On Fri, Sep 28, 2018 at 22:02:59 -0400, John Ferlan wrote:

On 9/20/18 1:44 PM, Marc Hartmayer wrote:

...

...although priv->qemuCaps will be NULL in almost every case when the post parse callback has failed. That may change in the future.

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> --- src/qemu/qemu_process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 44c63c42d618..6c5a6472d8cd 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -5282,7 +5282,7 @@ qemuProcessInit(virQEMUDriverPtr driver,

The comment just above here could use a tweak for grammar ;-):

/* in case when the post parse callback failed we need to re-run it on the * old config prior we start the VM */

...

if (vm->def->postParseFailed) { VIR_DEBUG("re-running the post parse callback");

- if (virDomainDefPostParse(vm->def, caps, 0, driver->xmlopt, NULL) < 0) + if (virDomainDefPostParse(vm->def, caps, 0, driver->xmlopt, priv->qemuCaps) < 0)

Searching through history of this line finds Peter's original commit in this area - 7726d158, which seems to indicate a very specific reason for providing a NULL capabilities value here.

I think from this patch on is something Peter has worked on a lot, so I would prefer to defer to Peter on them since I'm sure he understands all the various PostParse and Validate special conditions and various flags usage better than I do.

Thanks for notifying me. In general, when parsing a "new" domain config as it's the case here, NULL should be passed in. The qemu driver registers the 'domainPostParseDataAlloc' callback to qemuDomainPostParseDataAlloc. This callback is executed after the 'basic' post parse callback which fills in the emulator binary. Passing an explicit qemuCaps is meant only for special cases e.g. migration where we have a specific set of capabilities which need to be used rather than a new one. This patch does not seem to make sense with the justification provided here as the post-parse callbacks fill in the proper caps here and this part clearly uses a new domain configuration, so the default behaviour should be used. Changing this would also need that we change the normal parser path to achieve the same results which is impossible as you don't have access to priv->qemuCaps prior to creating the virDomainObj object.

On Mon, Oct 01, 2018 at 10:31:36 +0200, Marc Hartmayer wrote:

On Mon, Oct 01, 2018 at 09:33 AM +0200, Peter Krempa <pkrempa@redhat.com> wrote:

...

On Fri, Sep 28, 2018 at 22:02:59 -0400, John Ferlan wrote:

...

On 9/20/18 1:44 PM, Marc Hartmayer wrote:

...

...although priv->qemuCaps will be NULL in almost every case when the post parse callback has failed. That may change in the future.

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> --- src/qemu/qemu_process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 44c63c42d618..6c5a6472d8cd 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -5282,7 +5282,7 @@ qemuProcessInit(virQEMUDriverPtr driver,

The comment just above here could use a tweak for grammar ;-):

/* in case when the post parse callback failed we need to re-run it on the * old config prior we start the VM */

...

if (vm->def->postParseFailed) { VIR_DEBUG("re-running the post parse callback");

- if (virDomainDefPostParse(vm->def, caps, 0, driver->xmlopt, NULL) < 0) + if (virDomainDefPostParse(vm->def, caps, 0, driver->xmlopt, priv->qemuCaps) < 0)

Searching through history of this line finds Peter's original commit in this area - 7726d158, which seems to indicate a very specific reason for providing a NULL capabilities value here.

I think from this patch on is something Peter has worked on a lot, so I would prefer to defer to Peter on them since I'm sure he understands all the various PostParse and Validate special conditions and various flags usage better than I do.

Thanks for notifying me.

First, thanks for your answer!

...

In general, when parsing a "new" domain config as it's the case here, NULL should be passed in.

Wouldn’t it be better to invalidate the QEMU caps (priv->qemuCaps) explicitly beforehand? (for example if the 'postParseFailed' flag is set and we’re starting the domain).

As stated below, in the normal code-flow at the point when the XML is parsed there is no virDomainObj and thus no priv. Even when you create a virDomainObj prior to that, the priv->qemuCaps is based on the binary which in turn is based on defaults added by the post parse callback as the binary is a qemu-driver-specific.

