aboutsummaryrefslogtreecommitdiff
path: root/block
AgeCommit message (Collapse)Author
2010-04-25Fix dead initialization, spotted by clang analyzerBlue Swirl
Fix clang warnings: /src/qemu/block/vvfat.c:1102:9: warning: Value stored to 'index3' during its initialization is never read int index3=index1+1; /src/qemu/cmd.c:290:15: warning: Value stored to 'p' during its initialization is never read char *p = result; Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-04-23Fix OpenBSD buildBlue Swirl
GCC 3.3.5 generates warnings for static forward declarations of data, so rearrange code to use static forward declarations of functions instead. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-04-23qcow2: Use QLIST_FOREACH_SAFE macroStefan Hajnoczi
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Return 0/-errno in l2_allocateKevin Wolf
Returning NULL on error doesn't allow distinguishing between different errors. Change the interface to return an integer for -errno. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Return 0/-errno in write_l1_entryKevin Wolf
Change write_l1_entry to return the real error code instead of -1. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Fix error return code in qcow2_alloc_cluster_link_l2Kevin Wolf
Fix qcow2_alloc_cluster_link_l2 to return the real error code like it does in all other error cases. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Return 0/-errno in write_l2_entriesKevin Wolf
Change write_l2_entries to return the real error code instead of -1. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23block: split raw_getlengthChristoph Hellwig
Split up the raw_getlength into separate generic, solaris and BSD versions to reduce the ifdef maze a bit. The BSD variant still is a complete maze, but to clean it up properly we'd need some people using the BSD variants to figure out what code is used for what variant. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23Replace calls of old bdrv_openKevin Wolf
What is known today as bdrv_open2 becomes the new bdrv_open. All remaining callers of the old function are converted to the new one. In some places they even know the right format, so they should have used bdrv_open2 from the beginning. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Fix creation of large imagesKevin Wolf
qcow_create2 assumes that the new image will only need one cluster for its refcount table initially. Obviously that's not true any more when the image is big enough (exact value depends on the cluster size). This patch calculates the refcount table size dynamically. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23qcow2: Trigger blkdebug eventsKevin Wolf
This adds blkdebug events to qcow2 to allow injecting I/O errors in specific places. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23blkdebug: Add events and rulesKevin Wolf
Block drivers can trigger a blkdebug event whenever they reach a place where it could be useful to inject an error for testing/debugging purposes. Rules are read from a blkdebug config file and describe which action is taken when an event is triggered. For now this is only injecting an error (with a few options) or changing the state (which is an integer). Rules can be declared to be active only in a specific state; this way later rules can distiguish on which path we came to trigger their event. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23blkdebug: Inject errorsKevin Wolf
Add a mechanism to inject errors instead of passing requests on. With no further patches applied, you can use it by setting inject_errno in gdb. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-23blkdebug: Basic request passthroughKevin Wolf
This isn't doing anything interesting. It creates the blkdebug block driver as a protocol which just passes everything through to raw. Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2010-04-10raw-posix: don't assign bs->read_onlyChristoph Hellwig
bdrv_open already takes care of this for us. Signed-off-by: Christoph Hellwig <hch@lst.de> Acked-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-04-10qcow2: Remove request from in-flight list after errorKevin Wolf
If we complete a request with a failure we need to remove it from the list of requests that are in flight. If we don't do it, the next time the same AIOCB is used for a cluster allocation it will create a loop in the list and qemu will hang in an endless loop. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-04-10qcow2: Don't ignore immediate read/write failuresKevin Wolf
Returning -EIO is far from optimal, but at least it's an error code. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-03-27raw-posix: Better error return values for hdev_createKevin Wolf
Now that we output an error message according to the returned error code in qemu-img, let's return the real error codes. "Input/output error" for everything isn't helpful. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-03-18Replace assert(0) with abort() or cpu_abort()Blue Swirl
When building with -DNDEBUG, assert(0) will not stop execution so it must not be used for abnormal termination. Use cpu_abort() when in CPU context, abort() otherwise. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-13Fix build with -DNDEBUG in CFLAGSBlue Swirl
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-09vmdk: share cleanup codeJuan Quintela
cleanup code is identical for error/success cases. Only difference are goto labels. Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: fix double freeJuan Quintela
fail_gd error case would also free rgd_buf that was already freed Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: make vmdk_snapshot_create return -errnoJuan Quintela
