{"id":806870,"url":"http://patchwork.ozlabs.org/api/1.0/patches/806870/?format=json","project":{"id":14,"url":"http://patchwork.ozlabs.org/api/1.0/projects/14/?format=json","name":"QEMU Development","link_name":"qemu-devel","list_id":"qemu-devel.nongnu.org","list_email":"qemu-devel@nongnu.org","web_url":"","scm_url":"","webscm_url":""},"msgid":"<1503965694-10794-46-git-send-email-mdroth@linux.vnet.ibm.com>","date":"2017-08-29T00:14:20","name":"[45/79] block: Guarantee that *file is set on bdrv_get_block_status()","commit_ref":null,"pull_url":null,"state":"new","archived":false,"hash":"e01857137ca25756bbd119bfa652d8b7bb817302","submitter":{"id":5549,"url":"http://patchwork.ozlabs.org/api/1.0/people/5549/?format=json","name":"Michael Roth","email":"mdroth@linux.vnet.ibm.com"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/qemu-devel/patch/1503965694-10794-46-git-send-email-mdroth@linux.vnet.ibm.com/mbox/","series":[{"id":281,"url":"http://patchwork.ozlabs.org/api/1.0/series/281/?format=json","date":"2017-08-29T00:13:45","name":"Patch Round-up for stable 2.9.1, freeze on 2017-09-04","version":1,"mbox":"http://patchwork.ozlabs.org/series/281/mbox/"}],"check":"pending","checks":"http://patchwork.ozlabs.org/api/patches/806870/checks/","tags":{},"headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":"ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=)","Received":["from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xh9LQ5rChz9sP5\n\tfor ;\n\tTue, 29 Aug 2017 11:01:02 +1000 (AEST)","from localhost ([::1]:42137 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t)\n\tid 1dmUto-0007Mf-KS\n\tfor incoming@patchwork.ozlabs.org; Mon, 28 Aug 2017 21:01:00 -0400","from eggs.gnu.org ([2001:4830:134:3::10]:48241)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from ) id 1dmUCZ-0001PX-9o\n\tfor qemu-devel@nongnu.org; Mon, 28 Aug 2017 20:16:20 -0400","from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from ) id 1dmUCW-0005cX-0Z\n\tfor qemu-devel@nongnu.org; Mon, 28 Aug 2017 20:16:19 -0400","from mx0a-001b2d01.pphosted.com ([148.163.156.1]:49574)\n\tby eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)\n\t(Exim 4.71) (envelope-from )\n\tid 1dmUCV-0005ZP-LV\n\tfor qemu-devel@nongnu.org; Mon, 28 Aug 2017 20:16:15 -0400","from pps.filterd (m0098396.ppops.net [127.0.0.1])\n\tby mx0a-001b2d01.pphosted.com (8.16.0.21/8.16.0.21) with SMTP id\n\tv7T0FxG6009445\n\tfor ; Mon, 28 Aug 2017 20:16:14 -0400","from e38.co.us.ibm.com (e38.co.us.ibm.com [32.97.110.159])\n\tby mx0a-001b2d01.pphosted.com with ESMTP id 2cmvjejkke-1\n\t(version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT)\n\tfor ; Mon, 28 Aug 2017 20:16:14 -0400","from localhost\n\tby e38.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use\n\tOnly! Violators will be prosecuted\n\tfor from ;\n\tMon, 28 Aug 2017 18:16:13 -0600","from b03cxnp07029.gho.boulder.ibm.com (9.17.130.16)\n\tby e38.co.us.ibm.com (192.168.1.138) with IBM ESMTP SMTP Gateway:\n\tAuthorized Use Only! Violators will be prosecuted; \n\tMon, 28 Aug 2017 18:16:11 -0600","from b03ledav001.gho.boulder.ibm.com\n\t(b03ledav001.gho.boulder.ibm.com [9.17.130.232])\n\tby b03cxnp07029.