+From 3c93adeb6d594c56619fd34dc345dffa3139c2cb Mon Sep 17 00:00:00 2001
+From: Wolfgang Bumiller <w.bumiller@proxmox.com>
+Date: Wed, 9 Dec 2015 16:04:32 +0100
+Subject: [PATCH 22/41] internal snapshot async
+
+---
+ Makefile.objs | 1 +
+ block.c | 2 +-
+ hmp-commands-info.hx | 13 ++
+ hmp-commands.hx | 32 +++
+ hmp.c | 57 ++++++
+ hmp.h | 5 +
+ include/block/block.h | 1 +
+ include/sysemu/sysemu.h | 5 +-
+ migration/savevm.c | 12 +-
+ qapi-schema.json | 46 +++++
+ qemu-options.hx | 13 ++
+ qmp-commands.hx | 30 +++
+ savevm-async.c | 526 ++++++++++++++++++++++++++++++++++++++++++++++++
+ vl.c | 8 +
+ 14 files changed, 743 insertions(+), 8 deletions(-)
+ create mode 100644 savevm-async.c
+
+diff --git a/Makefile.objs b/Makefile.objs
+index 845edd0..7d9d2d7 100644
+--- a/Makefile.objs
++++ b/Makefile.objs
+@@ -53,6 +53,7 @@ common-obj-$(CONFIG_LINUX) += fsdev/
+ common-obj-y += migration/
+ common-obj-y += qemu-char.o #aio.o
+ common-obj-y += page_cache.o
++common-obj-y += savevm-async.o
+
+ common-obj-$(CONFIG_SPICE) += spice-qemu-char.o
+
+diff --git a/block.c b/block.c
+index 30d64e6..95c1d32 100644
+--- a/block.c
++++ b/block.c
+@@ -2288,7 +2288,7 @@ void bdrv_replace_in_backing_chain(BlockDriverState *old, BlockDriverState *new)
+ bdrv_unref(old);
+ }
+
+-static void bdrv_delete(BlockDriverState *bs)
++void bdrv_delete(BlockDriverState *bs)
+ {
+ assert(!bs->job);
+ assert(bdrv_op_blocker_is_empty(bs));
+diff --git a/hmp-commands-info.hx b/hmp-commands-info.hx
+index 7616fe2..3046f9d 100644
+--- a/hmp-commands-info.hx
++++ b/hmp-commands-info.hx
+@@ -588,6 +588,19 @@ Show current migration xbzrle cache size.
+ ETEXI
+
+ {
++ .name = "savevm",
++ .args_type = "",
++ .params = "",
++ .help = "show savevm status",
++ .mhandler.cmd = hmp_info_savevm,
++ },
++
++STEXI
++@item info savevm
++show savevm status
++ETEXI
++
++ {
+ .name = "balloon",
+ .args_type = "",
+ .params = "",
+diff --git a/hmp-commands.hx b/hmp-commands.hx
+index 0e20ef9..4d735cb 100644
+--- a/hmp-commands.hx
++++ b/hmp-commands.hx
+@@ -1791,3 +1791,35 @@ ETEXI
+ STEXI
+ @end table
+ ETEXI
++
++ {
++ .name = "savevm-start",
++ .args_type = "statefile:s?",
++ .params = "[statefile]",
++ .help = "Prepare for snapshot and halt VM. Save VM state to statefile.",
++ .mhandler.cmd = hmp_savevm_start,
++ },
++
++ {
++ .name = "snapshot-drive",
++ .args_type = "device:s,name:s",
++ .params = "device name",
++ .help = "Create internal snapshot.",
++ .mhandler.cmd = hmp_snapshot_drive,
++ },
++
++ {
++ .name = "delete-drive-snapshot",
++ .args_type = "device:s,name:s",
++ .params = "device name",
++ .help = "Delete internal snapshot.",
++ .mhandler.cmd = hmp_delete_drive_snapshot,
++ },
++
++ {
++ .name = "savevm-end",
++ .args_type = "",
++ .params = "",
++ .help = "Resume VM after snaphot.",
++ .mhandler.cmd = hmp_savevm_end,
++ },
+diff --git a/hmp.c b/hmp.c
+index c292354..7bd319f 100644
+--- a/hmp.c
++++ b/hmp.c
+@@ -2116,6 +2116,63 @@ void hmp_info_memory_devices(Monitor *mon, const QDict *qdict)
+ qapi_free_MemoryDeviceInfoList(info_list);
+ }
+
++void hmp_savevm_start(Monitor *mon, const QDict *qdict)
++{
++ Error *errp = NULL;
