From: Stefan Hajnoczi <stefanha@redhat.com>
To: qemu-devel@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>,
Peter Maydell <peter.maydell@linaro.org>,
Stefan Hajnoczi <stefanha@redhat.com>
Subject: [Qemu-devel] [PULL for-2.1 02/11] mirror: Fix qiov size for short requests
Date: Mon, 7 Jul 2014 14:28:29 +0200 [thread overview]
Message-ID: <1404736118-10078-3-git-send-email-stefanha@redhat.com> (raw)
In-Reply-To: <1404736118-10078-1-git-send-email-stefanha@redhat.com>
From: Kevin Wolf <kwolf@redhat.com>
When mirroring an image of a size that is not a multiple of the
mirror job granularity, the last request would have the right nb_sectors
argument, but a qiov that is rounded up to the next multiple of the
granularity. Don't do this.
This fixes a segfault that is caused by raw-posix being confused by this
and allocating a buffer with request length, but operating on it with
qiov length.
[s/Driver/Drive/ in qemu-iotests 041 as suggested by Eric
--Stefan]
Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Tested-by: Eric Blake <eblake@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
block/mirror.c | 4 +++-
tests/qemu-iotests/041 | 5 +++++
tests/qemu-iotests/041.out | 4 ++--
3 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/block/mirror.c b/block/mirror.c
index 6c3ee70..c7a655f 100644
--- a/block/mirror.c
+++ b/block/mirror.c
@@ -265,9 +265,11 @@ static uint64_t coroutine_fn mirror_iteration(MirrorBlockJob *s)
next_sector = sector_num;
while (nb_chunks-- > 0) {
MirrorBuffer *buf = QSIMPLEQ_FIRST(&s->buf_free);
+ size_t remaining = (nb_sectors * BDRV_SECTOR_SIZE) - op->qiov.size;
+
QSIMPLEQ_REMOVE_HEAD(&s->buf_free, next);
s->buf_free_count--;
- qemu_iovec_add(&op->qiov, buf, s->granularity);
+ qemu_iovec_add(&op->qiov, buf, MIN(s->granularity, remaining));
/* Advance the HBitmapIter in parallel, so that we do not examine
* the same sector twice.
diff --git a/tests/qemu-iotests/041 b/tests/qemu-iotests/041
index 0815e19..005090e 100755
--- a/tests/qemu-iotests/041
+++ b/tests/qemu-iotests/041
@@ -217,6 +217,11 @@ class TestSingleDriveZeroLength(TestSingleDrive):
test_small_buffer2 = None
test_large_cluster = None
+class TestSingleDriveUnalignedLength(TestSingleDrive):
+ image_len = 1025 * 1024
+ test_small_buffer2 = None
+ test_large_cluster = None
+
class TestMirrorNoBacking(ImageMirroringTestCase):
image_len = 2 * 1024 * 1024 # MB
diff --git a/tests/qemu-iotests/041.out b/tests/qemu-iotests/041.out
index 42147c0..24093bc 100644
--- a/tests/qemu-iotests/041.out
+++ b/tests/qemu-iotests/041.out
@@ -1,5 +1,5 @@
-..............................................
+......................................................
----------------------------------------------------------------------
-Ran 46 tests
+Ran 54 tests
OK
--
1.9.3
next prev parent reply other threads:[~2014-07-07 12:29 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-07 12:28 [Qemu-devel] [PULL for-2.1 00/11] Block patches Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 01/11] Fix nocow typos in manpage Stefan Hajnoczi
2014-07-07 12:28 ` Stefan Hajnoczi [this message]
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 03/11] MAINTAINERS: add Stefan Hajnoczi to IDE maintainers Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 04/11] ahci.c: mask unused flags when reading size PRDT DBC Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 05/11] qemu-iotests: Disable Quorum testing in 041 when Quorum is not builtin Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 06/11] raw-posix: Fix raw_getlength() to always return -errno on error Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 07/11] ahci: map memory via device's address space instead of address_space_memory Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 08/11] block: block: introduce APIs for submitting IO as a batch Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 09/11] linux-aio: implement io plug, unplug and flush io queue Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 10/11] dataplane: submit I/O as a batch Stefan Hajnoczi
2014-07-07 12:28 ` [Qemu-devel] [PULL for-2.1 11/11] qmp: show QOM properties in device-list-properties Stefan Hajnoczi
2014-07-07 15:29 ` [Qemu-devel] [PULL for-2.1 00/11] Block patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1404736118-10078-3-git-send-email-stefanha@redhat.com \
--to=stefanha@redhat.com \
--cc=kwolf@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).