1 /*
2 * QEMU System Emulator
3 *
4 * Copyright (c) 2003-2008 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24 #include <unistd.h>
25 #include <fcntl.h>
26 #include <signal.h>
27 #include <time.h>
28 #include <errno.h>
29 #include <sys/time.h>
30 #include <zlib.h>
31
32 /* Needed early for CONFIG_BSD etc. */
33 #include "config-host.h"
34
35 #ifndef _WIN32
36 #include <sys/times.h>
37 #include <sys/wait.h>
38 #include <termios.h>
39 #include <sys/mman.h>
40 #include <sys/ioctl.h>
41 #include <sys/resource.h>
42 #include <sys/socket.h>
43 #include <netinet/in.h>
44 #include <net/if.h>
45 #if defined(__NetBSD__)
46 #include <net/if_tap.h>
47 #endif
48 #ifdef __linux__
49 #include <linux/if_tun.h>
50 #endif
51 #include <arpa/inet.h>
52 #include <dirent.h>
53 #include <netdb.h>
54 #include <sys/select.h>
55 #ifdef CONFIG_BSD
56 #include <sys/stat.h>
57 #if defined(__FreeBSD__) || defined(__DragonFly__)
58 #include <libutil.h>
59 #else
60 #include <util.h>
61 #endif
62 #elif defined (__GLIBC__) && defined (__FreeBSD_kernel__)
63 #include <freebsd/stdlib.h>
64 #else
65 #ifdef __linux__
66 #include <pty.h>
67 #include <malloc.h>
68 #include <linux/rtc.h>
69 #endif
70 #endif
71 #endif
72
73 #ifdef _WIN32
74 #include <windows.h>
75 #include <malloc.h>
76 #include <sys/timeb.h>
77 #include <mmsystem.h>
78 #define getopt_long_only getopt_long
79 #define memalign(align, size) malloc(size)
80 #endif
81
82 #include "qemu-common.h"
83 #include "hw/hw.h"
84 #include "net.h"
85 #include "monitor.h"
86 #include "sysemu.h"
87 #include "qemu-timer.h"
88 #include "qemu-char.h"
89 #include "block.h"
90 #include "audio/audio.h"
91 #include "migration.h"
92 #include "qemu_socket.h"
93 #include "qemu_file.h"
94
95 /* point to the block driver where the snapshots are managed */
96 static BlockDriverState *bs_snapshots;
97
98 #define SELF_ANNOUNCE_ROUNDS 5
99 #define ETH_P_EXPERIMENTAL 0x01F1 /* just a number */
100 //#define ETH_P_EXPERIMENTAL 0x0012 /* make it the size of the packet */
101 #define EXPERIMENTAL_MAGIC 0xf1f23f4f
102
announce_self_create(uint8_t * buf,uint8_t * mac_addr)103 static int announce_self_create(uint8_t *buf,
104 uint8_t *mac_addr)
105 {
106 uint32_t magic = EXPERIMENTAL_MAGIC;
107 uint16_t proto = htons(ETH_P_EXPERIMENTAL);
108
109 /* FIXME: should we send a different packet (arp/rarp/ping)? */
110
111 memset(buf, 0, 64);
112 memset(buf, 0xff, 6); /* h_dst */
113 memcpy(buf + 6, mac_addr, 6); /* h_src */
114 memcpy(buf + 12, &proto, 2); /* h_proto */
115 memcpy(buf + 14, &magic, 4); /* magic */
116
117 return 64; /* len */
118 }
119
qemu_announce_self_once(void * opaque)120 static void qemu_announce_self_once(void *opaque)
121 {
122 int i, len;
123 VLANState *vlan;
124 VLANClientState *vc;
125 uint8_t buf[256];
126 static int count = SELF_ANNOUNCE_ROUNDS;
127 QEMUTimer *timer = *(QEMUTimer **)opaque;
128
129 for (i = 0; i < MAX_NICS; i++) {
130 if (!nd_table[i].used)
131 continue;
132 len = announce_self_create(buf, nd_table[i].macaddr);
133 vlan = nd_table[i].vlan;
134 for(vc = vlan->first_client; vc != NULL; vc = vc->next) {
135 vc->receive(vc, buf, len);
136 }
137 }
138 if (count--) {
139 qemu_mod_timer(timer, qemu_get_clock(rt_clock) + 100);
140 } else {
141 qemu_del_timer(timer);
142 qemu_free_timer(timer);
143 }
144 }
145
qemu_announce_self(void)146 void qemu_announce_self(void)
147 {
148 static QEMUTimer *timer;
149 timer = qemu_new_timer(rt_clock, qemu_announce_self_once, &timer);
150 qemu_announce_self_once(&timer);
151 }
152
153 /***********************************************************/
154 /* savevm/loadvm support */
155
156 #define IO_BUF_SIZE 32768
157
158 struct QEMUFile {
159 QEMUFilePutBufferFunc *put_buffer;
160 QEMUFileGetBufferFunc *get_buffer;
161 QEMUFileCloseFunc *close;
162 QEMUFileRateLimit *rate_limit;
163 QEMUFileSetRateLimit *set_rate_limit;
164 void *opaque;
165 int is_write;
166
167 int64_t buf_offset; /* start of buffer when writing, end of buffer
168 when reading */
169 int buf_index;
170 int buf_size; /* 0 when writing */
171 uint8_t buf[IO_BUF_SIZE];
172
173 int has_error;
174 };
175
176 typedef struct QEMUFilePopen
177 {
178 FILE *popen_file;
179 QEMUFile *file;
180 } QEMUFilePopen;
181
182 typedef struct QEMUFileSocket
183 {
184 int fd;
185 QEMUFile *file;
186 } QEMUFileSocket;
187
file_socket_get_buffer(void * opaque,uint8_t * buf,int64_t pos,int size)188 static int file_socket_get_buffer(void *opaque, uint8_t *buf, int64_t pos, int size)
189 {
190 QEMUFileSocket *s = opaque;
191 ssize_t len;
192
193 do {
194 len = recv(s->fd, (void *)buf, size, 0);
195 } while (len == -1 && socket_error() == EINTR);
196
197 if (len == -1)
198 len = -socket_error();
199
200 return len;
