xref: /openbmc/qemu/qemu-img.c (revision 9543fdaf)
1 /*
2  * QEMU disk image utility
3  *
4  * Copyright (c) 2003-2008 Fabrice Bellard
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a copy
7  * of this software and associated documentation files (the "Software"), to deal
8  * in the Software without restriction, including without limitation the rights
9  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10  * copies of the Software, and to permit persons to whom the Software is
11  * furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice shall be included in
14  * all copies or substantial portions of the Software.
15  *
16  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22  * THE SOFTWARE.
23  */
24 
25 #include "qemu/osdep.h"
26 #include <getopt.h>
27 
28 #include "qemu-version.h"
29 #include "qapi/error.h"
30 #include "qapi/qapi-visit-block-core.h"
31 #include "qapi/qobject-output-visitor.h"
32 #include "qapi/qmp/qjson.h"
33 #include "qapi/qmp/qdict.h"
34 #include "qapi/qmp/qstring.h"
35 #include "qemu/cutils.h"
36 #include "qemu/config-file.h"
37 #include "qemu/option.h"
38 #include "qemu/error-report.h"
39 #include "qemu/log.h"
40 #include "qom/object_interfaces.h"
41 #include "sysemu/sysemu.h"
42 #include "sysemu/block-backend.h"
43 #include "block/block_int.h"
44 #include "block/blockjob.h"
45 #include "block/qapi.h"
46 #include "crypto/init.h"
47 #include "trace/control.h"
48 
49 #define QEMU_IMG_VERSION "qemu-img version " QEMU_FULL_VERSION \
50                           "\n" QEMU_COPYRIGHT "\n"
51 
52 typedef struct img_cmd_t {
53     const char *name;
54     int (*handler)(int argc, char **argv);
55 } img_cmd_t;
56 
57 enum {
58     OPTION_OUTPUT = 256,
59     OPTION_BACKING_CHAIN = 257,
60     OPTION_OBJECT = 258,
61     OPTION_IMAGE_OPTS = 259,
62     OPTION_PATTERN = 260,
63     OPTION_FLUSH_INTERVAL = 261,
64     OPTION_NO_DRAIN = 262,
65     OPTION_TARGET_IMAGE_OPTS = 263,
66     OPTION_SIZE = 264,
67     OPTION_PREALLOCATION = 265,
68     OPTION_SHRINK = 266,
69 };
70 
71 typedef enum OutputFormat {
72     OFORMAT_JSON,
73     OFORMAT_HUMAN,
74 } OutputFormat;
75 
76 /* Default to cache=writeback as data integrity is not important for qemu-img */
77 #define BDRV_DEFAULT_CACHE "writeback"
78 
79 static void format_print(void *opaque, const char *name)
80 {
81     printf(" %s", name);
82 }
83 
84 static void QEMU_NORETURN GCC_FMT_ATTR(1, 2) error_exit(const char *fmt, ...)
85 {
86     va_list ap;
87 
88     error_printf("qemu-img: ");
89 
90     va_start(ap, fmt);
91     error_vprintf(fmt, ap);
92     va_end(ap);
93 
94     error_printf("\nTry 'qemu-img --help' for more information\n");
95     exit(EXIT_FAILURE);
96 }
97 
98 static void QEMU_NORETURN missing_argument(const char *option)
99 {
100     error_exit("missing argument for option '%s'", option);
101 }
102 
103 static void QEMU_NORETURN unrecognized_option(const char *option)
104 {
105     error_exit("unrecognized option '%s'", option);
106 }
107 
108 /* Please keep in synch with qemu-img.texi */
109 static void QEMU_NORETURN help(void)
110 {
111     const char *help_msg =
112            QEMU_IMG_VERSION
113            "usage: qemu-img [standard options] command [command options]\n"
114            "QEMU disk image utility\n"
115            "\n"
116            "    '-h', '--help'       display this help and exit\n"
117            "    '-V', '--version'    output version information and exit\n"
118            "    '-T', '--trace'      [[enable=]<pattern>][,events=<file>][,file=<file>]\n"
119            "                         specify tracing options\n"
120            "\n"
121            "Command syntax:\n"
122 #define DEF(option, callback, arg_string)        \
123            "  " arg_string "\n"
124 #include "qemu-img-cmds.h"
125 #undef DEF
126            "\n"
127            "Command parameters:\n"
128            "  'filename' is a disk image filename\n"
129            "  'objectdef' is a QEMU user creatable object definition. See the qemu(1)\n"
130            "    manual page for a description of the object properties. The most common\n"
131            "    object type is a 'secret', which is used to supply passwords and/or\n"
132            "    encryption keys.\n"
133            "  'fmt' is the disk image format. It is guessed automatically in most cases\n"
134            "  'cache' is the cache mode used to write the output disk image, the valid\n"
135            "    options are: 'none', 'writeback' (default, except for convert), 'writethrough',\n"
136            "    'directsync' and 'unsafe' (default for convert)\n"
137            "  'src_cache' is the cache mode used to read input disk images, the valid\n"
138            "    options are the same as for the 'cache' option\n"
139            "  'size' is the disk image size in bytes. Optional suffixes\n"
140            "    'k' or 'K' (kilobyte, 1024), 'M' (megabyte, 1024k), 'G' (gigabyte, 1024M),\n"
141            "    'T' (terabyte, 1024G), 'P' (petabyte, 1024T) and 'E' (exabyte, 1024P)  are\n"
142            "    supported. 'b' is ignored.\n"
143            "  'output_filename' is the destination disk image filename\n"
144            "  'output_fmt' is the destination format\n"
145            "  'options' is a comma separated list of format specific options in a\n"
146            "    name=value format. Use -o ? for an overview of the options supported by the\n"
147            "    used format\n"
148            "  'snapshot_param' is param used for internal snapshot, format\n"
149            "    is 'snapshot.id=[ID],snapshot.name=[NAME]', or\n"
150            "    '[ID_OR_NAME]'\n"
151            "  '-c' indicates that target image must be compressed (qcow format only)\n"
152            "  '-u' allows unsafe backing chains. For rebasing, it is assumed that old and\n"
153            "       new backing file match exactly. The image doesn't need a working\n"
154            "       backing file before rebasing in this case (useful for renaming the\n"
155            "       backing file). For image creation, allow creating without attempting\n"
156            "       to open the backing file.\n"
157            "  '-h' with or without a command shows this help and lists the supported formats\n"
158            "  '-p' show progress of command (only certain commands)\n"
159            "  '-q' use Quiet mode - do not print any output (except errors)\n"
160            "  '-S' indicates the consecutive number of bytes (defaults to 4k) that must\n"
161            "       contain only zeros for qemu-img to create a sparse image during\n"
162            "       conversion. If the number of bytes is 0, the source will not be scanned for\n"
163            "       unallocated or zero sectors, and the destination image will always be\n"
164            "       fully allocated\n"
165            "  '--output' takes the format in which the output must be done (human or json)\n"
166            "  '-n' skips the target volume creation (useful if the volume is created\n"
167            "       prior to running qemu-img)\n"
168            "\n"
169            "Parameters to check subcommand:\n"
170            "  '-r' tries to repair any inconsistencies that are found during the check.\n"
171            "       '-r leaks' repairs only cluster leaks, whereas '-r all' fixes all\n"
172            "       kinds of errors, with a higher risk of choosing the wrong fix or\n"
173            "       hiding corruption that has already occurred.\n"
174            "\n"
175            "Parameters to convert subcommand:\n"
176            "  '-m' specifies how many coroutines work in parallel during the convert\n"
177            "       process (defaults to 8)\n"
178            "  '-W' allow to write to the target out of order rather than sequential\n"
179            "\n"
180            "Parameters to snapshot subcommand:\n"
181            "  'snapshot' is the name of the snapshot to create, apply or delete\n"
182            "  '-a' applies a snapshot (revert disk to saved state)\n"
183            "  '-c' creates a snapshot\n"
184            "  '-d' deletes a snapshot\n"
185            "  '-l' lists all snapshots in the given image\n"
186            "\n"
187            "Parameters to compare subcommand:\n"
188            "  '-f' first image format\n"
189            "  '-F' second image format\n"
190            "  '-s' run in Strict mode - fail on different image size or sector allocation\n"
191            "\n"
192            "Parameters to dd subcommand:\n"
193            "  'bs=BYTES' read and write up to BYTES bytes at a time "
194            "(default: 512)\n"
195            "  'count=N' copy only N input blocks\n"
196            "  'if=FILE' read from FILE\n"
197            "  'of=FILE' write to FILE\n"
198            "  'skip=N' skip N bs-sized blocks at the start of input\n";
199 
200     printf("%s\nSupported formats:", help_msg);
201     bdrv_iterate_format(format_print, NULL);
202     printf("\n\n" QEMU_HELP_BOTTOM "\n");
203     exit(EXIT_SUCCESS);
204 }
205 
206 static QemuOptsList qemu_object_opts = {
207     .name = "object",
208     .implied_opt_name = "qom-type",
209     .head = QTAILQ_HEAD_INITIALIZER(qemu_object_opts.head),
210     .desc = {
211         { }
212     },
213 };
214 
215 static QemuOptsList qemu_source_opts = {
216     .name = "source",
217     .implied_opt_name = "file",
218     .head = QTAILQ_HEAD_INITIALIZER(qemu_source_opts.head),
219     .desc = {
220         { }
221     },
222 };
223 
224 static int GCC_FMT_ATTR(2, 3) qprintf(bool quiet, const char *fmt, ...)
225 {
226     int ret = 0;
227     if (!quiet) {
228         va_list args;
229         va_start(args, fmt);
230         ret = vprintf(fmt, args);
231         va_end(args);
232     }
233     return ret;
234 }
235 
236 
237 static int print_block_option_help(const char *filename, const char *fmt)
238 {
239     BlockDriver *drv, *proto_drv;
240     QemuOptsList *create_opts = NULL;
241     Error *local_err = NULL;
242 
243     /* Find driver and parse its options */
244     drv = bdrv_find_format(fmt);
245     if (!drv) {
246         error_report("Unknown file format '%s'", fmt);
247         return 1;
248     }
249 
250     if (!drv->create_opts) {
251         error_report("Format driver '%s' does not support image creation", fmt);
252         return 1;
253     }
254 
255     create_opts = qemu_opts_append(create_opts, drv->create_opts);
256     if (filename) {
257         proto_drv = bdrv_find_protocol(filename, true, &local_err);
258         if (!proto_drv) {
259             error_report_err(local_err);
260             qemu_opts_free(create_opts);
261             return 1;
262         }
263         if (!proto_drv->create_opts) {
264             error_report("Protocol driver '%s' does not support image creation",
265                          proto_drv->format_name);
266             qemu_opts_free(create_opts);
267             return 1;
268         }
269         create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
270     }
271 
272     printf("Supported options:\n");
273     qemu_opts_print_help(create_opts, false);
274     qemu_opts_free(create_opts);
275     return 0;
276 }
277 
278 
279 static BlockBackend *img_open_opts(const char *optstr,
280                                    QemuOpts *opts, int flags, bool writethrough,
281                                    bool quiet, bool force_share)
282 {
283     QDict *options;
284     Error *local_err = NULL;
285     BlockBackend *blk;
286     options = qemu_opts_to_qdict(opts, NULL);
287     if (force_share) {
288         if (qdict_haskey(options, BDRV_OPT_FORCE_SHARE)
289             && strcmp(qdict_get_str(options, BDRV_OPT_FORCE_SHARE), "on")) {
290             error_report("--force-share/-U conflicts with image options");
291             qobject_unref(options);
292             return NULL;
293         }
294         qdict_put_str(options, BDRV_OPT_FORCE_SHARE, "on");
295     }
296     blk = blk_new_open(NULL, NULL, options, flags, &local_err);
297     if (!blk) {
298         error_reportf_err(local_err, "Could not open '%s': ", optstr);
299         return NULL;
300     }
301     blk_set_enable_write_cache(blk, !writethrough);
302 
303     return blk;
304 }
305 
306 static BlockBackend *img_open_file(const char *filename,
307                                    QDict *options,
308                                    const char *fmt, int flags,
309                                    bool writethrough, bool quiet,
310                                    bool force_share)
311 {
312     BlockBackend *blk;
313     Error *local_err = NULL;
314 
315     if (!options) {
316         options = qdict_new();
317     }
318     if (fmt) {
319         qdict_put_str(options, "driver", fmt);
320     }
321 
322     if (force_share) {
323         qdict_put_bool(options, BDRV_OPT_FORCE_SHARE, true);
324     }
325     blk = blk_new_open(filename, NULL, options, flags, &local_err);
326     if (!blk) {
327         error_reportf_err(local_err, "Could not open '%s': ", filename);
328         return NULL;
329     }
330     blk_set_enable_write_cache(blk, !writethrough);
331 
332     return blk;
333 }
334 
335 
336 static int img_add_key_secrets(void *opaque,
337                                const char *name, const char *value,
338                                Error **errp)
339 {
340     QDict *options = opaque;
341 
342     if (g_str_has_suffix(name, "key-secret")) {
343         qdict_put_str(options, name, value);
344     }
345 
346     return 0;
347 }
348 
349 
350 static BlockBackend *img_open(bool image_opts,
351                               const char *filename,
352                               const char *fmt, int flags, bool writethrough,
353                               bool quiet, bool force_share)
354 {
355     BlockBackend *blk;
356     if (image_opts) {
357         QemuOpts *opts;
358         if (fmt) {
359             error_report("--image-opts and --format are mutually exclusive");
360             return NULL;
361         }
362         opts = qemu_opts_parse_noisily(qemu_find_opts("source"),
363                                        filename, true);
364         if (!opts) {
365             return NULL;
366         }
367         blk = img_open_opts(filename, opts, flags, writethrough, quiet,
368                             force_share);
369     } else {
370         blk = img_open_file(filename, NULL, fmt, flags, writethrough, quiet,
371                             force_share);
372     }
373     return blk;
374 }
375 
376 
377 static int add_old_style_options(const char *fmt, QemuOpts *opts,
378                                  const char *base_filename,
379                                  const char *base_fmt)
380 {
381     Error *err = NULL;
382 
383     if (base_filename) {
384         qemu_opt_set(opts, BLOCK_OPT_BACKING_FILE, base_filename, &err);
385         if (err) {
386             error_report("Backing file not supported for file format '%s'",
387                          fmt);
388             error_free(err);
389             return -1;
390         }
391     }
392     if (base_fmt) {
393         qemu_opt_set(opts, BLOCK_OPT_BACKING_FMT, base_fmt, &err);
394         if (err) {
395             error_report("Backing file format not supported for file "
396                          "format '%s'", fmt);
397             error_free(err);
398             return -1;
399         }
400     }
401     return 0;
402 }
403 
404 static int64_t cvtnum(const char *s)
405 {
406     int err;
407     uint64_t value;
408 
409     err = qemu_strtosz(s, NULL, &value);
410     if (err < 0) {
411         return err;
412     }
413     if (value > INT64_MAX) {
414         return -ERANGE;
415     }
416     return value;
417 }
418 
419 static int img_create(int argc, char **argv)
420 {
421     int c;
422     uint64_t img_size = -1;
423     const char *fmt = "raw";
424     const char *base_fmt = NULL;
425     const char *filename;
426     const char *base_filename = NULL;
427     char *options = NULL;
428     Error *local_err = NULL;
429     bool quiet = false;
430     int flags = 0;
431 
432     for(;;) {
433         static const struct option long_options[] = {
434             {"help", no_argument, 0, 'h'},
435             {"object", required_argument, 0, OPTION_OBJECT},
436             {0, 0, 0, 0}
437         };
438         c = getopt_long(argc, argv, ":F:b:f:ho:qu",
439                         long_options, NULL);
440         if (c == -1) {
441             break;
442         }
443         switch(c) {
444         case ':':
445             missing_argument(argv[optind - 1]);
446             break;
447         case '?':
448             unrecognized_option(argv[optind - 1]);
449             break;
450         case 'h':
451             help();
452             break;
453         case 'F':
454             base_fmt = optarg;
455             break;
456         case 'b':
457             base_filename = optarg;
458             break;
459         case 'f':
460             fmt = optarg;
461             break;
462         case 'o':
463             if (!is_valid_option_list(optarg)) {
464                 error_report("Invalid option list: %s", optarg);
465                 goto fail;
466             }
467             if (!options) {
468                 options = g_strdup(optarg);
469             } else {
470                 char *old_options = options;
471                 options = g_strdup_printf("%s,%s", options, optarg);
472                 g_free(old_options);
473             }
474             break;
475         case 'q':
476             quiet = true;
477             break;
478         case 'u':
479             flags |= BDRV_O_NO_BACKING;
480             break;
481         case OPTION_OBJECT: {
482             QemuOpts *opts;
483             opts = qemu_opts_parse_noisily(&qemu_object_opts,
484                                            optarg, true);
485             if (!opts) {
486                 goto fail;
487             }
488         }   break;
489         }
490     }
491 
492     /* Get the filename */
493     filename = (optind < argc) ? argv[optind] : NULL;
494     if (options && has_help_option(options)) {
495         g_free(options);
496         return print_block_option_help(filename, fmt);
497     }
498 
499     if (optind >= argc) {
500         error_exit("Expecting image file name");
501     }
502     optind++;
503 
504     if (qemu_opts_foreach(&qemu_object_opts,
505                           user_creatable_add_opts_foreach,
506                           NULL, NULL)) {
507         goto fail;
508     }
509 
510     /* Get image size, if specified */
511     if (optind < argc) {
512         int64_t sval;
513 
514         sval = cvtnum(argv[optind++]);
515         if (sval < 0) {
516             if (sval == -ERANGE) {
517                 error_report("Image size must be less than 8 EiB!");
518             } else {
519                 error_report("Invalid image size specified! You may use k, M, "
520                       "G, T, P or E suffixes for ");
521                 error_report("kilobytes, megabytes, gigabytes, terabytes, "
522                              "petabytes and exabytes.");
523             }
524             goto fail;
525         }
526         img_size = (uint64_t)sval;
527     }
528     if (optind != argc) {
529         error_exit("Unexpected argument: %s", argv[optind]);
530     }
531 
532     bdrv_img_create(filename, fmt, base_filename, base_fmt,
533                     options, img_size, flags, quiet, &local_err);
534     if (local_err) {
535         error_reportf_err(local_err, "%s: ", filename);
536         goto fail;
537     }
538 
539     g_free(options);
540     return 0;
541 
542 fail:
543     g_free(options);
544     return 1;
545 }
546 
547 static void dump_json_image_check(ImageCheck *check, bool quiet)
548 {
549     QString *str;
550     QObject *obj;
551     Visitor *v = qobject_output_visitor_new(&obj);
552 
553     visit_type_ImageCheck(v, NULL, &check, &error_abort);
554     visit_complete(v, &obj);
555     str = qobject_to_json_pretty(obj);
556     assert(str != NULL);
557     qprintf(quiet, "%s\n", qstring_get_str(str));
558     qobject_unref(obj);
559     visit_free(v);
560     qobject_unref(str);
561 }
562 
563 static void dump_human_image_check(ImageCheck *check, bool quiet)
564 {
565     if (!(check->corruptions || check->leaks || check->check_errors)) {
566         qprintf(quiet, "No errors were found on the image.\n");
567     } else {
568         if (check->corruptions) {
569             qprintf(quiet, "\n%" PRId64 " errors were found on the image.\n"
570                     "Data may be corrupted, or further writes to the image "
571                     "may corrupt it.\n",
572                     check->corruptions);
573         }
574 
575         if (check->leaks) {
576             qprintf(quiet,
577                     "\n%" PRId64 " leaked clusters were found on the image.\n"
578                     "This means waste of disk space, but no harm to data.\n",
579                     check->leaks);
580         }