++ const char *statefile = qdict_get_try_str(qdict, "statefile");
++
++ qmp_savevm_start(statefile != NULL, statefile, &errp);
++ hmp_handle_error(mon, &errp);
++}
++
++void hmp_snapshot_drive(Monitor *mon, const QDict *qdict)
++{
++ Error *errp = NULL;
++ const char *name = qdict_get_str(qdict, "name");
++ const char *device = qdict_get_str(qdict, "device");
++
++ qmp_snapshot_drive(device, name, &errp);
++ hmp_handle_error(mon, &errp);
++}
++
++void hmp_delete_drive_snapshot(Monitor *mon, const QDict *qdict)
++{
++ Error *errp = NULL;
++ const char *name = qdict_get_str(qdict, "name");
++ const char *device = qdict_get_str(qdict, "device");
++
++ qmp_delete_drive_snapshot(device, name, &errp);
++ hmp_handle_error(mon, &errp);
++}
++
++void hmp_savevm_end(Monitor *mon, const QDict *qdict)
++{
++ Error *errp = NULL;
++
++ qmp_savevm_end(&errp);
++ hmp_handle_error(mon, &errp);
++}
++
++void hmp_info_savevm(Monitor *mon, const QDict *qdict)
++{
++ SaveVMInfo *info;
++ info = qmp_query_savevm(NULL);
++
++ if (info->has_status) {
++ monitor_printf(mon, "savevm status: %s\n", info->status);
++ monitor_printf(mon, "total time: %" PRIu64 " milliseconds\n",
++ info->total_time);
++ } else {
++ monitor_printf(mon, "savevm status: not running\n");
++ }
++ if (info->has_bytes) {
++ monitor_printf(mon, "Bytes saved: %"PRIu64"\n", info->bytes);
++ }
++ if (info->has_error) {
++ monitor_printf(mon, "Error: %s\n", info->error);
++ }
++}
++
+ void hmp_info_iothreads(Monitor *mon, const QDict *qdict)
+ {
+ IOThreadInfoList *info_list = qmp_query_iothreads(NULL);
+diff --git a/hmp.h b/hmp.h
+index 9a4c1f6..b74ddbf 100644
+--- a/hmp.h
++++ b/hmp.h
+@@ -26,6 +26,7 @@ void hmp_info_status(Monitor *mon, const QDict *qdict);
+ void hmp_info_uuid(Monitor *mon, const QDict *qdict);
+ void hmp_info_chardev(Monitor *mon, const QDict *qdict);
+ void hmp_info_mice(Monitor *mon, const QDict *qdict);
++void hmp_info_savevm(Monitor *mon, const QDict *qdict);
+ void hmp_info_migrate(Monitor *mon, const QDict *qdict);
+ void hmp_info_migrate_capabilities(Monitor *mon, const QDict *qdict);
+ void hmp_info_migrate_parameters(Monitor *mon, const QDict *qdict);
+@@ -92,6 +93,10 @@ void hmp_netdev_add(Monitor *mon, const QDict *qdict);
+ void hmp_netdev_del(Monitor *mon, const QDict *qdict);
+ void hmp_getfd(Monitor *mon, const QDict *qdict);
+ void hmp_closefd(Monitor *mon, const QDict *qdict);
++void hmp_savevm_start(Monitor *mon, const QDict *qdict);
++void hmp_snapshot_drive(Monitor *mon, const QDict *qdict);
++void hmp_delete_drive_snapshot(Monitor *mon, const QDict *qdict);
++void hmp_savevm_end(Monitor *mon, const QDict *qdict);
+ void hmp_sendkey(Monitor *mon, const QDict *qdict);
+ void hmp_screendump(Monitor *mon, const QDict *qdict);
+ void hmp_nbd_server_start(Monitor *mon, const QDict *qdict);
+diff --git a/include/block/block.h b/include/block/block.h
+index 11c162d..6822b91 100644
+--- a/include/block/block.h
++++ b/include/block/block.h
+@@ -256,6 +256,7 @@ BlockDriverState *bdrv_find_backing_image(BlockDriverState *bs,
+ int bdrv_get_backing_file_depth(BlockDriverState *bs);
+ void bdrv_refresh_filename(BlockDriverState *bs);
+ int bdrv_truncate(BlockDriverState *bs, int64_t offset);