201 }
202
file_socket_close(void * opaque)203 static int file_socket_close(void *opaque)
204 {
205 QEMUFileSocket *s = opaque;
206 qemu_free(s);
207 return 0;
208 }
209
popen_put_buffer(void * opaque,const uint8_t * buf,int64_t pos,int size)210 static int popen_put_buffer(void *opaque, const uint8_t *buf, int64_t pos, int size)
211 {
212 QEMUFilePopen *s = opaque;
213 return fwrite(buf, 1, size, s->popen_file);
214 }
215
popen_get_buffer(void * opaque,uint8_t * buf,int64_t pos,int size)216 static int popen_get_buffer(void *opaque, uint8_t *buf, int64_t pos, int size)
217 {
218 QEMUFilePopen *s = opaque;
219 FILE *fp = s->popen_file;
220 int bytes;
221
222 do {
223 clearerr(fp);
224 bytes = fread(buf, 1, size, fp);
225 } while ((bytes == 0) && ferror(fp) && (errno == EINTR));
226 return bytes;
227 }
228
popen_close(void * opaque)229 static int popen_close(void *opaque)
230 {
231 QEMUFilePopen *s = opaque;
232 pclose(s->popen_file);
233 qemu_free(s);
234 return 0;
235 }
236
qemu_popen(FILE * popen_file,const char * mode)237 QEMUFile *qemu_popen(FILE *popen_file, const char *mode)
238 {
239 QEMUFilePopen *s;
240
241 if (popen_file == NULL || mode == NULL || (mode[0] != 'r' && mode[0] != 'w') || mode[1] != 0) {
242 fprintf(stderr, "qemu_popen: Argument validity check failed\n");
243 return NULL;
244 }
245
246 s = qemu_mallocz(sizeof(QEMUFilePopen));
247
248 s->popen_file = popen_file;
249
250 if(mode[0] == 'r') {
251 s->file = qemu_fopen_ops(s, NULL, popen_get_buffer, popen_close, NULL, NULL);
252 } else {
253 s->file = qemu_fopen_ops(s, popen_put_buffer, NULL, popen_close, NULL, NULL);
254 }
255 return s->file;
256 }
257
qemu_popen_cmd(const char * command,const char * mode)258 QEMUFile *qemu_popen_cmd(const char *command, const char *mode)
259 {
260 FILE *popen_file;
261
262 popen_file = popen(command, mode);
263 if(popen_file == NULL) {
264 return NULL;
265 }
266
267 return qemu_popen(popen_file, mode);
268 }
269
qemu_popen_fd(QEMUFile * f)270 int qemu_popen_fd(QEMUFile *f)
271 {
272 QEMUFilePopen *p;
273 int fd;
274
275 p = (QEMUFilePopen *)f->opaque;
276 fd = fileno(p->popen_file);
277
278 return fd;
279 }
280
qemu_fopen_socket(int fd)281 QEMUFile *qemu_fopen_socket(int fd)
282 {
283 QEMUFileSocket *s = qemu_mallocz(sizeof(QEMUFileSocket));
284
285 s->fd = fd;
286 s->file = qemu_fopen_ops(s, NULL, file_socket_get_buffer, file_socket_close, NULL, NULL);
287 return s->file;
288 }
289
290 typedef struct QEMUFileStdio
291 {
292 FILE *outfile;
293 } QEMUFileStdio;
294
file_put_buffer(void * opaque,const uint8_t * buf,int64_t pos,int size)295 static int file_put_buffer(void *opaque, const uint8_t *buf,
296 int64_t pos, int size)
297 {
298 QEMUFileStdio *s = opaque;
299 fseek(s->outfile, pos, SEEK_SET);
300 fwrite(buf, 1, size, s->outfile);
301 return size;
302 }
303
file_get_buffer(void * opaque,uint8_t * buf,int64_t pos,int size)304 static int file_get_buffer(void *opaque, uint8_t *buf, int64_t pos, int size)
305 {
306 QEMUFileStdio *s = opaque;
307 fseek(s->outfile, pos, SEEK_SET);
308 return fread(buf, 1, size, s->outfile);
309 }
310
file_close(void * opaque)311 static int file_close(void *opaque)
312 {
313 QEMUFileStdio *s = opaque;
314 fclose(s->outfile);
315 qemu_free(s);
316 return 0;
317 }
318
qemu_fopen(const char * filename,const char * mode)319 QEMUFile *qemu_fopen(const char *filename, const char *mode)
320 {
321 QEMUFileStdio *s;
322
323 s = qemu_mallocz(sizeof(QEMUFileStdio));
324
325 s->outfile = fopen(filename, mode);
326 if (!s->outfile)
327 goto fail;
328
329 if (!strcmp(mode, "wb"))
330 return qemu_fopen_ops(s, file_put_buffer, NULL, file_close, NULL, NULL);
331 else if (!strcmp(mode, "rb"))
332 return qemu_fopen_ops(s, NULL, file_get_buffer, file_close, NULL, NULL);
333
334 fail:
335 if (s->outfile)
336 fclose(s->outfile);
337 qemu_free(s);
338 return NULL;
339 }
340
341 typedef struct QEMUFileBdrv
342 {
343 BlockDriverState *bs;
344 int64_t base_offset;
345 } QEMUFileBdrv;
346
block_put_buffer(void * opaque,const uint8_t * buf,int64_t pos,int size)347 static int block_put_buffer(void *opaque, const uint8_t *buf,
348 int64_t pos, int size)
349 {
350 QEMUFileBdrv *s = opaque;
351 bdrv_put_buffer(s->bs, buf, s->base_offset + pos, size);
352 return size;
353 }
354
block_get_buffer(void * opaque,uint8_t * buf,int64_t pos,int size)355 static int block_get_buffer(void *opaque, uint8_t *buf, int64_t pos, int size)
356 {
357 QEMUFileBdrv *s = opaque;
358 return bdrv_get_buffer(s->bs, buf, s->base_offset + pos, size);
359 }
360
bdrv_fclose(void * opaque)361 static int bdrv_fclose(void *opaque)
362 {
363 QEMUFileBdrv *s = opaque;
364 qemu_free(s);
365 return 0;
366 }
367