581 
582         if (check->check_errors) {
583             qprintf(quiet,
584                     "\n%" PRId64
585                     " internal errors have occurred during the check.\n",
586                     check->check_errors);
587         }
588     }
589 
590     if (check->total_clusters != 0 && check->allocated_clusters != 0) {
591         qprintf(quiet, "%" PRId64 "/%" PRId64 " = %0.2f%% allocated, "
592                 "%0.2f%% fragmented, %0.2f%% compressed clusters\n",
593                 check->allocated_clusters, check->total_clusters,
594                 check->allocated_clusters * 100.0 / check->total_clusters,
595                 check->fragmented_clusters * 100.0 / check->allocated_clusters,
596                 check->compressed_clusters * 100.0 /
597                 check->allocated_clusters);
598     }
599 
600     if (check->image_end_offset) {
601         qprintf(quiet,
602                 "Image end offset: %" PRId64 "\n", check->image_end_offset);
603     }
604 }
605 
606 static int collect_image_check(BlockDriverState *bs,
607                    ImageCheck *check,
608                    const char *filename,
609                    const char *fmt,
610                    int fix)
611 {
612     int ret;
613     BdrvCheckResult result;
614 
615     ret = bdrv_check(bs, &result, fix);
616     if (ret < 0) {
617         return ret;
618     }
619 
620     check->filename                 = g_strdup(filename);
621     check->format                   = g_strdup(bdrv_get_format_name(bs));
622     check->check_errors             = result.check_errors;
623     check->corruptions              = result.corruptions;
624     check->has_corruptions          = result.corruptions != 0;
625     check->leaks                    = result.leaks;
626     check->has_leaks                = result.leaks != 0;
627     check->corruptions_fixed        = result.corruptions_fixed;
628     check->has_corruptions_fixed    = result.corruptions != 0;
629     check->leaks_fixed              = result.leaks_fixed;
630     check->has_leaks_fixed          = result.leaks != 0;
631     check->image_end_offset         = result.image_end_offset;
632     check->has_image_end_offset     = result.image_end_offset != 0;
633     check->total_clusters           = result.bfi.total_clusters;
634     check->has_total_clusters       = result.bfi.total_clusters != 0;
635     check->allocated_clusters       = result.bfi.allocated_clusters;
636     check->has_allocated_clusters   = result.bfi.allocated_clusters != 0;
637     check->fragmented_clusters      = result.bfi.fragmented_clusters;
638     check->has_fragmented_clusters  = result.bfi.fragmented_clusters != 0;
639     check->compressed_clusters      = result.bfi.compressed_clusters;
640     check->has_compressed_clusters  = result.bfi.compressed_clusters != 0;
641 
642     return 0;
643 }
644 
645 /*
646  * Checks an image for consistency. Exit codes:
647  *
648  *  0 - Check completed, image is good
649  *  1 - Check not completed because of internal errors
650  *  2 - Check completed, image is corrupted
651  *  3 - Check completed, image has leaked clusters, but is good otherwise
652  * 63 - Checks are not supported by the image format
653  */
654 static int img_check(int argc, char **argv)
655 {
656     int c, ret;
657     OutputFormat output_format = OFORMAT_HUMAN;
658     const char *filename, *fmt, *output, *cache;
659     BlockBackend *blk;
660     BlockDriverState *bs;
661     int fix = 0;
662     int flags = BDRV_O_CHECK;
663     bool writethrough;
664     ImageCheck *check;
665     bool quiet = false;
666     bool image_opts = false;
667     bool force_share = false;
668 
669     fmt = NULL;
670     output = NULL;
671     cache = BDRV_DEFAULT_CACHE;
672 
673     for(;;) {
674         int option_index = 0;
675         static const struct option long_options[] = {
676             {"help", no_argument, 0, 'h'},
677             {"format", required_argument, 0, 'f'},
678             {"repair", required_argument, 0, 'r'},
679             {"output", required_argument, 0, OPTION_OUTPUT},
680             {"object", required_argument, 0, OPTION_OBJECT},
681             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
682             {"force-share", no_argument, 0, 'U'},
683             {0, 0, 0, 0}
684         };
685         c = getopt_long(argc, argv, ":hf:r:T:qU",
686                         long_options, &option_index);
687         if (c == -1) {
688             break;
689         }
690         switch(c) {
691         case ':':
692             missing_argument(argv[optind - 1]);
693             break;
694         case '?':
695             unrecognized_option(argv[optind - 1]);
696             break;
697         case 'h':
698             help();
699             break;
700         case 'f':
701             fmt = optarg;
702             break;
703         case 'r':
704             flags |= BDRV_O_RDWR;
705 
706             if (!strcmp(optarg, "leaks")) {
707                 fix = BDRV_FIX_LEAKS;
708             } else if (!strcmp(optarg, "all")) {
709                 fix = BDRV_FIX_LEAKS | BDRV_FIX_ERRORS;
710             } else {
711                 error_exit("Unknown option value for -r "
712                            "(expecting 'leaks' or 'all'): %s", optarg);
713             }
714             break;
715         case OPTION_OUTPUT:
716             output = optarg;
717             break;
718         case 'T':
719             cache = optarg;
720             break;
721         case 'q':
722             quiet = true;
723             break;
724         case 'U':
725             force_share = true;
726             break;
727         case OPTION_OBJECT: {
728             QemuOpts *opts;
729             opts = qemu_opts_parse_noisily(&qemu_object_opts,
730                                            optarg, true);
731             if (!opts) {
732                 return 1;
733             }
734         }   break;
735         case OPTION_IMAGE_OPTS:
736             image_opts = true;
737             break;
738         }
739     }
740     if (optind != argc - 1) {
741         error_exit("Expecting one image file name");
742     }
743     filename = argv[optind++];
744 
745     if (output && !strcmp(output, "json")) {
746         output_format = OFORMAT_JSON;
747     } else if (output && !strcmp(output, "human")) {
748         output_format = OFORMAT_HUMAN;
749     } else if (output) {
750         error_report("--output must be used with human or json as argument.");
751         return 1;
752     }
753 
754     if (qemu_opts_foreach(&qemu_object_opts,
755                           user_creatable_add_opts_foreach,
756                           NULL, NULL)) {
757         return 1;
758     }
759 
760     ret = bdrv_parse_cache_mode(cache, &flags, &writethrough);
761     if (ret < 0) {
762         error_report("Invalid source cache option: %s", cache);
763         return 1;
764     }
765 
766     blk = img_open(image_opts, filename, fmt, flags, writethrough, quiet,
767                    force_share);
768     if (!blk) {
769         return 1;
770     }
771     bs = blk_bs(blk);
772 
773     check = g_new0(ImageCheck, 1);
774     ret = collect_image_check(bs, check, filename, fmt, fix);
775 
776     if (ret == -ENOTSUP) {
777         error_report("This image format does not support checks");
778         ret = 63;
779         goto fail;
780     }
781 
782     if (check->corruptions_fixed || check->leaks_fixed) {
783         int corruptions_fixed, leaks_fixed;
784 
785         leaks_fixed         = check->leaks_fixed;
786         corruptions_fixed   = check->corruptions_fixed;
787 
788         if (output_format == OFORMAT_HUMAN) {
789             qprintf(quiet,
790                     "The following inconsistencies were found and repaired:\n\n"
791                     "    %" PRId64 " leaked clusters\n"
792                     "    %" PRId64 " corruptions\n\n"
793                     "Double checking the fixed image now...\n",
794                     check->leaks_fixed,
795                     check->corruptions_fixed);
796         }
797 
798         ret = collect_image_check(bs, check, filename, fmt, 0);
799 
800         check->leaks_fixed          = leaks_fixed;
801         check->corruptions_fixed    = corruptions_fixed;
802     }
803 
804     if (!ret) {
805         switch (output_format) {
806         case OFORMAT_HUMAN:
807             dump_human_image_check(check, quiet);
808             break;
809         case OFORMAT_JSON:
810             dump_json_image_check(check, quiet);
811             break;
812         }
813     }
814 
815     if (ret || check->check_errors) {
816         if (ret) {
817             error_report("Check failed: %s", strerror(-ret));
818         } else {
819             error_report("Check failed");
820         }
821         ret = 1;
822         goto fail;
823     }
824 
825     if (check->corruptions) {
826         ret = 2;
827     } else if (check->leaks) {
828         ret = 3;
829     } else {
830         ret = 0;
831     }
832 
833 fail:
834     qapi_free_ImageCheck(check);
835     blk_unref(blk);
836     return ret;
837 }
838 
839 typedef struct CommonBlockJobCBInfo {
840     BlockDriverState *bs;
841     Error **errp;
842 } CommonBlockJobCBInfo;
843 
844 static void common_block_job_cb(void *opaque, int ret)
845 {
846     CommonBlockJobCBInfo *cbi = opaque;
847 
848     if (ret < 0) {
849         error_setg_errno(cbi->errp, -ret, "Block job failed");
850     }
851 }
852 
853 static void run_block_job(BlockJob *job, Error **errp)
854 {
855     AioContext *aio_context = blk_get_aio_context(job->blk);
856     int ret = 0;
857 
858     aio_context_acquire(aio_context);
859     job_ref(&job->job);
860     do {
861         float progress = 0.0f;
862         aio_poll(aio_context, true);
863         if (job->job.progress_total) {
864             progress = (float)job->job.progress_current /
865                        job->job.progress_total * 100.f;
866         }
867         qemu_progress_print(progress, 0);
868     } while (!job_is_ready(&job->job) && !job_is_completed(&job->job));
869 
870     if (!job_is_completed(&job->job)) {
871         ret = job_complete_sync(&job->job, errp);
872     } else {
873         ret = job->job.ret;
874     }
875     job_unref(&job->job);
876     aio_context_release(aio_context);
877 
878     /* publish completion progress only when success */
879     if (!ret) {
880         qemu_progress_print(100.f, 0);
881     }
882 }
883 
884 static int img_commit(int argc, char **argv)
885 {
886     int c, ret, flags;
887     const char *filename, *fmt, *cache, *base;
888     BlockBackend *blk;
889     BlockDriverState *bs, *base_bs;
890     BlockJob *job;
891     bool progress = false, quiet = false, drop = false;
892     bool writethrough;
893     Error *local_err = NULL;
894     CommonBlockJobCBInfo cbi;
895     bool image_opts = false;
896     AioContext *aio_context;
897 
898     fmt = NULL;
899     cache = BDRV_DEFAULT_CACHE;
900     base = NULL;
901     for(;;) {
902         static const struct option long_options[] = {
903             {"help", no_argument, 0, 'h'},
904             {"object", required_argument, 0, OPTION_OBJECT},
905             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
906             {0, 0, 0, 0}
907         };
908         c = getopt_long(argc, argv, ":f:ht:b:dpq",
909                         long_options, NULL);
910         if (c == -1) {
911             break;
912         }
913         switch(c) {
914         case ':':
915             missing_argument(argv[optind - 1]);
916             break;
917         case '?':
918             unrecognized_option(argv[optind - 1]);
919             break;
920         case 'h':
921             help();
922             break;
923         case 'f':
924             fmt = optarg;
925             break;
926         case 't':
927             cache = optarg;
928             break;
929         case 'b':
930             base = optarg;
931             /* -b implies -d */
932             drop = true;
933             break;
934         case 'd':
935             drop = true;
936             break;
937         case 'p':
938             progress = true;
939             break;
940         case 'q':
941             quiet = true;
942             break;
943         case OPTION_OBJECT: {
944             QemuOpts *opts;
945             opts = qemu_opts_parse_noisily(&qemu_object_opts,
946                                            optarg, true);
947             if (!opts) {
948                 return 1;
949             }
950         }   break;
951         case OPTION_IMAGE_OPTS:
952             image_opts = true;
953             break;
954         }
955     }
956 
957     /* Progress is not shown in Quiet mode */
958     if (quiet) {
959         progress = false;
960     }
961 
962     if (optind != argc - 1) {
963         error_exit("Expecting one image file name");
964     }
965     filename = argv[optind++];
966 
967     if (qemu_opts_foreach(&qemu_object_opts,
968                           user_creatable_add_opts_foreach,
969                           NULL, NULL)) {
970         return 1;
971     }
972 
973     flags = BDRV_O_RDWR | BDRV_O_UNMAP;
974     ret = bdrv_parse_cache_mode(cache, &flags, &writethrough);
975     if (ret < 0) {
976         error_report("Invalid cache option: %s", cache);
977         return 1;
978     }
979 
980     blk = img_open(image_opts, filename, fmt, flags, writethrough, quiet,
981                    false);
982     if (!blk) {
983         return 1;
984     }
985     bs = blk_bs(blk);
986 
987     qemu_progress_init(progress, 1.f);
988     qemu_progress_print(0.f, 100);
989 
990     if (base) {
991         base_bs = bdrv_find_backing_image(bs, base);
992         if (!base_bs) {
993             error_setg(&local_err,
994                        "Did not find '%s' in the backing chain of '%s'",
995                        base, filename);
996             goto done;
997         }
998     } else {
999         /* This is different from QMP, which by default uses the deepest file in
1000          * the backing chain (i.e., the very base); however, the traditional
1001          * behavior of qemu-img commit is using the immediate backing file. */
1002         base_bs = backing_bs(bs);
1003         if (!base_bs) {
1004             error_setg(&local_err, "Image does not have a backing file");
1005             goto done;
1006         }
1007     }
1008 
1009     cbi = (CommonBlockJobCBInfo){
1010         .errp = &local_err,
1011         .bs   = bs,
1012     };
1013 
1014     aio_context = bdrv_get_aio_context(bs);
1015     aio_context_acquire(aio_context);
1016     commit_active_start("commit", bs, base_bs, JOB_DEFAULT, 0,
1017                         BLOCKDEV_ON_ERROR_REPORT, NULL, common_block_job_cb,
1018                         &cbi, false, &local_err);
1019     aio_context_release(aio_context);
1020     if (local_err) {
1021         goto done;
1022     }
1023 
1024     /* When the block job completes, the BlockBackend reference will point to
1025      * the old backing file. In order to avoid that the top image is already
1026      * deleted, so we can still empty it afterwards, increment the reference
1027      * counter here preemptively. */
1028     if (!drop) {
1029         bdrv_ref(bs);
1030     }
1031 
1032     job = block_job_get("commit");
1033     assert(job);
1034     run_block_job(job, &local_err);
1035     if (local_err) {
1036         goto unref_backing;
1037     }
1038 
1039     if (!drop && bs->drv->bdrv_make_empty) {
1040         ret = bs->drv->bdrv_make_empty(bs);
1041         if (ret) {
1042             error_setg_errno(&local_err, -ret, "Could not empty %s",
1043                              filename);
1044             goto unref_backing;
1045         }
1046     }
1047 
1048 unref_backing:
1049     if (!drop) {
1050         bdrv_unref(bs);
1051     }
1052 
1053 done:
1054     qemu_progress_end();
1055 
1056     blk_unref(blk);
1057 
1058     if (local_err) {
1059         error_report_err(local_err);
1060         return 1;
1061     }
1062 
1063     qprintf(quiet, "Image committed.\n");
1064     return 0;
1065 }
1066 
1067 /*
1068  * Returns -1 if 'buf' contains only zeroes, otherwise the byte index
1069  * of the first sector boundary within buf where the sector contains a
1070  * non-zero byte.  This function is robust to a buffer that is not
1071  * sector-aligned.
1072  */
1073 static int64_t find_nonzero(const uint8_t *buf, int64_t n)
1074 {
1075     int64_t i;
1076     int64_t end = QEMU_ALIGN_DOWN(n, BDRV_SECTOR_SIZE);
1077 
1078     for (i = 0; i < end; i += BDRV_SECTOR_SIZE) {
1079         if (!buffer_is_zero(buf + i, BDRV_SECTOR_SIZE)) {
1080             return i;
1081         }
1082     }
1083     if (i < n && !buffer_is_zero(buf + i, n - end)) {
1084         return i;
1085     }
1086     return -1;
1087 }
1088 
1089 /*
1090  * Returns true iff the first sector pointed to by 'buf' contains at least
1091  * a non-NUL byte.
1092  *
1093  * 'pnum' is set to the number of sectors (including and immediately following
1094  * the first one) that are known to be in the same allocated/unallocated state.
1095  * The function will try to align the end offset to alignment boundaries so
1096  * that the request will at least end aligned and consequtive requests will
1097  * also start at an aligned offset.
1098  */
1099 static int is_allocated_sectors(const uint8_t *buf, int n, int *pnum,
1100                                 int64_t sector_num, int alignment)
1101 {
1102     bool is_zero;
1103     int i, tail;
1104 
1105     if (n <= 0) {
1106         *pnum = 0;
1107         return 0;
1108     }
1109     is_zero = buffer_is_zero(buf, 512);
1110     for(i = 1; i < n; i++) {
1111         buf += 512;
1112         if (is_zero != buffer_is_zero(buf, 512)) {
1113             break;
1114         }
1115     }
1116 
1117     tail = (sector_num + i) & (alignment - 1);
1118     if (tail) {
1119         if (is_zero && i <= tail) {
1120             /* treat unallocated areas which only consist
1121              * of a small tail as allocated. */
1122             is_zero = false;
1123         }
1124         if (!is_zero) {
1125             /* align up end offset of allocated areas. */
1126             i += alignment - tail;
1127             i = MIN(i, n);
1128         } else {
1129             /* align down end offset of zero areas. */
1130             i -= tail;
1131         }
1132     }
1133     *pnum = i;
1134     return !is_zero;
1135 }
1136 
1137 /*
1138  * Like is_allocated_sectors, but if the buffer starts with a used sector,
1139  * up to 'min' consecutive sectors containing zeros are ignored. This avoids
1140  * breaking up write requests for only small sparse areas.
1141  */
1142 static int is_allocated_sectors_min(const uint8_t *buf, int n, int *pnum,
1143     int min, int64_t sector_num, int alignment)
1144 {
1145     int ret;
1146     int num_checked, num_used;
1147 
1148     if (n < min) {
1149         min = n;
1150     }
1151 
1152     ret = is_allocated_sectors(buf, n, pnum, sector_num, alignment);
1153     if (!ret) {
1154         return ret;
1155     }
1156 
1157     num_used = *pnum;
1158     buf += BDRV_SECTOR_SIZE * *pnum;
1159     n -= *pnum;
1160     sector_num += *pnum;
1161     num_checked = num_used;
1162 
1163     while (n > 0) {
1164         ret = is_allocated_sectors(buf, n, pnum, sector_num, alignment);
1165 
1166         buf += BDRV_SECTOR_SIZE * *pnum;
1167         n -= *pnum;
1168         sector_num += *pnum;
1169         num_checked += *pnum;
1170         if (ret) {
1171             num_used = num_checked;
1172         } else if (*pnum >= min) {
1173             break;
1174         }
1175     }
1176 
1177     *pnum = num_used;
1178     return 1;
1179 }
1180 
1181 /*
1182  * Compares two buffers sector by sector. Returns 0 if the first
1183  * sector of each buffer matches, non-zero otherwise.
1184  *
1185  * pnum is set to the sector-aligned size of the buffer prefix that
1186  * has the same matching status as the first sector.
1187  */
1188 static int compare_buffers(const uint8_t *buf1, const uint8_t *buf2,
1189                            int64_t bytes, int64_t *pnum)
1190 {
1191     bool res;
1192     int64_t i = MIN(bytes, BDRV_SECTOR_SIZE);
1193 
1194     assert(bytes > 0);
1195 
1196     res = !!memcmp(buf1, buf2, i);
1197     while (i < bytes) {
1198         int64_t len = MIN(bytes - i, BDRV_SECTOR_SIZE);
1199 
1200         if (!!memcmp(buf1 + i, buf2 + i, len) != res) {
1201             break;
1202         }
1203         i += len;
1204     }
1205 
1206     *pnum = i;
1207     return res;
1208 }
1209 
1210 #define IO_BUF_SIZE (2 * 1024 * 1024)
1211 
1212 /*
1213  * Check if passed sectors are empty (not allocated or contain only 0 bytes)
1214  *
1215  * Intended for use by 'qemu-img compare': Returns 0 in case sectors are
1216  * filled with 0, 1 if sectors contain non-zero data (this is a comparison
1217  * failure), and 4 on error (the exit status for read errors), after emitting
1218  * an error message.