++void bdrv_delete(BlockDriverState *bs);
+ int64_t bdrv_nb_sectors(BlockDriverState *bs);
+ int64_t bdrv_getlength(BlockDriverState *bs);
+ int64_t bdrv_get_allocated_file_size(BlockDriverState *bs);
+diff --git a/include/sysemu/sysemu.h b/include/sysemu/sysemu.h
+index ee7c760..4875441 100644
+--- a/include/sysemu/sysemu.h
++++ b/include/sysemu/sysemu.h
+@@ -79,6 +79,7 @@ void qemu_remove_machine_init_done_notifier(Notifier *notify);
+
+ void hmp_savevm(Monitor *mon, const QDict *qdict);
+ int load_vmstate(const char *name);
++int load_state_from_blockdev(const char *filename);
+ void hmp_delvm(Monitor *mon, const QDict *qdict);
+ void hmp_info_snapshots(Monitor *mon, const QDict *qdict);
+
+@@ -106,13 +107,13 @@ enum qemu_vm_cmd {
+ #define MAX_VM_CMD_PACKAGED_SIZE (1ul << 24)
+
+ bool qemu_savevm_state_blocked(Error **errp);
+-void qemu_savevm_state_begin(QEMUFile *f,
++int qemu_savevm_state_begin(QEMUFile *f,
+ const MigrationParams *params);
+ void qemu_savevm_state_header(QEMUFile *f);
+ int qemu_savevm_state_iterate(QEMUFile *f, bool postcopy);
+ void qemu_savevm_state_cleanup(void);
+ void qemu_savevm_state_complete_postcopy(QEMUFile *f);
+-void qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only);
++int qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only);
+ void qemu_savevm_state_pending(QEMUFile *f, uint64_t max_size,
+ uint64_t *res_non_postcopiable,
+ uint64_t *res_postcopiable);
+diff --git a/migration/savevm.c b/migration/savevm.c
+index 33a2911..b1bdfb6 100644
+--- a/migration/savevm.c
++++ b/migration/savevm.c
+@@ -879,11 +879,11 @@ void qemu_savevm_state_header(QEMUFile *f)
+
+ }
+
+-void qemu_savevm_state_begin(QEMUFile *f,
++int qemu_savevm_state_begin(QEMUFile *f,
+ const MigrationParams *params)
+ {
+ SaveStateEntry *se;
+- int ret;
++ int ret = 0;
+
+ trace_savevm_state_begin();
+ QTAILQ_FOREACH(se, &savevm_state.handlers, entry) {
+@@ -911,6 +911,7 @@ void qemu_savevm_state_begin(QEMUFile *f,
+ break;
+ }
+ }
++ return ret;
+ }
+
+ /*
+@@ -1014,7 +1015,7 @@ void qemu_savevm_state_complete_postcopy(QEMUFile *f)
+ qemu_fflush(f);
+ }
+
+-void qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only)
++int qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only)
+ {
+ QJSON *vmdesc;
+ int vmdesc_len;
+@@ -1048,12 +1049,12 @@ void qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only)
+ save_section_footer(f, se);
+ if (ret < 0) {
+ qemu_file_set_error(f, ret);
+- return;
++ return ret;
+ }
+ }
+
+ if (iterable_only) {
+- return;
++ return ret;
+ }
+
+ vmdesc = qjson_new();
+@@ -1100,6 +1101,7 @@ void qemu_savevm_state_complete_precopy(QEMUFile *f, bool iterable_only)
+ qjson_destroy(vmdesc);
+
+ qemu_fflush(f);
++ return qemu_file_get_error(f);
+ }
+
+ /* Give an estimate of the amount left to be transferred,
+diff --git a/qapi-schema.json b/qapi-schema.json
+index 147137d..0c0faf7 100644
+--- a/qapi-schema.json
++++ b/qapi-schema.json
+@@ -594,6 +594,42 @@
+ '*cpu-throttle-percentage': 'int',
+ '*error-desc': 'str'} }
+
++
++# @SaveVMInfo
++#
++# Information about current migration process.
++#
++# @status: #optional string describing the current savevm status.
