From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53065)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <crobinso@redhat.com>) id 1Z7lSc-0000PH-AV
	for qemu-devel@nongnu.org; Wed, 24 Jun 2015 10:15:34 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <crobinso@redhat.com>) id 1Z7lSW-00081G-5g
	for qemu-devel@nongnu.org; Wed, 24 Jun 2015 10:15:30 -0400
Received: from mx1.redhat.com ([209.132.183.28]:50575)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <crobinso@redhat.com>) id 1Z7lSV-0007zI-W3
	for qemu-devel@nongnu.org; Wed, 24 Jun 2015 10:15:24 -0400
Message-ID: <558ABB79.20202@redhat.com>
Date: Wed, 24 Jun 2015 10:15:21 -0400
From: Cole Robinson <crobinso@redhat.com>
MIME-Version: 1.0
References: <1435095289-14342-2-git-send-email-makovick@gmail.com>
	<1435122325-13478-1-git-send-email-makovick@gmail.com>
In-Reply-To: <1435122325-13478-1-git-send-email-makovick@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] [PATCH] qcow2: Handle EAGAIN returned from
	update_refcount
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: =?UTF-8?B?SmluZMWZaWNoIE1ha292acSNa2E=?= <makovick@gmail.com>, qemu-devel@nongnu.org
Cc: "Richard W.M. Jones" <rjones@redhat.com>

On 06/24/2015 01:05 AM, Jind=C5=99ich Makovi=C4=8Dka wrote:
> Fixes a crash during image compression
>=20
> Signed-off-by: Jind=C5=99ich Makovi=C4=8Dka <makovick@gmail.com>
> ---
>  block/qcow2-refcount.c | 22 ++++++++++++----------
>  1 file changed, 12 insertions(+), 10 deletions(-)
>=20

Rich Jones already confirmed that this patch fixes a bug he can reliably
reproduce:

https://bugzilla.redhat.com/show_bug.cgi?id=3D1214855

- Cole

> diff --git a/block/qcow2-refcount.c b/block/qcow2-refcount.c
> index 0632fc3..b0ee42d 100644
> --- a/block/qcow2-refcount.c
> +++ b/block/qcow2-refcount.c
> @@ -940,19 +940,21 @@ int64_t qcow2_alloc_bytes(BlockDriverState *bs, i=
nt size)
>      }
> =20
>      free_in_cluster =3D s->cluster_size - offset_into_cluster(s, offse=
t);
> -    if (!offset || free_in_cluster < size) {
> -        int64_t new_cluster =3D alloc_clusters_noref(bs, s->cluster_si=
ze);
> -        if (new_cluster < 0) {
> -            return new_cluster;
> -        }
> +    do {
> +        if (!offset || free_in_cluster < size) {
> +            int64_t new_cluster =3D alloc_clusters_noref(bs, s->cluste=
r_size);
> +            if (new_cluster < 0) {
> +                return new_cluster;
> +            }
> =20
> -        if (!offset || ROUND_UP(offset, s->cluster_size) !=3D new_clus=
ter) {
> -            offset =3D new_cluster;
> +            if (!offset || ROUND_UP(offset, s->cluster_size) !=3D new_=
cluster) {
> +                offset =3D new_cluster;
> +            }
>          }
> -    }
> =20
> -    assert(offset);
> -    ret =3D update_refcount(bs, offset, size, 1, false, QCOW2_DISCARD_=
NEVER);
> +        assert(offset);
> +        ret =3D update_refcount(bs, offset, size, 1, false, QCOW2_DISC=
ARD_NEVER);
> +    } while (ret =3D=3D -EAGAIN);
>      if (ret < 0) {
>          return ret;
>      }
>=20