[Qemu-devel] [PATCH v2 0/2] raw-posix: Fix raw_co_get_block_status()

[Qemu-devel] [PATCH v2 0/2] raw-posix: Fix raw_co_get_block_status()

[Max Reitz]

raw_co_get_block_status() should return 0 and set *pnum to 0 after the
EOF; currently it does this merely by accident, so implement it
directly. Also, nb_sectors should be clamped against the image end.

While doing that, centralize the generation of
raw_co_get_block_status()'s return value along the way.


v2:
- Patch 1: Clamp nb_sectors against image end
- Patch 2: Fix alignment issue


Max Reitz (2):
  raw-posix: Fix raw_co_get_block_status() after EOF
  raw-posix: raw_co_get_block_status() return value

 block/raw-posix.c | 36 ++++++++++++++++++++++--------------
 1 file changed, 22 insertions(+), 14 deletions(-)

-- 
2.1.0

[Qemu-devel] [PATCH v2 1/2] raw-posix: Fix raw_co_get_block_status() after EOF

[Max Reitz]

As its comment states, raw_co_get_block_status() should unconditionally
return 0 and set *pnum to 0 for after EOF.

An assertion after lseek(..., SEEK_HOLE) tried to catch this case by
asserting that errno != -ENXIO (which would indicate a position after
the EOF); but it should be errno != ENXIO instead. Fix this, too.

Additionally, nb_sectors should be clamped against the image end. This
was probably not an issue if FIEMAP or SEEK_HOLE/SEEK_DATA worked, but
the fallback did not take this case into account.

Reported-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
---
 block/raw-posix.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/block/raw-posix.c b/block/raw-posix.c
index a253697..dd57992 100644
--- a/block/raw-posix.c
+++ b/block/raw-posix.c
@@ -1509,9 +1509,9 @@ static int64_t try_seek_hole(BlockDriverState *bs, off_t start, off_t *data,
 
     *hole = lseek(s->fd, start, SEEK_HOLE);
     if (*hole == -1) {
-        /* -ENXIO indicates that sector_num was past the end of the file.
+        /* ENXIO indicates that sector_num was past the end of the file.
          * There is a virtual hole there.  */
-        assert(errno != -ENXIO);
+        assert(errno != ENXIO);
 
         return -errno;
     }
@@ -1552,6 +1552,7 @@ static int64_t coroutine_fn raw_co_get_block_status(BlockDriverState *bs,
                                                     int nb_sectors, int *pnum)
 {
     off_t start, data = 0, hole = 0;
+    int64_t total_size;
     int64_t ret;
 
     ret = fd_open(bs);
@@ -1560,6 +1561,13 @@ static int64_t coroutine_fn raw_co_get_block_status(BlockDriverState *bs,
     }
 
     start = sector_num * BDRV_SECTOR_SIZE;
+    total_size = bdrv_getlength(bs);
+    if (start >= total_size) {
+        *pnum = 0;
+        return 0;
+    } else if (start + nb_sectors * BDRV_SECTOR_SIZE > total_size) {
+        nb_sectors = (total_size - start) / BDRV_SECTOR_SIZE;
+    }
 
     ret = try_fiemap(bs, start, &data, &hole, nb_sectors, pnum);
     if (ret < 0) {
-- 
2.1.0

[Qemu-devel] [PATCH v2 2/2] raw-posix: raw_co_get_block_status() return value

[Max Reitz]

Instead of generating the full return value thrice in try_fiemap(),
try_seek_hole() and as a fall-back in raw_co_get_block_status() itself,
generate the value only in raw_co_get_block_status().

Suggested-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
---
 block/raw-posix.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/block/raw-posix.c b/block/raw-posix.c
index dd57992..be030b2 100644
--- a/block/raw-posix.c
+++ b/block/raw-posix.c
@@ -1455,12 +1455,12 @@ out:
     return result;
 }
 
-static int64_t try_fiemap(BlockDriverState *bs, off_t start, off_t *data,
-                          off_t *hole, int nb_sectors, int *pnum)
+static int try_fiemap(BlockDriverState *bs, off_t start, off_t *data,
+                      off_t *hole, int nb_sectors, int *pnum)
 {
 #ifdef CONFIG_FIEMAP
     BDRVRawState *s = bs->opaque;
-    int64_t ret = BDRV_BLOCK_DATA | BDRV_BLOCK_OFFSET_VALID | start;
+    int ret = 0;
     struct {
         struct fiemap fm;
         struct fiemap_extent fe;
@@ -1501,8 +1501,8 @@ static int64_t try_fiemap(BlockDriverState *bs, off_t start, off_t *data,
 #endif
 }
 
-static int64_t try_seek_hole(BlockDriverState *bs, off_t start, off_t *data,
-                             off_t *hole, int *pnum)
+static int try_seek_hole(BlockDriverState *bs, off_t start, off_t *data,
+                         off_t *hole, int *pnum)
 {
 #if defined SEEK_HOLE && defined SEEK_DATA
     BDRVRawState *s = bs->opaque;
@@ -1526,7 +1526,7 @@ static int64_t try_seek_hole(BlockDriverState *bs, off_t start, off_t *data,
         }
     }
 
