X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=src%2Fguestfs.c;h=05fb113b864648a7530d37d46652cb879b6d2d64;hb=58caa9e5f1dca3916178894876b938a6a45771b0;hp=0b3142c77523e24959c3090712f798d0ce3a17ac;hpb=936108f54cbf8e81132a0a0a8c093a4056f0e11c;p=libguestfs.git diff --git a/src/guestfs.c b/src/guestfs.c index 0b3142c..05fb113 100644 --- a/src/guestfs.c +++ b/src/guestfs.c @@ -29,7 +29,9 @@ #include #include #include +#include #include + #include #include @@ -141,7 +143,8 @@ struct guestfs_h int fd[2]; /* Stdin/stdout of qemu. */ int sock; /* Daemon communications socket. */ - int pid; /* Qemu PID. */ + pid_t pid; /* Qemu PID. */ + pid_t recoverypid; /* Recovery process PID. */ time_t start_t; /* The time when we started qemu. */ int stdout_watch; /* Watches qemu stdout for log messages. */ @@ -156,6 +159,7 @@ struct guestfs_h int autosync; const char *path; + const char *qemu; char *last_error; @@ -217,7 +221,9 @@ guestfs_create (void) str = getenv ("LIBGUESTFS_PATH"); g->path = str != NULL ? str : GUESTFS_DEFAULT_PATH; - /* XXX We should probably make QEMU configurable as well. */ + + str = getenv ("LIBGUESTFS_QEMU"); + g->qemu = str != NULL ? str : QEMU; g->main_loop = guestfs_get_default_main_loop (); @@ -511,6 +517,22 @@ guestfs_get_path (guestfs_h *g) return g->path; } +int +guestfs_set_qemu (guestfs_h *g, const char *qemu) +{ + if (qemu == NULL) + g->qemu = QEMU; + else + g->qemu = qemu; + return 0; +} + +const char * +guestfs_get_qemu (guestfs_h *g) +{ + return g->qemu; +} + /* Add a string to the current command line. */ static void incr_cmdline_size (guestfs_h *g) @@ -613,7 +635,7 @@ int guestfs_launch (guestfs_h *g) { static const char *dir_template = "/tmp/libguestfsXXXXXX"; - int r, i, len, pmore; + int r, i, len, pmore, memsize; int wfd[2], rfd[2]; int tries; const char *kernel_name = "vmlinuz." REPO "." host_cpu; @@ -622,6 +644,7 @@ guestfs_launch (guestfs_h *g) char *kernel = NULL, *initrd = NULL; char unixsock[256]; struct sockaddr_un addr; + struct stat statbuf; /* Configured? */ if (!g->cmdline) { @@ -681,6 +704,40 @@ guestfs_launch (guestfs_h *g) goto cleanup0; } + /* Choose a suitable memory size (in MB). This is more art + * than science, but you can help by doing + * ./configure --enable-debug-command + * and then running: + * debug sh free + * debug mem '' + * and seeing how much free memory is left for particular + * configurations. + * + * It's also helpful to report both the compressed and uncompressed + * size of the initramfs (ls -lh initramfs*.img; du -sh initramfs). + * + * XXX KVM virtio balloon driver? + */ + if (stat (initrd, &statbuf) != -1) { + /* Approximate size of the initramfs after it is decompressed + * in kernel memory. The compression factor is ~2.5-3. + */ + memsize = 3 * statbuf.st_size / 1024 / 1024; + + /* Approximate size used by the kernel. */ + memsize += 10; + + /* Want to give userspace some room, so: */ + memsize += 128; + +#if SIZEOF_LONG == 8 + /* On 64 bit, assume some overhead. */ + memsize += 64; +#endif + } else + memsize = 512; + + /* Make the temporary directory containing the socket. */ if (!g->tmpdir) { g->tmpdir = safe_strdup (g, dir_template); @@ -711,11 +768,12 @@ guestfs_launch (guestfs_h *g) if (r == 0) { /* Child (qemu). */ char vmchannel[256]; char append[256]; + char memsize_str[256]; /* Set up the full command line. Do this in the subprocess so we * don't need to worry about cleaning up. */ - g->cmdline[0] = (char *) QEMU; + g->cmdline[0] = (char *) g->qemu; /* Construct the -net channel parameter for qemu. */ snprintf (vmchannel, sizeof vmchannel, @@ -728,9 +786,11 @@ guestfs_launch (guestfs_h *g) VMCHANNEL_ADDR, VMCHANNEL_PORT, g->verbose ? " guestfs_verbose=1" : ""); + snprintf (memsize_str, sizeof memsize_str, "%d", memsize); + add_cmdline (g, "-m"); - add_cmdline (g, "384"); /* XXX Choose best size. */ -#if