summaryrefslogtreecommitdiff
path: root/block
AgeCommit message (Collapse)AuthorFilesLines
2010-04-23block: split raw_getlengthChristoph Hellwig1-23/+42
Split up the raw_getlength into separate generic, solaris and BSD versions to reduce the ifdef maze a bit. The BSD variant still is a complete maze, but to clean it up properly we'd need some people using the BSD variants to figure out what code is used for what variant. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23Replace calls of old bdrv_openKevin Wolf3-4/+7
What is known today as bdrv_open2 becomes the new bdrv_open. All remaining callers of the old function are converted to the new one. In some places they even know the right format, so they should have used bdrv_open2 from the beginning. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Fix creation of large imagesKevin Wolf1-10/+33
qcow_create2 assumes that the new image will only need one cluster for its refcount table initially. Obviously that's not true any more when the image is big enough (exact value depends on the cluster size). This patch calculates the refcount table size dynamically. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Trigger blkdebug eventsKevin Wolf4-0/+81
This adds blkdebug events to qcow2 to allow injecting I/O errors in specific places. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23blkdebug: Add events and rulesKevin Wolf1-1/+249
Block drivers can trigger a blkdebug event whenever they reach a place where it could be useful to inject an error for testing/debugging purposes. Rules are read from a blkdebug config file and describe which action is taken when an event is triggered. For now this is only injecting an error (with a few options) or changing the state (which is an integer). Rules can be declared to be active only in a specific state; this way later rules can distiguish on which path we came to trigger their event. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23blkdebug: Inject errorsKevin Wolf1-0/+81
Add a mechanism to inject errors instead of passing requests on. With no further patches applied, you can use it by setting inject_errno in gdb. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23blkdebug: Basic request passthroughKevin Wolf1-0/+104
This isn't doing anything interesting. It creates the blkdebug block driver as a protocol which just passes everything through to raw. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-10raw-posix: don't assign bs->read_onlyChristoph Hellwig1-1/+0
bdrv_open already takes care of this for us. Signed-off-by: Christoph Hellwig <hch@lst.de> Acked-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-04-10qcow2: Remove request from in-flight list after errorKevin Wolf2-1/+6
If we complete a request with a failure we need to remove it from the list of requests that are in flight. If we don't do it, the next time the same AIOCB is used for a cluster allocation it will create a loop in the list and qemu will hang in an endless loop. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-04-10qcow2: Don't ignore immediate read/write failuresKevin Wolf1-2/+6
Returning -EIO is far from optimal, but at least it's an error code. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-03-27raw-posix: Better error return values for hdev_createKevin Wolf1-3/+3
Now that we output an error message according to the returned error code in qemu-img, let's return the real error codes. "Input/output error" for everything isn't helpful. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-03-18Replace assert(0) with abort() or cpu_abort()Blue Swirl1-10/+10
When building with -DNDEBUG, assert(0) will not stop execution so it must not be used for abnormal termination. Use cpu_abort() when in CPU context, abort() otherwise. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-13Fix build with -DNDEBUG in CFLAGSBlue Swirl1-0/+3
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-09vmdk: share cleanup codeJuan Quintela1-9/+4
cleanup code is identical for error/success cases. Only difference are goto labels. Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: fix double freeJuan Quintela1-1/+1
fail_gd error case would also free rgd_buf that was already freed Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: make vmdk_snapshot_create return -errnoJuan Quintela1-21/+58
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: return errno instead of -1Juan Quintela1-7/+7
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09qcow: return errno instead of -1Juan Quintela1-4/+4
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09qcow2: return errno instead of -1Juan Quintela1-9/+9
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09cow: return errno instead of -1Juan Quintela1-3/+2
Remove not needed ret = 0 assignment. Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Fix image creation regressionKevin Wolf1-2/+2
When checking for errors, commit db89119d compares with the wrong values, failing image creation even when there was no error. Additionally, if an error has occured, we can't preallocate the image (it's likely broken). This unbreaks test 023 of qemu-iotests. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: More checks for qemu-img checkKevin Wolf1-0/+12
Implement some more refcount block related checks Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Rewrite alloc_refcount_block/grow_refcount_tableKevin Wolf1-88/+222
