aboutsummaryrefslogtreecommitdiff
path: root/block/qcow2-refcount.c
AgeCommit message (Collapse)Author
2012-12-19block: move include files to include/block/Paolo Bonzini
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2012-11-14qcow2: Fix refcount table size calculationKevin Wolf
A missing factor for the refcount table entry size in the calculation could mean that too little memory was allocated for the in-memory representation of the table, resulting in a buffer overflow. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Michael Tokarev <mjt@tls.msk.ru> Tested-by: Michael Tokarev <mjt@tls.msk.ru>
2012-07-09qcow2: preserve free_byte_offset when qcow2_alloc_bytes() failsStefan Hajnoczi
When qcow2_alloc_clusters() error handling code was introduced in commit 5d757b563d59142ca81e1073a8e8396750a0ad1a, the value of free_byte_offset was clobbered in the error case. This patch keeps free_byte_offset at 0 so we will try to allocate clusters again next time this function is called. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-06-15qcow2: always operate caches in writeback modePaolo Bonzini
Writethrough does not need special-casing anymore in the qcow2 caches. The block layer adds flushes after every guest-initiated data write, and these will also flush the qcow2 caches to the OS. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-06-15qcow2: Support for fixing refcount inconsistenciesKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-06-15qcow2: fix endianness conversionZhi Yong Wu
Signed-off-by: Zhi Yong Wu <wuzhy@linux.vnet.ibm.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-04-20qcow2: Support reading zero clustersKevin Wolf
This adds support for reading zero clusters in version 3 images. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-04-20qcow2: Ignore reserved bits in check_refcountsKevin Wolf
Also don't infer the cluster type directly from the L2 entries, but use qcow2_get_cluster_type() to keep everything in a single place. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-04-20qcow2: Ignore reserved bits in refcount table entriesKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-04-20qcow2: Refactor qcow2_free_any_clustersKevin Wolf
Zero clusters will add another cluster type. Refactor the open-coded cluster type detection into a switch of QCOW2_CLUSTER_* options so that the detection is in a single place. This makes it easier to add new cluster types. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-04-20qcow2: Ignore reserved bits in L1/L2 entriesKevin Wolf
This changes the still existing places that assume that the only flags are QCOW_OFLAG_COPIED and QCOW_OFLAG_COMPRESSED to properly mask out reserved bits. It does not convert bdrv_check yet. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-04-20qcow2: Fix refcount block allocation during qcow2_alloc_cluster_at()Kevin Wolf
Refcount block allocation and refcount table growth rely on s->free_cluster_index pointing to somewhere after the current allocation. Change qcow2_alloc_cluster_at() to fulfill this assumption. Without this change it could happen that a newly allocated refcount block and the allocated data block point to the same area in the image file, causing data corruption in the long run. This fixes a bug that became first visible after commit 250196f1. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2012-04-19qcow2: Fix return value of alloc_refcount_blockKevin Wolf
Someone forgot something in commit 29c1a730... Documenting the right return value is not enough, you also need to actually return it in the code. This bug sometimes causes error return values even when everything has succeeded: The new offset of the refcount block is truncated to 32 bits and interpreted as signed. At least with small cluster sizes it's easy to get a negative return value this way. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
2012-03-12qcow2: Add qcow2_alloc_clusters_at()Kevin Wolf
This function allows to allocate clusters at a given offset in the image file. This is useful if you want to allocate the second part of an area that must be contiguous. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-12-05qcow2: Fix order of refcount updates in qcow2_snapshot_gotoKevin Wolf
The refcount updates must be moved so that in the worst case we can get cluster leaks, but refcounts may never be too low. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-08-25qcow2: remove unused qcow2_create_refcount_update functionFrediano Ziglio
Signed-off-by: Frediano Ziglio <freddy77@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-25qcow2: use always stderr for debuggingFrediano Ziglio
let all DEBUG_ALLOC2 printf goes to stderr Signed-off-by: Frediano Ziglio <freddy77@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-08-20Use glib memory allocation and free functionsAnthony Liguori
qemu_malloc/qemu_free no longer exist after this commit. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2011-07-19qcow2: Use Qcow2Cache in writeback mode during loadvm/savevmKevin Wolf