1219  *
1220  * @param blk:  BlockBackend for the image
1221  * @param offset: Starting offset to check
1222  * @param bytes: Number of bytes to check
1223  * @param filename: Name of disk file we are checking (logging purpose)
1224  * @param buffer: Allocated buffer for storing read data
1225  * @param quiet: Flag for quiet mode
1226  */
1227 static int check_empty_sectors(BlockBackend *blk, int64_t offset,
1228                                int64_t bytes, const char *filename,
1229                                uint8_t *buffer, bool quiet)
1230 {
1231     int ret = 0;
1232     int64_t idx;
1233 
1234     ret = blk_pread(blk, offset, buffer, bytes);
1235     if (ret < 0) {
1236         error_report("Error while reading offset %" PRId64 " of %s: %s",
1237                      offset, filename, strerror(-ret));
1238         return 4;
1239     }
1240     idx = find_nonzero(buffer, bytes);
1241     if (idx >= 0) {
1242         qprintf(quiet, "Content mismatch at offset %" PRId64 "!\n",
1243                 offset + idx);
1244         return 1;
1245     }
1246 
1247     return 0;
1248 }
1249 
1250 /*
1251  * Compares two images. Exit codes:
1252  *
1253  * 0 - Images are identical
1254  * 1 - Images differ
1255  * >1 - Error occurred
1256  */
1257 static int img_compare(int argc, char **argv)
1258 {
1259     const char *fmt1 = NULL, *fmt2 = NULL, *cache, *filename1, *filename2;
1260     BlockBackend *blk1, *blk2;
1261     BlockDriverState *bs1, *bs2;
1262     int64_t total_size1, total_size2;
1263     uint8_t *buf1 = NULL, *buf2 = NULL;
1264     int64_t pnum1, pnum2;
1265     int allocated1, allocated2;
1266     int ret = 0; /* return value - 0 Ident, 1 Different, >1 Error */
1267     bool progress = false, quiet = false, strict = false;
1268     int flags;
1269     bool writethrough;
1270     int64_t total_size;
1271     int64_t offset = 0;
1272     int64_t chunk;
1273     int c;
1274     uint64_t progress_base;
1275     bool image_opts = false;
1276     bool force_share = false;
1277 
1278     cache = BDRV_DEFAULT_CACHE;
1279     for (;;) {
1280         static const struct option long_options[] = {
1281             {"help", no_argument, 0, 'h'},
1282             {"object", required_argument, 0, OPTION_OBJECT},
1283             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
1284             {"force-share", no_argument, 0, 'U'},
1285             {0, 0, 0, 0}
1286         };
1287         c = getopt_long(argc, argv, ":hf:F:T:pqsU",
1288                         long_options, NULL);
1289         if (c == -1) {
1290             break;
1291         }
1292         switch (c) {
1293         case ':':
1294             missing_argument(argv[optind - 1]);
1295             break;
1296         case '?':
1297             unrecognized_option(argv[optind - 1]);
1298             break;
1299         case 'h':
1300             help();
1301             break;
1302         case 'f':
1303             fmt1 = optarg;
1304             break;
1305         case 'F':
1306             fmt2 = optarg;
1307             break;
1308         case 'T':
1309             cache = optarg;
1310             break;
1311         case 'p':
1312             progress = true;
1313             break;
1314         case 'q':
1315             quiet = true;
1316             break;
1317         case 's':
1318             strict = true;
1319             break;
1320         case 'U':
1321             force_share = true;
1322             break;
1323         case OPTION_OBJECT: {
1324             QemuOpts *opts;
1325             opts = qemu_opts_parse_noisily(&qemu_object_opts,
1326                                            optarg, true);
1327             if (!opts) {
1328                 ret = 2;
1329                 goto out4;
1330             }
1331         }   break;
1332         case OPTION_IMAGE_OPTS:
1333             image_opts = true;
1334             break;
1335         }
1336     }
1337 
1338     /* Progress is not shown in Quiet mode */
1339     if (quiet) {
1340         progress = false;
1341     }
1342 
1343 
1344     if (optind != argc - 2) {
1345         error_exit("Expecting two image file names");
1346     }
1347     filename1 = argv[optind++];
1348     filename2 = argv[optind++];
1349 
1350     if (qemu_opts_foreach(&qemu_object_opts,
1351                           user_creatable_add_opts_foreach,
1352                           NULL, NULL)) {
1353         ret = 2;
1354         goto out4;
1355     }
1356 
1357     /* Initialize before goto out */
1358     qemu_progress_init(progress, 2.0);
1359 
1360     flags = 0;
1361     ret = bdrv_parse_cache_mode(cache, &flags, &writethrough);
1362     if (ret < 0) {
1363         error_report("Invalid source cache option: %s", cache);
1364         ret = 2;
1365         goto out3;
1366     }
1367 
1368     blk1 = img_open(image_opts, filename1, fmt1, flags, writethrough, quiet,
1369                     force_share);
1370     if (!blk1) {
1371         ret = 2;
1372         goto out3;
1373     }
1374 
1375     blk2 = img_open(image_opts, filename2, fmt2, flags, writethrough, quiet,
1376                     force_share);
1377     if (!blk2) {
1378         ret = 2;
1379         goto out2;
1380     }
1381     bs1 = blk_bs(blk1);
1382     bs2 = blk_bs(blk2);
1383 
1384     buf1 = blk_blockalign(blk1, IO_BUF_SIZE);
1385     buf2 = blk_blockalign(blk2, IO_BUF_SIZE);
1386     total_size1 = blk_getlength(blk1);
1387     if (total_size1 < 0) {
1388         error_report("Can't get size of %s: %s",
1389                      filename1, strerror(-total_size1));
1390         ret = 4;
1391         goto out;
1392     }
1393     total_size2 = blk_getlength(blk2);
1394     if (total_size2 < 0) {
1395         error_report("Can't get size of %s: %s",
1396                      filename2, strerror(-total_size2));
1397         ret = 4;
1398         goto out;
1399     }
1400     total_size = MIN(total_size1, total_size2);
1401     progress_base = MAX(total_size1, total_size2);
1402 
1403     qemu_progress_print(0, 100);
1404 
1405     if (strict && total_size1 != total_size2) {
1406         ret = 1;
1407         qprintf(quiet, "Strict mode: Image size mismatch!\n");
1408         goto out;
1409     }
1410 
1411     while (offset < total_size) {
1412         int status1, status2;
1413 
1414         status1 = bdrv_block_status_above(bs1, NULL, offset,
1415                                           total_size1 - offset, &pnum1, NULL,
1416                                           NULL);
1417         if (status1 < 0) {
1418             ret = 3;
1419             error_report("Sector allocation test failed for %s", filename1);
1420             goto out;
1421         }
1422         allocated1 = status1 & BDRV_BLOCK_ALLOCATED;
1423 
1424         status2 = bdrv_block_status_above(bs2, NULL, offset,
1425                                           total_size2 - offset, &pnum2, NULL,
1426                                           NULL);
1427         if (status2 < 0) {
1428             ret = 3;
1429             error_report("Sector allocation test failed for %s", filename2);
1430             goto out;
1431         }
1432         allocated2 = status2 & BDRV_BLOCK_ALLOCATED;
1433 
1434         assert(pnum1 && pnum2);
1435         chunk = MIN(pnum1, pnum2);
1436 
1437         if (strict) {
1438             if (status1 != status2) {
1439                 ret = 1;
1440                 qprintf(quiet, "Strict mode: Offset %" PRId64
1441                         " block status mismatch!\n", offset);
1442                 goto out;
1443             }
1444         }
1445         if ((status1 & BDRV_BLOCK_ZERO) && (status2 & BDRV_BLOCK_ZERO)) {
1446             /* nothing to do */
1447         } else if (allocated1 == allocated2) {
1448             if (allocated1) {
1449                 int64_t pnum;
1450 
1451                 chunk = MIN(chunk, IO_BUF_SIZE);
1452                 ret = blk_pread(blk1, offset, buf1, chunk);
1453                 if (ret < 0) {
1454                     error_report("Error while reading offset %" PRId64
1455                                  " of %s: %s",
1456                                  offset, filename1, strerror(-ret));
1457                     ret = 4;
1458                     goto out;
1459                 }
1460                 ret = blk_pread(blk2, offset, buf2, chunk);
1461                 if (ret < 0) {
1462                     error_report("Error while reading offset %" PRId64
1463                                  " of %s: %s",
1464                                  offset, filename2, strerror(-ret));
1465                     ret = 4;
1466                     goto out;
1467                 }
1468                 ret = compare_buffers(buf1, buf2, chunk, &pnum);
1469                 if (ret || pnum != chunk) {
1470                     qprintf(quiet, "Content mismatch at offset %" PRId64 "!\n",
1471                             offset + (ret ? 0 : pnum));
1472                     ret = 1;
1473                     goto out;
1474                 }
1475             }
1476         } else {
1477             chunk = MIN(chunk, IO_BUF_SIZE);
1478             if (allocated1) {
1479                 ret = check_empty_sectors(blk1, offset, chunk,
1480                                           filename1, buf1, quiet);
1481             } else {
1482                 ret = check_empty_sectors(blk2, offset, chunk,
1483                                           filename2, buf1, quiet);
1484             }
1485             if (ret) {
1486                 goto out;
1487             }
1488         }
1489         offset += chunk;
1490         qemu_progress_print(((float) chunk / progress_base) * 100, 100);
1491     }
1492 
1493     if (total_size1 != total_size2) {
1494         BlockBackend *blk_over;
1495         const char *filename_over;
1496 
1497         qprintf(quiet, "Warning: Image size mismatch!\n");
1498         if (total_size1 > total_size2) {
1499             blk_over = blk1;
1500             filename_over = filename1;
1501         } else {
1502             blk_over = blk2;
1503             filename_over = filename2;
1504         }
1505 
1506         while (offset < progress_base) {
1507             ret = bdrv_block_status_above(blk_bs(blk_over), NULL, offset,
1508                                           progress_base - offset, &chunk,
1509                                           NULL, NULL);
1510             if (ret < 0) {
1511                 ret = 3;
1512                 error_report("Sector allocation test failed for %s",
1513                              filename_over);
1514                 goto out;
1515 
1516             }
1517             if (ret & BDRV_BLOCK_ALLOCATED && !(ret & BDRV_BLOCK_ZERO)) {
1518                 chunk = MIN(chunk, IO_BUF_SIZE);
1519                 ret = check_empty_sectors(blk_over, offset, chunk,
1520                                           filename_over, buf1, quiet);
1521                 if (ret) {
1522                     goto out;
1523                 }
1524             }
1525             offset += chunk;
1526             qemu_progress_print(((float) chunk / progress_base) * 100, 100);
1527         }
1528     }
1529 
1530     qprintf(quiet, "Images are identical.\n");
1531     ret = 0;
1532 
1533 out:
1534     qemu_vfree(buf1);
1535     qemu_vfree(buf2);
1536     blk_unref(blk2);
1537 out2:
1538     blk_unref(blk1);
1539 out3:
1540     qemu_progress_end();
1541 out4:
1542     return ret;
1543 }
1544 
1545 enum ImgConvertBlockStatus {
1546     BLK_DATA,
1547     BLK_ZERO,
1548     BLK_BACKING_FILE,
1549 };
1550 
1551 #define MAX_COROUTINES 16
1552 
1553 typedef struct ImgConvertState {
1554     BlockBackend **src;
1555     int64_t *src_sectors;
1556     int src_num;
1557     int64_t total_sectors;
1558     int64_t allocated_sectors;
1559     int64_t allocated_done;
1560     int64_t sector_num;
1561     int64_t wr_offs;
1562     enum ImgConvertBlockStatus status;
1563     int64_t sector_next_status;
1564     BlockBackend *target;
1565     bool has_zero_init;
1566     bool compressed;
1567     bool unallocated_blocks_are_zero;
1568     bool target_has_backing;
1569     int64_t target_backing_sectors; /* negative if unknown */
1570     bool wr_in_order;
1571     bool copy_range;
1572     int min_sparse;
1573     int alignment;
1574     size_t cluster_sectors;
1575     size_t buf_sectors;
1576     long num_coroutines;
1577     int running_coroutines;
1578     Coroutine *co[MAX_COROUTINES];
1579     int64_t wait_sector_num[MAX_COROUTINES];
1580     CoMutex lock;
1581     int ret;
1582 } ImgConvertState;
1583 
1584 static void convert_select_part(ImgConvertState *s, int64_t sector_num,
1585                                 int *src_cur, int64_t *src_cur_offset)
1586 {
1587     *src_cur = 0;
1588     *src_cur_offset = 0;
1589     while (sector_num - *src_cur_offset >= s->src_sectors[*src_cur]) {
1590         *src_cur_offset += s->src_sectors[*src_cur];
1591         (*src_cur)++;
1592         assert(*src_cur < s->src_num);
1593     }
1594 }
1595 
1596 static int convert_iteration_sectors(ImgConvertState *s, int64_t sector_num)
1597 {
1598     int64_t src_cur_offset;
1599     int ret, n, src_cur;
1600     bool post_backing_zero = false;
1601 
1602     convert_select_part(s, sector_num, &src_cur, &src_cur_offset);
1603 
1604     assert(s->total_sectors > sector_num);
1605     n = MIN(s->total_sectors - sector_num, BDRV_REQUEST_MAX_SECTORS);
1606 
1607     if (s->target_backing_sectors >= 0) {
1608         if (sector_num >= s->target_backing_sectors) {
1609             post_backing_zero = s->unallocated_blocks_are_zero;
1610         } else if (sector_num + n > s->target_backing_sectors) {
1611             /* Split requests around target_backing_sectors (because
1612              * starting from there, zeros are handled differently) */
1613             n = s->target_backing_sectors - sector_num;
1614         }
1615     }
1616 
1617     if (s->sector_next_status <= sector_num) {
1618         int64_t count = n * BDRV_SECTOR_SIZE;
1619 
1620         if (s->target_has_backing) {
1621 
1622             ret = bdrv_block_status(blk_bs(s->src[src_cur]),
1623                                     (sector_num - src_cur_offset) *
1624                                     BDRV_SECTOR_SIZE,
1625                                     count, &count, NULL, NULL);
1626         } else {
1627             ret = bdrv_block_status_above(blk_bs(s->src[src_cur]), NULL,
1628                                           (sector_num - src_cur_offset) *
1629                                           BDRV_SECTOR_SIZE,
1630                                           count, &count, NULL, NULL);
1631         }
1632         if (ret < 0) {
1633             return ret;
1634         }
1635         n = DIV_ROUND_UP(count, BDRV_SECTOR_SIZE);
1636 
1637         if (ret & BDRV_BLOCK_ZERO) {
1638             s->status = post_backing_zero ? BLK_BACKING_FILE : BLK_ZERO;
1639         } else if (ret & BDRV_BLOCK_DATA) {
1640             s->status = BLK_DATA;
1641         } else {
1642             s->status = s->target_has_backing ? BLK_BACKING_FILE : BLK_DATA;
1643         }
1644 
1645         s->sector_next_status = sector_num + n;
1646     }
1647 
1648     n = MIN(n, s->sector_next_status - sector_num);
1649     if (s->status == BLK_DATA) {
1650         n = MIN(n, s->buf_sectors);
1651     }
1652 
1653     /* We need to write complete clusters for compressed images, so if an
1654      * unallocated area is shorter than that, we must consider the whole
1655      * cluster allocated. */
1656     if (s->compressed) {
1657         if (n < s->cluster_sectors) {
1658             n = MIN(s->cluster_sectors, s->total_sectors - sector_num);
1659             s->status = BLK_DATA;
1660         } else {
1661             n = QEMU_ALIGN_DOWN(n, s->cluster_sectors);
1662         }
1663     }
1664 
1665     return n;
1666 }
1667 
1668 static int coroutine_fn convert_co_read(ImgConvertState *s, int64_t sector_num,
1669                                         int nb_sectors, uint8_t *buf)
1670 {
1671     int n, ret;
1672     QEMUIOVector qiov;
1673     struct iovec iov;
1674 
1675     assert(nb_sectors <= s->buf_sectors);
1676     while (nb_sectors > 0) {
1677         BlockBackend *blk;
1678         int src_cur;
1679         int64_t bs_sectors, src_cur_offset;
1680 
1681         /* In the case of compression with multiple source files, we can get a
1682          * nb_sectors that spreads into the next part. So we must be able to
1683          * read across multiple BDSes for one convert_read() call. */
1684         convert_select_part(s, sector_num, &src_cur, &src_cur_offset);
1685         blk = s->src[src_cur];
1686         bs_sectors = s->src_sectors[src_cur];
1687 
1688         n = MIN(nb_sectors, bs_sectors - (sector_num - src_cur_offset));
1689         iov.iov_base = buf;
1690         iov.iov_len = n << BDRV_SECTOR_BITS;
1691         qemu_iovec_init_external(&qiov, &iov, 1);
1692 
1693         ret = blk_co_preadv(
1694                 blk, (sector_num - src_cur_offset) << BDRV_SECTOR_BITS,
1695                 n << BDRV_SECTOR_BITS, &qiov, 0);
1696         if (ret < 0) {
1697             return ret;
1698         }
1699 
1700         sector_num += n;
1701         nb_sectors -= n;
1702         buf += n * BDRV_SECTOR_SIZE;
1703     }
1704 
1705     return 0;
1706 }
1707 
1708 
1709 static int coroutine_fn convert_co_write(ImgConvertState *s, int64_t sector_num,
1710                                          int nb_sectors, uint8_t *buf,
1711                                          enum ImgConvertBlockStatus status)
1712 {
1713     int ret;
1714     QEMUIOVector qiov;
1715     struct iovec iov;
1716 
1717     while (nb_sectors > 0) {
1718         int n = nb_sectors;
1719         BdrvRequestFlags flags = s->compressed ? BDRV_REQ_WRITE_COMPRESSED : 0;
1720 
1721         switch (status) {
1722         case BLK_BACKING_FILE:
1723             /* If we have a backing file, leave clusters unallocated that are
1724              * unallocated in the source image, so that the backing file is
1725              * visible at the respective offset. */
1726             assert(s->target_has_backing);
1727             break;
1728 
1729         case BLK_DATA:
1730             /* If we're told to keep the target fully allocated (-S 0) or there
1731              * is real non-zero data, we must write it. Otherwise we can treat
1732              * it as zero sectors.
1733              * Compressed clusters need to be written as a whole, so in that
1734              * case we can only save the write if the buffer is completely
1735              * zeroed. */
1736             if (!s->min_sparse ||
1737                 (!s->compressed &&
1738                  is_allocated_sectors_min(buf, n, &n, s->min_sparse,
1739                                           sector_num, s->alignment)) ||
1740                 (s->compressed &&
1741                  !buffer_is_zero(buf, n * BDRV_SECTOR_SIZE)))
1742             {
1743                 iov.iov_base = buf;
1744                 iov.iov_len = n << BDRV_SECTOR_BITS;
1745                 qemu_iovec_init_external(&qiov, &iov, 1);
1746 
1747                 ret = blk_co_pwritev(s->target, sector_num << BDRV_SECTOR_BITS,
1748                                      n << BDRV_SECTOR_BITS, &qiov, flags);
1749                 if (ret < 0) {
1750                     return ret;
1751                 }
1752                 break;
1753             }
1754             /* fall-through */
1755 
1756         case BLK_ZERO:
1757             if (s->has_zero_init) {
1758                 assert(!s->target_has_backing);
1759                 break;
1760             }
1761             ret = blk_co_pwrite_zeroes(s->target,
1762                                        sector_num << BDRV_SECTOR_BITS,
1763                                        n << BDRV_SECTOR_BITS, 0);
1764             if (ret < 0) {
1765                 return ret;
1766             }
1767             break;
1768         }
1769 
1770         sector_num += n;
1771         nb_sectors -= n;
1772         buf += n * BDRV_SECTOR_SIZE;
1773     }
1774 
1775     return 0;
1776 }
1777 
1778 static int coroutine_fn convert_co_copy_range(ImgConvertState *s, int64_t sector_num,
1779                                               int nb_sectors)
1780 {
1781     int n, ret;
1782 
1783     while (nb_sectors > 0) {
1784         BlockBackend *blk;
1785         int src_cur;
1786         int64_t bs_sectors, src_cur_offset;
1787         int64_t offset;
1788 
1789         convert_select_part(s, sector_num, &src_cur, &src_cur_offset);
1790         offset = (sector_num - src_cur_offset) << BDRV_SECTOR_BITS;
1791         blk = s->src[src_cur];
1792         bs_sectors = s->src_sectors[src_cur];
1793 
1794         n = MIN(nb_sectors, bs_sectors - (sector_num - src_cur_offset));
1795 
1796         ret = blk_co_copy_range(blk, offset, s->target,
1797                                 sector_num << BDRV_SECTOR_BITS,
1798                                 n << BDRV_SECTOR_BITS, 0, 0);
1799         if (ret < 0) {
1800             return ret;
1801         }
1802 
1803         sector_num += n;
1804         nb_sectors -= n;
1805     }
1806     return 0;
1807 }
1808 
1809 static void coroutine_fn convert_co_do_copy(void *opaque)
1810 {
1811     ImgConvertState *s = opaque;
1812     uint8_t *buf = NULL;
1813     int ret, i;
1814     int index = -1;
1815 
1816     for (i = 0; i < s->num_coroutines; i++) {
1817         if (s->co[i] == qemu_coroutine_self()) {
1818             index = i;
1819             break;
1820         }
1821     }
1822     assert(index >= 0);
1823 
1824     s->running_coroutines++;
1825     buf = blk_blockalign(s->target, s->buf_sectors * BDRV_SECTOR_SIZE);
1826 
1827     while (1) {
1828         int n;
1829         int64_t sector_num;
1830         enum ImgConvertBlockStatus status;
1831         bool copy_range;
1832 
1833         qemu_co_mutex_lock(&s->lock);
1834         if (s->ret != -EINPROGRESS || s->sector_num >= s->total_sectors) {
1835             qemu_co_mutex_unlock(&s->lock);
1836             break;
1837         }
1838         n = convert_iteration_sectors(s, s->sector_num);
1839         if (n < 0) {
1840             qemu_co_mutex_unlock(&s->lock);
1841             s->ret = n;
1842             break;
1843         }
1844         /* save current sector and allocation status to local variables */
1845         sector_num = s->sector_num;
1846         status = s->status;
1847         if (!s->min_sparse && s->status == BLK_ZERO) {
1848             n = MIN(n, s->buf_sectors);
1849         }
1850         /* increment global sector counter so that other coroutines can
1851          * already continue reading beyond this request */
1852         s->sector_num += n;
1853         qemu_co_mutex_unlock(&s->lock);
1854 
1855         if (status == BLK_DATA || (!s->min_sparse && status == BLK_ZERO)) {
1856             s->allocated_done += n;
1857             qemu_progress_print(100.0 * s->allocated_done /
1858                                         s->allocated_sectors, 0);
1859         }
1860 
1861 retry:
1862         copy_range = s->copy_range && s->status == BLK_DATA;
1863         if (status == BLK_DATA && !copy_range) {
1864             ret = convert_co_read(s, sector_num, n, buf);
1865             if (ret < 0) {
1866                 error_report("error while reading sector %" PRId64
1867                              ": %s", sector_num, strerror(-ret));
1868                 s->ret = ret;
1869             }
1870         } else if (!s->min_sparse && status == BLK_ZERO) {
1871             status = BLK_DATA;
1872             memset(buf, 0x00, n * BDRV_SECTOR_SIZE);
1873         }
1874 
1875         if (s->wr_in_order) {
1876             /* keep writes in order */
1877             while (s->wr_offs != sector_num && s->ret == -EINPROGRESS) {
1878                 s->wait_sector_num[index] = sector_num;
1879                 qemu_coroutine_yield();
1880             }
1881             s->wait_sector_num[index] = -1;
1882         }
1883 
1884         if (s->ret == -EINPROGRESS) {
1885             if (copy_range) {
1886                 ret = convert_co_copy_range(s, sector_num, n);
1887                 if (ret) {
1888                     s->copy_range = false;
1889                     goto retry;
1890                 }
1891             } else {
1892                 ret = convert_co_write(s, sector_num, n, buf, status);
1893             }
1894             if (ret < 0) {
1895                 error_report("error while writing sector %" PRId64
1896                              ": %s", sector_num, strerror(-ret));
1897                 s->ret = ret;
1898             }
1899         }
1900 
1901         if (s->wr_in_order) {
1902             /* reenter the coroutine that might have waited
1903              * for this write to complete */
1904             s->wr_offs = sector_num + n;
1905             for (i = 0; i < s->num_coroutines; i++) {
1906                 if (s->co[i] && s->wait_sector_num[i] == s->wr_offs) {
1907                     /*
1908                      * A -> B -> A cannot occur because A has
1909                      * s->wait_sector_num[i] == -1 during A -> B.  Therefore
1910                      * B will never enter A during this time window.
