From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: qemu-devel@nongnu.org
Cc: qemu-stable@nongnu.org, Halil Pasic <pasic@linux.vnet.ibm.com>,
Christian Borntraeger <borntraeger@de.ibm.com>
Subject: [Qemu-devel] [PATCH 36/79] s390x/css: catch section mismatch on load
Date: Mon, 28 Aug 2017 19:14:11 -0500 [thread overview]
Message-ID: <1503965694-10794-37-git-send-email-mdroth@linux.vnet.ibm.com> (raw)
In-Reply-To: <1503965694-10794-1-git-send-email-mdroth@linux.vnet.ibm.com>
From: Halil Pasic <pasic@linux.vnet.ibm.com>
Prior to the virtio-ccw-2.7 machine (and commit 2a79eb1a), our virtio
devices residing under the virtual-css bus do not have qdev_path based
migration stream identifiers (because their qdev_path is NULL). The ids
are instead generated when the device is registered as a composition of
the so called idstr, which takes the vmsd name as its value, and an
instance_id, which is which is calculated as a maximal instance_id
registered with the same idstr plus one, or zero (if none was registered
previously).
That means, under certain circumstances, one device might try, and even
succeed, to load the state of a different device. This can lead to
trouble.
Let us fail the migration if the above problem is detected during load.
How to reproduce the problem:
1) start qemu-system-s390x making sure you have the following devices
defined on your command line:
-device virtio-rng-ccw,id=rng1,devno=fe.0.0001
-device virtio-rng-ccw,id=rng2,devno=fe.0.0002
2) detach the devices and reattach in reverse order using the monitor:
(qemu) device_del rng1
(qemu) device_del rng2
(qemu) device_add virtio-rng-ccw,id=rng2,devno=fe.0.0002
(qemu) device_add virtio-rng-ccw,id=rng1,devno=fe.0.0001
3) save the state of the vm into a temporary file and quit QEMU:
(qemu) migrate "exec:gzip -c > /tmp/tmp_vmstate.gz"
(qemu) q
4) use your command line from step 1 with
-incoming "exec:gzip -c -d /tmp/tmp_vmstate.gz"
appended to reproduce the problem (while trying to to load the saved vm)
CC: qemu-stable@nongnu.org
Signed-off-by: Halil Pasic <pasic@linux.vnet.ibm.com>
Reviewed-by: Dong Jia Shi <bjsdjshi@linux.vnet.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
Message-Id: <20170518111405.56947-1-pasic@linux.vnet.ibm.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
(cherry picked from commit 8ed179c937830143dc0e03daac30a55272ed89e3)
* removed context dep on d8d98db5
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
hw/s390x/css.c | 14 ++++++++++++++
hw/s390x/virtio-ccw.c | 6 +++++-
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/hw/s390x/css.c b/hw/s390x/css.c
index 37caa98..b24e8b7 100644
--- a/hw/s390x/css.c
+++ b/hw/s390x/css.c
@@ -14,6 +14,7 @@
#include "qapi/visitor.h"
#include "hw/qdev.h"
#include "qemu/bitops.h"
+#include "qemu/error-report.h"
#include "exec/address-spaces.h"
#include "cpu.h"
#include "hw/s390x/ioinst.h"
@@ -1676,13 +1677,26 @@ void subch_device_save(SubchDev *s, QEMUFile *f)
int subch_device_load(SubchDev *s, QEMUFile *f)
{
SubchDev *old_s;
+ Error *err = NULL;
uint16_t old_schid = s->schid;
+ uint16_t old_devno = s->devno;
int i;
s->cssid = qemu_get_byte(f);
s->ssid = qemu_get_byte(f);
s->schid = qemu_get_be16(f);
s->devno = qemu_get_be16(f);
+ if (s->devno != old_devno) {
+ /* Only possible if machine < 2.7 (no css_dev_path) */
+
+ error_setg(&err, "%x != %x", old_devno, s->devno);
+ error_append_hint(&err, "Devno mismatch, tried to load wrong section!"