In snapshotting there is no guest involved, so we can safely use a writeback mode and do the flushes in the right place (i.e. at the very end). This improves the time that creating/restoring an internal snapshot takes with an image in writethrough mode. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-06-08qcow2: Fix memory leaks in error casesKevin Wolf
This fixes memory leaks that may be caused by I/O errors during L1 table growth (can happen during save_vm) and in qemu-img check. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-05-08Fix typos in comments and code (occured -> occurred and related)Stefan Weil
The code changed here is an unused data type name (evt_flush_occurred). Signed-off-by: Stefan Weil <weil@mail.berlios.de> Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2011-01-31qcow2-refcount: remove write-only variablesBlue Swirl
Variables l2_modified and l2_size are not really used, remove them. Spotted by GCC 4.6.0: CC block/qcow2-refcount.o /src/qemu/block/qcow2-refcount.c: In function 'qcow2_update_snapshot_refcount': /src/qemu/block/qcow2-refcount.c:708:37: error: variable 'l2_modified' set but not used [-Werror=unused-but-set-variable] /src/qemu/block/qcow2-refcount.c:708:9: error: variable 'l2_size' set but not used [-Werror=unused-but-set-variable] CC: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2011-01-24qcow2: Use QcowCacheKevin Wolf
Use the new functions of qcow2-cache.c for everything that works on refcount block and L2 tables. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-11-04qcow2: Invalidate cache after failed readKevin Wolf
The cache content may be destroyed after a failed read, better not use it any more. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
2010-10-13block: avoid a write only variableBlue Swirl
Compiling with GCC 4.6.0 20100925 produced a warning: /src/qemu/block/qcow2-refcount.c: In function 'update_refcount': /src/qemu/block/qcow2-refcount.c:552:13: error: variable 'dummy' set but not used [-Werror=unused-but-set-variable] Fix by adding a dummy cast so that the result is not unused. Acked-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-09-21qcow2: Move sync out of qcow2_alloc_clustersKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-09-21qcow2: Move sync out of update_refcountKevin Wolf
Note that the flush is omitted intentionally in qcow2_free_clusters. If anything, we can leak clusters here if we lose the writes. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-09-21qcow2: Move sync out of write_refcount_block_entriesKevin Wolf
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-07-06qcow2/vdi: Change check to distinguish error casesKevin Wolf
This distinguishes between harmless leaks and real corruption. Hopefully users better understand what qemu-img check wants to tell them. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-06-22qcow2: Don't try to check tables that couldn't be loadedKevin Wolf
Trying to check them leads to a second error message which is more confusing than helpful: Can't get refcount for cluster 0: Invalid argument ERROR cluster 0 refcount=-22 reference=1 Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-06-22qcow2: Fix qemu-img check segfault on corrupted imagesKevin Wolf
With corrupted images, we can easily get an cluster index that exceeds the array size of the temporary refcount table. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-06-22qcow2: Use bdrv_(p)write_sync for metadata writesKevin Wolf
Use bdrv_(p)write_sync to ensure metadata integrity in case of a crash. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-06-15qcow2: Return real error code in load_refcount_blockKevin Wolf
This fixes load_refcount_block which completely ignored the return value of write_refcount_block and always returned -EIO for bdrv_pwrite failure. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-06-15qcow2: Allow alloc_clusters_noref to return errorsKevin Wolf
Currently it would consider blocks for which get_refcount fails used. However, it's unlikely that get_refcount would succeed for the next cluster, so it's not really helpful. Return an error instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-06-15qcow2: Allow get_refcount to return errorsKevin Wolf
get_refcount might need to load a refcount block from disk, so errors may happen. Return the error code instead of assuming a refcount of 1 and change the callers to respect error return values. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-05-28qcow2: Fix corruption after error in update_refcountKevin Wolf
After it is done with updating refcounts in the cache, update_refcount writes all changed entries to disk. If a refcount block allocation fails, however, there was no change yet and therefore first_index = last_index = -1. Don't treat -1 as a normal sector index (resulting in a 512 byte write!) but return without updating anything in this case. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-05-28qcow2: Fix corruption after refblock allocationKevin Wolf
