diff options
| -rw-r--r-- | block.c | 3 | ||||
| -rw-r--r-- | block/mirror.c | 3 | ||||
| -rw-r--r-- | block/qapi.c | 7 | ||||
| -rw-r--r-- | block/qcow.c | 2 | ||||
| -rw-r--r-- | block/qcow2-cluster.c | 21 | ||||
| -rw-r--r-- | block/qcow2.c | 3 | ||||
| -rw-r--r-- | block/vhdx.c | 13 | ||||
| -rw-r--r-- | block/vmdk.c | 51 | ||||
| -rw-r--r-- | block/vvfat.c | 4 | ||||
| -rw-r--r-- | hw/block/virtio-blk.c | 134 | ||||
| -rw-r--r-- | include/block/block_int.h | 8 | ||||
| -rw-r--r-- | include/hw/virtio/virtio-blk.h | 3 | ||||
| -rw-r--r-- | qemu-img.c | 4 | ||||
| -rwxr-xr-x | tests/qemu-iotests/060 | 15 | ||||
| -rw-r--r-- | tests/qemu-iotests/060.out | 13 | ||||
| -rwxr-xr-x | tests/qemu-iotests/064 | 19 | ||||
| -rw-r--r-- | tests/qemu-iotests/064.out | 34 |
17 files changed, 239 insertions, 98 deletions
diff --git a/block.c b/block.c index cbe4a32a5a..d45e4ddf31 100644 --- a/block.c +++ b/block.c @@ -2207,7 +2207,6 @@ int bdrv_commit(BlockDriverState *bs) int n, ro, open_flags; int ret = 0; uint8_t *buf = NULL; - char filename[PATH_MAX]; if (!drv) return -ENOMEDIUM; @@ -2222,8 +2221,6 @@ int bdrv_commit(BlockDriverState *bs) } ro = bs->backing_hd->read_only; - /* Use pstrcpy (not strncpy): filename must be NUL-terminated. */ - pstrcpy(filename, sizeof(filename), bs->backing_hd->filename); open_flags = bs->backing_hd->open_flags; if (ro) { diff --git a/block/mirror.c b/block/mirror.c index 9019d1ba56..405616422b 100644 --- a/block/mirror.c +++ b/block/mirror.c @@ -378,7 +378,8 @@ static void coroutine_fn mirror_run(void *opaque) int64_t sector_num, end, sectors_per_chunk, length; uint64_t last_pause_ns; BlockDriverInfo bdi; - char backing_filename[1024]; + char backing_filename[2]; /* we only need 2 characters because we are only + checking for a NULL string */ int ret = 0; int n; diff --git a/block/qapi.c b/block/qapi.c index a6fd6f7ab2..75c388e90b 100644 --- a/block/qapi.c +++ b/block/qapi.c @@ -175,7 +175,6 @@ void bdrv_query_image_info(BlockDriverState *bs, { int64_t size; const char *backing_filename; - char backing_filename2[1024]; BlockDriverInfo bdi; int ret; Error *err = NULL; @@ -211,13 +210,14 @@ void bdrv_query_image_info(BlockDriverState *bs, backing_filename = bs->backing_file; if (backing_filename[0] != '\0') { + char *backing_filename2 = g_malloc0(PATH_MAX); info->backing_filename = g_strdup(backing_filename); info->has_backing_filename = true; - bdrv_get_full_backing_filename(bs, backing_filename2, - sizeof(backing_filename2), &err); + bdrv_get_full_backing_filename(bs, backing_filename2, PATH_MAX, &err); if (err) { error_propagate(errp, err); qapi_free_ImageInfo(info); + g_free(backing_filename2); return; } @@ -231,6 +231,7 @@ void bdrv_query_image_info(BlockDriverState *bs, info->backing_filename_format = g_strdup(bs->backing_format); info->has_backing_filename_format = true; } + g_free(backing_filename2); } ret = bdrv_query_snapshot_info_list(bs, &info->snapshots, &err); diff --git a/block/qcow.c b/block/qcow.c index ece22697a6..ccbe9e0d2c 100644 --- a/block/qcow.c +++ b/block/qcow.c @@ -215,7 +215,7 @@ static int qcow_open(BlockDriverState *bs, QDict *options, int