+ " Likely reason: some sequences of plug and unplug"
+ " can break migration for machine versions prior to"
+ " 2.7 (known design flaw).\n");
+ error_report_err(err);
+ return -EINVAL;
+ }
/* Re-assign subch. */
if (old_schid != s->schid) {
old_s = channel_subsys.css[s->cssid]->sch_set[s->ssid]->sch[old_schid];
diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index 00b3bde..c0c1db8 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -1264,9 +1264,13 @@ static int virtio_ccw_load_config(DeviceState *d, QEMUFile *f)
SubchDev *s = ccw_dev->sch;
VirtIODevice *vdev = virtio_ccw_get_vdev(s);
int len;
+ int ret;
s->driver_data = dev;
- subch_device_load(s, f);
+ ret = subch_device_load(s, f);
+ if (ret) {
+ return ret;
+ }
len = qemu_get_be32(f);
if (len != 0) {
dev->indicators = get_indicator(qemu_get_be64(f), len);
--
2.7.4
next prev parent reply other threads:[~2017-08-29 0:16 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-29 0:13 [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04 Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 01/79] qga-win: Enable 'can-offline' field in 'guest-get-vcpus' reply Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 02/79] dirty-bitmap: Report BlockDirtyInfo.count in bytes, as documented Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 03/79] qemu-img/convert: Always set ret < 0 on error Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 04/79] qemu-img/convert: Use @opts for one thing only Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 05/79] qemu-img/convert: Move bs_n > 1 && -B check down Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 06/79] block: An empty filename counts as no filename Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 07/79] iotests/051: Add test for empty filename Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 08/79] migration: setup bi-directional I/O channel for exec: protocol Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 09/79] pci: deassert intx when pci device unrealize Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 10/79] block: Do not unref bs->file on error in BD's open Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 11/79] ACPI: don't call acpi_pcihp_device_plug_cb on xen Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 12/79] replication: Make --disable-replication compile again Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 13/79] 9pfs: local: fix unlink of alien files in mapped-file mode Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 14/79] coccinelle: Add script to remove useless QObject casts Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 15/79] qobject: Drop " Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 16/79] qobject: Add helper macros for common scalar insertions Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 17/79] s390x: Drop useless casts Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 18/79] qobject: Use simpler QDict/QList scalar insertion macros Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 19/79] block: Reuse bs as backing hd for drive-backup sync=none Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 20/79] hw/virtio: fix vhost user fails to startup when MQ Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 21/79] aio: add missing aio_notify() to aio_enable_external() Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 22/79] qemu-img: wait for convert coroutines to complete Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 23/79] block/vhdx: Make vhdx_create() always set errp Michael Roth
2017-08-29 0:13 ` [Qemu-devel] [PATCH 24/79] block: Add errp to b{lk, drv}_truncate() Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 25/79] blockdev: use drained_begin/end for qmp_block_resize Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 26/79] target/xtensa: fix mapping direction in read/write simcalls Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 27/79] target/xtensa: fix return value of " Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 28/79] curl: strengthen assertion in curl_clean_state Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 29/79] curl: never invoke callbacks with s->mutex held Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 30/79] curl: avoid recursive locking of BDRVCURLState mutex Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 31/79] stream: fix crash in stream_start() when block_job_create() fails Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 32/79] vvfat: fix qemu-img map and qemu-img convert Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 33/79] virtio: allow broken device to notify guest Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 34/79] virtio-scsi: Unset hotplug handler when unrealize Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 35/79] e1000e: Fix ICR "Other" causes clear logic Michael Roth
2017-08-29 0:14 ` Michael Roth [this message]