1911                      */
1912                     qemu_coroutine_enter(s->co[i]);
1913                     break;
1914                 }
1915             }
1916         }
1917     }
1918 
1919     qemu_vfree(buf);
1920     s->co[index] = NULL;
1921     s->running_coroutines--;
1922     if (!s->running_coroutines && s->ret == -EINPROGRESS) {
1923         /* the convert job finished successfully */
1924         s->ret = 0;
1925     }
1926 }
1927 
1928 static int convert_do_copy(ImgConvertState *s)
1929 {
1930     int ret, i, n;
1931     int64_t sector_num = 0;
1932 
1933     /* Check whether we have zero initialisation or can get it efficiently */
1934     s->has_zero_init = s->min_sparse && !s->target_has_backing
1935                      ? bdrv_has_zero_init(blk_bs(s->target))
1936                      : false;
1937 
1938     if (!s->has_zero_init && !s->target_has_backing &&
1939         bdrv_can_write_zeroes_with_unmap(blk_bs(s->target)))
1940     {
1941         ret = blk_make_zero(s->target, BDRV_REQ_MAY_UNMAP);
1942         if (ret == 0) {
1943             s->has_zero_init = true;
1944         }
1945     }
1946 
1947     /* Allocate buffer for copied data. For compressed images, only one cluster
1948      * can be copied at a time. */
1949     if (s->compressed) {
1950         if (s->cluster_sectors <= 0 || s->cluster_sectors > s->buf_sectors) {
1951             error_report("invalid cluster size");
1952             return -EINVAL;
1953         }
1954         s->buf_sectors = s->cluster_sectors;
1955     }
1956 
1957     while (sector_num < s->total_sectors) {
1958         n = convert_iteration_sectors(s, sector_num);
1959         if (n < 0) {
1960             return n;
1961         }
1962         if (s->status == BLK_DATA || (!s->min_sparse && s->status == BLK_ZERO))
1963         {
1964             s->allocated_sectors += n;
1965         }
1966         sector_num += n;
1967     }
1968 
1969     /* Do the copy */
1970     s->sector_next_status = 0;
1971     s->ret = -EINPROGRESS;
1972 
1973     qemu_co_mutex_init(&s->lock);
1974     for (i = 0; i < s->num_coroutines; i++) {
1975         s->co[i] = qemu_coroutine_create(convert_co_do_copy, s);
1976         s->wait_sector_num[i] = -1;
1977         qemu_coroutine_enter(s->co[i]);
1978     }
1979 
1980     while (s->running_coroutines) {
1981         main_loop_wait(false);
1982     }
1983 
1984     if (s->compressed && !s->ret) {
1985         /* signal EOF to align */
1986         ret = blk_pwrite_compressed(s->target, 0, NULL, 0);
1987         if (ret < 0) {
1988             return ret;
1989         }
1990     }
1991 
1992     return s->ret;
1993 }
1994 
1995 #define MAX_BUF_SECTORS 32768
1996 
1997 static int img_convert(int argc, char **argv)
1998 {
1999     int c, bs_i, flags, src_flags = 0;
2000     const char *fmt = NULL, *out_fmt = NULL, *cache = "unsafe",
2001                *src_cache = BDRV_DEFAULT_CACHE, *out_baseimg = NULL,
2002                *out_filename, *out_baseimg_param, *snapshot_name = NULL;
2003     BlockDriver *drv = NULL, *proto_drv = NULL;
2004     BlockDriverInfo bdi;
2005     BlockDriverState *out_bs;
2006     QemuOpts *opts = NULL, *sn_opts = NULL;
2007     QemuOptsList *create_opts = NULL;
2008     QDict *open_opts = NULL;
2009     char *options = NULL;
2010     Error *local_err = NULL;
2011     bool writethrough, src_writethrough, quiet = false, image_opts = false,
2012          skip_create = false, progress = false, tgt_image_opts = false;
2013     int64_t ret = -EINVAL;
2014     bool force_share = false;
2015     bool explict_min_sparse = false;
2016 
2017     ImgConvertState s = (ImgConvertState) {
2018         /* Need at least 4k of zeros for sparse detection */
2019         .min_sparse         = 8,
2020         .copy_range         = false,
2021         .buf_sectors        = IO_BUF_SIZE / BDRV_SECTOR_SIZE,
2022         .wr_in_order        = true,
2023         .num_coroutines     = 8,
2024     };
2025 
2026     for(;;) {
2027         static const struct option long_options[] = {
2028             {"help", no_argument, 0, 'h'},
2029             {"object", required_argument, 0, OPTION_OBJECT},
2030             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
2031             {"force-share", no_argument, 0, 'U'},
2032             {"target-image-opts", no_argument, 0, OPTION_TARGET_IMAGE_OPTS},
2033             {0, 0, 0, 0}
2034         };
2035         c = getopt_long(argc, argv, ":hf:O:B:Cco:l:S:pt:T:qnm:WU",
2036                         long_options, NULL);
2037         if (c == -1) {
2038             break;
2039         }
2040         switch(c) {
2041         case ':':
2042             missing_argument(argv[optind - 1]);
2043             break;
2044         case '?':
2045             unrecognized_option(argv[optind - 1]);
2046             break;
2047         case 'h':
2048             help();
2049             break;
2050         case 'f':
2051             fmt = optarg;
2052             break;
2053         case 'O':
2054             out_fmt = optarg;
2055             break;
2056         case 'B':
2057             out_baseimg = optarg;
2058             break;
2059         case 'C':
2060             s.copy_range = true;
2061             break;
2062         case 'c':
2063             s.compressed = true;
2064             break;
2065         case 'o':
2066             if (!is_valid_option_list(optarg)) {
2067                 error_report("Invalid option list: %s", optarg);
2068                 goto fail_getopt;
2069             }
2070             if (!options) {
2071                 options = g_strdup(optarg);
2072             } else {
2073                 char *old_options = options;
2074                 options = g_strdup_printf("%s,%s", options, optarg);
2075                 g_free(old_options);
2076             }
2077             break;
2078         case 'l':
2079             if (strstart(optarg, SNAPSHOT_OPT_BASE, NULL)) {
2080                 sn_opts = qemu_opts_parse_noisily(&internal_snapshot_opts,
2081                                                   optarg, false);
2082                 if (!sn_opts) {
2083                     error_report("Failed in parsing snapshot param '%s'",
2084                                  optarg);
2085                     goto fail_getopt;
2086                 }
2087             } else {
2088                 snapshot_name = optarg;
2089             }
2090             break;
2091         case 'S':
2092         {
2093             int64_t sval;
2094 
2095             sval = cvtnum(optarg);
2096             if (sval < 0 || sval & (BDRV_SECTOR_SIZE - 1) ||
2097                 sval / BDRV_SECTOR_SIZE > MAX_BUF_SECTORS) {
2098                 error_report("Invalid buffer size for sparse output specified. "
2099                     "Valid sizes are multiples of %llu up to %llu. Select "
2100                     "0 to disable sparse detection (fully allocates output).",
2101                     BDRV_SECTOR_SIZE, MAX_BUF_SECTORS * BDRV_SECTOR_SIZE);
2102                 goto fail_getopt;
2103             }
2104 
2105             s.min_sparse = sval / BDRV_SECTOR_SIZE;
2106             explict_min_sparse = true;
2107             break;
2108         }
2109         case 'p':
2110             progress = true;
2111             break;
2112         case 't':
2113             cache = optarg;
2114             break;
2115         case 'T':
2116             src_cache = optarg;
2117             break;
2118         case 'q':
2119             quiet = true;
2120             break;
2121         case 'n':
2122             skip_create = true;
2123             break;
2124         case 'm':
2125             if (qemu_strtol(optarg, NULL, 0, &s.num_coroutines) ||
2126                 s.num_coroutines < 1 || s.num_coroutines > MAX_COROUTINES) {
2127                 error_report("Invalid number of coroutines. Allowed number of"
2128                              " coroutines is between 1 and %d", MAX_COROUTINES);
2129                 goto fail_getopt;
2130             }
2131             break;
2132         case 'W':
2133             s.wr_in_order = false;
2134             break;
2135         case 'U':
2136             force_share = true;
2137             break;
2138         case OPTION_OBJECT: {
2139             QemuOpts *object_opts;
2140             object_opts = qemu_opts_parse_noisily(&qemu_object_opts,
2141                                                   optarg, true);
2142             if (!object_opts) {
2143                 goto fail_getopt;
2144             }
2145             break;
2146         }
2147         case OPTION_IMAGE_OPTS:
2148             image_opts = true;
2149             break;
2150         case OPTION_TARGET_IMAGE_OPTS:
2151             tgt_image_opts = true;
2152             break;
2153         }
2154     }
2155 
2156     if (!out_fmt && !tgt_image_opts) {
2157         out_fmt = "raw";
2158     }
2159 
2160     if (qemu_opts_foreach(&qemu_object_opts,
2161                           user_creatable_add_opts_foreach,
2162                           NULL, NULL)) {
2163         goto fail_getopt;
2164     }
2165 
2166     if (s.compressed && s.copy_range) {
2167         error_report("Cannot enable copy offloading when -c is used");
2168         goto fail_getopt;
2169     }
2170 
2171     if (explict_min_sparse && s.copy_range) {
2172         error_report("Cannot enable copy offloading when -S is used");
2173         goto fail_getopt;
2174     }
2175 
2176     if (tgt_image_opts && !skip_create) {
2177         error_report("--target-image-opts requires use of -n flag");
2178         goto fail_getopt;
2179     }
2180 
2181     s.src_num = argc - optind - 1;
2182     out_filename = s.src_num >= 1 ? argv[argc - 1] : NULL;
2183 
2184     if (options && has_help_option(options)) {
2185         if (out_fmt) {
2186             ret = print_block_option_help(out_filename, out_fmt);
2187             goto fail_getopt;
2188         } else {
2189             error_report("Option help requires a format be specified");
2190             goto fail_getopt;
2191         }
2192     }
2193 
2194     if (s.src_num < 1) {
2195         error_report("Must specify image file name");
2196         goto fail_getopt;
2197     }
2198 
2199 
2200     /* ret is still -EINVAL until here */
2201     ret = bdrv_parse_cache_mode(src_cache, &src_flags, &src_writethrough);
2202     if (ret < 0) {
2203         error_report("Invalid source cache option: %s", src_cache);
2204         goto fail_getopt;
2205     }
2206 
2207     /* Initialize before goto out */
2208     if (quiet) {
2209         progress = false;
2210     }
2211     qemu_progress_init(progress, 1.0);
2212     qemu_progress_print(0, 100);
2213 
2214     s.src = g_new0(BlockBackend *, s.src_num);
2215     s.src_sectors = g_new(int64_t, s.src_num);
2216 
2217     for (bs_i = 0; bs_i < s.src_num; bs_i++) {
2218         s.src[bs_i] = img_open(image_opts, argv[optind + bs_i],
2219                                fmt, src_flags, src_writethrough, quiet,
2220                                force_share);
2221         if (!s.src[bs_i]) {
2222             ret = -1;
2223             goto out;
2224         }
2225         s.src_sectors[bs_i] = blk_nb_sectors(s.src[bs_i]);
2226         if (s.src_sectors[bs_i] < 0) {
2227             error_report("Could not get size of %s: %s",
2228                          argv[optind + bs_i], strerror(-s.src_sectors[bs_i]));
2229             ret = -1;
2230             goto out;
2231         }
2232         s.total_sectors += s.src_sectors[bs_i];
2233     }
2234 
2235     if (sn_opts) {
2236         bdrv_snapshot_load_tmp(blk_bs(s.src[0]),
2237                                qemu_opt_get(sn_opts, SNAPSHOT_OPT_ID),
2238                                qemu_opt_get(sn_opts, SNAPSHOT_OPT_NAME),
2239                                &local_err);
2240     } else if (snapshot_name != NULL) {
2241         if (s.src_num > 1) {
2242             error_report("No support for concatenating multiple snapshot");
2243             ret = -1;
2244             goto out;
2245         }
2246 
2247         bdrv_snapshot_load_tmp_by_id_or_name(blk_bs(s.src[0]), snapshot_name,
2248                                              &local_err);
2249     }
2250     if (local_err) {
2251         error_reportf_err(local_err, "Failed to load snapshot: ");
2252         ret = -1;
2253         goto out;
2254     }
2255 
2256     if (!skip_create) {
2257         /* Find driver and parse its options */
2258         drv = bdrv_find_format(out_fmt);
2259         if (!drv) {
2260             error_report("Unknown file format '%s'", out_fmt);
2261             ret = -1;
2262             goto out;
2263         }
2264 
2265         proto_drv = bdrv_find_protocol(out_filename, true, &local_err);
2266         if (!proto_drv) {
2267             error_report_err(local_err);
2268             ret = -1;
2269             goto out;
2270         }
2271 
2272         if (!drv->create_opts) {
2273             error_report("Format driver '%s' does not support image creation",
2274                          drv->format_name);
2275             ret = -1;
2276             goto out;
2277         }
2278 
2279         if (!proto_drv->create_opts) {
2280             error_report("Protocol driver '%s' does not support image creation",
2281                          proto_drv->format_name);
2282             ret = -1;
2283             goto out;
2284         }
2285 
2286         create_opts = qemu_opts_append(create_opts, drv->create_opts);
2287         create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
2288 
2289         opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
2290         if (options) {
2291             qemu_opts_do_parse(opts, options, NULL, &local_err);
2292             if (local_err) {
2293                 error_report_err(local_err);
2294                 ret = -1;
2295                 goto out;
2296             }
2297         }
2298 
2299         qemu_opt_set_number(opts, BLOCK_OPT_SIZE, s.total_sectors * 512,
2300                             &error_abort);
2301         ret = add_old_style_options(out_fmt, opts, out_baseimg, NULL);
2302         if (ret < 0) {
2303             goto out;
2304         }
2305     }
2306 
2307     /* Get backing file name if -o backing_file was used */
2308     out_baseimg_param = qemu_opt_get(opts, BLOCK_OPT_BACKING_FILE);
2309     if (out_baseimg_param) {
2310         out_baseimg = out_baseimg_param;
2311     }
2312     s.target_has_backing = (bool) out_baseimg;
2313 
2314     if (s.src_num > 1 && out_baseimg) {
2315         error_report("Having a backing file for the target makes no sense when "
2316                      "concatenating multiple input images");
2317         ret = -1;
2318         goto out;
2319     }
2320 
2321     /* Check if compression is supported */
2322     if (s.compressed) {
2323         bool encryption =
2324             qemu_opt_get_bool(opts, BLOCK_OPT_ENCRYPT, false);
2325         const char *encryptfmt =
2326             qemu_opt_get(opts, BLOCK_OPT_ENCRYPT_FORMAT);
2327         const char *preallocation =
2328             qemu_opt_get(opts, BLOCK_OPT_PREALLOC);
2329 
2330         if (drv && !drv->bdrv_co_pwritev_compressed) {
2331             error_report("Compression not supported for this file format");
2332             ret = -1;
2333             goto out;
2334         }
2335 
2336         if (encryption || encryptfmt) {
2337             error_report("Compression and encryption not supported at "
2338                          "the same time");
2339             ret = -1;
2340             goto out;
2341         }
2342 
2343         if (preallocation
2344             && strcmp(preallocation, "off"))
2345         {
2346             error_report("Compression and preallocation not supported at "
2347                          "the same time");
2348             ret = -1;
2349             goto out;
2350         }
2351     }
2352 
2353     /*
2354      * The later open call will need any decryption secrets, and
2355      * bdrv_create() will purge "opts", so extract them now before
2356      * they are lost.
2357      */
2358     if (!skip_create) {
2359         open_opts = qdict_new();
2360         qemu_opt_foreach(opts, img_add_key_secrets, open_opts, &error_abort);
2361     }
2362 
2363     if (!skip_create) {
2364         /* Create the new image */
2365         ret = bdrv_create(drv, out_filename, opts, &local_err);
2366         if (ret < 0) {
2367             error_reportf_err(local_err, "%s: error while converting %s: ",
2368                               out_filename, out_fmt);
2369             goto out;
2370         }
2371     }
2372 
2373     flags = s.min_sparse ? (BDRV_O_RDWR | BDRV_O_UNMAP) : BDRV_O_RDWR;
2374     ret = bdrv_parse_cache_mode(cache, &flags, &writethrough);
2375     if (ret < 0) {
2376         error_report("Invalid cache option: %s", cache);
2377         goto out;
2378     }
2379 
2380     if (skip_create) {
2381         s.target = img_open(tgt_image_opts, out_filename, out_fmt,
2382                             flags, writethrough, quiet, false);
2383     } else {
2384         /* TODO ultimately we should allow --target-image-opts
2385          * to be used even when -n is not given.