...

The qemu driver registers the 'domainPostParseDataAlloc' callback to qemuDomainPostParseDataAlloc. This callback is executed after the 'basic' post parse callback which fills in the emulator binary.

Passing an explicit qemuCaps is meant only for special cases e.g. migration where we have a specific set of capabilities which need to be used rather than a new one.

I would do all the precondition stuff (e.g. the priv->qemuCaps isn’t valid anymore) as early as possible in the overall “task/job” process.

Well, technically priv->qemuCaps is invalid and unneeded when the VM is not running and valid and immutable if it is running. If the VM is not running, there is no qemu process associated to it so it does not make sense to store random qemuCaps along with it, since the qemu binary might change at the point when we attempt to start it. I was not a fan of needing qemuCaps in the post parse infrastructure of qemu, but at this point we can't do much about it especially as we want to keep the config stable after defined.

...

This patch does not seem to make sense with the justification provided here as the post-parse callbacks fill in the proper caps here and this part clearly uses a new domain configuration, so the default behaviour should be used.

Changing this would also need that we change the normal parser path to achieve the same results which is impossible as you don't have access to priv->qemuCaps prior to creating the virDomainObj object.

Yep, that’s why I said in the cover letter “With this patch series the behavior is still not (completely) fixed, but the performance has been significantly improved.”.

I don't see what should be fixed here, but mostly as I did not read the series.

IMHO, it’s a design flaw that the virDomainObjList class is responsible for the creation of the virDomainObj… The responsibilities of the classes are mixed and this enforces the lock order virDomainObjList -> virDomainObj (what actually is a performance bottleneck). IMHO, we should create the virDomainObj earlier and add it to the virDomainObjList when it’s useful.

I think that is orthogonal from the post parse infrastructure. Post parse applies on virDomainDef object, while the domain list is of virDomainObj type. That is thre reason to have private copy of the caps in the post parse code flow. You don't have to associate a config with a domain all the time.

What’s your opinion about that?

I did not touch the domain obj list for quite some time so I don't have any guidance on whether its possible/feasible to untangle it.

On 9/20/18 1:44 PM, Marc Hartmayer wrote:

This allows the QEMU driver to use the originally used QEMU capabilities for copying the domain. It avoids the usage of a possible changed QEMU capability as virQEMUCapsCacheLookup might return a different QEMU capability than used before (for example when during the job the QEMU binary has been replaced virQEMUCapsCacheLookupCopy will invalidate the originally used QEMU capability).

For other drivers @parseOpqaue will still be NULL, because xmlopt->privateData.getParseOpaque is currently only implemented for the QEMU driver.

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Stefan Zimmermann <stzi@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> --- src/conf/domain_conf.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)

This one I'm not so sure about. One would think the domain def that's being copied would have already gone through PostParse, et. al. The SetDefTransient is where we're copying the recently Parsed and Validated @def, so why would it need the qemuCaps especially since @flags would be PARSE_INACTIVE | PARSE_SKIP_VALIDATE in *DefCopy. John

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 1ee43950ae2d..a3f2fcb0a001 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -3366,6 +3366,7 @@ virDomainObjSetDefTransient(virCapsPtr caps, virDomainObjPtr domain) { int ret = -1; + void *parseOpaque = NULL;

if (!domain->persistent) return 0; @@ -3373,7 +3374,10 @@ virDomainObjSetDefTransient(virCapsPtr caps, if (domain->newDef) return 0;

- if (!(domain->newDef = virDomainDefCopy(domain->def, caps, xmlopt, NULL, false))) + if (xmlopt->privateData.getParseOpaque) + parseOpaque = xmlopt->privateData.getParseOpaque(domain); + + if (!(domain->newDef = virDomainDefCopy(domain->def, caps, xmlopt, parseOpaque, false))) goto out;

ret = 0;

On Thu, Sep 20, 2018 at 19:44:50 +0200, Marc Hartmayer wrote:

This allows the QEMU driver to use the originally used QEMU capabilities for copying the domain. It avoids the usage of a possible changed QEMU capability as virQEMUCapsCacheLookup might return a different QEMU capability than used before (for example when during the job the QEMU binary has been replaced virQEMUCapsCacheLookupCopy will invalidate the originally used QEMU capability).