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with\n\tESMTP id v7T0GAhC7733724; Mon, 28 Aug 2017 17:16:10 -0700","from b03ledav001.gho.boulder.ibm.com (unknown [127.0.0.1])\n\tby IMSVA (Postfix) with ESMTP id 816766E038;\n\tMon, 28 Aug 2017 18:16:10 -0600 (MDT)","from localhost (unknown [9.80.85.217])\n\tby b03ledav001.gho.boulder.ibm.com (Postfix) with ESMTP id 4EE596E041;\n\tMon, 28 Aug 2017 18:16:10 -0600 (MDT)"],"From":"Michael Roth ","To":"qemu-devel@nongnu.org","Date":"Mon, 28 Aug 2017 19:14:20 -0500","X-Mailer":"git-send-email 2.7.4","In-Reply-To":"<1503965694-10794-1-git-send-email-mdroth@linux.vnet.ibm.com>","References":"<1503965694-10794-1-git-send-email-mdroth@linux.vnet.ibm.com>","X-TM-AS-GCONF":"00","x-cbid":"17082900-0028-0000-0000-00000846DB3A","X-IBM-SpamModules-Scores":"","X-IBM-SpamModules-Versions":"BY=3.00007630; HX=3.00000241; KW=3.00000007;\n\tPH=3.00000004; SC=3.00000226; SDB=6.00909028; UDB=6.00455849;\n\tIPR=6.00689279; \n\tBA=6.00005557; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009;\n\tZB=6.00000000; \n\tZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00016909;\n\tXFM=3.00000015; UTC=2017-08-29 00:16:12","X-IBM-AV-DETECTION":"SAVI=unused REMOTE=unused XFE=unused","x-cbparentid":"17082900-0029-0000-0000-000037553151","Message-Id":"<1503965694-10794-46-git-send-email-mdroth@linux.vnet.ibm.com>","X-Proofpoint-Virus-Version":"vendor=fsecure engine=2.50.10432:, ,\n\tdefinitions=2017-08-28_13:, , signatures=0","X-Proofpoint-Spam-Details":"rule=outbound_notspam policy=outbound score=0\n\tspamscore=0 suspectscore=1\n\tmalwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam\n\tadjust=0 reason=mlx scancount=1 engine=8.0.1-1707230000\n\tdefinitions=main-1708290001","X-detected-operating-system":"by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy]","X-Received-From":"148.163.156.1","Subject":"[Qemu-devel] [PATCH 45/79] block: Guarantee that *file is set on\n\tbdrv_get_block_status()","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Cc":"Kevin Wolf , qemu-stable@nongnu.org","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"\"Qemu-devel\"\n\t"},"content":"From: Eric Blake \n\nWe document that *file is valid if the return is not an error and\nincludes BDRV_BLOCK_OFFSET_VALID, but forgot to obey this contract\nwhen a driver (such as blkdebug) lacks a callback. Messed up in\ncommit 67a0fd2 (v2.6), when we added the file parameter.\n\nEnhance qemu-iotest 177 to cover this, using a sequence that would\nprint garbage or even SEGV, because it was dererefencing through\nuninitialized memory. [The resulting test output shows that we\nhave less-than-ideal block status from the blkdebug driver, but\nthat's a separate fix coming up soon.]