++# This can be 'active', 'completed', 'failed'.
++# If this field is not returned, no savevm process
++# has been initiated
++#
++# @error: #optional string containing error message is status is failed.
++#
++# @total-time: #optional total amount of milliseconds since savevm started.
++# If savevm has ended, it returns the total save time
++#
++# @bytes: #optional total amount of data transfered
++#
++# Since: 1.3
++##
++{ 'struct': 'SaveVMInfo',
++ 'data': {'*status': 'str', '*error': 'str',
++ '*total-time': 'int', '*bytes': 'int'} }
++
++##
++# @query-savevm
++#
++# Returns information about current savevm process.
++#
++# Returns: @SaveVMInfo
++#
++# Since: 1.3
++##
++{ 'command': 'query-savevm', 'returns': 'SaveVMInfo' }
++
++##
++
+ ##
+ # @query-migrate
+ #
+@@ -3286,8 +3322,18 @@
+ #
+ # Since: 1.2.0
+ ##
++
+ { 'command': 'query-target', 'returns': 'TargetInfo' }
+
++{ 'command': 'savevm-start', 'data': { '*statefile': 'str' } }
++
++{ 'command': 'snapshot-drive', 'data': { 'device': 'str', 'name': 'str' } }
++
++{ 'command': 'delete-drive-snapshot', 'data': { 'device': 'str', 'name': 'str' } }
++
++{ 'command': 'savevm-end' }
++
++
+ ##
+ # @QKeyCode:
+ #
+diff --git a/qemu-options.hx b/qemu-options.hx
+index a71aaf8..37fad3b 100644
+--- a/qemu-options.hx
++++ b/qemu-options.hx
+@@ -3302,6 +3302,19 @@ STEXI
+ Start right away with a saved state (@code{loadvm} in monitor)
+ ETEXI
+
++DEF("loadstate", HAS_ARG, QEMU_OPTION_loadstate, \
++ "-loadstate file\n" \
++ " start right away with a saved state\n",
++ QEMU_ARCH_ALL)
++STEXI
++@item -loadstate @var{file}
++@findex -loadstate
++Start right away with a saved state. This option does not rollback
++disk state like @code{loadvm}, so user must make sure that disk
++have correct state. @var{file} can be any valid device URL. See the section
++for "Device URL Syntax" for more information.
++ETEXI
++
+ #ifndef _WIN32
+ DEF("daemonize", 0, QEMU_OPTION_daemonize, \
+ "-daemonize daemonize QEMU after initializing\n", QEMU_ARCH_ALL)
+diff --git a/qmp-commands.hx b/qmp-commands.hx
+index a8e8522..6342cd2 100644
+--- a/qmp-commands.hx
++++ b/qmp-commands.hx
+@@ -4904,6 +4904,36 @@ Example:
+ EQMP
+
+ {
++ .name = "savevm-start",
++ .args_type = "statefile:s?",
++ .mhandler.cmd_new = qmp_marshal_savevm_start,
++ },
++
++ {
++ .name = "snapshot-drive",
++ .args_type = "device:s,name:s",
++ .mhandler.cmd_new = qmp_marshal_snapshot_drive,
++ },
++
++ {
++ .name = "delete-drive-snapshot",
++ .args_type = "device:s,name:s",
++ .mhandler.cmd_new = qmp_marshal_delete_drive_snapshot,
++ },
++
++ {
++ .name = "savevm-end",
++ .args_type = "",
++ .mhandler.cmd_new = qmp_marshal_savevm_end,
++ },
++
++ {
++ .name = "query-savevm",
++ .args_type = "",
++ .mhandler.cmd_new = qmp_marshal_query_savevm,
++ },
++
++ {
+ .name = "query-rocker",
+ .args_type = "name:s",
+ .mhandler.cmd_new = qmp_marshal_query_rocker,
+diff --git a/savevm-async.c b/savevm-async.c
+new file mode 100644
+index 0000000..ae7ea84