-    return BDRV_BLOCK_DATA | BDRV_BLOCK_OFFSET_VALID | start;
+    return 0;
 #else
     return -ENOTSUP;
 #endif
@@ -1553,7 +1553,7 @@ static int64_t coroutine_fn raw_co_get_block_status(BlockDriverState *bs,
 {
     off_t start, data = 0, hole = 0;
     int64_t total_size;
-    int64_t ret;
+    int ret;
 
     ret = fd_open(bs);
     if (ret < 0) {
@@ -1576,21 +1576,21 @@ static int64_t coroutine_fn raw_co_get_block_status(BlockDriverState *bs,
             /* Assume everything is allocated. */
             data = 0;
             hole = start + nb_sectors * BDRV_SECTOR_SIZE;
-            ret = BDRV_BLOCK_DATA | BDRV_BLOCK_OFFSET_VALID | start;
+            ret = 0;
         }
     }
 
+    assert(ret >= 0);
+
     if (data <= start) {
         /* On a data extent, compute sectors to the end of the extent.  */
         *pnum = MIN(nb_sectors, (hole - start) / BDRV_SECTOR_SIZE);
+        return ret | BDRV_BLOCK_DATA | BDRV_BLOCK_OFFSET_VALID | start;
     } else {
         /* On a hole, compute sectors to the beginning of the next extent.  */
         *pnum = MIN(nb_sectors, (data - start) / BDRV_SECTOR_SIZE);
-        ret &= ~BDRV_BLOCK_DATA;
-        ret |= BDRV_BLOCK_ZERO;
+        return ret | BDRV_BLOCK_ZERO | BDRV_BLOCK_OFFSET_VALID | start;
     }
-
-    return ret;
 }
 
 static coroutine_fn BlockDriverAIOCB *raw_aio_discard(BlockDriverState *bs,
-- 
2.1.0

Re: [Qemu-devel] [PATCH v2 0/2] raw-posix: Fix raw_co_get_block_status()

[Max Reitz]

On 22.09.2014 17:36, Max Reitz wrote:
> raw_co_get_block_status() should return 0 and set *pnum to 0 after the
> EOF; currently it does this merely by accident, so implement it
> directly. Also, nb_sectors should be clamped against the image end.
>
> While doing that, centralize the generation of
> raw_co_get_block_status()'s return value along the way.
>
>
> v2:
> - Patch 1: Clamp nb_sectors against image end
> - Patch 2: Fix alignment issue
>
>
> Max Reitz (2):
>    raw-posix: Fix raw_co_get_block_status() after EOF
>    raw-posix: raw_co_get_block_status() return value
>
>   block/raw-posix.c | 36 ++++++++++++++++++++++--------------
>   1 file changed, 22 insertions(+), 14 deletions(-)

Ping. (This should be rather simple to review)

Re: [Qemu-devel] [PATCH v2 1/2] raw-posix: Fix raw_co_get_block_status() after EOF

[Eric Blake]

[-- Attachment #1: Type: text/plain, Size: 946 bytes --]

On 09/22/2014 09:36 AM, Max Reitz wrote:
> As its comment states, raw_co_get_block_status() should unconditionally
> return 0 and set *pnum to 0 for after EOF.
> 
> An assertion after lseek(..., SEEK_HOLE) tried to catch this case by
> asserting that errno != -ENXIO (which would indicate a position after
> the EOF); but it should be errno != ENXIO instead. Fix this, too.
> 
> Additionally, nb_sectors should be clamped against the image end. This
> was probably not an issue if FIEMAP or SEEK_HOLE/SEEK_DATA worked, but
> the fallback did not take this case into account.
> 
> Reported-by: Kevin Wolf <kwolf@redhat.com>
> Signed-off-by: Max Reitz <mreitz@redhat.com>
> ---
>  block/raw-posix.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
> 

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 539 bytes --]

Re: [Qemu-devel] [PATCH v2 2/2] raw-posix: raw_co_get_block_status() return value

[Eric Blake]

[-- Attachment #1: Type: text/plain, Size: 619 bytes --]

On 09/22/2014 09:36 AM, Max Reitz wrote:
> Instead of generating the full return value thrice in try_fiemap(),
> try_seek_hole() and as a fall-back in raw_co_get_block_status() itself,
> generate the value only in raw_co_get_block_status().
> 
> Suggested-by: Kevin Wolf <kwolf@redhat.com>
> Signed-off-by: Max Reitz <mreitz@redhat.com>
> ---
>  block/raw-posix.c | 24 ++++++++++++------------
>  1 file changed, 12 insertions(+), 12 deletions(-)
> 

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 539 bytes --]

Re: [Qemu-devel] [PATCH v2 0/2] raw-posix: Fix raw_co_get_block_status()

[Benoît Canet]