qemu_fopen_bdrv(BlockDriverState * bs,int64_t offset,int is_writable)368 static QEMUFile *qemu_fopen_bdrv(BlockDriverState *bs, int64_t offset, int is_writable)
369 {
370 QEMUFileBdrv *s;
371
372 s = qemu_mallocz(sizeof(QEMUFileBdrv));
373
374 s->bs = bs;
375 s->base_offset = offset;
376
377 if (is_writable)
378 return qemu_fopen_ops(s, block_put_buffer, NULL, bdrv_fclose, NULL, NULL);
379
380 return qemu_fopen_ops(s, NULL, block_get_buffer, bdrv_fclose, NULL, NULL);
381 }
382
qemu_fopen_ops(void * opaque,QEMUFilePutBufferFunc * put_buffer,QEMUFileGetBufferFunc * get_buffer,QEMUFileCloseFunc * close,QEMUFileRateLimit * rate_limit,QEMUFileSetRateLimit * set_rate_limit)383 QEMUFile *qemu_fopen_ops(void *opaque, QEMUFilePutBufferFunc *put_buffer,
384 QEMUFileGetBufferFunc *get_buffer,
385 QEMUFileCloseFunc *close,
386 QEMUFileRateLimit *rate_limit,
387 QEMUFileSetRateLimit *set_rate_limit)
388 {
389 QEMUFile *f;
390
391 f = qemu_mallocz(sizeof(QEMUFile));
392
393 f->opaque = opaque;
394 f->put_buffer = put_buffer;
395 f->get_buffer = get_buffer;
396 f->close = close;
397 f->rate_limit = rate_limit;
398 f->set_rate_limit = set_rate_limit;
399 f->is_write = 0;
400
401 return f;
402 }
403
qemu_file_has_error(QEMUFile * f)404 int qemu_file_has_error(QEMUFile *f)
405 {
406 return f->has_error;
407 }
408
qemu_file_set_error(QEMUFile * f)409 void qemu_file_set_error(QEMUFile *f)
410 {
411 f->has_error = 1;
412 }
413
qemu_fflush(QEMUFile * f)414 void qemu_fflush(QEMUFile *f)
415 {
416 if (!f->put_buffer)
417 return;
418
419 if (f->is_write && f->buf_index > 0) {
420 int len;
421
422 len = f->put_buffer(f->opaque, f->buf, f->buf_offset, f->buf_index);
423 if (len > 0)
424 f->buf_offset += f->buf_index;
425 else
426 f->has_error = 1;
427 f->buf_index = 0;
428 }
429 }
430
qemu_fill_buffer(QEMUFile * f)431 static void qemu_fill_buffer(QEMUFile *f)
432 {
433 int len;
434
435 if (!f->get_buffer)
436 return;
437
438 if (f->is_write)
439 abort();
440
441 len = f->get_buffer(f->opaque, f->buf, f->buf_offset, IO_BUF_SIZE);
442 if (len > 0) {
443 f->buf_index = 0;
444 f->buf_size = len;
445 f->buf_offset += len;
446 } else if (len != -EAGAIN)
447 f->has_error = 1;
448 }
449
qemu_fclose(QEMUFile * f)450 int qemu_fclose(QEMUFile *f)
451 {
452 int ret = 0;
453 qemu_fflush(f);
454 if (f->close)
455 ret = f->close(f->opaque);
456 qemu_free(f);
457 return ret;
458 }
459
qemu_file_put_notify(QEMUFile * f)460 void qemu_file_put_notify(QEMUFile *f)
461 {
462 f->put_buffer(f->opaque, NULL, 0, 0);
463 }
464
qemu_put_buffer(QEMUFile * f,const uint8_t * buf,int size)465 void qemu_put_buffer(QEMUFile *f, const uint8_t *buf, int size)
466 {
467 int l;
468
469 if (!f->has_error && f->is_write == 0 && f->buf_index > 0) {
470 fprintf(stderr,
471 "Attempted to write to buffer while read buffer is not empty\n");
472 abort();
473 }
474
475 while (!f->has_error && size > 0) {
476 l = IO_BUF_SIZE - f->buf_index;
477 if (l > size)
478 l = size;
479 memcpy(f->buf + f->buf_index, buf, l);
480 f->is_write = 1;
481 f->buf_index += l;
482 buf += l;
483 size -= l;
484 if (f->buf_index >= IO_BUF_SIZE)
485 qemu_fflush(f);
486 }
487 }
488
qemu_put_byte(QEMUFile * f,int v)489 void qemu_put_byte(QEMUFile *f, int v)
490 {
491 if (!f->has_error && f->is_write == 0 && f->buf_index > 0) {
492 fprintf(stderr,
493 "Attempted to write to buffer while read buffer is not empty\n");
494 abort();
495 }
496
497 f->buf[f->buf_index++] = v;
498 f->is_write = 1;
499 if (f->buf_index >= IO_BUF_SIZE)
500 qemu_fflush(f);
501 }
502
qemu_get_buffer(QEMUFile * f,uint8_t * buf,int size1)503 int qemu_get_buffer(QEMUFile *f, uint8_t *buf, int size1)
504 {
505 int size, l;
506
507 if (f->is_write)
508 abort();
509
510 size = size1;
511 while (size > 0) {
512 l = f->buf_size - f->buf_index;
513 if (l == 0) {
514 qemu_fill_buffer(f);
515 l = f->buf_size - f->buf_index;
516 if (l == 0)
517 break;
518 }
519 if (l > size)
520 l = size;
521 memcpy(buf, f->buf + f->buf_index, l);
522 f->buf_index += l;
523 buf += l;
524 size -= l;
525 }
526 return size1 - size;
527 }
528
qemu_get_byte(QEMUFile * f)529 int qemu_get_byte(QEMUFile *f)
530 {
531 if (f->is_write)
532 abort();
533
534 if (f->buf_index >= f->buf_size) {
535 qemu_fill_buffer(f);
536 if (f->buf_index >= f->buf_size)
537 return 0;
538 }
539 return f->buf[f->buf_index++];
540 }
541
qemu_ftell(QEMUFile * f)542 int64_t qemu_ftell(QEMUFile *f)
543 {
544 return f->buf_offset - f->buf_size + f->buf_index;
545 }
546
qemu_fseek(QEMUFile * f,int64_t pos,int whence)547 int64_t qemu_fseek(QEMUFile *f, int64_t pos, int whence)
548 {
549 if (whence == SEEK_SET) {
550 /* nothing to do */
551 } else if (whence == SEEK_CUR) {
552 pos += qemu_ftell(f);
553 } else {
554 /* SEEK_END not supported */