+--- /dev/null
++++ b/savevm-async.c
+@@ -0,0 +1,526 @@
++#include "qemu/osdep.h"
++#include "qemu-common.h"
++#include "qapi/qmp/qerror.h"
++#include "qemu/error-report.h"
++#include "sysemu/sysemu.h"
++#include "qmp-commands.h"
++#include "qemu-options.h"
++#include "migration/qemu-file.h"
++#include "qom/qom-qobject.h"
++#include "migration/migration.h"
++#include "block/snapshot.h"
++#include "block/qapi.h"
++#include "block/block.h"
++#include "qemu/timer.h"
++#include "sysemu/block-backend.h"
++#include "qapi/qmp/qstring.h"
++#include "qemu/rcu.h"
++#include "qemu/thread.h"
++#include "qemu/cutils.h"
++
++/* #define DEBUG_SAVEVM_STATE */
++
++#ifdef DEBUG_SAVEVM_STATE
++#define DPRINTF(fmt, ...) \
++ do { printf("savevm-async: " fmt, ## __VA_ARGS__); } while (0)
++#else
++#define DPRINTF(fmt, ...) \
++ do { } while (0)
++#endif
++
++enum {
++ SAVE_STATE_DONE,
++ SAVE_STATE_ERROR,
++ SAVE_STATE_ACTIVE,
++ SAVE_STATE_COMPLETED,
++ SAVE_STATE_CANCELLED
++};
++
++
++static struct SnapshotState {
++ BlockDriverState *bs;
++ size_t bs_pos;
++ int state;
++ Error *error;
++ Error *blocker;
++ int saved_vm_running;
++ QEMUFile *file;
++ int64_t total_time;
++} snap_state;
++
++SaveVMInfo *qmp_query_savevm(Error **errp)
++{
++ SaveVMInfo *info = g_malloc0(sizeof(*info));
++ struct SnapshotState *s = &snap_state;
++
++ if (s->state != SAVE_STATE_DONE) {
++ info->has_bytes = true;
++ info->bytes = s->bs_pos;
++ switch (s->state) {
++ case SAVE_STATE_ERROR:
++ info->has_status = true;
++ info->status = g_strdup("failed");
++ info->has_total_time = true;
++ info->total_time = s->total_time;
++ if (s->error) {
++ info->has_error = true;
++ info->error = g_strdup(error_get_pretty(s->error));
++ }
++ break;
++ case SAVE_STATE_ACTIVE:
++ info->has_status = true;
++ info->status = g_strdup("active");
++ info->has_total_time = true;
++ info->total_time = qemu_clock_get_ms(QEMU_CLOCK_REALTIME)
++ - s->total_time;
++ break;
++ case SAVE_STATE_COMPLETED:
++ info->has_status = true;
++ info->status = g_strdup("completed");
++ info->has_total_time = true;
++ info->total_time = s->total_time;
++ break;
++ }
++ }
++
++ return info;
++}
++
++static int save_snapshot_cleanup(void)
++{
++ int ret = 0;
++
++ DPRINTF("save_snapshot_cleanup\n");
++
++ snap_state.total_time = qemu_clock_get_ms(QEMU_CLOCK_REALTIME) -
++ snap_state.total_time;
++
++ if (snap_state.file) {
++ ret = qemu_fclose(snap_state.file);
++ }
++
++ if (snap_state.bs) {
++ /* try to truncate, but ignore errors (will fail on block devices).
++ * note: bdrv_read() need whole blocks, so we round up
++ */
++ size_t size = (snap_state.bs_pos + BDRV_SECTOR_SIZE) & BDRV_SECTOR_MASK;
++ bdrv_truncate(snap_state.bs, size);
++ bdrv_op_unblock_all(snap_state.bs, snap_state.blocker);
++ error_free(snap_state.blocker);
++ snap_state.blocker = NULL;
++ bdrv_unref(snap_state.bs);
++ snap_state.bs = NULL;
++ }
++
++ return ret;
++}
++
++static void save_snapshot_error(const char *fmt, ...)