flags, /* read the backing file name */ if (header.backing_file_offset != 0) { len = header.backing_file_size; - if (len > 1023) { + if (len > 1023 || len > sizeof(bs->backing_file)) { error_setg(errp, "Backing file name too long"); ret = -EINVAL; goto fail; diff --git a/block/qcow2-cluster.c b/block/qcow2-cluster.c index 1fea5142d0..183177d518 100644 --- a/block/qcow2-cluster.c +++ b/block/qcow2-cluster.c @@ -1651,6 +1651,14 @@ static int expand_zero_clusters_in_l1(BlockDriverState *bs, uint64_t *l1_table, continue; } + if (offset_into_cluster(s, l2_offset)) { + qcow2_signal_corruption(bs, true, -1, -1, "L2 table offset %#" + PRIx64 " unaligned (L1 index: %#x)", + l2_offset, i); + ret = -EIO; + goto fail; + } + if (is_active_l1) { /* get active L2 tables from cache */ ret = qcow2_cache_get(bs, s->l2_table_cache, l2_offset, @@ -1709,6 +1717,19 @@ static int expand_zero_clusters_in_l1(BlockDriverState *bs, uint64_t *l1_table, } } + if (offset_into_cluster(s, offset)) { + qcow2_signal_corruption(bs, true, -1, -1, "Data cluster offset " + "%#" PRIx64 " unaligned (L2 offset: %#" + PRIx64 ", L2 index: %#x)", offset, + l2_offset, j); + if (!preallocated) { + qcow2_free_clusters(bs, offset, s->cluster_size, + QCOW2_DISCARD_ALWAYS); + } + ret = -EIO; + goto fail; + } + ret = qcow2_pre_write_overlap_check(bs, 0, offset, s->cluster_size); if (ret < 0) { if (!preallocated) { diff --git a/block/qcow2.c b/block/qcow2.c index e4e690a42b..dbaf016bc7 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -868,7 +868,8 @@ static int qcow2_open(BlockDriverState *bs, QDict *options, int flags, /* read the backing file name */ if (header.backing_file_offset != 0) { len = header.backing_file_size; - if (len > MIN(1023, s->cluster_size - header.backing_file_offset)) { + if (len > MIN(1023, s->cluster_size - header.backing_file_offset) || + len > sizeof(bs->backing_file)) { error_setg(errp, "Backing file name too long"); ret = -EINVAL; goto fail; diff --git a/block/vhdx.c b/block/vhdx.c index 06f2b1a0cb..bb3ed45d5c 100644 --- a/block/vhdx.c +++ b/block/vhdx.c @@ -1174,7 +1174,18 @@ static void vhdx_update_bat_table_entry(BlockDriverState *bs, BDRVVHDXState *s, { /* The BAT entry is a uint64, with 44 bits for the file offset in units of * 1MB, and 3 bits for the block state. */ - s->bat[sinfo->bat_idx] = sinfo->file_offset; + if ((state == PAYLOAD_BLOCK_ZERO) || + (state == PAYLOAD_BLOCK_UNDEFINED) || + (state == PAYLOAD_BLOCK_NOT_PRESENT) || + (state == PAYLOAD_BLOCK_UNMAPPED)) { + s->bat[sinfo->bat_idx] = 0; /* For PAYLOAD_BLOCK_ZERO, the + FileOffsetMB field is denoted as + 'reserved' in the v1.0 spec. If it is + non-zero, MS Hyper-V will fail to read + the disk image */ + } else { + s->bat[sinfo->bat_idx] = sinfo->file_offset; + } s->bat[sinfo->bat_idx] |= state & VHDX_BAT_STATE_BIT_MASK; diff --git a/block/vmdk.c b/block/vmdk.c index 52cb8888e5..7d079adc4a 100644 --- a/block/vmdk.c +++ b/block/vmdk.c @@ -785,13 +785,14 @@ static int vmdk_parse_extents(const char *desc, BlockDriverState *bs, const char *desc_file_path, Error **errp) { int ret; + int matches; char access[11]; char type[11]; char fname[512]; const char *p = desc; int64_t sectors = 0; int64_t flat_offset; - char extent_path[PATH_MAX]; + char *extent_path; BlockDriverState *extent_file; BDRVVmdkState *s = bs->opaque; VmdkExtent *extent; @@ -805,23 +806,23 @@ static int vmdk_parse_extents(const char *desc, BlockDriverState *bs, * RW [size in sectors] VMFSSPARSE "file-name.vmdk" */ flat_offset = -1; - ret = sscanf(p, "%10s %" SCNd64 " %10s \"%511[^\n\r\"]\" %" SCNd64, - access, §ors, type, fname, &flat_offset); - if (ret < 4 || strcmp(access, "RW")) { + matches = sscanf(p, "%10s %" SCNd64 " %10s \"%511[^\n\r\"]\" %" SCNd64, + access, §ors, type, fname, &flat_offset); + if (matches < 4 || strcmp(access, "RW")) { goto next_line; } else if (!strcmp(type, "FLAT")) { - if (ret != 5 || flat_offset < 0) { + if (matches != 5 || flat_offset < 0) { error_setg(errp, "Invalid extent lines: \n%s", p); return -EINVAL; } } else if (!strcmp(type, "VMFS")) { - if (ret == 4) { + if (matches == 4) { flat_offset = 0; } else { error_setg(errp, "Invalid extent lines:\n%s", p); return -EINVAL; } - } else if (ret != 4) { + } else if (matches != 4) { error_setg(errp, "Invalid extent lines:\n%s", p); return -EINVAL; } @@ -841,11 +842,13 @@ static int vmdk_parse_extents(const char *desc, BlockDriverState *bs, return -EINVAL; } + extent_path = g_malloc0(PATH_MAX); path_combine(extent_path, sizeof(extent_path), desc_file_path, fname); extent_file = NULL; ret = bdrv_open(&extent_file, extent_path, NULL, NULL, bs->open_flags | BDRV_O_PROTOCOL, NULL, errp); + g_free(extent_path); if (ret) { return ret; } @@ -1795,10 +1798,15 @@ static int vmdk_create(const char *filename, QemuOpts *opts, Error **errp) int ret = 0; bool flat, split, compress; GString *ext_desc_lines; - char path[PATH_MAX], prefix[PATH_MAX], postfix[PATH_MAX]; + char *path = g_malloc0(PATH_MAX); + char *prefix = g_malloc0(PATH_MAX); + char *postfix = g_malloc0(PATH_MAX); + char *desc_line = g_malloc0(BUF_SIZE); + char *ext_filename = g_malloc0(PATH_MAX); + char *desc_filename = g_malloc0(PATH_MAX); const int64_t split_size = 0x80000000; /* VMDK has constant split size */ const char *desc_extent_line; - char parent_desc_line[BUF_SIZE] = ""; + char *parent_desc_line = g_malloc0(BUF_SIZE); uint32_t parent_cid = 0xffffffff; uint32_t number_heads = 16; bool zeroed_grain = false; @@ -1914,33 +1922,27 @@ static int vmdk_create(const char *filename, QemuOpts *opts, Error **errp) } parent_cid = vmdk_read_cid(bs, 0); bdrv_unref(bs); - snprintf(parent_desc_line, sizeof(parent_desc_line), + snprintf(parent_desc_line, BUF_SIZE, "parentFileNameHint=\"%s\"", backing_file); } /* Create extents */ filesize = total_size; while (filesize > 0) { - char desc_line[BUF_SIZE]; - char ext_filename[PATH_MAX]; - char desc_filename[PATH_MAX]; int64_t size = filesize; if (split && size > split_size) { size = split_size; } if (split) { - snprintf(desc_filename, sizeof(desc_filename), "%s-%c%03d%s", + snprintf(desc_filename, PATH_MAX, "%s-%c%03d%s", prefix, flat ? 