555 return -1;
556 }
557 if (f->put_buffer) {
558 qemu_fflush(f);
559 f->buf_offset = pos;
560 } else {
561 f->buf_offset = pos;
562 f->buf_index = 0;
563 f->buf_size = 0;
564 }
565 return pos;
566 }
567
qemu_file_rate_limit(QEMUFile * f)568 int qemu_file_rate_limit(QEMUFile *f)
569 {
570 if (f->rate_limit)
571 return f->rate_limit(f->opaque);
572
573 return 0;
574 }
575
qemu_file_set_rate_limit(QEMUFile * f,size_t new_rate)576 size_t qemu_file_set_rate_limit(QEMUFile *f, size_t new_rate)
577 {
578 if (f->set_rate_limit)
579 return f->set_rate_limit(f->opaque, new_rate);
580
581 return 0;
582 }
583
qemu_put_be16(QEMUFile * f,unsigned int v)584 void qemu_put_be16(QEMUFile *f, unsigned int v)
585 {
586 qemu_put_byte(f, v >> 8);
587 qemu_put_byte(f, v);
588 }
589
qemu_put_be32(QEMUFile * f,unsigned int v)590 void qemu_put_be32(QEMUFile *f, unsigned int v)
591 {
592 qemu_put_byte(f, v >> 24);
593 qemu_put_byte(f, v >> 16);
594 qemu_put_byte(f, v >> 8);
595 qemu_put_byte(f, v);
596 }
597
qemu_put_be64(QEMUFile * f,uint64_t v)598 void qemu_put_be64(QEMUFile *f, uint64_t v)
599 {
600 qemu_put_be32(f, v >> 32);
601 qemu_put_be32(f, v);
602 }
603
qemu_get_be16(QEMUFile * f)604 unsigned int qemu_get_be16(QEMUFile *f)
605 {
606 unsigned int v;
607 v = qemu_get_byte(f) << 8;
608 v |= qemu_get_byte(f);
609 return v;
610 }
611
qemu_get_be32(QEMUFile * f)612 unsigned int qemu_get_be32(QEMUFile *f)
613 {
614 unsigned int v;
615 v = qemu_get_byte(f) << 24;
616 v |= qemu_get_byte(f) << 16;
617 v |= qemu_get_byte(f) << 8;
618 v |= qemu_get_byte(f);
619 return v;
620 }
621
qemu_get_be64(QEMUFile * f)622 uint64_t qemu_get_be64(QEMUFile *f)
623 {
624 uint64_t v;
625 v = (uint64_t)qemu_get_be32(f) << 32;
626 v |= qemu_get_be32(f);
627 return v;
628 }
629
qemu_put_struct(QEMUFile * f,const QField * fields,const void * s)630 void qemu_put_struct(QEMUFile* f, const QField* fields, const void* s)
631 {
632 const QField* qf = fields;
633
634 for (;;) {
635 uint8_t* p = (uint8_t*)s + qf->offset;
636
637 switch (qf->type) {
638 case Q_FIELD_END:
639 break;
640 case Q_FIELD_BYTE:
641 qemu_put_byte(f, p[0]);
642 break;
643 case Q_FIELD_INT16:
644 qemu_put_be16(f, ((uint16_t*)p)[0]);
645 break;
646 case Q_FIELD_INT32:
647 qemu_put_be32(f, ((uint32_t*)p)[0]);
648 break;
649 case Q_FIELD_INT64:
650 qemu_put_be64(f, ((uint64_t*)p)[0]);
651 break;
652 case Q_FIELD_BUFFER:
653 if (fields[1].type != Q_FIELD_BUFFER_SIZE ||
654 fields[2].type != Q_FIELD_BUFFER_SIZE)
655 {
656 fprintf(stderr, "%s: invalid QFIELD_BUFFER item passed as argument. aborting\n",
657 __FUNCTION__ );
658 exit(1);
659 }
660 else
661 {
662 uint32_t size = ((uint32_t)fields[1].offset << 16) | (uint32_t)fields[2].offset;
663
664 qemu_put_buffer(f, p, size);
665 qf += 2;
666 }
667 break;
668 default:
669 fprintf(stderr, "%s: invalid fields list passed as argument. aborting\n", __FUNCTION__);
670 exit(1);
671 }
672 qf++;
673 }
674 }
675
qemu_get_struct(QEMUFile * f,const QField * fields,void * s)676 int qemu_get_struct(QEMUFile* f, const QField* fields, void* s)
677 {
678 const QField* qf = fields;
679
680 for (;;) {
681 uint8_t* p = (uint8_t*)s + qf->offset;
682
683 switch (qf->type) {
684 case Q_FIELD_END:
685 break;
686 case Q_FIELD_BYTE:
687 p[0] = qemu_get_byte(f);
688 break;
689 case Q_FIELD_INT16:
690 ((uint16_t*)p)[0] = qemu_get_be16(f);
691 break;
692 case Q_FIELD_INT32:
693 ((uint32_t*)p)[0] = qemu_get_be32(f);
694 break;
695 case Q_FIELD_INT64:
696 ((uint64_t*)p)[0] = qemu_get_be64(f);
697 break;
698 case Q_FIELD_BUFFER:
699 if (fields[1].type != Q_FIELD_BUFFER_SIZE ||
700 fields[2].type != Q_FIELD_BUFFER_SIZE)
701 {
702 fprintf(stderr, "%s: invalid QFIELD_BUFFER item passed as argument.\n",
703 __FUNCTION__ );
704 return -1;
705 }
706 else
707 {
708 uint32_t size = ((uint32_t)fields[1].offset << 16) | (uint32_t)fields[2].offset;
709 int ret = qemu_get_buffer(f, p, size);
710
711 if (ret != size) {
712 fprintf(stderr, "%s: not enough bytes to load structure\n", __FUNCTION__);
713 return -1;
714 }
715 qf += 2;
716 }
717 break;
718 default:
719 fprintf(stderr, "%s: invalid fields list passed as argument. aborting\n", __FUNCTION__);
720 exit(1);
721 }
722 qf++;
723 }
724 return 0;
725 }
726
727 typedef struct SaveStateEntry {
728 char idstr[256];
729 int instance_id;
730 int version_id;
731 int section_id;
732 SaveLiveStateHandler *save_live_state;
733 SaveStateHandler *save_state;
734 LoadStateHandler *load_state;
735 void *opaque;
736 struct SaveStateEntry *next;
737 } SaveStateEntry;
738
739 static SaveStateEntry *first_se;
740
741 /* TODO: Individual devices generally have very little idea about the rest
742 of the system, so instance_id should be removed/replaced.