defined(__i386__) || defined(__x86_64) + add_cmdline (g, memsize_str); +#if 0 add_cmdline (g, "-no-kqemu"); /* Avoids a warning. */ #endif add_cmdline (g, "-kernel"); @@ -747,12 +807,12 @@ guestfs_launch (guestfs_h *g) add_cmdline (g, "-net"); add_cmdline (g, "user,vlan=0"); add_cmdline (g, "-net"); - add_cmdline (g, "nic,vlan=0"); + add_cmdline (g, "nic,model=rtl8139,vlan=0"); incr_cmdline_size (g); g->cmdline[g->cmdline_size-1] = NULL; if (g->verbose) { - fprintf (stderr, "%s", QEMU); + fprintf (stderr, "%s", g->qemu); for (i = 0; g->cmdline[i]; ++i) fprintf (stderr, " %s", g->cmdline[i]); fprintf (stderr, "\n"); @@ -775,14 +835,48 @@ guestfs_launch (guestfs_h *g) setpgid (0, 0); #endif - execv (QEMU, g->cmdline); /* Run qemu. */ - perror (QEMU); + execv (g->qemu, g->cmdline); /* Run qemu. */ + perror (g->qemu); _exit (1); } /* Parent (library). */ g->pid = r; + /* Fork the recovery process off which will kill qemu if the parent + * process fails to do so (eg. if the parent segfaults). + */ + r = fork (); + if (r == 0) { + pid_t qemu_pid = g->pid; + pid_t parent_pid = getppid (); + + /* Writing to argv is hideously complicated and error prone. See: + * http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/backend/utils/misc/ps_status.c?rev=1.33.2.1;content-type=text%2Fplain + */ + + /* Loop around waiting for one or both of the other processes to + * disappear. It's fair to say this is very hairy. The PIDs that + * we are looking at might be reused by another process. We are + * effectively polling. Is the cure worse than the disease? + */ + for (;;) { + if (kill (qemu_pid, 0) == -1) /* qemu's gone away, we aren't needed */ + _exit (0); + if (kill (parent_pid, 0) == -1) { + /* Parent's gone away, qemu still around, so kill qemu. */ + kill (qemu_pid, 9); + _exit (0); + } + sleep (2); + } + } + + /* Don't worry, if the fork failed, this will be -1. The recovery + * process isn't essential. + */ + g->recoverypid = r; + /* Start the clock ... */ time (&g->start_t); @@ -879,11 +973,14 @@ guestfs_launch (guestfs_h *g) close (wfd[1]); close (rfd[0]); kill (g->pid, 9); + if (g->recoverypid > 0) kill (g->recoverypid, 9); waitpid (g->pid, NULL, 0); + if (g->recoverypid > 0) waitpid (g->recoverypid, NULL, 0); g->fd[0] = -1; g->fd[1] = -1; g->sock = -1; g->pid = 0; + g->recoverypid = 0; g->start_t = 0; g->stdout_watch = -1; g->sock_watch = -1; @@ -959,6 +1056,7 @@ guestfs_kill_subprocess (guestfs_h *g) fprintf (stderr, "sending SIGTERM to process %d\n", g->pid); kill (g->pid, SIGTERM); + if (g->recoverypid > 0) kill (g->recoverypid, 9); return 0; } @@ -1076,7 +1174,9 @@ stdout_event (struct guestfs_main_loop *ml, guestfs_h *g, void *data, if (g->verbose) fprintf (stderr, "stdout_event: %p: child process died\n", g); /*kill (g->pid, SIGTERM);*/ + if (g->recoverypid > 0) kill (g->recoverypid, 9); waitpid (g->pid, NULL, 0); + if (g->recoverypid > 0) waitpid (g->recoverypid, NULL, 0); if (g->stdout_watch >= 0) g->main_loop->remove_handle (g->main_loop, g, g->stdout_watch); if (g->sock_watch >= 0) @@ -1088,6 +1188,7 @@ stdout_event (struct guestfs_main_loop *ml, guestfs_h *g, void *data, g->fd[1] = -1; g->sock = -1; g->pid = 0; + g->recoverypid = 0; g->start_t = 0; g->stdout_watch = -1; g->sock_watch = -1; @@ -1433,7 +1534,6 @@ int guestfs__send_sync (guestfs_h *g, int proc_nr, xdrproc_t xdrp, char *args) { - char buffer[GUESTFS_MESSAGE_MAX]; struct guestfs_message_header hdr; XDR xdr; unsigned len; @@ -1446,6 +1546,23 @@ guestfs__send_sync (guestfs_h *g, int proc_nr, return -1; } + /* This is probably an internal error. Or perhaps we should just + * free the buffer anyway? + */ + if (g->msg_out != NULL) { + error (g, "guestfs__send_sync: msg_out should be NULL"); + return -1; + } + + /* We have to allocate this message buffer on the heap because + * it is quite large (although will be mostly unused). We + * can't allocate it on the stack because in some environments + * we have quite limited stack space available, notably when + * running in the JVM. + */ + g->msg_out = safe_malloc (g, GUESTFS_MESSAGE_MAX + 4); + xdrmem_create (&xdr, g->msg_out + 4, GUESTFS_MESSAGE_MAX, XDR_ENCODE); + /* Serialize the header. */ hdr.prog = GUESTFS_PROGRAM; hdr.vers = GUESTFS_PROTOCOL_VERSION; @@ -1454,10 +1571,9 @@ guestfs__send_sync (guestfs_h *g, int proc_nr, hdr.serial = serial; hdr.status = GUESTFS_STATUS_OK; - xdrmem_create (&xdr, buffer, sizeof buffer, XDR_ENCODE); if (!xdr_guestfs_message_header (&xdr, &hdr)) { error (g, "xdr_guestfs_message_header failed"); - return -1; + goto cleanup1; } /* Serialize the args. If any, because some message types @@ -1466,24 +1582,23 @@ guestfs__send_sync (guestfs_h *g, int proc_nr, if (xdrp) { if (!(*xdrp) (&xdr, args)) { error (g, "dispatch failed to marshal args"); - return -1; + goto cleanup1; } } + /* Get the actual length of the message, resize the buffer to match + * the actual length, and write the length word at the beginning. + */ len = xdr_getpos (&xdr); xdr_destroy (&xdr); - /* Allocate the outgoing message buffer. */ - g->msg_out = safe_malloc (g, len + 4); - + g->msg_out = safe_realloc (g, g->msg_out, len + 4); g->msg_out_size = len + 4; g->msg_out_pos = 0; xdrmem_create (&xdr, g->msg_out, 4, XDR_ENCODE); xdr_uint32_t (&xdr, &len); - memcpy (g->msg_out + 4, buffer, len); - if (guestfs__switch_to_sending (g) == -1) goto cleanup1; @@ -1594,10 +1709,9 @@ send_file_complete_sync (guestfs_h *g) static int check_for_daemon_cancellation (guestfs_h *g); static int -send_file_chunk_sync (guestfs_h *g, int cancel, const char *buf, size_t len) +send_file_chunk_sync (guestfs_h *g, int cancel, const char *buf, size_t buflen) { - char data[GUESTFS_MAX_CHUNK_SIZE + 48]; - unsigned datalen; + unsigned len; int sent; guestfs_chunk chunk; XDR xdr; @@ -1608,6 +1722,14 @@ send_file_chunk_sync (guestfs_h *g, int cancel, const char *buf, size_t len) return -1; } + /* This is probably an internal error. Or perhaps we should just + * free the buffer anyway? + */ + if (g->msg_out != NULL) { + error (g, "guestfs__send_sync: msg_out should be NULL"); + return -1; + } + /* Did the daemon send a cancellation message? */ if (check_for_daemon_cancellation (g)) { if (g->verbose) @@ -1615,35 +1737,34 @@ send_file_chunk_sync (guestfs_h *g, int cancel, const char *buf, size_t len) return -2; } + /* Allocate the chunk buffer. Don't use the stack to avoid + * excessive stack usage and unnecessary copies. + */ + g->msg_out = safe_malloc (g, GUESTFS_MAX_CHUNK_SIZE + 4 + 48); + xdrmem_create (&xdr, g->msg_out + 4, GUESTFS_MAX_CHUNK_SIZE + 48, XDR_ENCODE); + /* Serialize the chunk. */ chunk.cancel = cancel; - chunk.data.data_len = len; + chunk.data.data_len = buflen; chunk.data.data_val = (char *) buf; - if (g->verbose) - fprintf (stderr, - "library sending chunk cancel = %d, len = %zu, buf = %p\n", - cancel, len, buf); - - xdrmem_create (&xdr, data, sizeof data, XDR_ENCODE); if (!xdr_guestfs_chunk (&xdr, &chunk)) { - error (g, "xdr_guestfs_chunk failed (buf = %p, len = %zu)", buf, len); + error (g, "xdr_guestfs_chunk failed (buf = %p, buflen = %zu)", + buf, buflen); xdr_destroy (&xdr); - return -1; + goto cleanup1; } - datalen = xdr_getpos (&xdr); + len = xdr_getpos (&xdr); xdr_destroy (&xdr); - /* Allocate outgoing message buffer. */ - g->msg_out = safe_malloc (g, datalen + 4); - g->msg_out_size = datalen + 4; + /* Reduce the size of the outgoing message buffer to the real length. */ + g->msg_out = safe_realloc (g, g->msg_out, len + 4); + g->msg_out_size = len + 4; g->msg_out_pos = 0; xdrmem_create (&xdr, g->msg_out, 4, XDR_ENCODE); - xdr_uint32_t (&xdr, &datalen); - - memcpy (g->msg_out + 4, data, datalen); + xdr_uint32_t (&xdr, &len); if (guestfs__switch_to_sending (g) == -1) goto cleanup1;