aboutsummaryrefslogtreecommitdiff
path: root/block
AgeCommit message (Collapse)AuthorFilesLines
2010-03-27raw-posix: Better error return values for hdev_createKevin Wolf1-3/+3
Now that we output an error message according to the returned error code in qemu-img, let's return the real error codes. "Input/output error" for everything isn't helpful. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2010-03-18Replace assert(0) with abort() or cpu_abort()Blue Swirl1-10/+10
When building with -DNDEBUG, assert(0) will not stop execution so it must not be used for abnormal termination. Use cpu_abort() when in CPU context, abort() otherwise. Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-13Fix build with -DNDEBUG in CFLAGSBlue Swirl1-0/+3
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2010-03-09vmdk: share cleanup codeJuan Quintela1-9/+4
cleanup code is identical for error/success cases. Only difference are goto labels. Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: fix double freeJuan Quintela1-1/+1
fail_gd error case would also free rgd_buf that was already freed Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: make vmdk_snapshot_create return -errnoJuan Quintela1-21/+58
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09vmdk: return errno instead of -1Juan Quintela1-7/+7
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09qcow: return errno instead of -1Juan Quintela1-4/+4
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09qcow2: return errno instead of -1Juan Quintela1-9/+9
Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-03-09cow: return errno instead of -1Juan Quintela1-3/+2
Remove not needed ret = 0 assignment. Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Fix image creation regressionKevin Wolf1-2/+2
When checking for errors, commit db89119d compares with the wrong values, failing image creation even when there was no error. Additionally, if an error has occured, we can't preallocate the image (it's likely broken). This unbreaks test 023 of qemu-iotests. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: More checks for qemu-img checkKevin Wolf1-0/+12
Implement some more refcount block related checks Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Rewrite alloc_refcount_block/grow_refcount_tableKevin Wolf1-88/+222
The current implementation of alloc_refcount_block and grow_refcount_table has fundamental problems regarding error handling. There are some places where an I/O error means that the image is going to be corrupted. I have found that the only way to fix this is to completely rewrite the thing. In detail, the problem is that the refcount blocks itself are allocated using alloc_refcount_noref (to avoid endless recursion when updating the refcount of the new refcount block, which migh access just the same refcount block but its allocation is not yet completed...). Only at the end of the refcount allocation the refcount of the refcount block is increased. If an error happens in between, the refcount block is in use, but has a refcount of zero and will likely be overwritten later. The new approach is explained in comments in the code. The trick is basically to let new refcount blocks describe their own refcount, so their refcount will be automatically changed when they are hooked up in the refcount table. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-23qcow2: Factor next_refcount_table_size outKevin Wolf1-11/+19
When the refcount table grows, it doesn't only grow by one entry but reserves some space for future refcount blocks. The algorithm to calculate the number of entries stays the same with the fixes, so factor it out before replacing the rest. As Juan suggested take the opportunity to simplify the code a bit. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-19qcow2: Fix access after end of arrayKevin Wolf1-2/+6
If a write requests crosses a L2 table boundary and all clusters until the end of the L2 table are usable for the request, we must not look at the next L2 entry because we already have arrived at the end of the array. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-10don't dereference NULL after failed strdupJim Meyering2-6/+6
Most of these are obvious NULL-deref bug fixes, for example, the ones in these files: block/curl.c net.c slirp/misc.c and the first one in block/vvfat.c. The others in block/vvfat.c may not lead to an immediate segfault, but I traced the two schedule_rename(..., strdup(path)) uses, and a failed strdup would appear to trigger this assertion in handle_renames_and_mkdirs: assert(commit->path); The conversion to use qemu_strdup in envlist_to_environ is not technically needed, but does avoid a theoretical leak in the caller when strdup fails for one value, but later succeeds in allocating another buffer(plausible, if one string length is much larger than the others). The caller does not know the length of the returned list, and as such can only free pointers until it hits the first NULL. If there are non-NULL pointers beyond the first, their buffers would be leaked. This one is admittedly far-fetched. The two in linux-user/main.c are worth fixing to ensure that an OOM error is diagnosed up front, rather than letting it provoke some harder-to-diagnose secondary error, in case of exec failure, or worse, in case the exec succeeds but with an invalid list of command line options. However, considering how unlikely it is to encounter a failed strdup early in main, this isn't a big deal. Note that adding the required uses of qemu_strdup here and in envlist.c induce link failures because qemu_strdup is not currently in any library they're linked with. So for now, I've omitted those changes, as well as the fixes in target-i386/helper.c and target-sparc/helper.c. If you'd like to see the above discussion (or anything else) in the commit log, just let me know and I'll be happy to adjust. >From 9af42864fd1ea666bd25e2cecfdfae74c20aa8c7 Mon Sep 17 00:00:00 2001 From: Jim Meyering <meyering@redhat.com> Date: Mon, 8 Feb 2010 18:29:29 +0100 Subject: [PATCH] don't dereference NULL after failed strdup Handle failing strdup by replacing each use with qemu_strdup, so as not to dereference NULL or trigger a failing assertion. * block/curl.c (curl_open): s/\bstrdup\b/qemu_strdup/ * block/vvfat.c (init_directories): Likewise. (get_cluster_count_for_direntry, check_directory_consistency): Likewise. * net.c (parse_host_src_port): Likewise. * slirp/misc.c (fork_exec): Likewise. Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-10qcow2: Fix signedness bugsKevin Wolf2-10/+8
