[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-stable] [PATCH 111/156] qcow2: Fix copy_sectors() with VM state
From: |
Michael Roth |
Subject: |
[Qemu-stable] [PATCH 111/156] qcow2: Fix copy_sectors() with VM state |
Date: |
Tue, 8 Jul 2014 12:18:22 -0500 |
From: Kevin Wolf <address@hidden>
bs->total_sectors is not the highest possible sector number that could
be involved in a copy on write operation: VM state is after the end of
the virtual disk. This resulted in wrong values for the number of
sectors to be copied (n).
The code that checks for the end of the image isn't required any more
because the code hasn't been calling the block layer's bdrv_read() for a
long time; instead, it directly calls qcow2_readv(), which doesn't error
out on VM state sector numbers.
Signed-off-by: Kevin Wolf <address@hidden>
Reviewed-by: Max Reitz <address@hidden>
Signed-off-by: Stefan Hajnoczi <address@hidden>
(cherry picked from commit 6b7d4c55586a849aa8313282d79432917eade3bf)
Signed-off-by: Michael Roth <address@hidden>
---
block/qcow2-cluster.c | 9 ---------
tests/qemu-iotests/029 | 22 ++++++++++++++++++++--
tests/qemu-iotests/029.out | 13 +++++++++++++
3 files changed, 33 insertions(+), 11 deletions(-)
diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c
index 64a7ee6..23f2878 100644
--- a/block/qcow2-cluster.c
+++ b/block/qcow2-cluster.c
@@ -359,15 +359,6 @@ static int coroutine_fn copy_sectors(BlockDriverState *bs,
struct iovec iov;
int n, ret;
- /*
- * If this is the last cluster and it is only partially used, we must only
- * copy until the end of the image, or bdrv_check_request will fail for the
- * bdrv_read/write calls below.
- */
- if (start_sect + n_end > bs->total_sectors) {
- n_end = bs->total_sectors - start_sect;
- }
-
n = n_end - n_start;
if (n <= 0) {
return 0;
diff --git a/tests/qemu-iotests/029 b/tests/qemu-iotests/029
index b424726..567e071 100755
--- a/tests/qemu-iotests/029
+++ b/tests/qemu-iotests/029
@@ -1,7 +1,6 @@
#!/bin/bash
#
-# Test loading internal snapshots where the L1 table of the snapshot
-# is smaller than the current L1 table.
+# qcow2 internal snapshots/VM state tests
#
# Copyright (C) 2011 Red Hat, Inc.
#
@@ -45,6 +44,11 @@ _supported_fmt qcow2
_supported_proto generic
_supported_os Linux
+echo
+echo Test loading internal snapshots where the L1 table of the snapshot
+echo is smaller than the current L1 table.
+echo
+
CLUSTER_SIZE=65536
_make_test_img 64M
$QEMU_IMG snapshot -c foo "$TEST_IMG"
@@ -59,6 +63,20 @@ $QEMU_IO -c 'write -b 0 4M' "$TEST_IMG" | _filter_qemu_io
$QEMU_IMG snapshot -a foo "$TEST_IMG"
_check_test_img
+
+echo
+echo Try using a huge VM state
+echo
+
+CLUSTER_SIZE=65536
+_make_test_img 64M
+{ $QEMU_IO -c "write -b -P 0x11 1T 4k" $TEST_IMG; } 2>&1 | _filter_qemu_io |
_filter_testdir
+{ $QEMU_IMG snapshot -c foo $TEST_IMG; } 2>&1 | _filter_qemu_io |
_filter_testdir
+{ $QEMU_IMG snapshot -a foo $TEST_IMG; } 2>&1 | _filter_qemu_io |
_filter_testdir
+{ $QEMU_IO -c "read -b -P 0x11 1T 4k" $TEST_IMG; } 2>&1 | _filter_qemu_io |
_filter_testdir
+_check_test_img
+
+
# success, all done
echo "*** done"
rm -f $seq.full
diff --git a/tests/qemu-iotests/029.out b/tests/qemu-iotests/029.out
index 0eedb3a..9029698 100644
--- a/tests/qemu-iotests/029.out
+++ b/tests/qemu-iotests/029.out
@@ -1,4 +1,8 @@
QA output created by 029
+
+Test loading internal snapshots where the L1 table of the snapshot
+is smaller than the current L1 table.
+
Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
wrote 4096/4096 bytes at offset 0
4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
@@ -7,4 +11,13 @@ Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=16777216
wrote 4194304/4194304 bytes at offset 0
4 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
No errors were found on the image.
+
+Try using a huge VM state
+
+Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864
+wrote 4096/4096 bytes at offset 1099511627776
+4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+read 4096/4096 bytes at offset 1099511627776
+4 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)
+No errors were found on the image.
*** done
--
1.9.1
- [Qemu-stable] [PATCH 156/156] pci: assign devfn to pci_dev before calling pci_device_iommu_address_space(), (continued)
- [Qemu-stable] [PATCH 156/156] pci: assign devfn to pci_dev before calling pci_device_iommu_address_space(), Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 153/156] vnc: Fix tight_detect_smooth_image() for lossless case, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 144/156] coroutine-win32.c: Add noinline attribute to work around gcc bug, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 117/156] qcow1: Check maximum cluster size, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 010/156] tests: Fix 'make test' for i686 hosts (build regression), Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 008/156] qom: Avoid leaking str and bool properties on failure, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 009/156] tap: avoid deadlocking rx, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 066/156] virtio: allow mapping up to max queue size, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 019/156] ide: Correct improper smart self test counter reset in ide core., Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 083/156] vpc: Validate block size (CVE-2014-0142), Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 111/156] qcow2: Fix copy_sectors() with VM state,
Michael Roth <=
- [Qemu-stable] [PATCH 103/156] dmg: prevent out-of-bounds array access on terminator, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 149/156] nbd: Don't validate from and len in NBD_CMD_DISC., Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 058/156] stellaris_enet: block migration, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 017/156] qcow2: Flush metadata during read-only reopen, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 057/156] virtio: validate config_len on load, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 106/156] dmg: sanitize chunk length and sectorcount (CVE-2014-0145), Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 082/156] vpc/vhd: add bounds check for max_table_entries and block_size (CVE-2014-0144), Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 135/156] aio: fix qemu_bh_schedule() bh->ctx race condition, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 105/156] dmg: use appropriate types when reading chunks, Michael Roth, 2014/07/08
- [Qemu-stable] [PATCH 070/156] qemu-iotests: add cloop input validation tests, Michael Roth, 2014/07/08