Refblock allocation code needs to take into consideration that update_refcount will load a different refcount block into the cache, so it must initialize the cache for a new refcount block only afterwards. Not doing this means that not only the refcount in the wrong block is updated, but also that the caller will work on the wrong block. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-05-28qcow2: Return right error code in write_refcount_block_entriesKevin Wolf
write_refcount_block_entries used to return -EIO for any errors. Change this to return the real error code. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-05-03qcow2: Remove abort on free_clusters failureKevin Wolf
While it's true that during regular operation free_clusters failure would be a bug, an I/O error can always happen. There's no need to kill the VM, the worst thing that can happen (and it will) is that we leak some clusters. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-05-03qcow2: Avoid shadowing variable in alloc_clusters_noref()Stefan Hajnoczi
The i loop iterator is shadowed by the next free cluster index. Both using the variable name 'i' makes the code harder to read. Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-05-03block: Open the underlying image file in generic codeKevin Wolf
Format drivers shouldn't need to bother with things like file names, but rather just get an open BlockDriverState for the underlying protocol. This patch introduces this behaviour for bdrv_open implementation. For protocols which need to access the filename to open their file/device/connection/... a new callback bdrv_file_open is introduced which doesn't get an underlying file opened. For now, also some of the more obscure formats use bdrv_file_open because they open() the file themselves instead of using the block.c functions. They need to be fixed in later patches. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Trigger blkdebug eventsKevin Wolf
This adds blkdebug events to qcow2 to allow injecting I/O errors in specific places. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-02-23qcow2: More checks for qemu-img checkKevin Wolf
Implement some more refcount block related checks Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Rewrite alloc_refcount_block/grow_refcount_tableKevin Wolf
The current implementation of alloc_refcount_block and grow_refcount_table has fundamental problems regarding error handling. There are some places where an I/O error means that the image is going to be corrupted. I have found that the only way to fix this is to completely rewrite the thing. In detail, the problem is that the refcount blocks itself are allocated using alloc_refcount_noref (to avoid endless recursion when updating the refcount of the new refcount block, which migh access just the same refcount block but its allocation is not yet completed...). Only at the end of the refcount allocation the refcount of the refcount block is increased. If an error happens in between, the refcount block is in use, but has a refcount of zero and will likely be overwritten later. The new approach is explained in comments in the code. The trick is basically to let new refcount blocks describe their own refcount, so their refcount will be automatically changed when they are hooked up in the refcount table. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Factor next_refcount_table_size outKevin Wolf
When the refcount table grows, it doesn't only grow by one entry but reserves some space for future refcount blocks. The algorithm to calculate the number of entries stays the same with the fixes, so factor it out before replacing the rest. As Juan suggested take the opportunity to simplify the code a bit. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Don't ignore qcow2_alloc_clusters return valueKevin Wolf
Now that qcow2_alloc_clusters can return error codes, we must handle them in the callers of qcow2_alloc_clusters. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Don't ignore update_refcount return valueKevin Wolf
update_refcount can return errors that need to be handled by the callers. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Allow updating no refcountsKevin Wolf
There's absolutely no problem with updating the refcounts of 0 clusters. At least snapshot code is doing this and would fail once the result of update_refcount isn't ignored any more. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Improve error handling in update_refcountKevin Wolf
If update_refcount fails, try to undo any changes made so far to avoid inconsistencies in the image file. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Fix error handling in grow_refcount_tableKevin Wolf
Return the appropriate error code instead of -EIO. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>