2386          * That has to wait for bdrv_create to be improved
2387          * to allow filenames in option syntax
2388          */
2389         s.target = img_open_file(out_filename, open_opts, out_fmt,
2390                                  flags, writethrough, quiet, false);
2391         open_opts = NULL; /* blk_new_open will have freed it */
2392     }
2393     if (!s.target) {
2394         ret = -1;
2395         goto out;
2396     }
2397     out_bs = blk_bs(s.target);
2398 
2399     if (s.compressed && !out_bs->drv->bdrv_co_pwritev_compressed) {
2400         error_report("Compression not supported for this file format");
2401         ret = -1;
2402         goto out;
2403     }
2404 
2405     /* increase bufsectors from the default 4096 (2M) if opt_transfer
2406      * or discard_alignment of the out_bs is greater. Limit to
2407      * MAX_BUF_SECTORS as maximum which is currently 32768 (16MB). */
2408     s.buf_sectors = MIN(MAX_BUF_SECTORS,
2409                         MAX(s.buf_sectors,
2410                             MAX(out_bs->bl.opt_transfer >> BDRV_SECTOR_BITS,
2411                                 out_bs->bl.pdiscard_alignment >>
2412                                 BDRV_SECTOR_BITS)));
2413 
2414     /* try to align the write requests to the destination to avoid unnecessary
2415      * RMW cycles. */
2416     s.alignment = MAX(pow2floor(s.min_sparse),
2417                       DIV_ROUND_UP(out_bs->bl.request_alignment,
2418                                    BDRV_SECTOR_SIZE));
2419     assert(is_power_of_2(s.alignment));
2420 
2421     if (skip_create) {
2422         int64_t output_sectors = blk_nb_sectors(s.target);
2423         if (output_sectors < 0) {
2424             error_report("unable to get output image length: %s",
2425                          strerror(-output_sectors));
2426             ret = -1;
2427             goto out;
2428         } else if (output_sectors < s.total_sectors) {
2429             error_report("output file is smaller than input file");
2430             ret = -1;
2431             goto out;
2432         }
2433     }
2434 
2435     if (s.target_has_backing) {
2436         /* Errors are treated as "backing length unknown" (which means
2437          * s.target_backing_sectors has to be negative, which it will
2438          * be automatically).  The backing file length is used only
2439          * for optimizations, so such a case is not fatal. */
2440         s.target_backing_sectors = bdrv_nb_sectors(out_bs->backing->bs);
2441     } else {
2442         s.target_backing_sectors = -1;
2443     }
2444 
2445     ret = bdrv_get_info(out_bs, &bdi);
2446     if (ret < 0) {
2447         if (s.compressed) {
2448             error_report("could not get block driver info");
2449             goto out;
2450         }
2451     } else {
2452         s.compressed = s.compressed || bdi.needs_compressed_writes;
2453         s.cluster_sectors = bdi.cluster_size / BDRV_SECTOR_SIZE;
2454         s.unallocated_blocks_are_zero = bdi.unallocated_blocks_are_zero;
2455     }
2456 
2457     ret = convert_do_copy(&s);
2458 out:
2459     if (!ret) {
2460         qemu_progress_print(100, 0);
2461     }
2462     qemu_progress_end();
2463     qemu_opts_del(opts);
2464     qemu_opts_free(create_opts);
2465     qemu_opts_del(sn_opts);
2466     qobject_unref(open_opts);
2467     blk_unref(s.target);
2468     if (s.src) {
2469         for (bs_i = 0; bs_i < s.src_num; bs_i++) {
2470             blk_unref(s.src[bs_i]);
2471         }
2472         g_free(s.src);
2473     }
2474     g_free(s.src_sectors);
2475 fail_getopt:
2476     g_free(options);
2477 
2478     return !!ret;
2479 }
2480 
2481 
2482 static void dump_snapshots(BlockDriverState *bs)
2483 {
2484     QEMUSnapshotInfo *sn_tab, *sn;
2485     int nb_sns, i;
2486 
2487     nb_sns = bdrv_snapshot_list(bs, &sn_tab);
2488     if (nb_sns <= 0)
2489         return;
2490     printf("Snapshot list:\n");
2491     bdrv_snapshot_dump(fprintf, stdout, NULL);
2492     printf("\n");
2493     for(i = 0; i < nb_sns; i++) {
2494         sn = &sn_tab[i];
2495         bdrv_snapshot_dump(fprintf, stdout, sn);
2496         printf("\n");
2497     }
2498     g_free(sn_tab);
2499 }
2500 
2501 static void dump_json_image_info_list(ImageInfoList *list)
2502 {
2503     QString *str;
2504     QObject *obj;
2505     Visitor *v = qobject_output_visitor_new(&obj);
2506 
2507     visit_type_ImageInfoList(v, NULL, &list, &error_abort);
2508     visit_complete(v, &obj);
2509     str = qobject_to_json_pretty(obj);
2510     assert(str != NULL);
2511     printf("%s\n", qstring_get_str(str));
2512     qobject_unref(obj);
2513     visit_free(v);
2514     qobject_unref(str);
2515 }
2516 
2517 static void dump_json_image_info(ImageInfo *info)
2518 {
2519     QString *str;
2520     QObject *obj;
2521     Visitor *v = qobject_output_visitor_new(&obj);
2522 
2523     visit_type_ImageInfo(v, NULL, &info, &error_abort);
2524     visit_complete(v, &obj);
2525     str = qobject_to_json_pretty(obj);
2526     assert(str != NULL);
2527     printf("%s\n", qstring_get_str(str));
2528     qobject_unref(obj);
2529     visit_free(v);
2530     qobject_unref(str);
2531 }
2532 
2533 static void dump_human_image_info_list(ImageInfoList *list)
2534 {
2535     ImageInfoList *elem;
2536     bool delim = false;
2537 
2538     for (elem = list; elem; elem = elem->next) {
2539         if (delim) {
2540             printf("\n");
2541         }
2542         delim = true;
2543 
2544         bdrv_image_info_dump(fprintf, stdout, elem->value);
2545     }
2546 }
2547 
2548 static gboolean str_equal_func(gconstpointer a, gconstpointer b)
2549 {
2550     return strcmp(a, b) == 0;
2551 }
2552 
2553 /**
2554  * Open an image file chain and return an ImageInfoList
2555  *
2556  * @filename: topmost image filename
2557  * @fmt: topmost image format (may be NULL to autodetect)
2558  * @chain: true  - enumerate entire backing file chain
2559  *         false - only topmost image file
2560  *
2561  * Returns a list of ImageInfo objects or NULL if there was an error opening an
2562  * image file.  If there was an error a message will have been printed to
2563  * stderr.
2564  */
2565 static ImageInfoList *collect_image_info_list(bool image_opts,
2566                                               const char *filename,
2567                                               const char *fmt,
2568                                               bool chain, bool force_share)
2569 {
2570     ImageInfoList *head = NULL;
2571     ImageInfoList **last = &head;
2572     GHashTable *filenames;
2573     Error *err = NULL;
2574 
2575     filenames = g_hash_table_new_full(g_str_hash, str_equal_func, NULL, NULL);
2576 
2577     while (filename) {
2578         BlockBackend *blk;
2579         BlockDriverState *bs;
2580         ImageInfo *info;
2581         ImageInfoList *elem;
2582 
2583         if (g_hash_table_lookup_extended(filenames, filename, NULL, NULL)) {
2584             error_report("Backing file '%s' creates an infinite loop.",
2585                          filename);
2586             goto err;
2587         }
2588         g_hash_table_insert(filenames, (gpointer)filename, NULL);
2589 
2590         blk = img_open(image_opts, filename, fmt,
2591                        BDRV_O_NO_BACKING | BDRV_O_NO_IO, false, false,
2592                        force_share);
2593         if (!blk) {
2594             goto err;
2595         }
2596         bs = blk_bs(blk);
2597 
2598         bdrv_query_image_info(bs, &info, &err);
2599         if (err) {
2600             error_report_err(err);
2601             blk_unref(blk);
2602             goto err;
2603         }
2604 
2605         elem = g_new0(ImageInfoList, 1);
2606         elem->value = info;
2607         *last = elem;
2608         last = &elem->next;
2609 
2610         blk_unref(blk);
2611 
2612         filename = fmt = NULL;
2613         if (chain) {
2614             if (info->has_full_backing_filename) {
2615                 filename = info->full_backing_filename;
2616             } else if (info->has_backing_filename) {
2617                 error_report("Could not determine absolute backing filename,"
2618                              " but backing filename '%s' present",
2619                              info->backing_filename);
2620                 goto err;
2621             }
2622             if (info->has_backing_filename_format) {
2623                 fmt = info->backing_filename_format;
2624             }
2625         }
2626     }
2627     g_hash_table_destroy(filenames);
2628     return head;
2629 
2630 err:
2631     qapi_free_ImageInfoList(head);
2632     g_hash_table_destroy(filenames);
2633     return NULL;
2634 }
2635 
2636 static int img_info(int argc, char **argv)
2637 {
2638     int c;
2639     OutputFormat output_format = OFORMAT_HUMAN;
2640     bool chain = false;
2641     const char *filename, *fmt, *output;
2642     ImageInfoList *list;
2643     bool image_opts = false;
2644     bool force_share = false;
2645 
2646     fmt = NULL;
2647     output = NULL;
2648     for(;;) {
2649         int option_index = 0;
2650         static const struct option long_options[] = {
2651             {"help", no_argument, 0, 'h'},
2652             {"format", required_argument, 0, 'f'},
2653             {"output", required_argument, 0, OPTION_OUTPUT},
2654             {"backing-chain", no_argument, 0, OPTION_BACKING_CHAIN},
2655             {"object", required_argument, 0, OPTION_OBJECT},
2656             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
2657             {"force-share", no_argument, 0, 'U'},
2658             {0, 0, 0, 0}
2659         };
2660         c = getopt_long(argc, argv, ":f:hU",
2661                         long_options, &option_index);
2662         if (c == -1) {
2663             break;
2664         }
2665         switch(c) {
2666         case ':':
2667             missing_argument(argv[optind - 1]);
2668             break;
2669         case '?':
2670             unrecognized_option(argv[optind - 1]);
2671             break;
2672         case 'h':
2673             help();
2674             break;
2675         case 'f':
2676             fmt = optarg;
2677             break;
2678         case 'U':
2679             force_share = true;
2680             break;
2681         case OPTION_OUTPUT:
2682             output = optarg;
2683             break;
2684         case OPTION_BACKING_CHAIN:
2685             chain = true;
2686             break;
2687         case OPTION_OBJECT: {
2688             QemuOpts *opts;
2689             opts = qemu_opts_parse_noisily(&qemu_object_opts,
2690                                            optarg, true);
2691             if (!opts) {
2692                 return 1;
2693             }
2694         }   break;
2695         case OPTION_IMAGE_OPTS:
2696             image_opts = true;
2697             break;
2698         }
2699     }
2700     if (optind != argc - 1) {
2701         error_exit("Expecting one image file name");
2702     }
2703     filename = argv[optind++];
2704 
2705     if (output && !strcmp(output, "json")) {
2706         output_format = OFORMAT_JSON;
2707     } else if (output && !strcmp(output, "human")) {
2708         output_format = OFORMAT_HUMAN;
2709     } else if (output) {
2710         error_report("--output must be used with human or json as argument.");
2711         return 1;
2712     }
2713 
2714     if (qemu_opts_foreach(&qemu_object_opts,
2715                           user_creatable_add_opts_foreach,
2716                           NULL, NULL)) {
2717         return 1;
2718     }
2719 
2720     list = collect_image_info_list(image_opts, filename, fmt, chain,
2721                                    force_share);
2722     if (!list) {
2723         return 1;
2724     }
2725 
2726     switch (output_format) {
2727     case OFORMAT_HUMAN:
2728         dump_human_image_info_list(list);
2729         break;
2730     case OFORMAT_JSON:
2731         if (chain) {
2732             dump_json_image_info_list(list);
2733         } else {
2734             dump_json_image_info(list->value);
2735         }
2736         break;
2737     }
2738 
2739     qapi_free_ImageInfoList(list);
2740     return 0;
2741 }
2742 
2743 static void dump_map_entry(OutputFormat output_format, MapEntry *e,
2744                            MapEntry *next)
2745 {
2746     switch (output_format) {
2747     case OFORMAT_HUMAN:
2748         if (e->data && !e->has_offset) {
2749             error_report("File contains external, encrypted or compressed clusters.");
2750             exit(1);
2751         }
2752         if (e->data && !e->zero) {
2753             printf("%#-16"PRIx64"%#-16"PRIx64"%#-16"PRIx64"%s\n",
2754                    e->start, e->length,
2755                    e->has_offset ? e->offset : 0,
2756                    e->has_filename ? e->filename : "");
2757         }
2758         /* This format ignores the distinction between 0, ZERO and ZERO|DATA.
2759          * Modify the flags here to allow more coalescing.
2760          */
2761         if (next && (!next->data || next->zero)) {
2762             next->data = false;
2763             next->zero = true;
2764         }
2765         break;
2766     case OFORMAT_JSON:
2767         printf("%s{ \"start\": %"PRId64", \"length\": %"PRId64","
2768                " \"depth\": %"PRId64", \"zero\": %s, \"data\": %s",
2769                (e->start == 0 ? "[" : ",\n"),
2770                e->start, e->length, e->depth,
2771                e->zero ? "true" : "false",
2772                e->data ? "true" : "false");
2773         if (e->has_offset) {
2774             printf(", \"offset\": %"PRId64"", e->offset);
2775         }
2776         putchar('}');
2777 
2778         if (!next) {
2779             printf("]\n");
2780         }
2781         break;
2782     }
2783 }
2784 
2785 static int get_block_status(BlockDriverState *bs, int64_t offset,
2786                             int64_t bytes, MapEntry *e)
2787 {
2788     int ret;
2789     int depth;
2790     BlockDriverState *file;
2791     bool has_offset;
2792     int64_t map;
2793 
2794     /* As an optimization, we could cache the current range of unallocated
2795      * clusters in each file of the chain, and avoid querying the same
2796      * range repeatedly.
2797      */
2798 
2799     depth = 0;
2800     for (;;) {
2801         ret = bdrv_block_status(bs, offset, bytes, &bytes, &map, &file);
2802         if (ret < 0) {
2803             return ret;
2804         }
2805         assert(bytes);
2806         if (ret & (BDRV_BLOCK_ZERO|BDRV_BLOCK_DATA)) {
2807             break;
2808         }
2809         bs = backing_bs(bs);
2810         if (bs == NULL) {
2811             ret = 0;
2812             break;
2813         }
2814 
2815         depth++;
2816     }
2817 
2818     has_offset = !!(ret & BDRV_BLOCK_OFFSET_VALID);
2819 
2820     *e = (MapEntry) {
2821         .start = offset,
2822         .length = bytes,
2823         .data = !!(ret & BDRV_BLOCK_DATA),
2824         .zero = !!(ret & BDRV_BLOCK_ZERO),
2825         .offset = map,
2826         .has_offset = has_offset,
2827         .depth = depth,
2828         .has_filename = file && has_offset,
2829         .filename = file && has_offset ? file->filename : NULL,
2830     };
2831 
2832     return 0;
2833 }
2834 
2835 static inline bool entry_mergeable(const MapEntry *curr, const MapEntry *next)
2836 {
2837     if (curr->length == 0) {
2838         return false;
2839     }
2840     if (curr->zero != next->zero ||
2841         curr->data != next->data ||
2842         curr->depth != next->depth ||
2843         curr->has_filename != next->has_filename ||
2844         curr->has_offset != next->has_offset) {
2845         return false;
2846     }
2847     if (curr->has_filename && strcmp(curr->filename, next->filename)) {
2848         return false;
2849     }
2850     if (curr->has_offset && curr->offset + curr->length != next->offset) {
2851         return false;
2852     }
2853     return true;
2854 }
2855 
2856 static int img_map(int argc, char **argv)
2857 {
2858     int c;
2859     OutputFormat output_format = OFORMAT_HUMAN;
2860     BlockBackend *blk;
2861     BlockDriverState *bs;
2862     const char *filename, *fmt, *output;
2863     int64_t length;
2864     MapEntry curr = { .length = 0 }, next;
2865     int ret = 0;
2866     bool image_opts = false;
2867     bool force_share = false;
2868 
2869     fmt = NULL;
2870     output = NULL;
2871     for (;;) {
2872         int option_index = 0;
2873         static const struct option long_options[] = {
2874             {"help", no_argument, 0, 'h'},
2875             {"format", required_argument, 0, 'f'},
2876             {"output", required_argument, 0, OPTION_OUTPUT},
2877             {"object", required_argument, 0, OPTION_OBJECT},
2878             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
2879             {"force-share", no_argument, 0, 'U'},
2880             {0, 0, 0, 0}
2881         };
2882         c = getopt_long(argc, argv, ":f:hU",
2883                         long_options, &option_index);
2884         if (c == -1) {
2885             break;
2886         }
2887         switch (c) {
2888         case ':':
2889             missing_argument(argv[optind - 1]);
2890             break;
2891         case '?':
2892             unrecognized_option(argv[optind - 1]);
2893             break;
2894         case 'h':
2895             help();
2896             break;
2897         case 'f':
2898             fmt = optarg;
2899             break;
2900         case 'U':
2901             force_share = true;
2902             break;
2903         case OPTION_OUTPUT:
2904             output = optarg;
2905             break;
2906         case OPTION_OBJECT: {
2907             QemuOpts *opts;
2908             opts = qemu_opts_parse_noisily(&qemu_object_opts,
2909                                            optarg, true);
2910             if (!opts) {
2911                 return 1;
2912             }
2913         }   break;
2914         case OPTION_IMAGE_OPTS:
2915             image_opts = true;
2916             break;
2917         }
2918     }
2919     if (optind != argc - 1) {
2920         error_exit("Expecting one image file name");
2921     }
2922     filename = argv[optind];
2923 
2924     if (output && !strcmp(output, "json")) {
2925         output_format = OFORMAT_JSON;
2926     } else if (output && !strcmp(output, "human")) {
2927         output_format = OFORMAT_HUMAN;
2928     } else if (output) {
2929         error_report("--output must be used with human or json as argument.");
2930         return 1;
2931     }
2932 
2933     if (qemu_opts_foreach(&qemu_object_opts,
2934                           user_creatable_add_opts_foreach,
2935                           NULL, NULL)) {
2936         return 1;
2937     }
2938 
2939     blk = img_open(image_opts, filename, fmt, 0, false, false, force_share);
2940     if (!blk) {
2941         return 1;
2942     }
2943     bs = blk_bs(blk);
2944 
2945     if (output_format == OFORMAT_HUMAN) {
2946         printf("%-16s%-16s%-16s%s\n", "Offset", "Length", "Mapped to", "File");
2947     }
2948 
2949     length = blk_getlength(blk);
2950     while (curr.start + curr.length < length) {
2951         int64_t offset = curr.start + curr.length;
2952         int64_t n;
2953 
2954         /* Probe up to 1 GiB at a time.  */
2955         n = MIN(1 << 30, length - offset);
2956         ret = get_block_status(bs, offset, n, &next);
2957 
2958         if (ret < 0) {
2959             error_report("Could not read file metadata: %s", strerror(-ret));
2960             goto out;
2961         }
2962 
2963         if (entry_mergeable(&curr, &next)) {
2964             curr.length += next.length;
2965             continue;
2966         }
2967 
2968         if (curr.length > 0) {
2969             dump_map_entry(output_format, &curr, &next);
2970         }
2971         curr = next;
2972     }
2973 
2974     dump_map_entry(output_format, &curr, NULL);
2975 
2976 out:
2977     blk_unref(blk);
2978     return ret < 0;
2979 }
2980 
2981 #define SNAPSHOT_LIST   1
2982 #define SNAPSHOT_CREATE 2
2983 #define SNAPSHOT_APPLY  3
2984 #define SNAPSHOT_DELETE 4
2985 
2986 static int img_snapshot(int argc, char **argv)
2987 {
2988     BlockBackend *blk;
2989     BlockDriverState *bs;
2990     QEMUSnapshotInfo sn;
2991     char *filename, *snapshot_name = NULL;
2992     int c, ret = 0, bdrv_oflags;
2993     int action = 0;
2994     qemu_timeval tv;
2995     bool quiet = false;
2996     Error *err = NULL;
2997     bool image_opts = false;
2998     bool force_share = false;
2999 
3000     bdrv_oflags = BDRV_O_RDWR;
3001     /* Parse commandline parameters */
3002     for(;;) {
3003         static const struct option long_options[] = {
3004             {"help", no_argument, 0, 'h'},
3005             {"object", required_argument, 0, OPTION_OBJECT},
3006             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
3007             {"force-share", no_argument, 0, 'U'},
3008             {0, 0, 0, 0}
3009         };
3010         c = getopt_long(argc, argv, ":la:c:d:hqU",
3011                         long_options, NULL);
3012         if (c == -1) {
3013             break;
3014         }
3015         switch(c) {
3016         case ':':
3017             missing_argument(argv[optind - 1]);
3018             break;
3019         case '?':
3020             unrecognized_option(argv[optind - 1]);
3021             break;
3022         case 'h':
3023             help();
3024             return 0;
3025         case 'l':
3026             if (action) {
3027                 error_exit("Cannot mix '-l', '-a', '-c', '-d'");
3028                 return 0;
3029             }
3030             action = SNAPSHOT_LIST;
3031             bdrv_oflags &= ~BDRV_O_RDWR; /* no need for RW */
3032             break;
3033         case 'a':
3034             if (action) {
3035                 error_exit("Cannot mix '-l', '-a', '-c', '-d'");
3036                 return 0;
3037             }
3038             action = SNAPSHOT_APPLY;
3039             snapshot_name = optarg;
3040             break;
3041         case 'c':
3042             if (action) {
3043                 error_exit("Cannot mix '-l', '-a', '-c', '-d'");
3044                 return 0;
3045             }
3046             action = SNAPSHOT_CREATE;
3047             snapshot_name = optarg;
3048             break;
3049         case 'd':
3050             if (action) {
3051                 error_exit("Cannot mix '-l', '-a', '-c', '-d'");
3052                 return 0;
3053             }
3054             action = SNAPSHOT_DELETE;
3055             snapshot_name = optarg;
3056             break;
3057         case 'q':
3058             quiet = true;
3059             break;
3060         case 'U':
3061             force_share = true;
3062             break;
3063         case OPTION_OBJECT: {
3064             QemuOpts *opts;
3065             opts = qemu_opts_parse_noisily(&qemu_object_opts,
3066                                            optarg, true);
3067             if (!opts) {
3068                 return 1;