'f' : 's', ++idx, postfix); } else if (flat) { - snprintf(desc_filename, sizeof(desc_filename), "%s-flat%s", - prefix, postfix); + snprintf(desc_filename, PATH_MAX, "%s-flat%s", prefix, postfix); } else { - snprintf(desc_filename, sizeof(desc_filename), "%s%s", - prefix, postfix); + snprintf(desc_filename, PATH_MAX, "%s%s", prefix, postfix); } - snprintf(ext_filename, sizeof(ext_filename), "%s%s", - path, desc_filename); + snprintf(ext_filename, PATH_MAX, "%s%s", path, desc_filename); if (vmdk_create_extent(ext_filename, size, flat, compress, zeroed_grain, opts, errp)) { @@ -1950,7 +1952,7 @@ static int vmdk_create(const char *filename, QemuOpts *opts, Error **errp) filesize -= size; /* Format description line */ - snprintf(desc_line, sizeof(desc_line), + snprintf(desc_line, BUF_SIZE, desc_extent_line, size / BDRV_SECTOR_SIZE, desc_filename); g_string_append(ext_desc_lines, desc_line); } @@ -2005,6 +2007,13 @@ exit: g_free(backing_file); g_free(fmt); g_free(desc); + g_free(path); + g_free(prefix); + g_free(postfix); + g_free(desc_line); + g_free(ext_filename); + g_free(desc_filename); + g_free(parent_desc_line); g_string_free(ext_desc_lines, true); return ret; } diff --git a/block/vvfat.c b/block/vvfat.c index e34a789699..a1a44f0ef5 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -2909,8 +2909,8 @@ static int enable_write_target(BDRVVVFATState *s, Error **errp) array_init(&(s->commits), sizeof(commit_t)); - s->qcow_filename = g_malloc(1024); - ret = get_tmp_filename(s->qcow_filename, 1024); + s->qcow_filename = g_malloc(PATH_MAX); + ret = get_tmp_filename(s->qcow_filename, PATH_MAX); if (ret < 0) { error_setg_errno(errp, -ret, "can't create temporary file"); goto err; diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c index b19b102b42..4032fcae27 100644 --- a/hw/block/virtio-blk.c +++ b/hw/block/virtio-blk.c @@ -115,6 +115,56 @@ static void virtio_blk_flush_complete(void *opaque, int ret) virtio_blk_free_request(req); } +#ifdef __linux__ + +typedef struct { + VirtIOBlockReq *req; + struct sg_io_hdr hdr; +} VirtIOBlockIoctlReq; + +static void virtio_blk_ioctl_complete(void *opaque, int status) +{ + VirtIOBlockIoctlReq *ioctl_req = opaque; + VirtIOBlockReq *req = ioctl_req->req; + VirtIODevice *vdev = VIRTIO_DEVICE(req->dev); + struct virtio_scsi_inhdr *scsi; + struct sg_io_hdr *hdr; + + scsi = (void *)req->elem.in_sg[req->elem.in_num - 2].iov_base; + + if (status) { + status = VIRTIO_BLK_S_UNSUPP; + virtio_stl_p(vdev, &scsi->errors, 255); + goto out; + } + + hdr = &ioctl_req->hdr; + /* + * From SCSI-Generic-HOWTO: "Some lower level drivers (e.g. ide-scsi) + * clear the masked_status field [hence status gets cleared too, see + * block/scsi_ioctl.c] even when a CHECK_CONDITION or COMMAND_TERMINATED + * status has occurred. However they do set DRIVER_SENSE in driver_status + * field. Also a (sb_len_wr > 0) indicates there is a sense buffer. + */ + if (hdr->status == 0 && hdr->sb_len_wr > 0) { + hdr->status = CHECK_CONDITION; + } + + virtio_stl_p(vdev, &scsi->errors, + hdr->status | (hdr->msg_status << 8) | + (hdr->host_status << 16) | (hdr->driver_status << 24)); + virtio_stl_p(vdev, &scsi->residual, hdr->resid); + virtio_stl_p(vdev, &scsi->sense_len, hdr->sb_len_wr); + virtio_stl_p(vdev, &scsi->data_len, hdr->dxfer_len); + +out: + virtio_blk_req_complete(req, status); + virtio_blk_free_request(req); + g_free(ioctl_req); +} + +#endif + static VirtIOBlockReq *virtio_blk_get_request(VirtIOBlock *s) { VirtIOBlockReq *req = virtio_blk_alloc_request(s); @@ -127,16 +177,17 @@ static VirtIOBlockReq *virtio_blk_get_request(VirtIOBlock *s) return req; } -int virtio_blk_handle_scsi_req(VirtIOBlock *blk, - VirtQueueElement *elem) +static int virtio_blk_handle_scsi_req(VirtIOBlockReq *req) { int status = VIRTIO_BLK_S_OK; struct virtio_scsi_inhdr *scsi = NULL; - VirtIODevice *vdev = VIRTIO_DEVICE(blk); + VirtIODevice *vdev = VIRTIO_DEVICE(req->dev); + VirtQueueElement *elem = &req->elem; + VirtIOBlock *blk = req->dev; #ifdef __linux__ int i; - struct sg_io_hdr hdr; + VirtIOBlockIoctlReq *ioctl_req; #endif /* @@ -171,71 +222,52 @@ int virtio_blk_handle_scsi_req(VirtIOBlock *blk, } #ifdef __linux__ - memset(&hdr, 0, sizeof(struct sg_io_hdr)); - hdr.interface_id = 'S'; - hdr.cmd_len = elem->out_sg[1].iov_len; - hdr.cmdp = elem->out_sg[1].iov_base; - hdr.dxfer_len = 0; + ioctl_req = g_new0(VirtIOBlockIoctlReq, 1); + ioctl_req->req = req; + ioctl_req->hdr.interface_id = 'S'; + ioctl_req->hdr.cmd_len = elem->out_sg[1].iov_len; + ioctl_req->hdr.cmdp = elem->out_sg[1].iov_base; + ioctl_req->hdr.dxfer_len = 0; if (elem->out_num > 2) { /* * If there are more than the minimally required 2 output segments * there is write payload starting from the third iovec. */ - hdr.dxfer_direction = SG_DXFER_TO_DEV; - hdr.iovec_count = elem->out_num - 2; + ioctl_req->hdr.dxfer_direction = SG_DXFER_TO_DEV; + ioctl_req->hdr.iovec_count = elem->out_num - 2; - for (i = 0; i < hdr.iovec_count; i++) - hdr.dxfer_len += elem->out_sg[i + 2].iov_len; + for (i = 0; i < ioctl_req->hdr.iovec_count; i++) { + ioctl_req->hdr.dxfer_len += elem->out_sg[i + 2].iov_len; + } - hdr.dxferp = elem->out_sg + 2; + ioctl_req->hdr.dxferp = elem->out_sg + 2; } else if (elem->in_num > 3) { /* * If we have more than 3 input segments the guest wants to actually * read data. */ - hdr.dxfer_direction = SG_DXFER_FROM_DEV; - hdr.iovec_count = elem->in_num - 3; - for (i = 0; i < hdr.iovec_count; i++) - hdr.dxfer_len += elem->in_sg[i].iov_len; + ioctl_req->hdr.dxfer_direction = SG_DXFER_FROM_DEV; + ioctl_req->hdr.iovec_count = elem->in_num - 3; + for (i = 0; i < ioctl_req->hdr.iovec_count; i++) { + ioctl_req->hdr.dxfer_len += elem->in_sg[i].iov_len; + } - hdr.dxferp = elem->in_sg; + ioctl_req->hdr.dxferp = elem->in_sg; } else { /* * Some SCSI commands don't actually transfer any data. */ - hdr.dxfer_direction = SG_DXFER_NONE; + ioctl_req->hdr.dxfer_direction = SG_DXFER_NONE; } - hdr.sbp = elem->in_sg[elem->in_num - 3].iov_base; - hdr.mx_sb_len = elem->in_sg[elem->in_num - 3].iov_len; - - status = blk_ioctl(blk->blk, SG_IO, &hdr); - if (status) { - status = VIRTIO_BLK_S_UNSUPP; - goto fail; - } + ioctl_req->hdr.sbp = elem->in_sg[elem->in_num - 3].iov_base; + ioctl_req->hdr.mx_sb_len = elem->in_sg[elem->in_num - 3].iov_len; - /* - * From SCSI-Generic-HOWTO: "Some lower level drivers (e.g. ide-scsi) - * clear the masked_status field [hence status gets cleared too, see - * block/scsi_ioctl.c] even when a CHECK_CONDITION or COMMAND_TERMINATED - * status has occurred. However they do set DRIVER_SENSE in driver_status - * field. Also a (sb_len_wr > 0) indicates there is a sense buffer. - */ - if (hdr.status == 0 && hdr.sb_len_wr > 0) { - hdr.status = CHECK_CONDITION; - } - - virtio_stl_p(vdev, &scsi->errors, - hdr.status | (hdr.msg_status << 8) | - (hdr.host_status << 16) | (hdr.driver_status << 24)); - virtio_stl_p(vdev, &scsi->residual, hdr.resid); - virtio_stl_p(vdev, &scsi->sense_len, hdr.sb_len_wr); - virtio_stl_p(vdev, &scsi->data_len, hdr.dxfer_len); - - return status; + blk_aio_ioctl(blk->blk, SG_IO, &ioctl_req->hdr, + virtio_blk_ioctl_complete, ioctl_req); + return -EINPROGRESS; #else abort(); #endif @@ -252,9 +284,11 @@ static void virtio_blk_handle_scsi(VirtIOBlockReq *req) { int status; - status = virtio_blk_handle_scsi_req(req->dev, &req->elem); - virtio_blk_req_complete(req, status); - virtio_blk_free_request(req); + status = virtio_blk_handle_scsi_req(req); + if (status != -EINPROGRESS) { + virtio_blk_req_complete(req, status); + virtio_blk_free_request(req); + } } void virtio_submit_multiwrite(BlockBackend *blk, MultiReqBuffer *mrb) diff --git a/include/block/block_int.h b/include/block/block_int.h index 06a21dd13d..e264be97b2 100644 --- a/include/block/block_int.h +++ b/include/block/block_int.h @@ -339,13 +339,13 @@ struct BlockDriverState { * regarding this BDS's context */ QLIST_HEAD(, BdrvAioNotifier) aio_notifiers; - char filename[1024]; - char backing_file[1024]; /* if non zero, the image is a diff of - this file image */ + char filename[PATH_MAX]; + char backing_file[PATH_MAX]; /* if non zero, the image is a diff of + this file image */ char backing_format[16]; /* if non-zero and backing_file exists */ QDict *full_open_options; - char exact_filename[1024]; + char exact_filename[PATH_MAX]; BlockDriverState *backing_hd; BlockDriverState *file; diff --git a/include/hw/virtio/virtio-blk.h b/include/hw/virtio/virtio-blk.h index 3979dc41af..4652b70b5d 100644 --- a/include/hw/virtio/virtio-blk.h +++ b/include/hw/virtio/virtio-blk.h @@ -153,9 +153,6 @@ VirtIOBlockReq *virtio_blk_alloc_request(VirtIOBlock *s); void virtio_blk_free_request(VirtIOBlockReq *req); -int virtio_blk_handle_scsi_req(VirtIOBlock *blk, - VirtQueueElement *elem); - void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb); void virtio_submit_multiwrite(BlockBackend *blk, MultiReqBuffer *mrb); diff --git a/qemu-img.c b/qemu-img.c index 7876258fa9..4e9a7f5741 100644 --- a/qemu-img.c +++ b/qemu-img.c @@ -2556,7 +2556,7 @@ static int img_rebase(int argc, char **argv) /* For safe rebasing we need to compare old and new backing file */ if (!unsafe) { - char backing_name[1024]; + char backing_name[PATH_MAX]; blk_old_backing = blk_new_with_bs("old_backing", &error_abort); bs_old_backing = blk_bs(blk_old_backing); @@ -2614,7 +2614,7 @@ static int img_rebase(int argc, char **argv) } old_backing_num_sectors = bdrv_nb_sectors(bs_old_backing); if (old_backing_num_sectors < 0) { - char backing_name[1024]; + char backing_name[PATH_MAX]; bdrv_get_backing_filename(bs, backing_name, sizeof(backing_name)); error_report("Could not get size of '%s': %s", diff --git a/tests/qemu-iotests/060 b/tests/qemu-iotests/060 index 73863bf1f6..c81319c169 100755 --- a/tests/qemu-iotests/060 +++ b/tests/qemu-iotests/060 @@ -186,6 +186,12 @@ $QEMU_IO -c "write 0 64k" "$TEST_IMG" | _filter_qemu_io poke_file "$TEST_IMG" "$l1_offset" "\x80\x00\x00\x00\x00\x04\x2a\x00" $QEMU_IO -c "read 0 64k" "$TEST_IMG" | _filter_qemu_io +# Test how well zero cluster expansion can cope with this +_make_test_img 64M +$QEMU_IO -c "write 0 64k" "$TEST_IMG" | _filter_qemu_io +poke_file "$TEST_IMG" "$l1_offset" "\x80\x00\x00\x00\x00\x04\x2a\x00" +$QEMU_IMG amend -o compat=0.10 "$TEST_IMG" + echo echo "=== Testing unaligned L2 entry ===" echo @@ -195,6 +201,15 @@ poke_file "$TEST_IMG" "$l2_offset" "\x80\x00\x00\x00\x00\x05\x2a\x00" $QEMU_IO -c "read 0 64k" "$TEST_IMG" | _filter_qemu_io echo +echo "=== Testing unaligned pre-allocated zero cluster ===" +echo +_make_test_img 64M +$QEMU_IO -c "write 0 64k" "$TEST_IMG" | _filter_qemu_io +poke_file "$TEST_IMG" "$l2_offset" "\x80\x00\x00\x00\x00\x05\x2a\x01" +# zero cluster expansion +$QEMU_IMG amend -o compat=0.10 "$TEST_IMG" + +echo echo "=== Testing unaligned reftable entry ===" echo _make_test_img 64M diff --git a/tests/qemu-iotests/060.out b/tests/qemu-iotests/060.out index 7d493bbe61..dc9f6b7570 100644 --- a/tests/qemu-iotests/060.out +++ b/tests/qemu-iotests/060.out @@ -123,6 +123,11 @@ wrote 65536/65536 bytes at offset 0 64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) qcow2: Marking image as corrupt: L2 table offset 0x42a00 unaligned (L1 index: 0); further corruption events will be suppressed read failed: Input/output error +Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 +wrote 65536/65536 bytes at offset 0 +64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +qcow2: Marking image as corrupt: L2 table offset 0x42a00 unaligned (L1 index: 0); further corruption events will be suppressed +qemu-img: Error while amending options: Input/output error === Testing unaligned L2 entry === @@ -132,6 +137,14 @@ wrote 65536/65536 bytes at offset 0 qcow2: Marking image as corrupt: Data cluster offset 0x52a00 unaligned (L2 offset: 0x40000, L2 index: 0); further corruption events will be suppressed read failed: Input/output error +=== Testing unaligned pre-allocated zero cluster === + +Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 +wrote 65536/65536 bytes at offset 0 +64 KiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +qcow2: Marking image as corrupt: Data cluster offset 0x52a00 unaligned (L2 offset: 0x40000, L2 index: 0); further corruption events will be suppressed +qemu-img: Error while amending options: Input/output error + === Testing unaligned reftable entry === Formatting 'TEST_DIR/t.IMGFMT', fmt=IMGFMT size=67108864 diff --git a/tests/qemu-iotests/064 b/tests/qemu-iotests/064 index 1c74c31a1a..7564563abd 100755 --- a/tests/qemu-iotests/064 +++ b/tests/qemu-iotests/064 @@ -54,7 +54,15 @@ $QEMU_IO -r -c "read -pP 0x96 33M 33M" "$TEST_IMG" | _filter_qemu_io echo echo "=== Verify pattern 0x00, 66M - 1024M ===" -$QEMU_IO -r -c "read -pP 0x00 66M 958M" "$TEST_IMG" | _filter_qemu_io +$QEMU_IO -r -c "read -pP 0x00 66M 