For other drivers @parseOpqaue will still be NULL, because xmlopt->privateData.getParseOpaque is currently only implemented for the QEMU driver.

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Stefan Zimmermann <stzi@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> --- src/conf/domain_conf.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 1ee43950ae2d..a3f2fcb0a001 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -3366,6 +3366,7 @@ virDomainObjSetDefTransient(virCapsPtr caps, virDomainObjPtr domain) { int ret = -1; + void *parseOpaque = NULL;

if (!domain->persistent) return 0; @@ -3373,7 +3374,10 @@ virDomainObjSetDefTransient(virCapsPtr caps, if (domain->newDef) return 0;

- if (!(domain->newDef = virDomainDefCopy(domain->def, caps, xmlopt, NULL, false))) + if (xmlopt->privateData.getParseOpaque) + parseOpaque = xmlopt->privateData.getParseOpaque(domain);

I'd prefer if the caller passes this in explicitly since virDomainDefCopy uses it explicitly. Additionally the caller will be aware where the pointer is taken. The callback is really used only in the place where we are restoring the existing domain object from the status XML and thus we really need the specific caps they were used. Since the code is common the callback needs to be used. Ideally priv->qemuCaps will be cleared when the VM is NOT running so at the point above you'd get NULL anyways in most cases.

On 9/20/18 1:44 PM, Marc Hartmayer wrote:

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> --- src/conf/domain_conf.c | 13 +++++++++++++ 1 file changed, 13 insertions(+)

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index a3f2fcb0a001..3c307d325a89 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -5215,6 +5215,19 @@ virDomainDefPostParseCheckFailure(virDomainDefPtr def, }

+/** + * virDomainDefPostParse: + * @def: domain definition + * @caps: driver capabilities object + * @parseFlags: virDomainDefParseFlags + * @xmlopt: XML parser option object + * @parseOpaque: opaque data and it might be NULL (for QEMU driver it's qemuCaps) + * + * This function does various common and hypervisor specific auto + * generation, verification, and validation.

I think this is a good start. I'd really like to see what the "expectations" are for various @parseFlags. By far one of the more confusing things. Also while we're at it - @parseOpaque details and/or assumptions w/r/t whether it should be provided or not. I also note a few callers use the comment "/* callback to fill driver specific domain aspects */", so that maybe good to pull in... John

+ * + * Returns 0 on success, -1 on error + */ int virDomainDefPostParse(virDomainDefPtr def, virCapsPtr caps,

On Sat, Sep 29, 2018 at 04:09 AM +0200, John Ferlan <jferlan@redhat.com> wrote:

On 9/20/18 1:44 PM, Marc Hartmayer wrote:

...

Move the domainPostParseDataAlloc/Free calls to virDomainDeviceDefParse. As an consequence virDomainDeviceDefPostParseOne is superfluous and can therefore be removed.

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> --- src/conf/domain_conf.c | 37 +++++++++++-------------------------- 1 file changed, 11 insertions(+), 26 deletions(-)

I'm not against this per se; however, I should not that the code was specifically extracted in commit e168bc8a.

There are the following three functions: virDomainDeviceDefParse virDomainDeviceDefPostParse virDomainDeviceDefPostParseOne Peter introduced the function “virDomainDeviceDefPostParseOne” to avoid the allocation of private data across the callbacks. This is absolutely fine. What I’ve done is, I moved the domainPostParseDataAlloc/Free calls to virDomainDeviceDefParse instead of having an extra wrapper function (virDomainDeviceDefPostParse/One) for that. With this change I can reuse the QEMU caps for the virDomainDeviceDefValidate call in virDomainDeviceDefParse as well. For safety I added Peter to CC.