\n\nSetting *file on all paths that return BDRV_BLOCK_OFFSET_VALID is\nenough to fix the crash, but we can go one step further: always\nsetting *file, even on error, means that a broken caller that\nblindly dereferences file without checking for error is now more\nlikely to get a reliable SEGV instead of randomly acting on garbage,\nmaking it easier to diagnose such buggy callers. Adding an\nassertion that file is set where expected doesn't hurt either.\n\nCC: qemu-stable@nongnu.org\nSigned-off-by: Eric Blake \nReviewed-by: Fam Zheng \nReviewed-by: Max Reitz \nReviewed-by: John Snow \nSigned-off-by: Kevin Wolf \n(cherry picked from commit 81c219ac6ce0d6182e35f3976f2caa4cefcaf9f0)\nSigned-off-by: Michael Roth \n---\n block/io.c | 5 +++--\n tests/qemu-iotests/177 | 3 +++\n tests/qemu-iotests/177.out | 2 ++\n 3 files changed, 8 insertions(+), 2 deletions(-)","diff":"diff --git a/block/io.c b/block/io.c\nindex fe0c867..a8589ee 100644\n--- a/block/io.c\n+++ b/block/io.c\n@@ -1757,6 +1757,7 @@ static int64_t coroutine_fn bdrv_co_get_block_status(BlockDriverState *bs,\n int64_t n;\n int64_t ret, ret2;\n \n+ *file = NULL;\n total_sectors = bdrv_nb_sectors(bs);\n if (total_sectors < 0) {\n return total_sectors;\n@@ -1777,11 +1778,11 @@ static int64_t coroutine_fn bdrv_co_get_block_status(BlockDriverState *bs,\n ret = BDRV_BLOCK_DATA | BDRV_BLOCK_ALLOCATED;\n if (bs->drv->protocol_name) {\n ret |= BDRV_BLOCK_OFFSET_VALID | (sector_num * BDRV_SECTOR_SIZE);\n+ *file = bs;\n }\n return ret;\n }\n \n- *file = NULL;\n bdrv_inc_in_flight(bs);\n ret = bs->drv->bdrv_co_get_block_status(bs, sector_num, nb_sectors, pnum,\n file);\n@@ -1791,7 +1792,7 @@ static int64_t coroutine_fn bdrv_co_get_block_status(BlockDriverState *bs,\n }\n \n if (ret & BDRV_BLOCK_RAW) {\n- assert(ret & BDRV_BLOCK_OFFSET_VALID);\n+ assert(ret & BDRV_BLOCK_OFFSET_VALID && *file);\n ret = bdrv_co_get_block_status(*file, ret >> BDRV_SECTOR_BITS,\n *pnum, pnum, file);\n goto out;\ndiff --git a/tests/qemu-iotests/177 b/tests/qemu-iotests/177\nindex 2005c17..f8ed8fb 100755\n--- a/tests/qemu-iotests/177\n+++ b/tests/qemu-iotests/177\n@@ -43,6 +43,7 @@ _supported_proto file\n CLUSTER_SIZE=1M\n size=128M\n options=driver=blkdebug,image.driver=qcow2\n+nested_opts=image.file.driver=file,image.file.filename=$TEST_IMG\n \n echo\n echo \"== setting up files ==\"\n@@ -106,6 +107,8 @@ function verify_io()\n }\n \n verify_io | $QEMU_IO -r \"$TEST_IMG\" | _filter_qemu_io\n+$QEMU_IMG map --image-opts \"$options,$nested_opts,align=4k\" \\\n+ | _filter_qemu_img_map\n \n _check_test_img\n \ndiff --git a/tests/qemu-iotests/177.out b/tests/qemu-iotests/177.out\nindex e887542..fcfbfa3 100644\n--- a/tests/qemu-iotests/177.out\n+++ b/tests/qemu-iotests/177.out\n@@ -45,5 +45,7 @@ read 30408704/30408704 bytes at offset 80740352\n 29 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)\n read 23068672/23068672 bytes at offset 111149056\n 22 MiB, X ops; XX:XX:XX.X (XXX YYY/sec and XXX ops/sec)\n+Offset Length File\n+0 0x8000000 json:{\"image\": {\"driver\": \"IMGFMT\", \"file\": {\"driver\": \"file\", \"filename\": \"TEST_DIR/t.IMGFMT\"}}, \"driver\": \"blkdebug\", \"align\": \"4k\"}\n No errors were found on the image.\n *** done\n","prefixes":["45/79"]}