743 Meanwhile pass -1 as instance_id if you do not already have a clearly
744 distinguishing id for all instances of your device class. */
register_savevm_live(const char * idstr,int instance_id,int version_id,SaveLiveStateHandler * save_live_state,SaveStateHandler * save_state,LoadStateHandler * load_state,void * opaque)745 int register_savevm_live(const char *idstr,
746 int instance_id,
747 int version_id,
748 SaveLiveStateHandler *save_live_state,
749 SaveStateHandler *save_state,
750 LoadStateHandler *load_state,
751 void *opaque)
752 {
753 SaveStateEntry *se, **pse;
754 static int global_section_id;
755
756 se = qemu_malloc(sizeof(SaveStateEntry));
757 pstrcpy(se->idstr, sizeof(se->idstr), idstr);
758 se->instance_id = (instance_id == -1) ? 0 : instance_id;
759 se->version_id = version_id;
760 se->section_id = global_section_id++;
761 se->save_live_state = save_live_state;
762 se->save_state = save_state;
763 se->load_state = load_state;
764 se->opaque = opaque;
765 se->next = NULL;
766
767 /* add at the end of list */
768 pse = &first_se;
769 while (*pse != NULL) {
770 if (instance_id == -1
771 && strcmp(se->idstr, (*pse)->idstr) == 0
772 && se->instance_id <= (*pse)->instance_id)
773 se->instance_id = (*pse)->instance_id + 1;
774 pse = &(*pse)->next;
775 }
776 *pse = se;
777 return 0;
778 }
779
register_savevm(const char * idstr,int instance_id,int version_id,SaveStateHandler * save_state,LoadStateHandler * load_state,void * opaque)780 int register_savevm(const char *idstr,
781 int instance_id,
782 int version_id,
783 SaveStateHandler *save_state,
784 LoadStateHandler *load_state,
785 void *opaque)
786 {
787 return register_savevm_live(idstr, instance_id, version_id,
788 NULL, save_state, load_state, opaque);
789 }
790
unregister_savevm(const char * idstr,void * opaque)791 void unregister_savevm(const char *idstr, void *opaque)
792 {
793 SaveStateEntry **pse;
794
795 pse = &first_se;
796 while (*pse != NULL) {
797 if (strcmp((*pse)->idstr, idstr) == 0 && (*pse)->opaque == opaque) {
798 SaveStateEntry *next = (*pse)->next;
799 qemu_free(*pse);
800 *pse = next;
801 continue;
802 }
803 pse = &(*pse)->next;
804 }
805 }
806
807 #define QEMU_VM_FILE_MAGIC 0x5145564d
808 #define QEMU_VM_FILE_VERSION_COMPAT 0x00000002
809 #define QEMU_VM_FILE_VERSION 0x00000003
810
811 #define QEMU_VM_EOF 0x00
812 #define QEMU_VM_SECTION_START 0x01
813 #define QEMU_VM_SECTION_PART 0x02
814 #define QEMU_VM_SECTION_END 0x03
815 #define QEMU_VM_SECTION_FULL 0x04
816
qemu_savevm_state_begin(QEMUFile * f)817 int qemu_savevm_state_begin(QEMUFile *f)
818 {
819 SaveStateEntry *se;
820
821 qemu_put_be32(f, QEMU_VM_FILE_MAGIC);
822 qemu_put_be32(f, QEMU_VM_FILE_VERSION);
823
824 for (se = first_se; se != NULL; se = se->next) {
825 int len;
826
827 if (se->save_live_state == NULL)
828 continue;
829
830 /* Section type */
831 qemu_put_byte(f, QEMU_VM_SECTION_START);
832 qemu_put_be32(f, se->section_id);
833
834 /* ID string */
835 len = strlen(se->idstr);
836 qemu_put_byte(f, len);
837 qemu_put_buffer(f, (uint8_t *)se->idstr, len);
838
839 qemu_put_be32(f, se->instance_id);
840 qemu_put_be32(f, se->version_id);
841
842 se->save_live_state(f, QEMU_VM_SECTION_START, se->opaque);
843 }
844
845 if (qemu_file_has_error(f))
846 return -EIO;
847
848 return 0;
849 }
850
qemu_savevm_state_iterate(QEMUFile * f)851 int qemu_savevm_state_iterate(QEMUFile *f)
852 {
853 SaveStateEntry *se;
854 int ret = 1;
855
856 for (se = first_se; se != NULL; se = se->next) {
857 if (se->save_live_state == NULL)
858 continue;
859
860 /* Section type */
861 qemu_put_byte(f, QEMU_VM_SECTION_PART);
862 qemu_put_be32(f, se->section_id);
863
864 ret &= !!se->save_live_state(f, QEMU_VM_SECTION_PART, se->opaque);
865 }
866
867 if (ret)
868 return 1;
869
870 if (qemu_file_has_error(f))
871 return -EIO;
872
873 return 0;
874 }
875
qemu_savevm_state_complete(QEMUFile * f)876 int qemu_savevm_state_complete(QEMUFile *f)
877 {
878 SaveStateEntry *se;
879
880 for (se = first_se; se != NULL; se = se->next) {
881 if (se->save_live_state == NULL)
882 continue;
883
884 /* Section type */
885 qemu_put_byte(f, QEMU_VM_SECTION_END);
886 qemu_put_be32(f, se->section_id);
887
888 se->save_live_state(f, QEMU_VM_SECTION_END, se->opaque);
889 }
890
891 for(se = first_se; se != NULL; se = se->next) {
892 int len;
893
894 if (se->save_state == NULL)
895 continue;
896
897 /* Section type */
898 qemu_put_byte(f, QEMU_VM_SECTION_FULL);
899 qemu_put_be32(f, se->section_id);