62M" \ + -c "read -pP 0x00 128M 128M" \ + -c "read -pP 0x00 256M 128M" \ + -c "read -pP 0x00 384M 128M" \ + -c "read -pP 0x00 512M 128M" \ + -c "read -pP 0x00 640M 128M" \ + -c "read -pP 0x00 768M 128M" \ + -c "read -pP 0x00 896M 128M" \ + "$TEST_IMG" | _filter_qemu_io echo echo "=== Verify pattern write, 0xc3 99M-157M ===" @@ -63,7 +71,14 @@ $QEMU_IO -c "write -pP 0xc3 99M 58M" "$TEST_IMG" | _filter_qemu_io $QEMU_IO -c "read -pP 0xa5 0 33M" "$TEST_IMG" | _filter_qemu_io $QEMU_IO -c "read -pP 0x96 33M 33M" "$TEST_IMG" | _filter_qemu_io $QEMU_IO -c "read -pP 0x00 66M 33M" "$TEST_IMG" | _filter_qemu_io -$QEMU_IO -c "read -pP 0x00 157MM 867MM" "$TEST_IMG" | _filter_qemu_io +$QEMU_IO -c "read -pP 0x00 157M 99M" \ + -c "read -pP 0x00 256M 128M" \ + -c "read -pP 0x00 384M 128M" \ + -c "read -pP 0x00 512M 128M" \ + -c "read -pP 0x00 640M 128M" \ + -c "read -pP 0x00 768M 128M" \ + -c "read -pP 0x00 896M 128M" \ + "$TEST_IMG" | _filter_qemu_io # now verify what we should have actually written $QEMU_IO -c "read -pP 0xc3 99M 58M" "$TEST_IMG" | _filter_qemu_io diff --git a/tests/qemu-iotests/064.out b/tests/qemu-iotests/064.out index 5346a4e630..1a5b9e2d7b 100644 --- a/tests/qemu-iotests/064.out +++ b/tests/qemu-iotests/064.out @@ -9,8 +9,22 @@ read 34603008/34603008 bytes at offset 34603008 33 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) === Verify pattern 0x00, 66M - 1024M === -read 1004535808/1004535808 bytes at offset 69206016 -958 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 65011712/65011712 bytes at offset 69206016 +62 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 134217728 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 268435456 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 402653184 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 536870912 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 671088640 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 805306368 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 939524096 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) === Verify pattern write, 0xc3 99M-157M === wrote 60817408/60817408 bytes at offset 103809024 @@ -21,8 +35,20 @@ read 34603008/34603008 bytes at offset 34603008 33 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) read 34603008/34603008 bytes at offset 69206016 33 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) -read 909115392/909115392 bytes at offset 164626432 -867 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 103809024/103809024 bytes at offset 164626432 +99 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 268435456 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 402653184 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 536870912 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 671088640 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 805306368 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) +read 134217728/134217728 bytes at offset 939524096 +128 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) read 60817408/60817408 bytes at offset 103809024 58 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec) *** done |