From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:36500)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1UcGXk-0001mL-19
	for qemu-devel@nongnu.org; Tue, 14 May 2013 10:49:34 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1UcGXg-0006pZ-Vs
	for qemu-devel@nongnu.org; Tue, 14 May 2013 10:49:31 -0400
Received: from mail-wg0-x230.google.com ([2a00:1450:400c:c00::230]:56635)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1UcGXg-0006or-QL
	for qemu-devel@nongnu.org; Tue, 14 May 2013 10:49:28 -0400
Received: by mail-wg0-f48.google.com with SMTP id f11so543109wgh.15
	for <qemu-devel@nongnu.org>; Tue, 14 May 2013 07:49:28 -0700 (PDT)
Date: Tue, 14 May 2013 16:49:24 +0200
From: Stefan Hajnoczi <stefanha@gmail.com>
Message-ID: <20130514144924.GA29434@stefanha-thinkpad.redhat.com>
References: <1368540876-30747-1-git-send-email-kwolf@redhat.com>
	<1368540876-30747-2-git-send-email-kwolf@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1368540876-30747-2-git-send-email-kwolf@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v2 for-1.5 1/4] qcow2: Catch some L1 table
 index overflows
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Kevin Wolf <kwolf@redhat.com>
Cc: qemu-devel@nongnu.org, stefanha@redhat.com, rjones@redhat.com

On Tue, May 14, 2013 at 04:14:33PM +0200, Kevin Wolf wrote:
> This catches the situation that is described in the bug report at
> https://bugs.launchpad.net/qemu/+bug/865518 and goes like this:
> 
>     $ qemu-img create -f qcow2 huge.qcow2 $((1024*1024))T
>     Formatting 'huge.qcow2', fmt=qcow2 size=1152921504606846976 encryption=off cluster_size=65536 lazy_refcounts=off
>     $ qemu-io /tmp/huge.qcow2 -c "write $((1024*1024*1024*1024*1024*1024 - 1024)) 512"
>     Segmentation fault
> 
> With this patch applied the segfault will be avoided, however the case
> will still fail, though gracefully:
> 
>     $ qemu-img create -f qcow2 /tmp/huge.qcow2 $((1024*1024))T
>     Formatting 'huge.qcow2', fmt=qcow2 size=1152921504606846976 encryption=off cluster_size=65536 lazy_refcounts=off
>     qemu-img: The image size is too large for file format 'qcow2'
> 
> Note that even long before these overflow checks kick in, you get
> insanely high memory usage (up to INT_MAX * sizeof(uint64_t) = 16 GB for
> the L1 table), so with somewhat smaller image sizes you'll probably see
> qemu aborting for a failed g_malloc().
> 
> If you need huge image sizes, you should increase the cluster size to
> the maximum of 2 MB in order to get higher limits.
> 
> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
> ---
>  block/qcow2-cluster.c | 23 +++++++++++++++--------
>  block/qcow2.c         | 13 +++++++++++--
>  block/qcow2.h         |  5 +++--
>  3 files changed, 29 insertions(+), 12 deletions(-)

Thanks, applied to my block tree for 1.5:
https://github.com/stefanha/qemu/commits/block

Stefan