900
901 /* ID string */
902 len = strlen(se->idstr);
903 qemu_put_byte(f, len);
904 qemu_put_buffer(f, (uint8_t *)se->idstr, len);
905
906 qemu_put_be32(f, se->instance_id);
907 qemu_put_be32(f, se->version_id);
908
909 se->save_state(f, se->opaque);
910 }
911
912 qemu_put_byte(f, QEMU_VM_EOF);
913
914 if (qemu_file_has_error(f))
915 return -EIO;
916
917 return 0;
918 }
919
qemu_savevm_state(QEMUFile * f)920 int qemu_savevm_state(QEMUFile *f)
921 {
922 int saved_vm_running;
923 int ret;
924
925 saved_vm_running = vm_running;
926 vm_stop(0);
927
928 bdrv_flush_all();
929
930 ret = qemu_savevm_state_begin(f);
931 if (ret < 0)
932 goto out;
933
934 do {
935 ret = qemu_savevm_state_iterate(f);
936 if (ret < 0)
937 goto out;
938 } while (ret == 0);
939
940 ret = qemu_savevm_state_complete(f);
941
942 out:
943 if (qemu_file_has_error(f))
944 ret = -EIO;
945
946 if (!ret && saved_vm_running)
947 vm_start();
948
949 return ret;
950 }
951
find_se(const char * idstr,int instance_id)952 static SaveStateEntry *find_se(const char *idstr, int instance_id)
953 {
954 SaveStateEntry *se;
955
956 for(se = first_se; se != NULL; se = se->next) {
957 if (!strcmp(se->idstr, idstr) &&
958 instance_id == se->instance_id)
959 return se;
960 }
961 return NULL;
962 }
963
964 typedef struct LoadStateEntry {
965 SaveStateEntry *se;
966 int section_id;
967 int version_id;
968 struct LoadStateEntry *next;
969 } LoadStateEntry;
970
qemu_loadvm_state_v2(QEMUFile * f)971 static int qemu_loadvm_state_v2(QEMUFile *f)
972 {
973 SaveStateEntry *se;
974 int len, ret, instance_id, record_len, version_id;
975 int64_t total_len, end_pos, cur_pos;
976 char idstr[256];
977
978 total_len = qemu_get_be64(f);
979 end_pos = total_len + qemu_ftell(f);
980 for(;;) {
981 if (qemu_ftell(f) >= end_pos)
982 break;
983 len = qemu_get_byte(f);
984 qemu_get_buffer(f, (uint8_t *)idstr, len);
985 idstr[len] = '\0';
986 instance_id = qemu_get_be32(f);
987 version_id = qemu_get_be32(f);
988 record_len = qemu_get_be32(f);
989 cur_pos = qemu_ftell(f);
990 se = find_se(idstr, instance_id);
991 if (!se) {
992 fprintf(stderr, "qemu: warning: instance 0x%x of device '%s' not present in current VM\n",
993 instance_id, idstr);
994 } else {
995 ret = se->load_state(f, se->opaque, version_id);
996 if (ret < 0) {
997 fprintf(stderr, "qemu: warning: error while loading state for instance 0x%x of device '%s'\n",
998 instance_id, idstr);
999 return ret;
1000 }
1001 }
1002 /* always seek to exact end of record */
1003 qemu_fseek(f, cur_pos + record_len, SEEK_SET);
1004 }
1005
1006 if (qemu_file_has_error(f))
1007 return -EIO;
1008
1009 return 0;
1010 }
1011
qemu_loadvm_state(QEMUFile * f)1012 int qemu_loadvm_state(QEMUFile *f)
1013 {
1014 LoadStateEntry *first_le = NULL;
1015 uint8_t section_type;
1016 unsigned int v;
1017 int ret;
1018
1019 v = qemu_get_be32(f);
1020 if (v != QEMU_VM_FILE_MAGIC)
1021 return -EINVAL;
1022
1023 v = qemu_get_be32(f);
1024 if (v == QEMU_VM_FILE_VERSION_COMPAT)
1025 return qemu_loadvm_state_v2(f);
1026 if (v != QEMU_VM_FILE_VERSION)
1027 return -ENOTSUP;
1028
1029 while ((section_type = qemu_get_byte(f)) != QEMU_VM_EOF) {
1030 uint32_t instance_id, version_id, section_id;
1031 LoadStateEntry *le;
1032 SaveStateEntry *se;
1033 char idstr[257];
1034 int len;
1035
1036 switch (section_type) {
1037 case QEMU_VM_SECTION_START:
1038 case QEMU_VM_SECTION_FULL:
1039 /* Read section start */
1040 section_id = qemu_get_be32(f);
1041 len = qemu_get_byte(f);
1042 qemu_get_buffer(f, (uint8_t *)idstr, len);
1043 idstr[len] = 0;
1044 instance_id = qemu_get_be32(f);
1045 version_id = qemu_get_be32(f);
1046
1047 /* Find savevm section */
1048 se = find_se(idstr, instance_id);
1049 if (se == NULL) {
1050 fprintf(stderr, "Unknown savevm section or instance '%s' %d\n", idstr, instance_id);
1051 ret = -EINVAL;
1052 goto out;
1053 }
1054
1055 /* Validate version */
1056 if (version_id > se->version_id) {
1057 fprintf(stderr, "savevm: unsupported version %d for '%s' v%d\n",
1058 version_id, idstr, se->version_id);
1059 ret = -EINVAL;
1060 goto out;
1061 }
1062
1063 /* Add entry */
1064 le = qemu_mallocz(sizeof(*le));
1065
1066 le->se = se;
1067 le->section_id = section_id;
1068 le->version_id = version_id;
1069 le->next = first_le;
1070 first_le = le;
1071
1072 le->se->load_state(f, le->se->opaque, le->version_id);
1073 break;
1074 case QEMU_VM_SECTION_PART:
1075 case QEMU_VM_SECTION_END:
1076 section_id = qemu_get_be32(f);
1077