John

...

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 3c307d325a89..e61f04ea2271 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -4900,31 +4900,6 @@ virDomainDeviceDefPostParse(virDomainDeviceDefPtr dev, return 0; }

-static int -virDomainDeviceDefPostParseOne(virDomainDeviceDefPtr dev, - const virDomainDef *def, - virCapsPtr caps, - unsigned int flags, - virDomainXMLOptionPtr xmlopt) -{ - void *parseOpaque = NULL; - int ret; - - if (xmlopt->config.domainPostParseDataAlloc) { - if (xmlopt->config.domainPostParseDataAlloc(def, caps, flags, - xmlopt->config.priv, - &parseOpaque) < 0) - return -1; - } - - ret = virDomainDeviceDefPostParse(dev, def, caps, flags, xmlopt, parseOpaque); - - if (parseOpaque && xmlopt->config.domainPostParseDataFree) - xmlopt->config.domainPostParseDataFree(parseOpaque); - - return ret; -} -

struct virDomainDefPostParseDeviceIteratorData { virCapsPtr caps; @@ -16066,6 +16041,7 @@ virDomainDeviceDefParse(const char *xmlStr, { xmlDocPtr xml; xmlNodePtr node; + void *parseOpaque = NULL; xmlXPathContextPtr ctxt = NULL; virDomainDeviceDefPtr dev = NULL; char *netprefix; @@ -16222,8 +16198,15 @@ virDomainDeviceDefParse(const char *xmlStr, break; }

+ if (xmlopt->config.domainPostParseDataAlloc) { + if (xmlopt->config.domainPostParseDataAlloc(def, caps, flags, + xmlopt->config.priv, + &parseOpaque) < 0) + goto error; + } + /* callback to fill driver specific device aspects */ - if (virDomainDeviceDefPostParseOne(dev, def, caps, flags, xmlopt) < 0) + if (virDomainDeviceDefPostParse(dev, def, caps, flags, xmlopt, parseOpaque) < 0) goto error;

/* validate the configuration */ @@ -16231,6 +16214,8 @@ virDomainDeviceDefParse(const char *xmlStr, goto error;

cleanup: + if (parseOpaque && xmlopt->config.domainPostParseDataFree) + xmlopt->config.domainPostParseDataFree(parseOpaque); xmlFreeDoc(xml); xmlXPathFreeContext(ctxt); return dev;

-- Kind regards / Beste Grüße Marc Hartmayer IBM Deutschland Research & Development GmbH Vorsitzende des Aufsichtsrats: Martina Koederitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294

On 9/20/18 1:44 PM, Marc Hartmayer wrote:

Add @parseOpaque argument to virDomainDefValidate and virDomainDefValidateCallback, but don't use it for now since it's not ensured that it's always a non-NULL value.

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> --- src/conf/domain_conf.c | 11 +++++++---- src/conf/domain_conf.h | 6 ++++-- src/qemu/qemu_domain.c | 3 ++- src/qemu/qemu_process.c | 2 +- src/vz/vz_driver.c | 3 ++- 5 files changed, 16 insertions(+), 9 deletions(-)

I like this idea especially since the Validate paths are the ones where qemuCaps seem to be most useful. Couple of nits below John

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index e61f04ea2271..ae7f3ed95faf 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -6271,6 +6271,7 @@ virDomainDefValidateInternal(const virDomainDef *def) * @caps: driver capabilities object * @parseFlags: virDomainDefParseFlags * @xmlopt: XML parser option object + * @parseOpaque: opaque data and it might be NULL (for QEMU driver it's qemuCaps) * * This validation function is designed to take checks of globally invalid * configurations that the parser needs to accept so that VMs don't vanish upon @@ -6284,12 +6285,14 @@ int virDomainDefValidate(virDomainDefPtr def, virCapsPtr caps, unsigned int parseFlags, - virDomainXMLOptionPtr xmlopt) + virDomainXMLOptionPtr xmlopt, + void *parseOpaque) { struct virDomainDefPostParseDeviceIteratorData data = { .caps = caps, .xmlopt = xmlopt, .parseFlags = parseFlags, + .parseOpaque = parseOpaque, };