++{
++ va_list ap;
++ char *msg;
++
++ va_start(ap, fmt);
++ msg = g_strdup_vprintf(fmt, ap);
++ va_end(ap);
++
++ DPRINTF("save_snapshot_error: %s\n", msg);
++
++ if (!snap_state.error) {
++ error_set(&snap_state.error, ERROR_CLASS_GENERIC_ERROR, "%s", msg);
++ }
++
++ g_free (msg);
++
++ snap_state.state = SAVE_STATE_ERROR;
++
++ save_snapshot_cleanup();
++}
++
++static void save_snapshot_completed(void)
++{
++ DPRINTF("save_snapshot_completed\n");
++
++ if (save_snapshot_cleanup() < 0) {
++ snap_state.state = SAVE_STATE_ERROR;
++ } else {
++ snap_state.state = SAVE_STATE_COMPLETED;
++ }
++}
++
++static int block_state_close(void *opaque)
++{
++ snap_state.file = NULL;
++ return bdrv_flush(snap_state.bs);
++}
++
++static int block_state_put_buffer(void *opaque, const uint8_t *buf,
++ int64_t pos, int size)
++{
++ int ret;
++
++ assert(pos == snap_state.bs_pos);
++
++ if ((ret = bdrv_pwrite(snap_state.bs, snap_state.bs_pos, buf, size)) > 0) {
++ snap_state.bs_pos += ret;
++ }
++
++ return ret;
++}
++
++static int store_and_stop(void) {
++ if (global_state_store()) {
++ save_snapshot_error("Error saving global state");
++ return 1;
++ }
++ if (runstate_is_running()) {
++ vm_stop(RUN_STATE_SAVE_VM);
++ }
++ return 0;
++}
++
++static void process_savevm_co(void *opaque)
++{
++ int ret;
++ int64_t maxlen;
++ MigrationParams params = {
++ .blk = 0,
++ .shared = 0
++ };
++
++ snap_state.state = SAVE_STATE_ACTIVE;
++
++ qemu_mutex_unlock_iothread();
++ qemu_savevm_state_header(snap_state.file);
++ ret = qemu_savevm_state_begin(snap_state.file, ¶ms);
++ qemu_mutex_lock_iothread();
++
++ if (ret < 0) {
++ save_snapshot_error("qemu_savevm_state_begin failed");
++ return;
++ }
++
++ while (snap_state.state == SAVE_STATE_ACTIVE) {
++ uint64_t pending_size;
++
++ pending_size = qemu_savevm_state_pending(snap_state.file, 0);
++
++ if (pending_size) {
++ ret = qemu_savevm_state_iterate(snap_state.file);
++ if (ret < 0) {
++ save_snapshot_error("qemu_savevm_state_iterate error %d", ret);
++ break;
++ }
++ DPRINTF("savevm inerate pending size %lu ret %d\n", pending_size, ret);
++ } else {
++ DPRINTF("done iterating\n");
++ if (store_and_stop())
++ break;
++ DPRINTF("savevm inerate finished\n");
++ qemu_savevm_state_complete_precopy(snap_state.file);
++ DPRINTF("save complete\n");
++ save_snapshot_completed();
++ break;
++ }
++
++ /* stop the VM if we get to the end of available space,
++ * or if pending_size is just a few MB
++ */
++ maxlen = bdrv_getlength(snap_state.bs) - 30*1024*1024;
++ if ((pending_size < 100000) ||
++ ((snap_state.bs_pos + pending_size) >= maxlen)) {
++ if (store_and_stop())
++ break;
++ }
++ }
++
++ if(snap_state.state == SAVE_STATE_CANCELLED) {
++ save_snapshot_completed();
++ Error *errp = NULL;
++ qmp_savevm_end(&errp);
++ }
++
++}
++
++static const QEMUFileOps block_file_ops = {
++ .put_buffer = block_state_put_buffer,
++ .close = block_state_close,
++};
++
++
++void qmp_savevm_start(bool has_statefile, const char *statefile, Error **errp)
++{
++ BlockDriver *drv = NULL;
++ Error *local_err = NULL;
++
++ int bdrv_oflags = BDRV_O_RDWR;
++ int ret;
++
++ if (snap_state.state != SAVE_STATE_DONE) {
++ error_set(errp, ERROR_CLASS_GENERIC_ERROR,
++ "VM snapshot already started\n");
++ return;
++ }
++
++ /* initialize snapshot info */
++ snap_state.saved_vm_running = runstate_is_running();
++ snap_state.bs_pos = 0;