3069             }
3070         }   break;
3071         case OPTION_IMAGE_OPTS:
3072             image_opts = true;
3073             break;
3074         }
3075     }
3076 
3077     if (optind != argc - 1) {
3078         error_exit("Expecting one image file name");
3079     }
3080     filename = argv[optind++];
3081 
3082     if (qemu_opts_foreach(&qemu_object_opts,
3083                           user_creatable_add_opts_foreach,
3084                           NULL, NULL)) {
3085         return 1;
3086     }
3087 
3088     /* Open the image */
3089     blk = img_open(image_opts, filename, NULL, bdrv_oflags, false, quiet,
3090                    force_share);
3091     if (!blk) {
3092         return 1;
3093     }
3094     bs = blk_bs(blk);
3095 
3096     /* Perform the requested action */
3097     switch(action) {
3098     case SNAPSHOT_LIST:
3099         dump_snapshots(bs);
3100         break;
3101 
3102     case SNAPSHOT_CREATE:
3103         memset(&sn, 0, sizeof(sn));
3104         pstrcpy(sn.name, sizeof(sn.name), snapshot_name);
3105 
3106         qemu_gettimeofday(&tv);
3107         sn.date_sec = tv.tv_sec;
3108         sn.date_nsec = tv.tv_usec * 1000;
3109 
3110         ret = bdrv_snapshot_create(bs, &sn);
3111         if (ret) {
3112             error_report("Could not create snapshot '%s': %d (%s)",
3113                 snapshot_name, ret, strerror(-ret));
3114         }
3115         break;
3116 
3117     case SNAPSHOT_APPLY:
3118         ret = bdrv_snapshot_goto(bs, snapshot_name, &err);
3119         if (ret) {
3120             error_reportf_err(err, "Could not apply snapshot '%s': ",
3121                               snapshot_name);
3122         }
3123         break;
3124 
3125     case SNAPSHOT_DELETE:
3126         bdrv_snapshot_delete_by_id_or_name(bs, snapshot_name, &err);
3127         if (err) {
3128             error_reportf_err(err, "Could not delete snapshot '%s': ",
3129                               snapshot_name);
3130             ret = 1;
3131         }
3132         break;
3133     }
3134 
3135     /* Cleanup */
3136     blk_unref(blk);
3137     if (ret) {
3138         return 1;
3139     }
3140     return 0;
3141 }
3142 
3143 static int img_rebase(int argc, char **argv)
3144 {
3145     BlockBackend *blk = NULL, *blk_old_backing = NULL, *blk_new_backing = NULL;
3146     uint8_t *buf_old = NULL;
3147     uint8_t *buf_new = NULL;
3148     BlockDriverState *bs = NULL;
3149     char *filename;
3150     const char *fmt, *cache, *src_cache, *out_basefmt, *out_baseimg;
3151     int c, flags, src_flags, ret;
3152     bool writethrough, src_writethrough;
3153     int unsafe = 0;
3154     bool force_share = false;
3155     int progress = 0;
3156     bool quiet = false;
3157     Error *local_err = NULL;
3158     bool image_opts = false;
3159 
3160     /* Parse commandline parameters */
3161     fmt = NULL;
3162     cache = BDRV_DEFAULT_CACHE;
3163     src_cache = BDRV_DEFAULT_CACHE;
3164     out_baseimg = NULL;
3165     out_basefmt = NULL;
3166     for(;;) {
3167         static const struct option long_options[] = {
3168             {"help", no_argument, 0, 'h'},
3169             {"object", required_argument, 0, OPTION_OBJECT},
3170             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
3171             {"force-share", no_argument, 0, 'U'},
3172             {0, 0, 0, 0}
3173         };
3174         c = getopt_long(argc, argv, ":hf:F:b:upt:T:qU",
3175                         long_options, NULL);
3176         if (c == -1) {
3177             break;
3178         }
3179         switch(c) {
3180         case ':':
3181             missing_argument(argv[optind - 1]);
3182             break;
3183         case '?':
3184             unrecognized_option(argv[optind - 1]);
3185             break;
3186         case 'h':
3187             help();
3188             return 0;
3189         case 'f':
3190             fmt = optarg;
3191             break;
3192         case 'F':
3193             out_basefmt = optarg;
3194             break;
3195         case 'b':
3196             out_baseimg = optarg;
3197             break;
3198         case 'u':
3199             unsafe = 1;
3200             break;
3201         case 'p':
3202             progress = 1;
3203             break;
3204         case 't':
3205             cache = optarg;
3206             break;
3207         case 'T':
3208             src_cache = optarg;
3209             break;
3210         case 'q':
3211             quiet = true;
3212             break;
3213         case OPTION_OBJECT: {
3214             QemuOpts *opts;
3215             opts = qemu_opts_parse_noisily(&qemu_object_opts,
3216                                            optarg, true);
3217             if (!opts) {
3218                 return 1;
3219             }
3220         }   break;
3221         case OPTION_IMAGE_OPTS:
3222             image_opts = true;
3223             break;
3224         case 'U':
3225             force_share = true;
3226             break;
3227         }
3228     }
3229 
3230     if (quiet) {
3231         progress = 0;
3232     }
3233 
3234     if (optind != argc - 1) {
3235         error_exit("Expecting one image file name");
3236     }
3237     if (!unsafe && !out_baseimg) {
3238         error_exit("Must specify backing file (-b) or use unsafe mode (-u)");
3239     }
3240     filename = argv[optind++];
3241 
3242     if (qemu_opts_foreach(&qemu_object_opts,
3243                           user_creatable_add_opts_foreach,
3244                           NULL, NULL)) {
3245         return 1;
3246     }
3247 
3248     qemu_progress_init(progress, 2.0);
3249     qemu_progress_print(0, 100);
3250 
3251     flags = BDRV_O_RDWR | (unsafe ? BDRV_O_NO_BACKING : 0);
3252     ret = bdrv_parse_cache_mode(cache, &flags, &writethrough);
3253     if (ret < 0) {
3254         error_report("Invalid cache option: %s", cache);
3255         goto out;
3256     }
3257 
3258     src_flags = 0;
3259     ret = bdrv_parse_cache_mode(src_cache, &src_flags, &src_writethrough);
3260     if (ret < 0) {
3261         error_report("Invalid source cache option: %s", src_cache);
3262         goto out;
3263     }
3264 
3265     /* The source files are opened read-only, don't care about WCE */
3266     assert((src_flags & BDRV_O_RDWR) == 0);
3267     (void) src_writethrough;
3268 
3269     /*
3270      * Open the images.
3271      *
3272      * Ignore the old backing file for unsafe rebase in case we want to correct
3273      * the reference to a renamed or moved backing file.
3274      */
3275     blk = img_open(image_opts, filename, fmt, flags, writethrough, quiet,
3276                    false);
3277     if (!blk) {
3278         ret = -1;
3279         goto out;
3280     }
3281     bs = blk_bs(blk);
3282 
3283     if (out_basefmt != NULL) {
3284         if (bdrv_find_format(out_basefmt) == NULL) {
3285             error_report("Invalid format name: '%s'", out_basefmt);
3286             ret = -1;
3287             goto out;
3288         }
3289     }
3290 
3291     /* For safe rebasing we need to compare old and new backing file */
3292     if (!unsafe) {
3293         char backing_name[PATH_MAX];
3294         QDict *options = NULL;
3295 
3296         if (bs->backing_format[0] != '\0') {
3297             options = qdict_new();
3298             qdict_put_str(options, "driver", bs->backing_format);
3299         }
3300 
3301         if (force_share) {
3302             if (!options) {
3303                 options = qdict_new();
3304             }
3305             qdict_put_bool(options, BDRV_OPT_FORCE_SHARE, true);
3306         }
3307         bdrv_get_backing_filename(bs, backing_name, sizeof(backing_name));
3308         blk_old_backing = blk_new_open(backing_name, NULL,
3309                                        options, src_flags, &local_err);
3310         if (!blk_old_backing) {
3311             error_reportf_err(local_err,
3312                               "Could not open old backing file '%s': ",
3313                               backing_name);
3314             ret = -1;
3315             goto out;
3316         }
3317 
3318         if (out_baseimg[0]) {
3319             const char *overlay_filename;
3320             char *out_real_path;
3321 
3322             options = qdict_new();
3323             if (out_basefmt) {
3324                 qdict_put_str(options, "driver", out_basefmt);
3325             }
3326             if (force_share) {
3327                 qdict_put_bool(options, BDRV_OPT_FORCE_SHARE, true);
3328             }
3329 
3330             overlay_filename = bs->exact_filename[0] ? bs->exact_filename
3331                                                      : bs->filename;
3332             out_real_path = g_malloc(PATH_MAX);
3333 
3334             bdrv_get_full_backing_filename_from_filename(overlay_filename,
3335                                                          out_baseimg,
3336                                                          out_real_path,
3337                                                          PATH_MAX,
3338                                                          &local_err);
3339             if (local_err) {
3340                 error_reportf_err(local_err,
3341                                   "Could not resolve backing filename: ");
3342                 ret = -1;
3343                 g_free(out_real_path);
3344                 goto out;
3345             }
3346 
3347             blk_new_backing = blk_new_open(out_real_path, NULL,
3348                                            options, src_flags, &local_err);
3349             g_free(out_real_path);
3350             if (!blk_new_backing) {
3351                 error_reportf_err(local_err,
3352                                   "Could not open new backing file '%s': ",
3353                                   out_baseimg);
3354                 ret = -1;
3355                 goto out;
3356             }
3357         }
3358     }
3359 
3360     /*
3361      * Check each unallocated cluster in the COW file. If it is unallocated,
3362      * accesses go to the backing file. We must therefore compare this cluster
3363      * in the old and new backing file, and if they differ we need to copy it
3364      * from the old backing file into the COW file.
3365      *
3366      * If qemu-img crashes during this step, no harm is done. The content of
3367      * the image is the same as the original one at any time.
3368      */
3369     if (!unsafe) {
3370         int64_t size;
3371         int64_t old_backing_size;
3372         int64_t new_backing_size = 0;
3373         uint64_t offset;
3374         int64_t n;
3375         float local_progress = 0;
3376 
3377         buf_old = blk_blockalign(blk, IO_BUF_SIZE);
3378         buf_new = blk_blockalign(blk, IO_BUF_SIZE);
3379 
3380         size = blk_getlength(blk);
3381         if (size < 0) {
3382             error_report("Could not get size of '%s': %s",
3383                          filename, strerror(-size));
3384             ret = -1;
3385             goto out;
3386         }
3387         old_backing_size = blk_getlength(blk_old_backing);
3388         if (old_backing_size < 0) {
3389             char backing_name[PATH_MAX];
3390 
3391             bdrv_get_backing_filename(bs, backing_name, sizeof(backing_name));
3392             error_report("Could not get size of '%s': %s",
3393                          backing_name, strerror(-old_backing_size));
3394             ret = -1;
3395             goto out;
3396         }
3397         if (blk_new_backing) {
3398             new_backing_size = blk_getlength(blk_new_backing);
3399             if (new_backing_size < 0) {
3400                 error_report("Could not get size of '%s': %s",
3401                              out_baseimg, strerror(-new_backing_size));
3402                 ret = -1;
3403                 goto out;
3404             }
3405         }
3406 
3407         if (size != 0) {
3408             local_progress = (float)100 / (size / MIN(size, IO_BUF_SIZE));
3409         }
3410 
3411         for (offset = 0; offset < size; offset += n) {
3412             /* How many bytes can we handle with the next read? */
3413             n = MIN(IO_BUF_SIZE, size - offset);
3414 
3415             /* If the cluster is allocated, we don't need to take action */
3416             ret = bdrv_is_allocated(bs, offset, n, &n);
3417             if (ret < 0) {
3418                 error_report("error while reading image metadata: %s",
3419                              strerror(-ret));
3420                 goto out;
3421             }
3422             if (ret) {
3423                 continue;
3424             }
3425 
3426             /*
3427              * Read old and new backing file and take into consideration that
3428              * backing files may be smaller than the COW image.
3429              */
3430             if (offset >= old_backing_size) {
3431                 memset(buf_old, 0, n);
3432             } else {
3433                 if (offset + n > old_backing_size) {
3434                     n = old_backing_size - offset;
3435                 }
3436 
3437                 ret = blk_pread(blk_old_backing, offset, buf_old, n);
3438                 if (ret < 0) {
3439                     error_report("error while reading from old backing file");
3440                     goto out;
3441                 }
3442             }
3443 
3444             if (offset >= new_backing_size || !blk_new_backing) {
3445                 memset(buf_new, 0, n);
3446             } else {
3447                 if (offset + n > new_backing_size) {
3448                     n = new_backing_size - offset;
3449                 }
3450 
3451                 ret = blk_pread(blk_new_backing, offset, buf_new, n);
3452                 if (ret < 0) {
3453                     error_report("error while reading from new backing file");
3454                     goto out;
3455                 }
3456             }
3457 
3458             /* If they differ, we need to write to the COW file */
3459             uint64_t written = 0;
3460 
3461             while (written < n) {
3462                 int64_t pnum;
3463 
3464                 if (compare_buffers(buf_old + written, buf_new + written,
3465                                     n - written, &pnum))
3466                 {
3467                     ret = blk_pwrite(blk, offset + written,
3468                                      buf_old + written, pnum, 0);
3469                     if (ret < 0) {
3470                         error_report("Error while writing to COW image: %s",
3471                             strerror(-ret));
3472                         goto out;
3473                     }
3474                 }
3475 
3476                 written += pnum;
3477             }
3478             qemu_progress_print(local_progress, 100);
3479         }
3480     }
3481 
3482     /*
3483      * Change the backing file. All clusters that are different from the old
3484      * backing file are overwritten in the COW file now, so the visible content
3485      * doesn't change when we switch the backing file.
3486      */
3487     if (out_baseimg && *out_baseimg) {
3488         ret = bdrv_change_backing_file(bs, out_baseimg, out_basefmt);
3489     } else {
3490         ret = bdrv_change_backing_file(bs, NULL, NULL);
3491     }
3492 
3493     if (ret == -ENOSPC) {
3494         error_report("Could not change the backing file to '%s': No "
3495                      "space left in the file header", out_baseimg);
3496     } else if (ret < 0) {
3497         error_report("Could not change the backing file to '%s': %s",
3498             out_baseimg, strerror(-ret));
3499     }
3500 
3501     qemu_progress_print(100, 0);
3502     /*
3503      * TODO At this point it is possible to check if any clusters that are
3504      * allocated in the COW file are the same in the backing file. If so, they
3505      * could be dropped from the COW file. Don't do this before switching the
3506      * backing file, in case of a crash this would lead to corruption.
3507      */
3508 out:
3509     qemu_progress_end();
3510     /* Cleanup */
3511     if (!unsafe) {
3512         blk_unref(blk_old_backing);
3513         blk_unref(blk_new_backing);
3514     }
3515     qemu_vfree(buf_old);
3516     qemu_vfree(buf_new);
3517 
3518     blk_unref(blk);
3519     if (ret) {
3520         return 1;
3521     }
3522     return 0;
3523 }
3524 
3525 static int img_resize(int argc, char **argv)
3526 {
3527     Error *err = NULL;
3528     int c, ret, relative;
3529     const char *filename, *fmt, *size;
3530     int64_t n, total_size, current_size, new_size;
3531     bool quiet = false;
3532     BlockBackend *blk = NULL;
3533     PreallocMode prealloc = PREALLOC_MODE_OFF;
3534     QemuOpts *param;
3535 
3536     static QemuOptsList resize_options = {
3537         .name = "resize_options",
3538         .head = QTAILQ_HEAD_INITIALIZER(resize_options.head),
3539         .desc = {
3540             {
3541                 .name = BLOCK_OPT_SIZE,
3542                 .type = QEMU_OPT_SIZE,
3543                 .help = "Virtual disk size"
3544             }, {
3545                 /* end of list */
3546             }
3547         },
3548     };
3549     bool image_opts = false;
3550     bool shrink = false;
3551 
3552     /* Remove size from argv manually so that negative numbers are not treated
3553      * as options by getopt. */
3554     if (argc < 3) {
3555         error_exit("Not enough arguments");
3556         return 1;
3557     }
3558 
3559     size = argv[--argc];
3560 
3561     /* Parse getopt arguments */
3562     fmt = NULL;
3563     for(;;) {
3564         static const struct option long_options[] = {
3565             {"help", no_argument, 0, 'h'},
3566             {"object", required_argument, 0, OPTION_OBJECT},
3567             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
3568             {"preallocation", required_argument, 0, OPTION_PREALLOCATION},
3569             {"shrink", no_argument, 0, OPTION_SHRINK},
3570             {0, 0, 0, 0}
3571         };
3572         c = getopt_long(argc, argv, ":f:hq",
3573                         long_options, NULL);
3574         if (c == -1) {
3575             break;
3576         }
3577         switch(c) {
3578         case ':':
3579             missing_argument(argv[optind - 1]);
3580             break;
3581         case '?':
3582             unrecognized_option(argv[optind - 1]);
3583             break;
3584         case 'h':
3585             help();
3586             break;
3587         case 'f':
3588             fmt = optarg;
3589             break;
3590         case 'q':
3591             quiet = true;
3592             break;
3593         case OPTION_OBJECT: {
3594             QemuOpts *opts;
3595             opts = qemu_opts_parse_noisily(&qemu_object_opts,
3596                                            optarg, true);
3597             if (!opts) {
3598                 return 1;
3599             }
3600         }   break;
3601         case OPTION_IMAGE_OPTS:
3602             image_opts = true;
3603             break;
3604         case OPTION_PREALLOCATION:
3605             prealloc = qapi_enum_parse(&PreallocMode_lookup, optarg,
3606                                        PREALLOC_MODE__MAX, NULL);
3607             if (prealloc == PREALLOC_MODE__MAX) {
3608                 error_report("Invalid preallocation mode '%s'", optarg);
3609                 return 1;
3610             }
3611             break;
3612         case OPTION_SHRINK:
3613             shrink = true;
3614             break;
3615         }
3616     }
3617     if (optind != argc - 1) {
3618         error_exit("Expecting image file name and size");
3619     }
3620     filename = argv[optind++];
3621 
3622     if (qemu_opts_foreach(&qemu_object_opts,
3623                           user_creatable_add_opts_foreach,
3624                           NULL, NULL)) {
3625         return 1;
3626     }
3627 
3628     /* Choose grow, shrink, or absolute resize mode */
3629     switch (size[0]) {
3630     case '+':
3631         relative = 1;
3632         size++;
3633         break;
3634     case '-':
3635         relative = -1;
3636         size++;
3637         break;
3638     default:
3639         relative = 0;
3640         break;
3641     }
3642 
3643     /* Parse size */
3644     param = qemu_opts_create(&resize_options, NULL, 0, &error_abort);
3645     qemu_opt_set(param, BLOCK_OPT_SIZE, size, &err);
3646     if (err) {
3647         error_report_err(err);
3648         ret = -1;
3649         qemu_opts_del(param);
3650         goto out;
3651     }
3652     n = qemu_opt_get_size(param, BLOCK_OPT_SIZE, 0);
3653     qemu_opts_del(param);
3654 
3655     blk = img_open(image_opts, filename, fmt,
3656                    BDRV_O_RDWR | BDRV_O_RESIZE, false, quiet,
3657                    false);
3658     if (!blk) {
3659         ret = -1;
3660         goto out;
3661     }
3662 
3663     current_size = blk_getlength(blk);
3664     if (current_size < 0) {
3665         error_report("Failed to inquire current image length: %s",
3666                      strerror(-current_size));
3667         ret = -1;
3668         goto out;
3669     }
3670 
3671     if (relative) {
3672         total_size = current_size + n * relative;
3673     } else {
3674         total_size = n;
3675     }
3676     if (total_size <= 0) {
3677         error_report("New image size must be positive");
3678         ret = -1;
3679         goto out;
3680     }
3681 
3682     if (total_size <= current_size && prealloc != PREALLOC_MODE_OFF) {
3683         error_report("Preallocation can only be used for growing images");
3684         ret = -1;
3685         goto out;
3686     }
3687 
3688     if (total_size < current_size && !shrink) {
3689         warn_report("Shrinking an image will delete all data beyond the "
3690                     "shrunken image's end. Before performing such an "
3691                     "operation, make sure there is no important data there.");
3692 
3693         if (g_strcmp0(bdrv_get_format_name(blk_bs(blk)), "raw") != 0) {
3694             error_report(
3695               "Use the --shrink option to perform a shrink operation.");
3696             ret = -1;
3697             goto out;
3698         } else {
3699             warn_report("Using the --shrink option will suppress this message. "
3700                         "Note that future versions of qemu-img may refuse to "
3701                         "shrink images without this option.");
3702         }
3703     }
3704 
3705     ret = blk_truncate(blk, total_size, prealloc, &err);
3706     if (ret < 0) {
3707         error_report_err(err);
3708         goto out;
3709     }
3710 
3711     new_size = blk_getlength(blk);
3712     if (new_size < 0) {
3713         error_report("Failed to verify truncated image length: %s",
3714                      strerror(-new_size));
3715         ret = -1;
3716         goto out;
3717     }
3718 
3719     /* Some block drivers implement a truncation method, but only so
3720      * the user can cause qemu to refresh the image's size from disk.