/* validate configuration only in certain places */ @@ -6298,7 +6301,7 @@ virDomainDefValidate(virDomainDefPtr def,

/* call the domain config callback */ if (xmlopt->config.domainValidateCallback && - xmlopt->config.domainValidateCallback(def, caps, xmlopt->config.priv) < 0) + xmlopt->config.domainValidateCallback(def, caps, xmlopt->config.priv, data.parseOpaque) < 0) return -1;

/* iterate the devices */ @@ -21063,7 +21066,7 @@ virDomainObjParseXML(xmlDocPtr xml, goto error;

/* valdiate configuration */

May as well fix the typo above *validate

- if (virDomainDefValidate(obj->def, caps, flags, xmlopt) < 0) + if (virDomainDefValidate(obj->def, caps, flags, xmlopt, parseOpaque) < 0) goto error;

return obj; @@ -21154,7 +21157,7 @@ virDomainDefParseNode(xmlDocPtr xml, goto cleanup;

/* valdiate configuration */

Consistency is the key ;-)

- if (virDomainDefValidate(def, caps, flags, xmlopt) < 0) + if (virDomainDefValidate(def, caps, flags, xmlopt, parseOpaque) < 0) goto cleanup;

VIR_STEAL_PTR(ret, def); diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index e30a4b2fe7b9..3642d5eb6cba 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -2696,7 +2696,8 @@ typedef void (*virDomainDefPostParseDataFree)(void *parseOpaque); * config. */ typedef int (*virDomainDefValidateCallback)(const virDomainDef *def, virCapsPtr caps, - void *opaque); + void *opaque, + void *domainOpaque);

/* Called once per device, for adjusting per-device settings while * leaving the overall domain otherwise unchanged. */ @@ -2812,7 +2813,8 @@ bool virDomainDeviceAliasIsUserAlias(const char *aliasStr); int virDomainDefValidate(virDomainDefPtr def, virCapsPtr caps, unsigned int parseFlags, - virDomainXMLOptionPtr xmlopt); + virDomainXMLOptionPtr xmlopt, + void *parseOpaque);

static inline bool virDomainObjIsActive(virDomainObjPtr dom) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index eb80711597cb..52d2aa435a36 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -3990,7 +3990,8 @@ qemuDomainDefValidateMemory(const virDomainDef *def) static int qemuDomainDefValidate(const virDomainDef *def, virCapsPtr caps ATTRIBUTE_UNUSED, - void *opaque) + void *opaque, + void *parseOpaque ATTRIBUTE_UNUSED) { virQEMUDriverPtr driver = opaque; virQEMUCapsPtr qemuCaps = NULL; diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 6c5a6472d8cd..fed2c0f545e3 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -5161,7 +5161,7 @@ qemuProcessStartValidateXML(virQEMUDriverPtr driver, * VM that was running before (migration, snapshots, save). It's more * important to start such VM than keep the configuration clean */ if ((flags & VIR_QEMU_PROCESS_START_NEW) && - virDomainDefValidate(vm->def, caps, 0, driver->xmlopt) < 0) + virDomainDefValidate(vm->def, caps, 0, driver->xmlopt, qemuCaps) < 0) return -1;

return 0; diff --git a/src/vz/vz_driver.c b/src/vz/vz_driver.c index bedc6316db8d..16c44c2f2215 100644 --- a/src/vz/vz_driver.c +++ b/src/vz/vz_driver.c @@ -250,7 +250,8 @@ vzDomainDefPostParse(virDomainDefPtr def, static int vzDomainDefValidate(const virDomainDef *def, virCapsPtr caps ATTRIBUTE_UNUSED, - void *opaque) + void *opaque, + void *parserOpaque ATTRIBUTE_UNUSED)

nit: @parseOpaque

{ if (vzCheckUnsupportedControllers(def, opaque) < 0) return -1;

On Sat, Sep 29, 2018 at 05:35 PM +0200, John Ferlan <jferlan@redhat.com> wrote:

On 9/20/18 1:44 PM, Marc Hartmayer wrote:

...

