From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:32804)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <wudxw@linux.vnet.ibm.com>) id 1RVFpb-00078n-4l
	for qemu-devel@nongnu.org; Tue, 29 Nov 2011 00:02:12 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <wudxw@linux.vnet.ibm.com>) id 1RVFpa-00020N-1D
	for qemu-devel@nongnu.org; Tue, 29 Nov 2011 00:02:11 -0500
Received: from e28smtp03.in.ibm.com ([122.248.162.3]:55880)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <wudxw@linux.vnet.ibm.com>) id 1RVFpZ-000209-Eo
	for qemu-devel@nongnu.org; Tue, 29 Nov 2011 00:02:09 -0500
Received: from /spool/local
	by e28smtp03.in.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use
	Only! Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <wudxw@linux.vnet.ibm.com>;
	Tue, 29 Nov 2011 10:31:59 +0530
Received: from d28av04.in.ibm.com (d28av04.in.ibm.com [9.184.220.66])
	by d28relay03.in.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	pAT51sdO3809322
	for <qemu-devel@nongnu.org>; Tue, 29 Nov 2011 10:31:55 +0530
Received: from d28av04.in.ibm.com (loopback [127.0.0.1])
	by d28av04.in.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP id
	pAT51rEU027931
	for <qemu-devel@nongnu.org>; Tue, 29 Nov 2011 16:01:53 +1100
Message-ID: <4ED46740.3090108@linux.vnet.ibm.com>
Date: Tue, 29 Nov 2011 13:01:52 +0800
From: Mark Wu <wudxw@linux.vnet.ibm.com>
MIME-Version: 1.0
References: <1322497100-24167-1-git-send-email-stefanha@linux.vnet.ibm.com>
In-Reply-To: <1322497100-24167-1-git-send-email-stefanha@linux.vnet.ibm.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH] qed: limit to image size in
	qed_find_cluster()
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Cc: Kevin Wolf <kwolf@redhat.com>, qemu-devel@nongnu.org

On 11/29/2011 12:18 AM, Stefan Hajnoczi wrote:
> Callers of bdrv_is_allocated() may go beyond the end of the image.  For
> general robustness we should limit to the end of the image so that
> callers don't end up using out-of-range sector counts and receive -EIO.
It seems the same problem exists in qcow/qcow2, why do we not add the 
limit in bdrv_is_allocated? Then it can cover all formats.

Actually, I can't figure out how the caller can go beyond the end of the 
image.  If the I/O request for sectors beyond image size comes from 
guest, it should be dropped in the guest block layer.  If the request 
comes from qemu, like block streaming, it should also honor the image 
size, right?

Mark.