Re: [Qemu-block] [Qemu-devel] [PATCH for-4.0? 0/2] Fix overflow bug in q

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-block] [Qemu-devel] [PATCH for-4.0? 0/2] Fix overflow bug in q

From:	Eric Blake
Subject:	Re: [Qemu-block] [Qemu-devel] [PATCH for-4.0? 0/2] Fix overflow bug in qcow2 discard
Date:	Wed, 17 Apr 2019 07:33:35 -0500
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1

On 4/17/19 5:09 AM, Vladimir Sementsov-Ogievskiy wrote:
> Hi all. We faced an interesting bug, which may be simply reproduced:
> 
> prepare image:
> ./qemu-img create -f qcow2 -o cluster_size=1M /ssd/test 2300M
> ./qemu-io -c 'write 100M 2000M' -c 'write 2100M 200M' -c 'write 0 100M' 
> /ssd/test
> 
> shrink:
> ./qemu-img resize --shrink /ssd/test 50M
> 
> bug:
> ./qemu-img info /ssd/test
> image: /ssd/test
> file format: qcow2
> virtual size: 50M (52428800 bytes)
> disk size: 2.2G
> cluster_size: 1048576
> Format specific information:
>     compat: 1.1
>     lazy refcounts: false
>     refcount bits: 16
>     corrupt: false
> 
> Virtual size is shrunk, but file - not. It is due to the fact,
> that merged qcow2 discard may exceed 2G, and then converting from
> uint64_t to int in qcow2_process_discards when we call bdrv_pdiscard
> make wrong thing.

Too late for 4.0, but also not a regression new to this release, since
the problem appears to have been present since its introduction in
commit 0b919fae (1.6.0) (that is, even back then, Qcow2DiscardRegion was
introduced with a 64-bit discard length, but qcow2_process_discards
blindly passed that through bdrv_discard() at the time, which took 'int
nb_sectors').

> 
> So, here are proposal of fix and new iotest for it.
> 
> Vladimir Sementsov-Ogievskiy (2):
>   block/io: bdrv_pdiscard: support int64_t bytes parameter
>   iotests: test big qcow2 shrink
> 
>  include/block/block.h      |  4 +--
>  block/io.c                 | 19 ++++++-----
>  tests/qemu-iotests/249     | 69 ++++++++++++++++++++++++++++++++++++++
>  tests/qemu-iotests/249.out | 30 +++++++++++++++++
>  tests/qemu-iotests/group   |  1 +
>  5 files changed, 112 insertions(+), 11 deletions(-)
>  create mode 100755 tests/qemu-iotests/249
>  create mode 100644 tests/qemu-iotests/249.out
> 

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3226
Virtualization:  qemu.org | libvirt.org

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-block] [PATCH for-4.0? 0/2] Fix overflow bug in qcow2 discard, Vladimir Sementsov-Ogievskiy, 2019/04/17
- [Qemu-block] [PATCH 1/2] block/io: bdrv_pdiscard: support int64_t bytes parameter, Vladimir Sementsov-Ogievskiy, 2019/04/17
  - Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] block/io: bdrv_pdiscard: support int64_t bytes parameter, Eric Blake, 2019/04/17
    - Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] block/io: bdrv_pdiscard: support int64_t bytes parameter, Vladimir Sementsov-Ogievskiy, 2019/04/19
- [Qemu-block] [PATCH 2/2] iotests: test big qcow2 shrink, Vladimir Sementsov-Ogievskiy, 2019/04/17
  - Re: [Qemu-block] [Qemu-devel] [PATCH 2/2] iotests: test big qcow2 shrink, Eric Blake, 2019/04/17
- Re: [Qemu-block] [Qemu-devel] [PATCH for-4.0? 0/2] Fix overflow bug in qcow2 discard, Eric Blake <=

Prev by Date: Re: [Qemu-block] [PATCH] scsi-generic: prevent guest from exceeding SG_IO limits
Next by Date: Re: [Qemu-block] [Qemu-devel] [PATCH 1/2] block/io: bdrv_pdiscard: support int64_t bytes parameter
Previous by thread: Re: [Qemu-block] [Qemu-devel] [PATCH 2/2] iotests: test big qcow2 shrink
Next by thread: [Qemu-block] [PATCH] scsi-generic: prevent guest from exceeding SG_IO limits
Index(es):
- Date
- Thread