Checking for return codes < 0 isn't really going to work with unsigned types. Use signed types instead. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-02-08block/curl: %Z is not a valid conversion specifiermalc1-1/+1
Signed-off-by: malc <av1474@comtv.ru>
2010-02-07Do not use dprintfmalc1-8/+8
dprintf is already claimed by POSIX[1], and on at least one system is implemented as a macro [1] http://www.opengroup.org/onlinepubs/9699919799/functions/dprintf.html Signed-off-by: malc <av1474@comtv.ru>
2010-01-26block/raw-posix: Abort on pread beyond end of non-growable fileKevin Wolf1-1/+5
This shouldn't happen under any normal circumstances. However, it looks like it's possible to achieve this with corrupted images. Without this patch raw_pread is hanging in an endless loop in such cases. The patch is not affecting growable files, for which such reads happen in normal use cases. raw_pread_aligned already handles these cases and won't return zero in the first place. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26win32: pair qemu_memalign() with qemu_vfree()Herve Poussineau1-1/+1
Win32 suffers from a very big memory leak when dealing with SCSI devices. Each read/write request allocates memory with qemu_memalign (ie VirtualAlloc) but frees it with qemu_free (ie free). Pair all qemu_memalign() calls with qemu_vfree() to prevent such leaks. Signed-off-by: Herve Poussineau <hpoussin@reactos.org> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: rename two QCowAIOCB membersChristoph Hellwig1-29/+30
The n member is not very descriptive and very hard to grep, rename it to cur_nr_sectors to better indicate what it is used for. Also rename nb_sectors to remaining_sectors as that is what it is used for. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block: kill BDRV_O_CREATChristoph Hellwig3-15/+4
The BDRV_O_CREAT option is unused inside qemu and partially duplicates the bdrv_create method. Remove it, and the -C option to qemu-io which isn't used in qemu-iotests anyway. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26Read-only device changed to opens it's file for read-only.Naphtali Sprei2-8/+4
Signed-off-by: Naphtali Sprei <nsprei@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26Ask for read-write permissions when opening filesNaphtali Sprei2-2/+2
Found some places that seems needs this explicitly, now that read-write is not the default. Signed-off-by: Naphtali Sprei <nsprei@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/qcow2.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-10/+45
CC block/qcow2.o cc1: warnings being treated as errors block/qcow2.c: In function 'qcow_create2': block/qcow2.c:829: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:838: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:839: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:841: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:844: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:849: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:852: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow2.c:855: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/qcow2.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/vvfat.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-2/+7
CC block/vvfat.o cc1: warnings being treated as errors block/vvfat.c: In function 'commit_one_file': block/vvfat.c:2259: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result make: *** [block/vvfat.o] Error 1 CC block/vvfat.o In file included from /usr/include/stdio.h:912, from ./qemu-common.h:19, from block/vvfat.c:27: In function 'snprintf', inlined from 'init_directories' at block/vvfat.c:871, inlined from 'vvfat_open' at block/vvfat.c:1068: /usr/include/bits/stdio2.h:65: error: call to __builtin___snprintf_chk will always overflow destination buffer make: *** [block/vvfat.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/vmdk.o: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-10/+40
CC block/vmdk.o cc1: warnings being treated as errors block/vmdk.c: In function 'vmdk_snapshot_create': block/vmdk.c:236: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result block/vmdk.c: In function 'vmdk_create': block/vmdk.c:775: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:776: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:778: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result block/vmdk.c:784: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:790: error: ignoring return value of 'write', declared with attribute warn_unused_result block/vmdk.c:807: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/vmdk.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/qcow.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-4/+22
CC block/qcow.o cc1: warnings being treated as errors block/qcow.c: In function 'qcow_create': block/qcow.c:804: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow.c:806: error: ignoring return value of 'write', declared with attribute warn_unused_result block/qcow.c:811: error: ignoring return value of 'write', declared with attribute warn_unused_result make: *** [block/qcow.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26block/cow.c: fix warnings with _FORTIFY_SOURCEKirill A. Shutemov1-3/+16
CC block/cow.o cc1: warnings being treated as errors block/cow.c: In function 'cow_create': block/cow.c:251: error: ignoring return value of 'write', declared with attribute warn_unused_result block/cow.c:253: error: ignoring return value of 'ftruncate', declared with attribute warn_unused_result make: *** [block/cow.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Juan Quintela <quintela@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Don't ignore qcow2_alloc_clusters return valueKevin Wolf3-3/+33
