
None of this matters to libvirt code any more.

This partially reverts

  commit b436a8ae
  Author: Fabian Freyer <fabian.freyer@physik.tu-berlin.de>
  Date:   Thu Jun 9 00:50:35 2016 +0000

    gnulib: add getopt module
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

The _getopt_internal_r func is not intended for public use, it is an
internal function shared between the gnulib getopt and argp modules.
Reviewed-by: NJán Tomko <jtomko@redhat.com>
Signed-off-by: NDaniel P. Berrangé <berrange@redhat.com>

086c19d6 added bochs-display capability but didn't fill in the info for
domain capabilities.
Signed-off-by: NFabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: NDaniel Henrique Barboza <danielhb413@gmail.com>
Reviewed-by: NErik Skultety <eskultet@redhat.com>
Reviewed-by: NMichal Privoznik <mprivozn@redhat.com>

This command is hooked into the virsh hypervisor-cpu-compare command.
As such, the CPU model XML provided to the command will be compared
to the hypervisor CPU contained in the QEMU capabilities file for the
appropriate QEMU binary (for s390x, this CPU definition can be observed
via virsh domcapabilities).

QMP will report that the XML CPU is either identical to, a subset of,
or incompatible with the hypervisor CPU. s390 can also report that
the XML CPU is a "superset" of the hypervisor CPU. This response is
presented as incompatible, as this CPU model would not be able to run
on the hypervisor.
Signed-off-by: NCollin Walling <walling@linux.ibm.com>
Reviewed-by: NDaniel Henrique Barboza <danielh413@gmail.com>
Reviewed-by: NBoris Fiuczynski <fiuczy@linux.ibm.com>
Message-Id: <1568924706-2311-15-git-send-email-walling@linux.ibm.com>
Reviewed-by: NJiri Denemark <jdenemar@redhat.com>

Implement an XML to virCPUDefPtr helper that handles the ctxt
prerequisite for virCPUDefParseXML.

This does not alter any functionality.
Signed-off-by: NCollin Walling <walling@linux.ibm.com>
Reviewed-by: NBjoern Walk <bwalk@linux.ibm.com>
Reviewed-by: NDaniel Henrique Barboza <danielh413@gmail.com>
Message-Id: <1568924706-2311-14-git-send-email-walling@linux.ibm.com>
Reviewed-by: NJiri Denemark <jdenemar@redhat.com>

This capability enables comparison of CPU models via QMP.
Signed-off-by: NCollin Walling <walling@linux.ibm.com>
Reviewed-by: NDaniel Henrique Barboza <danielh413@gmail.com>
Reviewed-by: NBoris Fiuczynski <fiuczy@linux.ibm.com>
Message-Id: <1568924706-2311-13-git-send-email-walling@linux.ibm.com>
Reviewed-by: NJiri Denemark <jdenemar@redhat.com>

Interfaces with QEMU to compare CPU models. The command takes two CPU
models, A and B, that are given a model name and an optional list of
CPU features. Through the query-cpu-model-comparison command issued
via QMP, a result is produced that contains the comparison evaluation
string (identical, superset, subset, incompatible).

The list of properties (aka CPU features) that is returned from the QMP
response is ignored.
Signed-off-by: NCollin Walling <walling@linux.ibm.com>
Reviewed-by: NDaniel Henrique Barboza <danielh413@gmail.com>
Message-Id: <1568924706-2311-12-git-send-email-walling@linux.ibm.com>
Reviewed-by: NJiri Denemark <jdenemar@redhat.com>

Perform a full CPU model expansion on the result of the baselined
model name when the features flag is present.
Signed-off-by: NCollin Walling <walling@linux.ibm.com>
Message-Id: <1568924706-2311-11-git-send-email-walling@linux.ibm.com>
Reviewed-by: NJiri Denemark <jdenemar@redhat.com>

This command is hooked into the virsh hypervisor-cpu-baseline command.
The CPU models provided in the XML sent to the command will be baselined
via the query-cpu-model-baseline QMP command. The resulting CPU model
will be reported.
Signed-off-by: NCollin Walling <walling@linux.ibm.com>
Reviewed-by: NDaniel Henrique Barboza <danielh413@gmail.com>
Message-Id: <1568924706-2311-10-git-send-email-walling@linux.ibm.com>
Reviewed-by: NJiri Denemark <jdenemar@redhat.com>