1078 for (le = first_le; le && le->section_id != section_id; le = le->next);
1079 if (le == NULL) {
1080 fprintf(stderr, "Unknown savevm section %d\n", section_id);
1081 ret = -EINVAL;
1082 goto out;
1083 }
1084
1085 le->se->load_state(f, le->se->opaque, le->version_id);
1086 break;
1087 default:
1088 fprintf(stderr, "Unknown savevm section type %d\n", section_type);
1089 ret = -EINVAL;
1090 goto out;
1091 }
1092 }
1093
1094 ret = 0;
1095
1096 out:
1097 while (first_le) {
1098 LoadStateEntry *le = first_le;
1099 first_le = first_le->next;
1100 qemu_free(le);
1101 }
1102
1103 if (qemu_file_has_error(f))
1104 ret = -EIO;
1105
1106 return ret;
1107 }
1108
1109 /* device can contain snapshots */
bdrv_can_snapshot(BlockDriverState * bs)1110 static int bdrv_can_snapshot(BlockDriverState *bs)
1111 {
1112 return (bs &&
1113 !bdrv_is_removable(bs) &&
1114 !bdrv_is_read_only(bs));
1115 }
1116
1117 /* device must be snapshots in order to have a reliable snapshot */
bdrv_has_snapshot(BlockDriverState * bs)1118 static int bdrv_has_snapshot(BlockDriverState *bs)
1119 {
1120 return (bs &&
1121 !bdrv_is_removable(bs) &&
1122 !bdrv_is_read_only(bs));
1123 }
1124
get_bs_snapshots(void)1125 static BlockDriverState *get_bs_snapshots(void)
1126 {
1127 BlockDriverState *bs;
1128 int i;
1129
1130 if (bs_snapshots)
1131 return bs_snapshots;
1132 for(i = 0; i <= nb_drives; i++) {
1133 bs = drives_table[i].bdrv;
1134 if (bdrv_can_snapshot(bs))
1135 goto ok;
1136 }
1137 return NULL;
1138 ok:
1139 bs_snapshots = bs;
1140 return bs;
1141 }
1142
bdrv_snapshot_find(BlockDriverState * bs,QEMUSnapshotInfo * sn_info,const char * name)1143 static int bdrv_snapshot_find(BlockDriverState *bs, QEMUSnapshotInfo *sn_info,
1144 const char *name)
1145 {
1146 QEMUSnapshotInfo *sn_tab, *sn;
1147 int nb_sns, i, ret;
1148
1149 ret = -ENOENT;
1150 nb_sns = bdrv_snapshot_list(bs, &sn_tab);
1151 if (nb_sns < 0)
1152 return ret;
1153 for(i = 0; i < nb_sns; i++) {
1154 sn = &sn_tab[i];
1155 if (!strcmp(sn->id_str, name) || !strcmp(sn->name, name)) {
1156 *sn_info = *sn;
1157 ret = 0;
1158 break;
1159 }
1160 }
1161 qemu_free(sn_tab);
1162 return ret;
1163 }
1164
do_savevm(Monitor * mon,const char * name)1165 void do_savevm(Monitor *mon, const char *name)
1166 {
1167 BlockDriverState *bs, *bs1;
1168 QEMUSnapshotInfo sn1, *sn = &sn1, old_sn1, *old_sn = &old_sn1;
1169 int must_delete, ret, i;
1170 BlockDriverInfo bdi1, *bdi = &bdi1;
1171 QEMUFile *f;
1172 int saved_vm_running;
1173 uint32_t vm_state_size;
1174 #ifdef _WIN32
1175 struct _timeb tb;
1176 #else
1177 struct timeval tv;
1178 #endif
1179
1180 bs = get_bs_snapshots();
1181 if (!bs) {
1182 monitor_printf(mon, "No block device can accept snapshots\n");
1183 return;
1184 }
1185
1186 /* ??? Should this occur after vm_stop? */
1187 qemu_aio_flush();
1188
1189 saved_vm_running = vm_running;
1190 vm_stop(0);
1191
1192 must_delete = 0;
1193 if (name) {
1194 ret = bdrv_snapshot_find(bs, old_sn, name);
1195 if (ret >= 0) {
1196 must_delete = 1;
1197 }
1198 }
1199 memset(sn, 0, sizeof(*sn));
1200 if (must_delete) {
1201 pstrcpy(sn->name, sizeof(sn->name), old_sn->name);
1202 pstrcpy(sn->id_str, sizeof(sn->id_str), old_sn->id_str);
1203 } else {
1204 if (name)
1205 pstrcpy(sn->name, sizeof(sn->name), name);
1206 }
1207
1208 /* fill auxiliary fields */
1209 #ifdef _WIN32
1210 _ftime(&tb);
1211 sn->date_sec = tb.time;
1212 sn->date_nsec = tb.millitm * 1000000;
1213 #else
1214 gettimeofday(&tv, NULL);
1215 sn->date_sec = tv.tv_sec;
1216 sn->date_nsec = tv.tv_usec * 1000;
1217 #endif
1218 sn->vm_clock_nsec = qemu_get_clock(vm_clock);
1219
1220 if (bdrv_get_info(bs, bdi) < 0 || bdi->vm_state_offset <= 0) {
1221 monitor_printf(mon, "Device %s does not support VM state snapshots\n",
1222 bdrv_get_device_name(bs));
1223 goto the_end;
1224 }
1225
1226 /* save the VM state */
1227 f = qemu_fopen_bdrv(bs, bdi->vm_state_offset, 1);
1228 if (!f) {
1229 monitor_printf(mon, "Could not open VM state file\n");
1230 goto the_end;
1231 }
1232 ret = qemu_savevm_state(f);
1233 vm_state_size = qemu_ftell(f);
1234 qemu_fclose(f);
1235 if (ret < 0) {
1236 monitor_printf(mon, "Error %d while writing VM\n", ret);
1237 goto the_end;
1238 }
1239
1240 /* create the snapshots */
1241
1242 for(i = 0; i < nb_drives; i++) {
1243 bs1 = drives_table[i].bdrv;
1244 if (bdrv_has_snapshot(bs1)) {
1245 if (must_delete) {
1246 ret = bdrv_snapshot_delete(bs1, old_sn->id_str);
1247 if (ret < 0) {
1248 monitor_printf(mon,
1249 "Error while deleting snapshot on '%s'\n",