The current implementation of alloc_refcount_block and grow_refcount_table has fundamental problems regarding error handling. There are some places where an I/O error means that the image is going to be corrupted. I have found that the only way to fix this is to completely rewrite the thing. In detail, the problem is that the refcount blocks itself are allocated using alloc_refcount_noref (to avoid endless recursion when updating the refcount of the new refcount block, which migh access just the same refcount block but its allocation is not yet completed...). Only at the end of the refcount allocation the refcount of the refcount block is increased. If an error happens in between, the refcount block is in use, but has a refcount of zero and will likely be overwritten later. The new approach is explained in comments in the code. The trick is basically to let new refcount blocks describe their own refcount, so their refcount will be automatically changed when they are hooked up in the refcount table. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Factor next_refcount_table_size outKevin Wolf1-11/+19
When the refcount table grows, it doesn't only grow by one entry but reserves some space for future refcount blocks. The algorithm to calculate the number of entries stays the same with the fixes, so factor it out before replacing the rest. As Juan suggested take the opportunity to simplify the code a bit. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-19qcow2: Fix access after end of arrayKevin Wolf1-2/+6
If a write requests crosses a L2 table boundary and all clusters until the end of the L2 table are usable for the request, we must not look at the next L2 entry because we already have arrived at the end of the array. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-10don't dereference NULL after failed strdupJim Meyering2-6/+6
Most of these are obvious NULL-deref bug fixes, for example, the ones in these files: block/curl.c net.c slirp/misc.c and the first one in block/vvfat.c. The others in block/vvfat.c may not lead to an immediate segfault, but I traced the two schedule_rename(..., strdup(path)) uses, and a failed strdup would appear to trigger this assertion in handle_renames_and_mkdirs: assert(commit->path); The conversion to use qemu_strdup in envlist_to_environ is not technically needed, but does avoid a theoretical leak in the caller when strdup fails for one value, but later succeeds in allocating another buffer(plausible, if one string length is much larger than the others). The caller does not know the length of the returned list, and as such can only free pointers until it hits the first NULL. If there are non-NULL pointers beyond the first, their buffers would be leaked. This one is admittedly far-fetched. The two in linux-user/main.c are worth fixing to ensure that an OOM error is diagnosed up front, rather than letting it provoke some harder-to-diagnose secondary error, in case of exec failure, or worse, in case the exec succeeds but with an invalid list of command line options. However, considering how unlikely it is to encounter a failed strdup early in main, this isn't a big deal. Note that adding the required uses of qemu_strdup here and in envlist.c induce link failures because qemu_strdup is not currently in any library they're linked with. So for now, I've omitted those changes, as well as the fixes in target-i386/helper.c and target-sparc/helper.c. If you'd like to see the above discussion (or anything else) in the commit log, just let me know and I'll be happy to adjust. >From 9af42864fd1ea666bd25e2cecfdfae74c20aa8c7 Mon Sep 17 00:00:00 2001 From: Jim Meyering <meyering@redhat.com> Date: Mon, 8 Feb 2010 18:29:29 +0100 Subject: [PATCH] don't dereference NULL after failed strdup Handle failing strdup by replacing each use with qemu_strdup, so as not to dereference NULL or trigger a failing assertion. * block/curl.c (curl_open): s/\bstrdup\b/qemu_strdup/ * block/vvfat.c (init_directories): Likewise. (get_cluster_count_for_direntry, check_directory_consistency): Likewise. * net.c (parse_host_src_port): Likewise. * slirp/misc.c (fork_exec): Likewise. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-10qcow2: Fix signedness bugsKevin Wolf2-10/+8
Checking for return codes < 0 isn't really going to work with unsigned types. Use signed types instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-08block/curl: %Z is not a valid conversion specifiermalc1-1/+1
Signed-off-by: malc <av1474@comtv.ru>
2010-02-07Do not use dprintfmalc1-8/+8
dprintf is already claimed by POSIX[1], and on at least one system is implemented as a macro [1] http://www.opengroup.org/onlinepubs/9699919799/functions/dprintf.html Signed-off-by: malc <av1474@comtv.ru>
2010-01-26block/raw-posix: Abort on pread beyond end of non-growable fileKevin Wolf1-1/+5
This shouldn't happen under any normal circumstances. However, it looks like it's possible to achieve this with corrupted images. Without this patch raw_pread is hanging in an endless loop in such cases. The patch is not affecting growable files, for which such reads happen in normal use cases. raw_pread_aligned already handles these cases and won't return zero in the first place. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26win32: pair qemu_memalign() with qemu_vfree()Herve Poussineau1-1/+1
Win32 suffers from a very big memory leak when dealing with SCSI devices. Each read/write request allocates memory with qemu_memalign (ie VirtualAlloc) but frees it with qemu_free (ie free). Pair all qemu_memalign() calls with qemu_vfree() to prevent such leaks. Signed-off-by: Herve Poussineau <hpoussin@reactos.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: rename two QCowAIOCB membersChristoph Hellwig1-29/+30
The n member is not very descriptive and very hard to grep, rename it to cur_nr_sectors to better indicate what it is used for. Also rename nb_sectors to remaining_sectors as that is what it is used for. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block: kill BDRV_O_CREATChristoph Hellwig3-15/+4
The BDRV_O_CREAT option is unused inside qemu and partially duplicates the bdrv_create method. Remove it, and the -C option to qemu-io which isn't used in qemu-iotests anyway. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26Read-only device changed to opens it's file for read-only.Naphtali Sprei2-8/+4