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: return errno instead of -1Juan Quintela
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09qcow: return errno instead of -1Juan Quintela
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09qcow2: return errno instead of -1Juan Quintela
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09cow: return errno instead of -1Juan Quintela
Remove not needed ret = 0 assignment. Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Fix image creation regressionKevin Wolf
When checking for errors, commit db89119d compares with the wrong values, failing image creation even when there was no error. Additionally, if an error has occured, we can't preallocate the image (it's likely broken). This unbreaks test 023 of qemu-iotests. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: More checks for qemu-img checkKevin Wolf
Implement some more refcount block related checks Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Rewrite alloc_refcount_block/grow_refcount_tableKevin Wolf
The current implementation of alloc_refcount_block and grow_refcount_table has fundamental problems regarding error handling. There are some places where an I/O error means that the image is going to be corrupted. I have found that the only way to fix this is to completely rewrite the thing. In detail, the problem is that the refcount blocks itself are allocated using alloc_refcount_noref (to avoid endless recursion when updating the refcount of the new refcount block, which migh access just the same refcount block but its allocation is not yet completed...). Only at the end of the refcount allocation the refcount of the refcount block is increased. If an error happens in between, the refcount block is in use, but has a refcount of zero and will likely be overwritten later. The new approach is explained in comments in the code. The trick is basically to let new refcount blocks describe their own refcount, so their refcount will be automatically changed when they are hooked up in the refcount table. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Factor next_refcount_table_size outKevin Wolf
When the refcount table grows, it doesn't only grow by one entry but reserves some space for future refcount blocks. The algorithm to calculate the number of entries stays the same with the fixes, so factor it out before replacing the rest. As Juan suggested take the opportunity to simplify the code a bit. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-19qcow2: Fix access after end of arrayKevin Wolf
If a write requests crosses a L2 table boundary and all clusters until the end of the L2 table are usable for the request, we must not look at the next L2 entry because we already have arrived at the end of the array. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-10don't dereference NULL after failed strdupJim Meyering
Most of these are obvious NULL-deref bug fixes, for example, the ones in these files: block/curl.c net.c slirp/misc.c and the first one in block/vvfat.c. The others in block/vvfat.c may not lead to an immediate segfault, but I traced the two schedule_rename(..., strdup(path)) uses, and a failed strdup would appear to trigger this assertion in handle_renames_and_mkdirs: assert(commit->path); The conversion to use qemu_strdup in envlist_to_environ is not technically needed, but does avoid a theoretical leak in the caller when strdup fails for one value, but later succeeds in allocating another buffer(plausible, if one string length is much larger than the others). The caller does not know the length of the returned list, and as such can only free pointers until it hits the first NULL. If there are non-NULL pointers beyond the first, their buffers would be leaked. This one is admittedly far-fetched. The two in linux-user/main.c are worth fixing to ensure that an OOM error is diagnosed up front, rather than letting it provoke some harder-to-diagnose secondary error, in case of exec failure, or worse, in case the exec succeeds but with an invalid list of command line options. However, considering how unlikely it is to encounter a failed strdup early in main, this isn't a big deal. Note that adding the required uses of qemu_strdup here and in envlist.c induce link failures because qemu_strdup is not currently in any library they're linked with. So for now, I've omitted those changes, as well as the fixes in target-i386/helper.c and target-sparc/helper.c. If you'd like to see the above discussion (or anything else) in the commit log, just let me know and I'll be happy to adjust. >From 9af42864fd1ea666bd25e2cecfdfae74c20aa8c7 Mon Sep 17 00:00:00 2001 From: Jim Meyering <meyering@redhat.com> Date: Mon, 8 Feb 2010 18:29:29 +0100 Subject: [PATCH] don't dereference NULL after failed strdup Handle failing strdup by replacing each use with qemu_strdup, so as not to dereference NULL or trigger a failing assertion. * block/curl.c (curl_open): s/\bstrdup\b/qemu_strdup/ * block/vvfat.c (init_directories): Likewise. (get_cluster_count_for_direntry, check_directory_consistency): Likewise. * net.c (parse_host_src_port): Likewise. * slirp/misc.c (fork_exec): Likewise. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-10qcow2: Fix signedness bugsKevin Wolf
Checking for return codes < 0 isn't really going to work with unsigned types. Use signed types instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-08block/curl: %Z is not a valid conversion specifiermalc
Signed-off-by: malc <av1474@comtv.ru>
2010-02-07Do not use dprintfmalc