For the usage of the parameter @parseOpqaue within virDomainDefValidate it must be ensured that the parameter @parseOpaque is not NULL. But since there are code paths where virDomainDefValidate is called with @parseOpaque == NULL (e.g. the function call of virDomainDefParseNode with @parseOpqaue == NULL leads to this).

To prevent this, domainPostParseDataAlloc is called within virDomainDefValidate to ensure that @parseOpaque is always set. The usage of domainPostParseDataAlloc within virDomainDefValidate is allowed since virDomainDefValidate is only called after virDomainDefPostParse.

Signed-off-by: Marc Hartmayer <mhartmay@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> --- src/conf/domain_conf.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+)

Thus is similar to commit e168bc8a did for virDomainDefPostParse...

Yes. That was actually my “inspiration”.

...

diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index ae7f3ed95faf..4f1c569b5733 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -6288,6 +6288,9 @@ virDomainDefValidate(virDomainDefPtr def, virDomainXMLOptionPtr xmlopt, void *parseOpaque) { + int ret = -1; + bool localParseOpaque = false; + struct virDomainDefPostParseDeviceIteratorData data = { .caps = caps, .xmlopt = xmlopt, @@ -6299,6 +6302,17 @@ virDomainDefValidate(virDomainDefPtr def, if (parseFlags & VIR_DOMAIN_DEF_PARSE_SKIP_VALIDATE) return 0;

+ if (!data.parseOpaque && + xmlopt->config.domainPostParseDataAlloc) { + ret = xmlopt->config.domainPostParseDataAlloc(def, caps, parseFlags, + xmlopt->config.priv, + &data.parseOpaque);

So ret = 1 if virQEMUCapsCacheLookup failed in qemuDomainPostParseDataAlloc; otherwise, ret = 0; Just looks strange below with the ret == 1 check.

Yes, do you have something better in mind? Maybe we can add an error label. While fixing it we can also adapt virDomainDefPostParse (were it’s, in my opinion, even more confusing since @ret is used multiple times).

...

+ + if (virDomainDefPostParseCheckFailure(def, parseFlags, ret) < 0)

This though has/uses specific @parseFlag options and sets def->postParseFailed when it may not be true if for some reason of course the post parse processing never got the parseOpaque value. Wouldn't it perhaps be problematic in the patch3 scenario where you'd be passing the priv->qemuCaps when @postParseFailed?

See my answer for patch 3.

John

...

+ goto cleanup; + localParseOpaque = true; + } + /* call the domain config callback */ if (xmlopt->config.domainValidateCallback && xmlopt->config.domainValidateCallback(def, caps, xmlopt->config.priv, data.parseOpaque) < 0) @@ -6313,6 +6327,13 @@ virDomainDefValidate(virDomainDefPtr def, if (virDomainDefValidateInternal(def) < 0) return -1;

+ cleanup: + if (localParseOpaque && xmlopt->config.domainPostParseDataFree) + xmlopt->config.domainPostParseDataFree(data.parseOpaque); + + if (ret == 1) + return -1; + return 0; }

-- Kind regards / Beste Grüße Marc Hartmayer IBM Deutschland Research & Development GmbH Vorsitzende des Aufsichtsrats: Martina Koederitz Geschäftsführung: Dirk Wittkopp Sitz der Gesellschaft: Böblingen Registergericht: Amtsgericht Stuttgart, HRB 243294