2017-08-29 0:14 ` [Qemu-devel] [PATCH 37/79] virtio-net: fix wild pointer when remove virtio-net queues Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 38/79] blkdebug: Sanity check block layer guarantees Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 39/79] blkdebug: Refactor error injection Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 40/79] blkdebug: Add pass-through write_zero and discard support Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 41/79] blkdebug: Simplify override logic Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 42/79] blkdebug: Add ability to override unmap geometries Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 43/79] tests: Add coverage for recent block geometry fixes Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 44/79] block: Simplify BDRV_BLOCK_RAW recursion Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 45/79] block: Guarantee that *file is set on bdrv_get_block_status() Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 46/79] mirror: Drop permissions on s->target on completion Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 47/79] virtio-serial-bus: Unset hotplug handler when unrealize Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 48/79] linuxboot_dma: compile for i486 Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 49/79] tests: check-qom-proplist: add checks for cmdline-created objects Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 50/79] monitor: fix object_del for command-line-created objects Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 51/79] pc: Use "min-[x]level" on compat_props Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 52/79] target/ppc: pass const string to kvmppc_is_mem_backend_page_size_ok() Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 53/79] target/ppc: fix memory leak in kvmppc_is_mem_backend_page_size_ok() Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 54/79] spapr: add pre_plug function for memory Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 55/79] spapr: fix memory leak in spapr_memory_pre_plug() Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 56/79] target/xtensa: handle unknown registers in gdbstub Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 57/79] commit: Fix use after free in completion Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 58/79] nbd: Fully initialize client in case of failed negotiation Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 59/79] nbd: Fix regression on resiliency to port scan Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 60/79] commit: Fix completion with extra reference Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 61/79] blkdebug: Catch bs->exact_filename overflow Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 62/79] blkverify: " Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 63/79] nbd: fix NBD over TLS Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 64/79] block: Do not strcmp() with NULL uri->scheme Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 65/79] 9pfs: local: remove: use correct path component Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 66/79] hid: Reset kbd modifiers on reset Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 67/79] spapr: fix migration to pseries machine < 2.8 Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 68/79] virtio-scsi: finalize IOMMU support Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 69/79] commit: Add NULL check for overlay_bs Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 70/79] spapr: fix memory leak in spapr_core_pre_plug() Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 71/79] virtio-net: fix offload ctrl endian Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 72/79] input: limit kbd queue depth Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 73/79] input: Decrement queue count on kbd delay Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 74/79] qemu-iotests: Test automatic commit job cancel on hot unplug Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 75/79] block: Skip implicit nodes in query-block/blockstats Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 76/79] cpu: don't allow negative core id Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 77/79] hw/i386: allow SHPC for Q35 machine Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 78/79] block/nfs: fix mutex assertion in nfs_file_close() Michael Roth
2017-08-29 0:14 ` [Qemu-devel] [PATCH 79/79] 9pfs: local: fix fchmodat_nofollow() limitations Michael Roth
2017-08-29 0:47 ` [Qemu-devel] [PATCH 00/79] Patch Round-up for stable 2.9.1, freeze on 2017-09-04 Michael Roth
2017-08-29 2:18 ` Thomas Huth
2017-08-29 7:41 ` Cornelia Huck
2017-08-31 16:42 ` Michael Roth
2017-08-31 17:07 ` Peter Maydell
2017-08-31 18:09 ` Michael Roth
2017-08-29 14:04 ` Cole Robinson
2017-08-31 10:21 ` Peter Maydell
2017-08-31 18:00 ` Michael Roth
2017-09-01 23:22 ` Michael Roth
2017-08-31 18:19 ` [Qemu-devel] [Qemu-stable] " Peter Lieven
2017-09-01 19:03 ` Bruce Rogers
2017-09-04 17:33 ` [Qemu-devel] " Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1503965694-10794-37-git-send-email-mdroth@linux.vnet.ibm.com \
--to=mdroth@linux.vnet.ibm.com \
--cc=borntraeger@de.ibm.com \
--cc=pasic@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.