1250 bdrv_get_device_name(bs1));
1251 }
1252 }
1253 /* Write VM state size only to the image that contains the state */
1254 sn->vm_state_size = (bs == bs1 ? vm_state_size : 0);
1255 ret = bdrv_snapshot_create(bs1, sn);
1256 if (ret < 0) {
1257 monitor_printf(mon, "Error while creating snapshot on '%s'\n",
1258 bdrv_get_device_name(bs1));
1259 }
1260 }
1261 }
1262
1263 the_end:
1264 if (saved_vm_running)
1265 vm_start();
1266 }
1267
do_loadvm(Monitor * mon,const char * name)1268 void do_loadvm(Monitor *mon, const char *name)
1269 {
1270 BlockDriverState *bs, *bs1;
1271 BlockDriverInfo bdi1, *bdi = &bdi1;
1272 QEMUSnapshotInfo sn;
1273 QEMUFile *f;
1274 int i, ret;
1275 int saved_vm_running;
1276
1277 bs = get_bs_snapshots();
1278 if (!bs) {
1279 monitor_printf(mon, "No block device supports snapshots\n");
1280 return;
1281 }
1282
1283 /* Flush all IO requests so they don't interfere with the new state. */
1284 qemu_aio_flush();
1285
1286 saved_vm_running = vm_running;
1287 vm_stop(0);
1288
1289 for(i = 0; i <= nb_drives; i++) {
1290 bs1 = drives_table[i].bdrv;
1291 if (bdrv_has_snapshot(bs1)) {
1292 ret = bdrv_snapshot_goto(bs1, name);
1293 if (ret < 0) {
1294 if (bs != bs1)
1295 monitor_printf(mon, "Warning: ");
1296 switch(ret) {
1297 case -ENOTSUP:
1298 monitor_printf(mon,
1299 "Snapshots not supported on device '%s'\n",
1300 bdrv_get_device_name(bs1));
1301 break;
1302 case -ENOENT:
1303 monitor_printf(mon, "Could not find snapshot '%s' on "
1304 "device '%s'\n",
1305 name, bdrv_get_device_name(bs1));
1306 break;
1307 default:
1308 monitor_printf(mon, "Error %d while activating snapshot on"
1309 " '%s'\n", ret, bdrv_get_device_name(bs1));
1310 break;
1311 }
1312 /* fatal on snapshot block device */
1313 if (bs == bs1)
1314 goto the_end;
1315 }
1316 }
1317 }
1318
1319 if (bdrv_get_info(bs, bdi) < 0 || bdi->vm_state_offset <= 0) {
1320 monitor_printf(mon, "Device %s does not support VM state snapshots\n",
1321 bdrv_get_device_name(bs));
1322 return;
1323 }
1324
1325 /* Don't even try to load empty VM states */
1326 ret = bdrv_snapshot_find(bs, &sn, name);
1327 if ((ret >= 0) && (sn.vm_state_size == 0))
1328 goto the_end;
1329
1330 /* restore the VM state */
1331 f = qemu_fopen_bdrv(bs, bdi->vm_state_offset, 0);
1332 if (!f) {
1333 monitor_printf(mon, "Could not open VM state file\n");
1334 goto the_end;
1335 }
1336 ret = qemu_loadvm_state(f);
1337 qemu_fclose(f);
1338 if (ret < 0) {
1339 monitor_printf(mon, "Error %d while loading VM state\n", ret);
1340 }
1341 the_end:
1342 if (saved_vm_running)
1343 vm_start();
1344 }
1345
do_delvm(Monitor * mon,const char * name)1346 void do_delvm(Monitor *mon, const char *name)
1347 {
1348 BlockDriverState *bs, *bs1;
1349 int i, ret;
1350
1351 bs = get_bs_snapshots();
1352 if (!bs) {
1353 monitor_printf(mon, "No block device supports snapshots\n");
1354 return;
1355 }
1356
1357 for(i = 0; i <= nb_drives; i++) {
1358 bs1 = drives_table[i].bdrv;
1359 if (bdrv_has_snapshot(bs1)) {
1360 ret = bdrv_snapshot_delete(bs1, name);
1361 if (ret < 0) {
1362 if (ret == -ENOTSUP)
1363 monitor_printf(mon,
1364 "Snapshots not supported on device '%s'\n",
1365 bdrv_get_device_name(bs1));
1366 else
1367 monitor_printf(mon, "Error %d while deleting snapshot on "
1368 "'%s'\n", ret, bdrv_get_device_name(bs1));
1369 }
1370 }
1371 }
1372 }
1373
do_info_snapshots(Monitor * mon)1374 void do_info_snapshots(Monitor *mon)
1375 {
1376 BlockDriverState *bs, *bs1;
1377 QEMUSnapshotInfo *sn_tab, *sn;
1378 int nb_sns, i;
1379 char buf[256];
1380
1381 bs = get_bs_snapshots();
1382 if (!bs) {
1383 monitor_printf(mon, "No available block device supports snapshots\n");
1384 return;
1385 }
1386 monitor_printf(mon, "Snapshot devices:");
1387 for(i = 0; i <= nb_drives; i++) {
1388 bs1 = drives_table[i].bdrv;
1389 if (bdrv_has_snapshot(bs1)) {
1390 if (bs == bs1)
1391 monitor_printf(mon, " %s", bdrv_get_device_name(bs1));
1392 }
1393 }
1394 monitor_printf(mon, "\n");
1395
1396 nb_sns = bdrv_snapshot_list(bs, &sn_tab);
1397 if (nb_sns < 0) {
1398 monitor_printf(mon, "bdrv_snapshot_list: error %d\n", nb_sns);
1399 return;
1400 }
1401 monitor_printf(mon, "Snapshot list (from %s):\n",
1402 bdrv_get_device_name(bs));
1403 monitor_printf(mon, "%s\n", bdrv_snapshot_dump(buf, sizeof(buf), NULL));
1404 for(i = 0; i < nb_sns; i++) {
1405 sn = &sn_tab[i];
1406 monitor_printf(mon, "%s\n", bdrv_snapshot_dump(buf, sizeof(buf), sn));
1407 }
1408 qemu_free(sn_tab);
1409 }
1410