++ snap_state.total_time = qemu_clock_get_ms(QEMU_CLOCK_REALTIME);
++ snap_state.blocker = NULL;
++
++ if (snap_state.error) {
++ error_free(snap_state.error);
++ snap_state.error = NULL;
++ }
++
++ if (!has_statefile) {
++ vm_stop(RUN_STATE_SAVE_VM);
++ snap_state.state = SAVE_STATE_COMPLETED;
++ return;
++ }
++
++ if (qemu_savevm_state_blocked(errp)) {
++ return;
++ }
++
++ /* Open the image */
++ snap_state.bs = bdrv_new();
++
++ QDict *options = NULL;
++ options = qdict_new();
++ qdict_put(options, "driver", qstring_from_str("raw"));
++ ret = bdrv_open(&snap_state.bs, statefile, NULL, options, bdrv_oflags, drv, &local_err);
++ if (ret < 0) {
++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, "failed to open '%s'", statefile);
++ goto restart;
++ }
++
++ snap_state.file = qemu_fopen_ops(&snap_state, &block_file_ops);
++
++ if (!snap_state.file) {
++ error_set(errp, ERROR_CLASS_GENERIC_ERROR, "failed to open '%s'", statefile);
++ goto restart;
++ }
++
++
++ error_setg(&snap_state.blocker, "block device is in use by savevm");
++ bdrv_op_block_all(snap_state.bs, snap_state.blocker);
++
++ Coroutine *co = qemu_coroutine_create(process_savevm_co);
++ qemu_coroutine_enter(co);
++
++ return;
++
++restart:
++
++ save_snapshot_error("setup failed");
++
++ if (snap_state.saved_vm_running) {
++ vm_start();
++ }
++}
++
++void qmp_savevm_end(Error **errp)
++{
++ if (snap_state.state == SAVE_STATE_DONE) {
++ error_set(errp, ERROR_CLASS_GENERIC_ERROR,
++ "VM snapshot not started\n");
++ return;
++ }
++
++ if (snap_state.state == SAVE_STATE_ACTIVE) {
++ snap_state.state = SAVE_STATE_CANCELLED;
++ return;
++ }
++
++ if (snap_state.saved_vm_running) {
++ vm_start();
++ }
++
++ snap_state.state = SAVE_STATE_DONE;
++}
++
++void qmp_snapshot_drive(const char *device, const char *name, Error **errp)
++{
++ BlockBackend *blk;
++ BlockDriverState *bs;
++ QEMUSnapshotInfo sn1, *sn = &sn1;
++ int ret;
++#ifdef _WIN32
++ struct _timeb tb;
++#else
++ struct timeval tv;
++#endif
++
++ if (snap_state.state != SAVE_STATE_COMPLETED) {
++ error_set(errp, ERROR_CLASS_GENERIC_ERROR,
++ "VM snapshot not ready/started\n");
++ return;
++ }
++
++ blk = blk_by_name(device);
++ if (!blk) {
++ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
++ "Device '%s' not found", device);
++ return;
++ }
++
++ bs = blk_bs(blk);
++ if (!bdrv_is_inserted(bs)) {
++ error_setg(errp, QERR_DEVICE_HAS_NO_MEDIUM, device);
++ return;
++ }
++
++ if (bdrv_is_read_only(bs)) {
++ error_setg(errp, "Node '%s' is read only", device);
++ return;
++ }
++
++ if (!bdrv_can_snapshot(bs)) {
++ error_setg(errp, QERR_UNSUPPORTED);
++ return;
++ }
++
++ if (bdrv_snapshot_find(bs, sn, name) >= 0) {
++ error_set(errp, ERROR_CLASS_GENERIC_ERROR,
++ "snapshot '%s' already exists", name);
++ return;
++ }
++
++ sn = &sn1;
++ memset(sn, 0, sizeof(*sn));
++
++#ifdef _WIN32
++ _ftime(&tb);
++ sn->date_sec = tb.time;
++ sn->date_nsec = tb.millitm * 1000000;
++#else
++ gettimeofday(&tv, NULL);
++ sn->date_sec = tv.tv_sec;
++ sn->date_nsec = tv.tv_usec * 1000;
++#endif
++ sn->vm_clock_nsec = qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL);
++
++ pstrcpy(sn->name, sizeof(sn->name), name);
++
++ sn->vm_state_size = 0; /* do not save state */
++
++ ret = bdrv_snapshot_create(bs, sn);
++ if (ret < 0) {
++ error_set(errp, ERROR_CLASS_GENERIC_ERROR,
