From: Max Reitz <mreitz@redhat.com>
To: qemu-block@nongnu.org
Cc: qemu-devel@nongnu.org, Max Reitz <mreitz@redhat.com>,
Peter Maydell <peter.maydell@linaro.org>
Subject: [Qemu-devel] [PULL 19/21] qemu-io: don't allow I/O operations larger than BDRV_REQUEST_MAX_BYTES
Date: Sun, 12 Feb 2017 02:39:27 +0100 [thread overview]
Message-ID: <20170212013929.6793-2-mreitz@redhat.com> (raw)
In-Reply-To: <20170212013440.5919-1-mreitz@redhat.com>
From: Alberto Garcia <berto@igalia.com>
Passing a request size larger than BDRV_REQUEST_MAX_BYTES to any of the
I/O commands results in an error. While 'read' and 'write' handle the
error correctly, 'aio_read' and 'aio_write' hit an assertion:
blk_aio_read_entry: Assertion `rwco->qiov->size == acb->bytes' failed.
The reason is that the QEMU I/O code cannot handle request sizes
larger than BDRV_REQUEST_MAX_BYTES, so this patch makes qemu-io check
that all values are within range.
Signed-off-by: Alberto Garcia <berto@igalia.com>
Message-id: 79f66648c685929a144396bda24d13a207131dcf.1485878688.git.berto@igalia.com
[mreitz: Use BDRV_REQUEST_MAX_BYTES instead of INT_MAX]
Signed-off-by: Max Reitz <mreitz@redhat.com>
---
qemu-io-cmds.c | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/qemu-io-cmds.c b/qemu-io-cmds.c
index 95bcde1d88..e415b03cd0 100644
--- a/qemu-io-cmds.c
+++ b/qemu-io-cmds.c
@@ -388,9 +388,15 @@ create_iovec(BlockBackend *blk, QEMUIOVector *qiov, char **argv, int nr_iov,
goto fail;
}
- if (len > SIZE_MAX) {
- printf("Argument '%s' exceeds maximum size %llu\n", arg,
- (unsigned long long)SIZE_MAX);
+ if (len > BDRV_REQUEST_MAX_BYTES) {
+ printf("Argument '%s' exceeds maximum size %" PRIu64 "\n", arg,
+ (uint64_t)BDRV_REQUEST_MAX_BYTES);
+ goto fail;
+ }
+
+ if (count > BDRV_REQUEST_MAX_BYTES - len) {
+ printf("The total number of bytes exceed the maximum size %" PRIu64
+ "\n", (uint64_t)BDRV_REQUEST_MAX_BYTES);
goto fail;
}
@@ -682,9 +688,9 @@ static int read_f(BlockBackend *blk, int argc, char **argv)
if (count < 0) {
print_cvtnum_err(count, argv[optind]);
return 0;
- } else if (count > SIZE_MAX) {
+ } else if (count > BDRV_REQUEST_MAX_BYTES) {
printf("length cannot exceed %" PRIu64 ", given %s\n",
- (uint64_t) SIZE_MAX, argv[optind]);
+ (uint64_t)BDRV_REQUEST_MAX_BYTES, argv[optind]);
return 0;
}
@@ -1004,9 +1010,9 @@ static int write_f(BlockBackend *blk, int argc, char **argv)
if (count < 0) {
print_cvtnum_err(count, argv[optind]);
return 0;
- } else if (count > SIZE_MAX) {
+ } else if (count > BDRV_REQUEST_MAX_BYTES) {
printf("length cannot exceed %" PRIu64 ", given %s\n",
- (uint64_t) SIZE_MAX, argv[optind]);
+ (uint64_t)BDRV_REQUEST_MAX_BYTES, argv[optind]);
return 0;
}
--
2.11.0
next prev parent reply other threads:[~2017-02-12 1:39 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-12 1:34 [Qemu-devel] [PULL 00/21] Block patches Max Reitz
2017-02-12 1:34 ` [Qemu-devel] [PULL 01/21] iotests: Fix a problem in common.filter Max Reitz
2017-02-12 1:34 ` [Qemu-devel] [PULL 02/21] qemu-img: Improve commit invalid base message Max Reitz
2017-02-12 1:36 ` [Qemu-devel] [PULL 03/21] qapi: Tweak error message of bdrv_query_image_info Max Reitz
2017-02-12 1:36 ` [Qemu-devel] [PULL 04/21] iotests: Fix reference output for 059 Max Reitz
2017-02-12 1:36 ` [Qemu-devel] [PULL 05/21] iotests: record separate timings per format, protocol pair Max Reitz
2017-02-12 1:36 ` [Qemu-devel] [PULL 06/21] block/vmdk: Fix the endian problem of buf_len and lba Max Reitz
2017-02-12 1:36 ` [Qemu-devel] [PULL 07/21] block: check full backing filename when searching protocol filenames Max Reitz
2017-02-12 1:36 ` [Qemu-devel] [PULL 08/21] qemu-iotests: Don't create fifos / pidfiles with protocol paths Max Reitz
2017-02-12 1:36 ` [Qemu-devel] [PULL 09/21] qemu-iotest: test to lookup protocol-based image with relative backing Max Reitz
2017-02-12 1:38 ` [Qemu-devel] [PULL 10/21] block/qapi: reduce the coupling between the bdrv_query_stats and bdrv_query_bds_stats Max Reitz
2017-02-12 1:38 ` [Qemu-devel] [PULL 11/21] block/qapi: reduce the execution time of qmp_query_blockstats Max Reitz
2017-02-12 1:38 ` [Qemu-devel] [PULL 12/21] block: bdrv_invalidate_cache: invalidate children first Max Reitz
2017-02-12 1:38 ` [Qemu-devel] [PULL 13/21] block/nfs: fix NULL pointer dereference in URI parsing Max Reitz
2017-02-12 1:38 ` [Qemu-devel] [PULL 14/21] block/nfs: fix naming of runtime opts Max Reitz
2017-02-12 1:38 ` [Qemu-devel] [PULL 15/21] qemu-io: Return non-zero exit code on failure Max Reitz
2017-02-12 1:38 ` [Qemu-devel] [PULL 16/21] qemu-iotests: Add _unsupported_fmt helper Max Reitz
2017-02-12 1:38 ` [Qemu-devel] [PULL 17/21] qemu-io: Add failure regression tests Max Reitz
2017-02-12 1:39 ` [Qemu-devel] [PULL 18/21] qcow2: Optimize the refcount-block overlap check Max Reitz
2017-02-12 1:39 ` Max Reitz [this message]
2017-02-12 1:39 ` [Qemu-devel] [PULL 20/21] qemu-img: Use qemu_strtoul() rather than raw strtoul() Max Reitz
2017-02-12 1:39 ` [Qemu-devel] [PULL 21/21] qemu-img: Avoid setting ret to unused value in img_convert() Max Reitz
2017-02-13 10:54 ` [Qemu-devel] [PULL 00/21] Block patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170212013929.6793-2-mreitz@redhat.com \
--to=mreitz@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.