dprintf is already claimed by POSIX[1], and on at least one system is implemented as a macro [1] http://www.opengroup.org/onlinepubs/9699919799/functions/dprintf.html Signed-off-by: malc <av1474@comtv.ru>
2010-01-26block/raw-posix: Abort on pread beyond end of non-growable fileKevin Wolf
This shouldn't happen under any normal circumstances. However, it looks like it's possible to achieve this with corrupted images. Without this patch raw_pread is hanging in an endless loop in such cases. The patch is not affecting growable files, for which such reads happen in normal use cases. raw_pread_aligned already handles these cases and won't return zero in the first place. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26win32: pair qemu_memalign() with qemu_vfree()Herve Poussineau
Win32 suffers from a very big memory leak when dealing with SCSI devices. Each read/write request allocates memory with qemu_memalign (ie VirtualAlloc) but frees it with qemu_free (ie free). Pair all qemu_memalign() calls with qemu_vfree() to prevent such leaks. Signed-off-by: Herve Poussineau <hpoussin@reactos.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: rename two QCowAIOCB membersChristoph Hellwig
The n member is not very descriptive and very hard to grep, rename it to cur_nr_sectors to better indicate what it is used for. Also rename nb_sectors to remaining_sectors as that is what it is used for. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block: kill BDRV_O_CREATChristoph Hellwig
The BDRV_O_CREAT option is unused inside qemu and partially duplicates the bdrv_create method. Remove it, and the -C option to qemu-io which isn't used in qemu-iotests anyway. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26Read-only device changed to opens it's file for read-only.Naphtali Sprei
Signed-off-by: Naphtali Sprei <nsprei@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26Ask for read-write permissions when opening filesNaphtali Sprei
Found some places that seems needs this explicitly, now that read-write is not the default. Signed-off-by: Naphtali Sprei <nsprei@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/qcow2.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov
CC block/qcow2.o cc1: warnings being treated as errors block/qcow2.c: In function 'qcow_create2': block/qcow2.c:829: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:838: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:839: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:841: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:844: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:849: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:852: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:855: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/qcow2.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/vvfat.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov
CC block/vvfat.o cc1: warnings being treated as errors block/vvfat.c: In function 'commit_one_file': block/vvfat.c:2259: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result make: *** [block/vvfat.o] Error 1 CC block/vvfat.o In file included from /usr/include/stdio.h:912, from ./qemu-common.h:19, from block/vvfat.c:27: In function 'snprintf', inlined from 'init_directories' at block/vvfat.c:871, inlined from 'vvfat_open' at block/vvfat.c:1068: /usr/include/bits/stdio2.h:65: error: call to __builtin___snprintf_chk will always overflow destination buffer make: *** [block/vvfat.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/vmdk.o: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov
CC block/vmdk.o cc1: warnings being treated as errors block/vmdk.c: In function 'vmdk_snapshot_create': block/vmdk.c:236: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result block/vmdk.c: In function 'vmdk_create': block/vmdk.c:775: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:776: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:778: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result block/vmdk.c:784: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:790: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:807: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/vmdk.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/qcow.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov
CC block/qcow.o cc1: warnings being treated as errors block/qcow.c: In function 'qcow_create': block/qcow.c:804: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow.c:806: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow.c:811: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/qcow.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/cow.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov
CC block/cow.o cc1: warnings being treated as errors block/cow.c: In function 'cow_create': block/cow.c:251: error: ignoring return value of 'write', declared with attribute warn_unused_result block/cow.c:253: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result make: *** [block/cow.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Don't ignore qcow2_alloc_clusters return valueKevin Wolf
Now that qcow2_alloc_clusters can return error codes, we must handle them in the callers of qcow2_alloc_clusters. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Don't ignore update_refcount return valueKevin Wolf
update_refcount can return errors that need to be handled by the callers. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Allow updating no refcountsKevin Wolf
There's absolutely no problem with updating the refcounts of 0 clusters. At least snapshot code is doing this and would fail once the result of update_refcount isn't ignored any more. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>