Now that qcow2_alloc_clusters can return error codes, we must handle them in the callers of qcow2_alloc_clusters. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Don't ignore update_refcount return valueKevin Wolf1-8/+23
update_refcount can return errors that need to be handled by the callers. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Allow updating no refcountsKevin Wolf1-1/+5
There's absolutely no problem with updating the refcounts of 0 clusters. At least snapshot code is doing this and would fail once the result of update_refcount isn't ignored any more. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Improve error handling in update_refcountKevin Wolf1-7/+25
If update_refcount fails, try to undo any changes made so far to avoid inconsistencies in the image file. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Fix error handling in grow_refcount_tableKevin Wolf1-3/+6
Return the appropriate error code instead of -EIO. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Return 0/-errno in qcow2_alloc_cluster_offsetKevin Wolf3-29/+39
Returning 0/-errno allows it to distingush different errors classes. The cluster offset of newly allocated clusters is now returned in the QCowL2Meta struct. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Return 0/-errno in get_cluster_tableKevin Wolf1-12/+18
Switching to 0/-errno allows it to distinguish different error cases. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Fix error handling in qcow_save_vmstateKevin Wolf1-2/+3
Don't assume success but pass the bdrv_pwrite return value on. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-26qcow2: Fix error handling in qcow2_grow_l1_tableKevin Wolf1-4/+6
Return the appropriate error value instead of always using EIO. Don't free the L1 table on errors, we still need it. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-20Clean-up a little bit the RW related bits of BDRV_O_FLAGS. BDRV_O_RDONLY ↵Naphtali Sprei3-7/+8
gone (and so is BDRV_O_ACCESS). Default value for bdrv_flags (0/zero) is READ-ONLY. Need to explicitly request READ-WRITE. Instead of using the field 'readonly' of the BlockDriverState struct for passing the request, pass the request in the flags parameter to the function. Signed-off-by: Naphtali Sprei <nsprei@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-19raw-posix: Detect legacy floppy via ioctl on linuxCole Robinson1-2/+19
Current legacy floppy detection is hardcoded based on source file name. Make this smarter on linux by attempting a floppy specific ioctl. v2: Give ioctl check higher priority than filename check s/IDE/legacy/ v3: Actually initialize 'prio' variable Check for ioctl success rather than absence of specific failure v4: Explicitly mention that change is linux specific. Signed-off-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-19raw-posix: Detect CDROM via ioctl on linuxCole Robinson1-2/+18
Current CDROM detection is hardcoded based on source file name. Make this smarter on linux by attempting a CDROM specific ioctl. This makes '-cdrom /dev/sr0' succeed with no media present. v2: Give ioctl check higher priority than filename check. v3: Actually initialize 'prio' variable. Check for ioctl success rather than absence of specific failure. v4: Explicitly mention that change is linux specific. Signed-off-by: Cole Robinson <crobinso@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-13qcow/qcow2: implement bdrv_aio_flushKevin Wolf2-0/+18
Now that we do not have to flush the backing device anymore implementing the bdrv_aio_flush method for image formats is trivial. [hch: forward ported to qemu mainline from a product tree] Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-13qcow2-refcount: remove dead assignmentAmit Shah1-1/+0
clang-analyzer points out a redundant assignment. Signed-off-by: Amit Shah <amit.shah@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-13block: Add bdrv_change_backing_fileKevin Wolf1-0/+101
Introduce the functions needed to change the backing file of an image. The function is implemented for qcow2. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-11dmg: fix ->open failureChristoph Hellwig1-14/+14
Currently the dmg image format driver simply opens the images as raw if any kind of failure happens. This is contrarty to the behaviour of all other image formats which just return an error and let the block core deal with it. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2010-01-08block/vdi: allow disk sizes not multiple of block sizeFrançois Revol1-2/+5
The disk image I created from my old laptop disk with VBoxManage internalcommand converthd obviously was not a multiple of 1MB as when created from scratch. This fixes QEMU refusing it. We still require the size to be a multiple of sector size though. It then boots correctly. Allow opening VDI images with size not multiple of 1MB (as when converted from a raw disk). Signed-off-by: François Revol <revol@free.fr> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-12-25block/bochs: improve format checkingBlue Swirl1-3/+10
Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-12-25block/bochs.c: fix warning with _FORTIFY_SOURCEKirill A. Shutemov1-1/+2
CC block/bochs.o cc1: warnings being treated as errors block/bochs.c: In function 'seek_to_sector': block/bochs.c:202: error: ignoring return value of 'read', declared with attribute warn_unused_result make: *** [block/bochs.o] Error 1 Signed-off-by: Kirill A. Shutemov <kirill@shutemov.name> Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
2009-12-03Don't leak file descriptorsKevin Wolf1-1/+1
We're leaking file descriptors to child processes. Set FD_CLOEXEC on file descriptors that don't need to be passed to children to stop this misbehaviour. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>