3721      * The idea is that the user resizes the image outside of qemu and
3722      * then invokes block_resize to inform qemu about it.
3723      * (This includes iscsi and file-posix for device files.)
3724      * Of course, that is not the behavior someone invoking
3725      * qemu-img resize would find useful, so we catch that behavior
3726      * here and tell the user. */
3727     if (new_size != total_size && new_size == current_size) {
3728         error_report("Image was not resized; resizing may not be supported "
3729                      "for this image");
3730         ret = -1;
3731         goto out;
3732     }
3733 
3734     if (new_size != total_size) {
3735         warn_report("Image should have been resized to %" PRIi64
3736                     " bytes, but was resized to %" PRIi64 " bytes",
3737                     total_size, new_size);
3738     }
3739 
3740     qprintf(quiet, "Image resized.\n");
3741 
3742 out:
3743     blk_unref(blk);
3744     if (ret) {
3745         return 1;
3746     }
3747     return 0;
3748 }
3749 
3750 static void amend_status_cb(BlockDriverState *bs,
3751                             int64_t offset, int64_t total_work_size,
3752                             void *opaque)
3753 {
3754     qemu_progress_print(100.f * offset / total_work_size, 0);
3755 }
3756 
3757 static int print_amend_option_help(const char *format)
3758 {
3759     BlockDriver *drv;
3760 
3761     /* Find driver and parse its options */
3762     drv = bdrv_find_format(format);
3763     if (!drv) {
3764         error_report("Unknown file format '%s'", format);
3765         return 1;
3766     }
3767 
3768     if (!drv->bdrv_amend_options) {
3769         error_report("Format driver '%s' does not support option amendment",
3770                      format);
3771         return 1;
3772     }
3773 
3774     /* Every driver supporting amendment must have create_opts */
3775     assert(drv->create_opts);
3776 
3777     printf("Creation options for '%s':\n", format);
3778     qemu_opts_print_help(drv->create_opts, false);
3779     printf("\nNote that not all of these options may be amendable.\n");
3780     return 0;
3781 }
3782 
3783 static int img_amend(int argc, char **argv)
3784 {
3785     Error *err = NULL;
3786     int c, ret = 0;
3787     char *options = NULL;
3788     QemuOptsList *create_opts = NULL;
3789     QemuOpts *opts = NULL;
3790     const char *fmt = NULL, *filename, *cache;
3791     int flags;
3792     bool writethrough;
3793     bool quiet = false, progress = false;
3794     BlockBackend *blk = NULL;
3795     BlockDriverState *bs = NULL;
3796     bool image_opts = false;
3797 
3798     cache = BDRV_DEFAULT_CACHE;
3799     for (;;) {
3800         static const struct option long_options[] = {
3801             {"help", no_argument, 0, 'h'},
3802             {"object", required_argument, 0, OPTION_OBJECT},
3803             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
3804             {0, 0, 0, 0}
3805         };
3806         c = getopt_long(argc, argv, ":ho:f:t:pq",
3807                         long_options, NULL);
3808         if (c == -1) {
3809             break;
3810         }
3811 
3812         switch (c) {
3813         case ':':
3814             missing_argument(argv[optind - 1]);
3815             break;
3816         case '?':
3817             unrecognized_option(argv[optind - 1]);
3818             break;
3819         case 'h':
3820             help();
3821             break;
3822         case 'o':
3823             if (!is_valid_option_list(optarg)) {
3824                 error_report("Invalid option list: %s", optarg);
3825                 ret = -1;
3826                 goto out_no_progress;
3827             }
3828             if (!options) {
3829                 options = g_strdup(optarg);
3830             } else {
3831                 char *old_options = options;
3832                 options = g_strdup_printf("%s,%s", options, optarg);
3833                 g_free(old_options);
3834             }
3835             break;
3836         case 'f':
3837             fmt = optarg;
3838             break;
3839         case 't':
3840             cache = optarg;
3841             break;
3842         case 'p':
3843             progress = true;
3844             break;
3845         case 'q':
3846             quiet = true;
3847             break;
3848         case OPTION_OBJECT:
3849             opts = qemu_opts_parse_noisily(&qemu_object_opts,
3850                                            optarg, true);
3851             if (!opts) {
3852                 ret = -1;
3853                 goto out_no_progress;
3854             }
3855             break;
3856         case OPTION_IMAGE_OPTS:
3857             image_opts = true;
3858             break;
3859         }
3860     }
3861 
3862     if (!options) {
3863         error_exit("Must specify options (-o)");
3864     }
3865 
3866     if (qemu_opts_foreach(&qemu_object_opts,
3867                           user_creatable_add_opts_foreach,
3868                           NULL, NULL)) {
3869         ret = -1;
3870         goto out_no_progress;
3871     }
3872 
3873     if (quiet) {
3874         progress = false;
3875     }
3876     qemu_progress_init(progress, 1.0);
3877 
3878     filename = (optind == argc - 1) ? argv[argc - 1] : NULL;
3879     if (fmt && has_help_option(options)) {
3880         /* If a format is explicitly specified (and possibly no filename is
3881          * given), print option help here */
3882         ret = print_amend_option_help(fmt);
3883         goto out;
3884     }
3885 
3886     if (optind != argc - 1) {
3887         error_report("Expecting one image file name");
3888         ret = -1;
3889         goto out;
3890     }
3891 
3892     flags = BDRV_O_RDWR;
3893     ret = bdrv_parse_cache_mode(cache, &flags, &writethrough);
3894     if (ret < 0) {
3895         error_report("Invalid cache option: %s", cache);
3896         goto out;
3897     }
3898 
3899     blk = img_open(image_opts, filename, fmt, flags, writethrough, quiet,
3900                    false);
3901     if (!blk) {
3902         ret = -1;
3903         goto out;
3904     }
3905     bs = blk_bs(blk);
3906 
3907     fmt = bs->drv->format_name;
3908 
3909     if (has_help_option(options)) {
3910         /* If the format was auto-detected, print option help here */
3911         ret = print_amend_option_help(fmt);
3912         goto out;
3913     }
3914 
3915     if (!bs->drv->bdrv_amend_options) {
3916         error_report("Format driver '%s' does not support option amendment",
3917                      fmt);
3918         ret = -1;
3919         goto out;
3920     }
3921 
3922     /* Every driver supporting amendment must have create_opts */
3923     assert(bs->drv->create_opts);
3924 
3925     create_opts = qemu_opts_append(create_opts, bs->drv->create_opts);
3926     opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
3927     qemu_opts_do_parse(opts, options, NULL, &err);
3928     if (err) {
3929         error_report_err(err);
3930         ret = -1;
3931         goto out;
3932     }
3933 
3934     /* In case the driver does not call amend_status_cb() */
3935     qemu_progress_print(0.f, 0);
3936     ret = bdrv_amend_options(bs, opts, &amend_status_cb, NULL, &err);
3937     qemu_progress_print(100.f, 0);
3938     if (ret < 0) {
3939         error_report_err(err);
3940         goto out;
3941     }
3942 
3943 out:
3944     qemu_progress_end();
3945 
3946 out_no_progress:
3947     blk_unref(blk);
3948     qemu_opts_del(opts);
3949     qemu_opts_free(create_opts);
3950     g_free(options);
3951 
3952     if (ret) {
3953         return 1;
3954     }
3955     return 0;
3956 }
3957 
3958 typedef struct BenchData {
3959     BlockBackend *blk;
3960     uint64_t image_size;
3961     bool write;
3962     int bufsize;
3963     int step;
3964     int nrreq;
3965     int n;
3966     int flush_interval;
3967     bool drain_on_flush;
3968     uint8_t *buf;
3969     QEMUIOVector *qiov;
3970 
3971     int in_flight;
3972     bool in_flush;
3973     uint64_t offset;
3974 } BenchData;
3975 
3976 static void bench_undrained_flush_cb(void *opaque, int ret)
3977 {
3978     if (ret < 0) {
3979         error_report("Failed flush request: %s", strerror(-ret));
3980         exit(EXIT_FAILURE);
3981     }
3982 }
3983 
3984 static void bench_cb(void *opaque, int ret)
3985 {
3986     BenchData *b = opaque;
3987     BlockAIOCB *acb;
3988 
3989     if (ret < 0) {
3990         error_report("Failed request: %s", strerror(-ret));
3991         exit(EXIT_FAILURE);
3992     }
3993 
3994     if (b->in_flush) {
3995         /* Just finished a flush with drained queue: Start next requests */
3996         assert(b->in_flight == 0);
3997         b->in_flush = false;
3998     } else if (b->in_flight > 0) {
3999         int remaining = b->n - b->in_flight;
4000 
4001         b->n--;
4002         b->in_flight--;
4003 
4004         /* Time for flush? Drain queue if requested, then flush */
4005         if (b->flush_interval && remaining % b->flush_interval == 0) {
4006             if (!b->in_flight || !b->drain_on_flush) {
4007                 BlockCompletionFunc *cb;
4008 
4009                 if (b->drain_on_flush) {
4010                     b->in_flush = true;
4011                     cb = bench_cb;
4012                 } else {
4013                     cb = bench_undrained_flush_cb;
4014                 }
4015 
4016                 acb = blk_aio_flush(b->blk, cb, b);
4017                 if (!acb) {
4018                     error_report("Failed to issue flush request");
4019                     exit(EXIT_FAILURE);
4020                 }
4021             }
4022             if (b->drain_on_flush) {
4023                 return;
4024             }
4025         }
4026     }
4027 
4028     while (b->n > b->in_flight && b->in_flight < b->nrreq) {
4029         int64_t offset = b->offset;
4030         /* blk_aio_* might look for completed I/Os and kick bench_cb
4031          * again, so make sure this operation is counted by in_flight
4032          * and b->offset is ready for the next submission.
4033          */
4034         b->in_flight++;
4035         b->offset += b->step;
4036         b->offset %= b->image_size;
4037         if (b->write) {
4038             acb = blk_aio_pwritev(b->blk, offset, b->qiov, 0, bench_cb, b);
4039         } else {
4040             acb = blk_aio_preadv(b->blk, offset, b->qiov, 0, bench_cb, b);
4041         }
4042         if (!acb) {
4043             error_report("Failed to issue request");
4044             exit(EXIT_FAILURE);
4045         }
4046     }
4047 }
4048 
4049 static int img_bench(int argc, char **argv)
4050 {
4051     int c, ret = 0;
4052     const char *fmt = NULL, *filename;
4053     bool quiet = false;
4054     bool image_opts = false;
4055     bool is_write = false;
4056     int count = 75000;
4057     int depth = 64;
4058     int64_t offset = 0;
4059     size_t bufsize = 4096;
4060     int pattern = 0;
4061     size_t step = 0;
4062     int flush_interval = 0;
4063     bool drain_on_flush = true;
4064     int64_t image_size;
4065     BlockBackend *blk = NULL;
4066     BenchData data = {};
4067     int flags = 0;
4068     bool writethrough = false;
4069     struct timeval t1, t2;
4070     int i;
4071     bool force_share = false;
4072     size_t buf_size;
4073 
4074     for (;;) {
4075         static const struct option long_options[] = {
4076             {"help", no_argument, 0, 'h'},
4077             {"flush-interval", required_argument, 0, OPTION_FLUSH_INTERVAL},
4078             {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
4079             {"pattern", required_argument, 0, OPTION_PATTERN},
4080             {"no-drain", no_argument, 0, OPTION_NO_DRAIN},
4081             {"force-share", no_argument, 0, 'U'},
4082             {0, 0, 0, 0}
4083         };
4084         c = getopt_long(argc, argv, ":hc:d:f:no:qs:S:t:wU", long_options, NULL);
4085         if (c == -1) {
4086             break;
4087         }
4088 
4089         switch (c) {
4090         case ':':
4091             missing_argument(argv[optind - 1]);
4092             break;
4093         case '?':
4094             unrecognized_option(argv[optind - 1]);
4095             break;
4096         case 'h':
4097             help();
4098             break;
4099         case 'c':
4100         {
4101             unsigned long res;
4102 
4103             if (qemu_strtoul(optarg, NULL, 0, &res) < 0 || res > INT_MAX) {
4104                 error_report("Invalid request count specified");
4105                 return 1;
4106             }
4107             count = res;
4108             break;
4109         }
4110         case 'd':
4111         {
4112             unsigned long res;
4113 
4114             if (qemu_strtoul(optarg, NULL, 0, &res) < 0 || res > INT_MAX) {
4115                 error_report("Invalid queue depth specified");
4116                 return 1;
4117             }
4118             depth = res;
4119             break;
4120         }
4121         case 'f':
4122             fmt = optarg;
4123             break;
4124         case 'n':
4125             flags |= BDRV_O_NATIVE_AIO;
4126             break;
4127         case 'o':
4128         {
4129             offset = cvtnum(optarg);
4130             if (offset < 0) {
4131                 error_report("Invalid offset specified");
4132                 return 1;
4133             }
4134             break;
4135         }
4136             break;
4137         case 'q':
4138             quiet = true;
4139             break;
4140         case 's':
4141         {
4142             int64_t sval;
4143 
4144             sval = cvtnum(optarg);
4145             if (sval < 0 || sval > INT_MAX) {
4146                 error_report("Invalid buffer size specified");
4147                 return 1;
4148             }
4149 
4150             bufsize = sval;
4151             break;
4152         }
4153         case 'S':
4154         {
4155             int64_t sval;
4156 
4157             sval = cvtnum(optarg);
4158             if (sval < 0 || sval > INT_MAX) {
4159                 error_report("Invalid step size specified");
4160                 return 1;
4161             }
4162 
4163             step = sval;
4164             break;
4165         }
4166         case 't':
4167             ret = bdrv_parse_cache_mode(optarg, &flags, &writethrough);
4168             if (ret < 0) {
4169                 error_report("Invalid cache mode");
4170                 ret = -1;
4171                 goto out;
4172             }
4173             break;
4174         case 'w':
4175             flags |= BDRV_O_RDWR;
4176             is_write = true;
4177             break;
4178         case 'U':
4179             force_share = true;
4180             break;
4181         case OPTION_PATTERN:
4182         {
4183             unsigned long res;
4184 
4185             if (qemu_strtoul(optarg, NULL, 0, &res) < 0 || res > 0xff) {
4186                 error_report("Invalid pattern byte specified");
4187                 return 1;
4188             }
4189             pattern = res;
4190             break;
4191         }
4192         case OPTION_FLUSH_INTERVAL:
4193         {
4194             unsigned long res;
4195 
4196             if (qemu_strtoul(optarg, NULL, 0, &res) < 0 || res > INT_MAX) {
4197                 error_report("Invalid flush interval specified");
4198                 return 1;
4199             }
4200             flush_interval = res;
4201             break;
4202         }
4203         case OPTION_NO_DRAIN:
4204             drain_on_flush = false;
4205             break;
4206         case OPTION_IMAGE_OPTS:
4207             image_opts = true;
4208             break;
4209         }
4210     }
4211 
4212     if (optind != argc - 1) {
4213         error_exit("Expecting one image file name");
4214     }
4215     filename = argv[argc - 1];
4216 
4217     if (!is_write && flush_interval) {
4218         error_report("--flush-interval is only available in write tests");
4219         ret = -1;
4220         goto out;
4221     }
4222     if (flush_interval && flush_interval < depth) {
4223         error_report("Flush interval can't be smaller than depth");
4224         ret = -1;
4225         goto out;
4226     }
4227 
4228     blk = img_open(image_opts, filename, fmt, flags, writethrough, quiet,
4229                    force_share);
4230     if (!blk) {
4231         ret = -1;
4232         goto out;
4233     }
4234 
4235     image_size = blk_getlength(blk);
4236     if (image_size < 0) {
4237         ret = image_size;
4238         goto out;
4239     }
4240 
4241     data = (BenchData) {
4242         .blk            = blk,
4243         .image_size     = image_size,
4244         .bufsize        = bufsize,
4245         .step           = step ?: bufsize,
4246         .nrreq          = depth,
4247         .n              = count,
4248         .offset         = offset,
4249         .write          = is_write,
4250         .flush_interval = flush_interval,
4251         .drain_on_flush = drain_on_flush,
4252     };
4253     printf("Sending %d %s requests, %d bytes each, %d in parallel "
4254            "(starting at offset %" PRId64 ", step size %d)\n",
4255            data.n, data.write ? "write" : "read", data.bufsize, data.nrreq,
4256            data.offset, data.step);
4257     if (flush_interval) {
4258         printf("Sending flush every %d requests\n", flush_interval);
4259     }
4260 
4261     buf_size = data.nrreq * data.bufsize;
4262     data.buf = blk_blockalign(blk, buf_size);
4263     memset(data.buf, pattern, data.nrreq * data.bufsize);
4264 
4265     blk_register_buf(blk, data.buf, buf_size);
4266 
4267     data.qiov = g_new(QEMUIOVector, data.nrreq);
4268     for (i = 0; i < data.nrreq; i++) {
4269         qemu_iovec_init(&data.qiov[i], 1);
4270         qemu_iovec_add(&data.qiov[i],
4271                        data.buf + i * data.bufsize, data.bufsize);
4272     }
4273 
4274     gettimeofday(&t1, NULL);
4275     bench_cb(&data, 0);
4276 
4277     while (data.n > 0) {
4278         main_loop_wait(false);
4279     }
4280     gettimeofday(&t2, NULL);
4281 
4282     printf("Run completed in %3.3f seconds.\n",
4283            (t2.tv_sec - t1.tv_sec)
4284            + ((double)(t2.tv_usec - t1.tv_usec) / 1000000));
4285 
4286 out:
4287     if (data.buf) {
4288         blk_unregister_buf(blk, data.buf);
4289     }
4290     qemu_vfree(data.buf);
4291     blk_unref(blk);
4292 
4293     if (ret) {
4294         return 1;
4295     }
4296     return 0;
4297 }
4298 
4299 #define C_BS      01
4300 #define C_COUNT   02
4301 #define C_IF      04
4302 #define C_OF      010
4303 #define C_SKIP    020
4304 
4305 struct DdInfo {
4306     unsigned int flags;
4307     int64_t count;
4308 };
4309 
4310 struct DdIo {
4311     int bsz;    /* Block size */
4312     char *filename;
4313     uint8_t *buf;
4314     int64_t offset;
4315 };
4316 
4317 struct DdOpts {
4318     const char *name;
4319     int (*f)(const char *, struct DdIo *, struct DdIo *, struct DdInfo *);
4320     unsigned int flag;
4321 };
4322 
4323 static int img_dd_bs(const char *arg,
4324                      struct DdIo *in, struct DdIo *out,
4325                      struct DdInfo *dd)
4326 {
4327     int64_t res;
4328 
4329     res = cvtnum(arg);
4330 
4331     if (res <= 0 || res > INT_MAX) {
4332         error_report("invalid number: '%s'", arg);
4333         return 1;
4334     }
4335     in->bsz = out->bsz = res;
4336 
4337     return 0;
4338 }
4339 
4340 static int img_dd_count(const char *arg,
4341                         struct DdIo *in, struct DdIo *out,
4342                         struct DdInfo *dd)
4343 {
4344     dd->count = cvtnum(arg);
4345 
4346     if (dd->count < 0) {
4347         error_report("invalid number: '%s'", arg);
4348         return 1;
4349     }
4350 
4351     return 0;
4352 }
4353 
4354 static int img_dd_if(const char *arg,
4355                      struct DdIo *in, struct DdIo *out,
4356                      struct DdInfo *dd)
4357 {
4358     in->filename = g_strdup(arg);
4359 
4360     return 0;
4361 }
4362 
4363 static int img_dd_of(const char *arg,
4364                      struct DdIo *in, struct DdIo *out,
4365                      struct DdInfo *dd)
4366 {
4367     out->filename = g_strdup(arg);
4368 
4369     return 0;
