Commit 5a0f6fd5 authored by Kevin Wolf's avatar Kevin Wolf Committed by Stefan Hajnoczi
Browse files

mirror: Fix qiov size for short requests 



When mirroring an image of a size that is not a multiple of the
mirror job granularity, the last request would have the right nb_sectors
argument, but a qiov that is rounded up to the next multiple of the
granularity. Don't do this.

This fixes a segfault that is caused by raw-posix being confused by this
and allocating a buffer with request length, but operating on it with
qiov length.

[s/Driver/Drive/ in qemu-iotests 041 as suggested by Eric
--Stefan]

Reported-by: default avatarEric Blake <eblake@redhat.com>
Signed-off-by: default avatarKevin Wolf <kwolf@redhat.com>
Tested-by: default avatarEric Blake <eblake@redhat.com>
Reviewed-by: default avatarEric Blake <eblake@redhat.com>
Signed-off-by: default avatarStefan Hajnoczi <stefanha@redhat.com>
parent bc3a7f90

block/mirror.c

+3 −1
Original line number Diff line number Diff line
@@ -265,9 +265,11 @@ static uint64_t coroutine_fn mirror_iteration(MirrorBlockJob *s) 
    next_sector = sector_num;

    while (nb_chunks-- > 0) {

        MirrorBuffer *buf = QSIMPLEQ_FIRST(&s->buf_free);

        size_t remaining = (nb_sectors * BDRV_SECTOR_SIZE) - op->qiov.size;



        QSIMPLEQ_REMOVE_HEAD(&s->buf_free, next);

        s->buf_free_count--;

        qemu_iovec_add(&op->qiov, buf, s->granularity);

        qemu_iovec_add(&op->qiov, buf, MIN(s->granularity, remaining));



        /* Advance the HBitmapIter in parallel, so that we do not examine

         * the same sector twice.

tests/qemu-iotests/041

+5 −0
Original line number Diff line number Diff line
@@ -217,6 +217,11 @@ class TestSingleDriveZeroLength(TestSingleDrive): 
    test_small_buffer2 = None

    test_large_cluster = None



class TestSingleDriveUnalignedLength(TestSingleDrive):

    image_len = 1025 * 1024

    test_small_buffer2 = None

    test_large_cluster = None



class TestMirrorNoBacking(ImageMirroringTestCase):

    image_len = 2 * 1024 * 1024 # MB

tests/qemu-iotests/041.out

+2 −2
Original line number Diff line number Diff line 
..............................................

......................................................

----------------------------------------------------------------------

Ran 46 tests

Ran 54 tests



OK