Signed-off-by: Naphtali Sprei <nsprei@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26Ask for read-write permissions when opening filesNaphtali Sprei2-2/+2
Found some places that seems needs this explicitly, now that read-write is not the default. Signed-off-by: Naphtali Sprei <nsprei@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/qcow2.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-10/+45
CC block/qcow2.o cc1: warnings being treated as errors block/qcow2.c: In function 'qcow_create2': block/qcow2.c:829: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:838: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:839: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:841: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:844: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:849: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:852: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:855: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/qcow2.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/vvfat.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-2/+7
CC block/vvfat.o cc1: warnings being treated as errors block/vvfat.c: In function 'commit_one_file': block/vvfat.c:2259: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result make: *** [block/vvfat.o] Error 1 CC block/vvfat.o In file included from /usr/include/stdio.h:912, from ./qemu-common.h:19, from block/vvfat.c:27: In function 'snprintf', inlined from 'init_directories' at block/vvfat.c:871, inlined from 'vvfat_open' at block/vvfat.c:1068: /usr/include/bits/stdio2.h:65: error: call to __builtin___snprintf_chk will always overflow destination buffer make: *** [block/vvfat.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/vmdk.o: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-10/+40
CC block/vmdk.o cc1: warnings being treated as errors block/vmdk.c: In function 'vmdk_snapshot_create': block/vmdk.c:236: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result block/vmdk.c: In function 'vmdk_create': block/vmdk.c:775: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:776: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:778: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result block/vmdk.c:784: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:790: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:807: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/vmdk.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/qcow.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-4/+22
CC block/qcow.o cc1: warnings being treated as errors block/qcow.c: In function 'qcow_create': block/qcow.c:804: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow.c:806: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow.c:811: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/qcow.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/cow.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-3/+16
CC block/cow.o cc1: warnings being treated as errors block/cow.c: In function 'cow_create': block/cow.c:251: error: ignoring return value of 'write', declared with attribute warn_unused_result block/cow.c:253: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result make: *** [block/cow.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Don't ignore qcow2_alloc_clusters return valueKevin Wolf3-3/+33
Now that qcow2_alloc_clusters can return error codes, we must handle them in the callers of qcow2_alloc_clusters. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Don't ignore update_refcount return valueKevin Wolf1-8/+23
update_refcount can return errors that need to be handled by the callers. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Allow updating no refcountsKevin Wolf1-1/+5
There's absolutely no problem with updating the refcounts of 0 clusters. At least snapshot code is doing this and would fail once the result of update_refcount isn't ignored any more. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Improve error handling in update_refcountKevin Wolf1-7/+25
If update_refcount fails, try to undo any changes made so far to avoid inconsistencies in the image file. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Fix error handling in grow_refcount_tableKevin Wolf1-3/+6
Return the appropriate error code instead of -EIO. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Return 0/-errno in qcow2_alloc_cluster_offsetKevin Wolf3-29/+39
Returning 0/-errno allows it to distingush different errors classes. The cluster offset of newly allocated clusters is now returned in the QCowL2Meta struct. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Return 0/-errno in get_cluster_tableKevin Wolf1-12/+18
Switching to 0/-errno allows it to distinguish different error cases. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Fix error handling in qcow_save_vmstateKevin Wolf1-2/+3
Don't assume success but pass the bdrv_pwrite return value on. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Fix error handling in qcow2_grow_l1_tableKevin Wolf1-4/+6
Return the appropriate error value instead of always using EIO. Don't free the L1 table on errors, we still need it. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-20Clean-up a little bit the RW related bits of BDRV_O_FLAGS. BDRV_O_RDONLY ↵Naphtali Sprei3-7/+8
gone (and so is BDRV_O_ACCESS). Default value for bdrv_flags (0/zero) is READ-ONLY. Need to explicitly request READ-WRITE. Instead of using the field 'readonly' of the BlockDriverState struct for passing the request, pass the request in the flags parameter to the function. Signed-off-by: Naphtali Sprei <nsprei@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>