4370 }
4371 
4372 static int img_dd_skip(const char *arg,
4373                        struct DdIo *in, struct DdIo *out,
4374                        struct DdInfo *dd)
4375 {
4376     in->offset = cvtnum(arg);
4377 
4378     if (in->offset < 0) {
4379         error_report("invalid number: '%s'", arg);
4380         return 1;
4381     }
4382 
4383     return 0;
4384 }
4385 
4386 static int img_dd(int argc, char **argv)
4387 {
4388     int ret = 0;
4389     char *arg = NULL;
4390     char *tmp;
4391     BlockDriver *drv = NULL, *proto_drv = NULL;
4392     BlockBackend *blk1 = NULL, *blk2 = NULL;
4393     QemuOpts *opts = NULL;
4394     QemuOptsList *create_opts = NULL;
4395     Error *local_err = NULL;
4396     bool image_opts = false;
4397     int c, i;
4398     const char *out_fmt = "raw";
4399     const char *fmt = NULL;
4400     int64_t size = 0;
4401     int64_t block_count = 0, out_pos, in_pos;
4402     bool force_share = false;
4403     struct DdInfo dd = {
4404         .flags = 0,
4405         .count = 0,
4406     };
4407     struct DdIo in = {
4408         .bsz = 512, /* Block size is by default 512 bytes */
4409         .filename = NULL,
4410         .buf = NULL,
4411         .offset = 0
4412     };
4413     struct DdIo out = {
4414         .bsz = 512,
4415         .filename = NULL,
4416         .buf = NULL,
4417         .offset = 0
4418     };
4419 
4420     const struct DdOpts options[] = {
4421         { "bs", img_dd_bs, C_BS },
4422         { "count", img_dd_count, C_COUNT },
4423         { "if", img_dd_if, C_IF },
4424         { "of", img_dd_of, C_OF },
4425         { "skip", img_dd_skip, C_SKIP },
4426         { NULL, NULL, 0 }
4427     };
4428     const struct option long_options[] = {
4429         { "help", no_argument, 0, 'h'},
4430         { "object", required_argument, 0, OPTION_OBJECT},
4431         { "image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
4432         { "force-share", no_argument, 0, 'U'},
4433         { 0, 0, 0, 0 }
4434     };
4435 
4436     while ((c = getopt_long(argc, argv, ":hf:O:U", long_options, NULL))) {
4437         if (c == EOF) {
4438             break;
4439         }
4440         switch (c) {
4441         case 'O':
4442             out_fmt = optarg;
4443             break;
4444         case 'f':
4445             fmt = optarg;
4446             break;
4447         case ':':
4448             missing_argument(argv[optind - 1]);
4449             break;
4450         case '?':
4451             unrecognized_option(argv[optind - 1]);
4452             break;
4453         case 'h':
4454             help();
4455             break;
4456         case 'U':
4457             force_share = true;
4458             break;
4459         case OPTION_OBJECT:
4460             if (!qemu_opts_parse_noisily(&qemu_object_opts, optarg, true)) {
4461                 ret = -1;
4462                 goto out;
4463             }
4464             break;
4465         case OPTION_IMAGE_OPTS:
4466             image_opts = true;
4467             break;
4468         }
4469     }
4470 
4471     for (i = optind; i < argc; i++) {
4472         int j;
4473         arg = g_strdup(argv[i]);
4474 
4475         tmp = strchr(arg, '=');
4476         if (tmp == NULL) {
4477             error_report("unrecognized operand %s", arg);
4478             ret = -1;
4479             goto out;
4480         }
4481 
4482         *tmp++ = '\0';
4483 
4484         for (j = 0; options[j].name != NULL; j++) {
4485             if (!strcmp(arg, options[j].name)) {
4486                 break;
4487             }
4488         }
4489         if (options[j].name == NULL) {
4490             error_report("unrecognized operand %s", arg);
4491             ret = -1;
4492             goto out;
4493         }
4494 
4495         if (options[j].f(tmp, &in, &out, &dd) != 0) {
4496             ret = -1;
4497             goto out;
4498         }
4499         dd.flags |= options[j].flag;
4500         g_free(arg);
4501         arg = NULL;
4502     }
4503 
4504     if (!(dd.flags & C_IF && dd.flags & C_OF)) {
4505         error_report("Must specify both input and output files");
4506         ret = -1;
4507         goto out;
4508     }
4509 
4510     if (qemu_opts_foreach(&qemu_object_opts,
4511                           user_creatable_add_opts_foreach,
4512                           NULL, NULL)) {
4513         ret = -1;
4514         goto out;
4515     }
4516 
4517     blk1 = img_open(image_opts, in.filename, fmt, 0, false, false,
4518                     force_share);
4519 
4520     if (!blk1) {
4521         ret = -1;
4522         goto out;
4523     }
4524 
4525     drv = bdrv_find_format(out_fmt);
4526     if (!drv) {
4527         error_report("Unknown file format");
4528         ret = -1;
4529         goto out;
4530     }
4531     proto_drv = bdrv_find_protocol(out.filename, true, &local_err);
4532 
4533     if (!proto_drv) {
4534         error_report_err(local_err);
4535         ret = -1;
4536         goto out;
4537     }
4538     if (!drv->create_opts) {
4539         error_report("Format driver '%s' does not support image creation",
4540                      drv->format_name);
4541         ret = -1;
4542         goto out;
4543     }
4544     if (!proto_drv->create_opts) {
4545         error_report("Protocol driver '%s' does not support image creation",
4546                      proto_drv->format_name);
4547         ret = -1;
4548         goto out;
4549     }
4550     create_opts = qemu_opts_append(create_opts, drv->create_opts);
4551     create_opts = qemu_opts_append(create_opts, proto_drv->create_opts);
4552 
4553     opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
4554 
4555     size = blk_getlength(blk1);
4556     if (size < 0) {
4557         error_report("Failed to get size for '%s'", in.filename);
4558         ret = -1;
4559         goto out;
4560     }
4561 
4562     if (dd.flags & C_COUNT && dd.count <= INT64_MAX / in.bsz &&
4563         dd.count * in.bsz < size) {
4564         size = dd.count * in.bsz;
4565     }
4566 
4567     /* Overflow means the specified offset is beyond input image's size */
4568     if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
4569                               size < in.bsz * in.offset)) {
4570         qemu_opt_set_number(opts, BLOCK_OPT_SIZE, 0, &error_abort);
4571     } else {
4572         qemu_opt_set_number(opts, BLOCK_OPT_SIZE,
4573                             size - in.bsz * in.offset, &error_abort);
4574     }
4575 
4576     ret = bdrv_create(drv, out.filename, opts, &local_err);
4577     if (ret < 0) {
4578         error_reportf_err(local_err,
4579                           "%s: error while creating output image: ",
4580                           out.filename);
4581         ret = -1;
4582         goto out;
4583     }
4584 
4585     /* TODO, we can't honour --image-opts for the target,
4586      * since it needs to be given in a format compatible
4587      * with the bdrv_create() call above which does not
4588      * support image-opts style.
4589      */
4590     blk2 = img_open_file(out.filename, NULL, out_fmt, BDRV_O_RDWR,
4591                          false, false, false);
4592 
4593     if (!blk2) {
4594         ret = -1;
4595         goto out;
4596     }
4597 
4598     if (dd.flags & C_SKIP && (in.offset > INT64_MAX / in.bsz ||
4599                               size < in.offset * in.bsz)) {
4600         /* We give a warning if the skip option is bigger than the input
4601          * size and create an empty output disk image (i.e. like dd(1)).
4602          */
4603         error_report("%s: cannot skip to specified offset", in.filename);
4604         in_pos = size;
4605     } else {
4606         in_pos = in.offset * in.bsz;
4607     }
4608 
4609     in.buf = g_new(uint8_t, in.bsz);
4610 
4611     for (out_pos = 0; in_pos < size; block_count++) {
4612         int in_ret, out_ret;
4613 
4614         if (in_pos + in.bsz > size) {
4615             in_ret = blk_pread(blk1, in_pos, in.buf, size - in_pos);
4616         } else {
4617             in_ret = blk_pread(blk1, in_pos, in.buf, in.bsz);
4618         }
4619         if (in_ret < 0) {
4620             error_report("error while reading from input image file: %s",
4621                          strerror(-in_ret));
4622             ret = -1;
4623             goto out;
4624         }
4625         in_pos += in_ret;
4626 
4627         out_ret = blk_pwrite(blk2, out_pos, in.buf, in_ret, 0);
4628 
4629         if (out_ret < 0) {
4630             error_report("error while writing to output image file: %s",
4631                          strerror(-out_ret));
4632             ret = -1;
4633             goto out;
4634         }
4635         out_pos += out_ret;
4636     }
4637 
4638 out:
4639     g_free(arg);
4640     qemu_opts_del(opts);
4641     qemu_opts_free(create_opts);
4642     blk_unref(blk1);
4643     blk_unref(blk2);
4644     g_free(in.filename);
4645     g_free(out.filename);
4646     g_free(in.buf);
4647     g_free(out.buf);
4648 
4649     if (ret) {
4650         return 1;
4651     }
4652     return 0;
4653 }
4654 
4655 static void dump_json_block_measure_info(BlockMeasureInfo *info)
4656 {
4657     QString *str;
4658     QObject *obj;
4659     Visitor *v = qobject_output_visitor_new(&obj);
4660 
4661     visit_type_BlockMeasureInfo(v, NULL, &info, &error_abort);
4662     visit_complete(v, &obj);
4663     str = qobject_to_json_pretty(obj);
4664     assert(str != NULL);
4665     printf("%s\n", qstring_get_str(str));
4666     qobject_unref(obj);
4667     visit_free(v);
4668     qobject_unref(str);
4669 }
4670 
4671 static int img_measure(int argc, char **argv)
4672 {
4673     static const struct option long_options[] = {
4674         {"help", no_argument, 0, 'h'},
4675         {"image-opts", no_argument, 0, OPTION_IMAGE_OPTS},
4676         {"object", required_argument, 0, OPTION_OBJECT},
4677         {"output", required_argument, 0, OPTION_OUTPUT},
4678         {"size", required_argument, 0, OPTION_SIZE},
4679         {"force-share", no_argument, 0, 'U'},
4680         {0, 0, 0, 0}
4681     };
4682     OutputFormat output_format = OFORMAT_HUMAN;
4683     BlockBackend *in_blk = NULL;
4684     BlockDriver *drv;
4685     const char *filename = NULL;
4686     const char *fmt = NULL;
4687     const char *out_fmt = "raw";
4688     char *options = NULL;
4689     char *snapshot_name = NULL;
4690     bool force_share = false;
4691     QemuOpts *opts = NULL;
4692     QemuOpts *object_opts = NULL;
4693     QemuOpts *sn_opts = NULL;
4694     QemuOptsList *create_opts = NULL;
4695     bool image_opts = false;
4696     uint64_t img_size = UINT64_MAX;
4697     BlockMeasureInfo *info = NULL;
4698     Error *local_err = NULL;
4699     int ret = 1;
4700     int c;
4701 
4702     while ((c = getopt_long(argc, argv, "hf:O:o:l:U",
4703                             long_options, NULL)) != -1) {
4704         switch (c) {
4705         case '?':
4706         case 'h':
4707             help();
4708             break;
4709         case 'f':
4710             fmt = optarg;
4711             break;
4712         case 'O':
4713             out_fmt = optarg;
4714             break;
4715         case 'o':
4716             if (!is_valid_option_list(optarg)) {
4717                 error_report("Invalid option list: %s", optarg);
4718                 goto out;
4719             }
4720             if (!options) {
4721                 options = g_strdup(optarg);
4722             } else {
4723                 char *old_options = options;
4724                 options = g_strdup_printf("%s,%s", options, optarg);
4725                 g_free(old_options);
4726             }
4727             break;
4728         case 'l':
4729             if (strstart(optarg, SNAPSHOT_OPT_BASE, NULL)) {
4730                 sn_opts = qemu_opts_parse_noisily(&internal_snapshot_opts,
4731                                                   optarg, false);
4732                 if (!sn_opts) {
4733                     error_report("Failed in parsing snapshot param '%s'",
4734                                  optarg);
4735                     goto out;
4736                 }
4737             } else {
4738                 snapshot_name = optarg;
4739             }
4740             break;
4741         case 'U':
4742             force_share = true;
4743             break;
4744         case OPTION_OBJECT:
4745             object_opts = qemu_opts_parse_noisily(&qemu_object_opts,
4746                                                   optarg, true);
4747             if (!object_opts) {
4748                 goto out;
4749             }
4750             break;
4751         case OPTION_IMAGE_OPTS:
4752             image_opts = true;
4753             break;
4754         case OPTION_OUTPUT:
4755             if (!strcmp(optarg, "json")) {
4756                 output_format = OFORMAT_JSON;
4757             } else if (!strcmp(optarg, "human")) {
4758                 output_format = OFORMAT_HUMAN;
4759             } else {
4760                 error_report("--output must be used with human or json "
4761                              "as argument.");
4762                 goto out;
4763             }
4764             break;
4765         case OPTION_SIZE:
4766         {
4767             int64_t sval;
4768 
4769             sval = cvtnum(optarg);
4770             if (sval < 0) {
4771                 if (sval == -ERANGE) {
4772                     error_report("Image size must be less than 8 EiB!");
4773                 } else {
4774                     error_report("Invalid image size specified! You may use "
4775                                  "k, M, G, T, P or E suffixes for ");
4776                     error_report("kilobytes, megabytes, gigabytes, terabytes, "
4777                                  "petabytes and exabytes.");
4778                 }
4779                 goto out;
4780             }
4781             img_size = (uint64_t)sval;
4782         }
4783         break;
4784         }
4785     }
4786 
4787     if (qemu_opts_foreach(&qemu_object_opts,
4788                           user_creatable_add_opts_foreach,
4789                           NULL, NULL)) {
4790         goto out;
4791     }
4792 
4793     if (argc - optind > 1) {
4794         error_report("At most one filename argument is allowed.");
4795         goto out;
4796     } else if (argc - optind == 1) {
4797         filename = argv[optind];
4798     }
4799 
4800     if (!filename &&
4801         (object_opts || image_opts || fmt || snapshot_name || sn_opts)) {
4802         error_report("--object, --image-opts, -f, and -l "
4803                      "require a filename argument.");
4804         goto out;
4805     }
4806     if (filename && img_size != UINT64_MAX) {
4807         error_report("--size N cannot be used together with a filename.");
4808         goto out;
4809     }
4810     if (!filename && img_size == UINT64_MAX) {
4811         error_report("Either --size N or one filename must be specified.");
4812         goto out;
4813     }
4814 
4815     if (filename) {
4816         in_blk = img_open(image_opts, filename, fmt, 0,
4817                           false, false, force_share);
4818         if (!in_blk) {
4819             goto out;
4820         }
4821 
4822         if (sn_opts) {
4823             bdrv_snapshot_load_tmp(blk_bs(in_blk),
4824                     qemu_opt_get(sn_opts, SNAPSHOT_OPT_ID),
4825                     qemu_opt_get(sn_opts, SNAPSHOT_OPT_NAME),
4826                     &local_err);
4827         } else if (snapshot_name != NULL) {
4828             bdrv_snapshot_load_tmp_by_id_or_name(blk_bs(in_blk),
4829                     snapshot_name, &local_err);
4830         }
4831         if (local_err) {
4832             error_reportf_err(local_err, "Failed to load snapshot: ");
4833             goto out;
4834         }
4835     }
4836 
4837     drv = bdrv_find_format(out_fmt);
4838     if (!drv) {
4839         error_report("Unknown file format '%s'", out_fmt);
4840         goto out;
4841     }
4842     if (!drv->create_opts) {
4843         error_report("Format driver '%s' does not support image creation",
4844                      drv->format_name);
4845         goto out;
4846     }
4847 
4848     create_opts = qemu_opts_append(create_opts, drv->create_opts);
4849     create_opts = qemu_opts_append(create_opts, bdrv_file.create_opts);
4850     opts = qemu_opts_create(create_opts, NULL, 0, &error_abort);
4851     if (options) {
4852         qemu_opts_do_parse(opts, options, NULL, &local_err);
4853         if (local_err) {
4854             error_report_err(local_err);
4855             error_report("Invalid options for file format '%s'", out_fmt);
4856             goto out;
4857         }
4858     }
4859     if (img_size != UINT64_MAX) {
4860         qemu_opt_set_number(opts, BLOCK_OPT_SIZE, img_size, &error_abort);
4861     }
4862 
4863     info = bdrv_measure(drv, opts, in_blk ? blk_bs(in_blk) : NULL, &local_err);
4864     if (local_err) {
4865         error_report_err(local_err);
4866         goto out;
4867     }
4868 
4869     if (output_format == OFORMAT_HUMAN) {
4870         printf("required size: %" PRIu64 "\n", info->required);
4871         printf("fully allocated size: %" PRIu64 "\n", info->fully_allocated);
4872     } else {
4873         dump_json_block_measure_info(info);
4874     }
4875 
4876     ret = 0;
4877 
4878 out:
4879     qapi_free_BlockMeasureInfo(info);
4880     qemu_opts_del(object_opts);
4881     qemu_opts_del(opts);
4882     qemu_opts_del(sn_opts);
4883     qemu_opts_free(create_opts);
4884     g_free(options);
4885     blk_unref(in_blk);
4886     return ret;
4887 }
4888 
4889 static const img_cmd_t img_cmds[] = {
4890 #define DEF(option, callback, arg_string)        \
4891     { option, callback },
4892 #include "qemu-img-cmds.h"
4893 #undef DEF
4894     { NULL, NULL, },
4895 };
4896 
4897 int main(int argc, char **argv)
4898 {
4899     const img_cmd_t *cmd;
4900     const char *cmdname;
4901     Error *local_error = NULL;
4902     char *trace_file = NULL;
4903     int c;
4904     static const struct option long_options[] = {
4905         {"help", no_argument, 0, 'h'},
4906         {"version", no_argument, 0, 'V'},
4907         {"trace", required_argument, NULL, 'T'},
4908         {0, 0, 0, 0}
4909     };
4910 
4911 #ifdef CONFIG_POSIX
4912     signal(SIGPIPE, SIG_IGN);
4913 #endif
4914 
4915     module_call_init(MODULE_INIT_TRACE);
4916     error_set_progname(argv[0]);
4917     qemu_init_exec_dir(argv[0]);
4918 
4919     if (qemu_init_main_loop(&local_error)) {
4920         error_report_err(local_error);
4921         exit(EXIT_FAILURE);
4922     }
4923 
4924     qcrypto_init(&error_fatal);
4925 
4926     module_call_init(MODULE_INIT_QOM);
4927     bdrv_init();
4928     if (argc < 2) {
4929         error_exit("Not enough arguments");
4930     }
4931 
4932     qemu_add_opts(&qemu_object_opts);
4933     qemu_add_opts(&qemu_source_opts);
4934     qemu_add_opts(&qemu_trace_opts);
4935 
4936     while ((c = getopt_long(argc, argv, "+:hVT:", long_options, NULL)) != -1) {
4937         switch (c) {
4938         case ':':
4939             missing_argument(argv[optind - 1]);
4940             return 0;
4941         case '?':
4942             unrecognized_option(argv[optind - 1]);
4943             return 0;
4944         case 'h':
4945             help();
4946             return 0;
4947         case 'V':
4948             printf(QEMU_IMG_VERSION);
4949             return 0;
4950         case 'T':
4951             g_free(trace_file);
4952             trace_file = trace_opt_parse(optarg);
4953             break;
4954         }
4955     }
4956 
4957     cmdname = argv[optind];
4958 
4959     /* reset getopt_long scanning */
4960     argc -= optind;
4961     if (argc < 1) {
4962         return 0;
4963     }
4964     argv += optind;
4965     optind = 0;
4966 
4967     if (!trace_init_backends()) {
4968         exit(1);
4969     }
4970     trace_init_file(trace_file);
4971     qemu_set_log(LOG_TRACE);
4972 
4973     /* find the command */
4974     for (cmd = img_cmds; cmd->name != NULL; cmd++) {
4975         if (!strcmp(cmdname, cmd->name)) {
4976             return cmd->handler(argc, argv);
4977         }
4978     }
4979 
4980     /* not found */
4981     error_exit("Command not found: %s", cmdname);
4982 }
4983