On Wed, Oct 08, 2014 at 09:43:19PM +0200, Max Reitz wrote:
> On 22.09.2014 17:36, Max Reitz wrote:
> >raw_co_get_block_status() should return 0 and set *pnum to 0 after the
> >EOF; currently it does this merely by accident, so implement it
> >directly. Also, nb_sectors should be clamped against the image end.
> >
> >While doing that, centralize the generation of
> >raw_co_get_block_status()'s return value along the way.
> >
> >
> >v2:
> >- Patch 1: Clamp nb_sectors against image end
> >- Patch 2: Fix alignment issue
> >
> >
> >Max Reitz (2):
> >   raw-posix: Fix raw_co_get_block_status() after EOF
> >   raw-posix: raw_co_get_block_status() return value
> >
> >  block/raw-posix.c | 36 ++++++++++++++++++++++--------------
> >  1 file changed, 22 insertions(+), 14 deletions(-)
> 
> Ping. (This should be rather simple to review)

Hi Max,

I will review these tomorow.

Best regards

Benoît

Re: [Qemu-devel] [PATCH v2 0/2] raw-posix: Fix raw_co_get_block_status()

[Max Reitz]

Am 09.10.2014 um 20:58 schrieb Benoît Canet:
> On Wed, Oct 08, 2014 at 09:43:19PM +0200, Max Reitz wrote:
>> On 22.09.2014 17:36, Max Reitz wrote:
>>> raw_co_get_block_status() should return 0 and set *pnum to 0 after the
>>> EOF; currently it does this merely by accident, so implement it
>>> directly. Also, nb_sectors should be clamped against the image end.
>>>
>>> While doing that, centralize the generation of
>>> raw_co_get_block_status()'s return value along the way.
>>>
>>>
>>> v2:
>>> - Patch 1: Clamp nb_sectors against image end
>>> - Patch 2: Fix alignment issue
>>>
>>>
>>> Max Reitz (2):
>>>    raw-posix: Fix raw_co_get_block_status() after EOF
>>>    raw-posix: raw_co_get_block_status() return value
>>>
>>>   block/raw-posix.c | 36 ++++++++++++++++++++++--------------
>>>   1 file changed, 22 insertions(+), 14 deletions(-)
>> Ping. (This should be rather simple to review)
> Hi Max,
>
> I will review these tomorow.

Thanks a lot for all of your reviews!

Max

Re: [Qemu-devel] [PATCH v2 1/2] raw-posix: Fix raw_co_get_block_status() after EOF

[Kevin Wolf]

Am 22.09.2014 um 17:36 hat Max Reitz geschrieben:
> As its comment states, raw_co_get_block_status() should unconditionally
> return 0 and set *pnum to 0 for after EOF.
> 
> An assertion after lseek(..., SEEK_HOLE) tried to catch this case by
> asserting that errno != -ENXIO (which would indicate a position after
> the EOF); but it should be errno != ENXIO instead. Fix this, too.
> 
> Additionally, nb_sectors should be clamped against the image end. This
> was probably not an issue if FIEMAP or SEEK_HOLE/SEEK_DATA worked, but
> the fallback did not take this case into account.
> 
> Reported-by: Kevin Wolf <kwolf@redhat.com>
> Signed-off-by: Max Reitz <mreitz@redhat.com>
> ---
>  block/raw-posix.c | 12 ++++++++++--
>  1 file changed, 10 insertions(+), 2 deletions(-)
> 
> diff --git a/block/raw-posix.c b/block/raw-posix.c
> index a253697..dd57992 100644
> --- a/block/raw-posix.c
> +++ b/block/raw-posix.c
> @@ -1509,9 +1509,9 @@ static int64_t try_seek_hole(BlockDriverState *bs, off_t start, off_t *data,
>  
>      *hole = lseek(s->fd, start, SEEK_HOLE);
>      if (*hole == -1) {
> -        /* -ENXIO indicates that sector_num was past the end of the file.
> +        /* ENXIO indicates that sector_num was past the end of the file.
>           * There is a virtual hole there.  */
> -        assert(errno != -ENXIO);
> +        assert(errno != ENXIO);

This assertion can be triggered if another process truncates the file in
the background after it has been opened (bdrv_getlength() usually uses
the cached value, so this race condition isn't even hard to reproduce).

Kevin

>          return -errno;
>      }
> @@ -1552,6 +1552,7 @@ static int64_t coroutine_fn raw_co_get_block_status(BlockDriverState *bs,
>                                                      int nb_sectors, int *pnum)
>  {
>      off_t start, data = 0, hole = 0;
> +    int64_t total_size;
>      int64_t ret;
>  
>      ret = fd_open(bs);
> @@ -1560,6 +1561,13 @@ static int64_t coroutine_fn raw_co_get_block_status(BlockDriverState *bs,
>      }
>  
>      start = sector_num * BDRV_SECTOR_SIZE;
> +    total_size = bdrv_getlength(bs);

bdrv_getlength() can fail.

> +    if (start >= total_size) {
> +        *pnum = 0;
> +        return 0;
> +    } else if (start + nb_sectors * BDRV_SECTOR_SIZE > total_size) {
> +        nb_sectors = (total_size - start) / BDRV_SECTOR_SIZE;
> +    }

Kevin