++ "Error while creating snapshot on '%s'\n", device);
++ return;
++ }
++}
++
++void qmp_delete_drive_snapshot(const char *device, const char *name,
++ Error **errp)
++{
++ BlockBackend *blk;
++ BlockDriverState *bs;
++ QEMUSnapshotInfo sn1, *sn = &sn1;
++ Error *local_err = NULL;
++
++ int ret;
++
++ blk = blk_by_name(device);
++ if (!blk) {
++ error_set(errp, ERROR_CLASS_DEVICE_NOT_FOUND,
++ "Device '%s' not found", device);
++ return;
++ }
++
++ bs = blk_bs(blk);
++ if (bdrv_is_read_only(bs)) {
++ error_setg(errp, "Node '%s' is read only", device);
++ return;
++ }
++
++ if (!bdrv_can_snapshot(bs)) {
++ error_setg(errp, QERR_UNSUPPORTED);
++ return;
++ }
++
++ if (bdrv_snapshot_find(bs, sn, name) < 0) {
++ /* return success if snapshot does not exists */
++ return;
++ }
++
++ ret = bdrv_snapshot_delete(bs, NULL, name, &local_err);
++ if (ret < 0) {
++ error_set(errp, ERROR_CLASS_GENERIC_ERROR,
++ "Error while deleting snapshot on '%s'\n", device);
++ return;
++ }
++}
++
++static int loadstate_get_buffer(void *opaque, uint8_t *buf, int64_t pos,
++ int size)
++{
++ BlockDriverState *bs = (BlockDriverState *)opaque;
++ int64_t maxlen = bdrv_getlength(bs);
++ if (pos > maxlen) {
++ return -EIO;
++ }
++ if ((pos + size) > maxlen) {
++ size = maxlen - pos - 1;
++ }
++ if (size == 0) {
++ return 0;
++ }
++ return bdrv_pread(bs, pos, buf, size);
++}
++
++static const QEMUFileOps loadstate_file_ops = {
++ .get_buffer = loadstate_get_buffer,
++};
++
++int load_state_from_blockdev(const char *filename)
++{
++ BlockDriverState *bs = NULL;
++ BlockDriver *drv = NULL;
++ Error *local_err = NULL;
++ Error *blocker = NULL;
++
++ QEMUFile *f;
++ int ret;
++
++ bs = bdrv_new();
++ ret = bdrv_open(&bs, filename, NULL, NULL, 0, drv, &local_err);
++ error_setg(&blocker, "block device is in use by load state");
++ bdrv_op_block_all(bs, blocker);
++
++ if (ret < 0) {
++ error_report("Could not open VM state file");
++ goto the_end;
++ }
++
++ /* restore the VM state */
++ f = qemu_fopen_ops(bs, &loadstate_file_ops);
++ if (!f) {
++ error_report("Could not open VM state file");
++ ret = -EINVAL;
++ goto the_end;
++ }
++
++ qemu_system_reset(VMRESET_SILENT);
++ migration_incoming_state_new(f);
++ ret = qemu_loadvm_state(f);
++
++ qemu_fclose(f);
++ migration_incoming_state_destroy();
++ if (ret < 0) {
++ error_report("Error %d while loading VM state", ret);
++ goto the_end;
++ }
++
++ ret = 0;
++
++ the_end:
++ if (bs) {
++ bdrv_op_unblock_all(bs, blocker);
++ error_free(blocker);
++ bdrv_unref(bs);
++ }
++ return ret;
++}
+diff --git a/vl.c b/vl.c
+index bdf4fdc..85033e3 100644
+--- a/vl.c
++++ b/vl.c
+@@ -2948,6 +2948,7 @@ int main(int argc, char **argv, char **envp)
+ int optind;
+ const char *optarg;
+ const char *loadvm = NULL;
++ const char *loadstate = NULL;
+ MachineClass *machine_class;
+ const char *cpu_model;
+ const char *vga_model = NULL;
+@@ -3589,6 +3590,9 @@ int main(int argc, char **argv, char **envp)
+ case QEMU_OPTION_loadvm:
+ loadvm = optarg;
+ break;
++ case QEMU_OPTION_loadstate:
++ loadstate = optarg;
++ break;
+ case QEMU_OPTION_full_screen:
+ full_screen = 1;
+ break;
+@@ -4583,6 +4587,10 @@ int main(int argc, char **argv, char **envp)
+ if (load_vmstate(loadvm) < 0) {
+ autostart = 0;
+ }
++ } else if (loadstate) {
++ if (load_state_from_blockdev(loadstate) < 0) {
++ autostart = 0;
++ }
+ }
+
+ qdev_prop_check_globals();
+--
+2.1.4
+