Bug 1807377
Summary: | qcow2_alloc_cluster_abort() frees preallocated zero clusters | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux Advanced Virtualization | Reporter: | Hanna Czenczek <hreitz> |
Component: | qemu-kvm | Assignee: | Hanna Czenczek <hreitz> |
qemu-kvm sub component: | qcow2 | QA Contact: | Xueqiang Wei <xuwei> |
Status: | CLOSED ERRATA | Docs Contact: | |
Severity: | low | ||
Priority: | low | CC: | coli, ddepaula, jinzhao, juzhang, virt-maint |
Version: | 8.2 | Keywords: | Triaged |
Target Milestone: | rc | ||
Target Release: | 8.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | qemu-kvm-5.1.0-4.module+el8.3.0+7846+ae9b566f | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1807057 | Environment: | |
Last Closed: | 2020-11-17 17:46:46 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1807057 | ||
Bug Blocks: |
Description
Hanna Czenczek
2020-02-26 09:04:19 UTC
Hi Danilo, Seems this bug has already been fixed in the rebase, could you please help update the bug status ? commit 8aa34834d566ba4e635d6029339a5f4f1ae1685e Author: Alberto Garcia <berto> Date: Fri Nov 3 16:18:52 2017 +0200 qcow2: Prevent allocating compressed clusters at offset 0 If the refcount data is corrupted then we can end up trying to allocate a new compressed cluster at offset 0 in the image, triggering an assertion in qcow2_alloc_bytes() that would crash QEMU: qcow2_alloc_bytes: Assertion `offset' failed. This patch adds an explicit check for this scenario and a new test case. Signed-off-by: Alberto Garcia <berto> Message-id: fb53467cf48e95ff3330def1cf1003a5b862b7d9.1509718618.git.berto Reviewed-by: Max Reitz <mreitz> Signed-off-by: Max Reitz <mreitz> Thanks. Hi Cong, Danilo, Tested with qemu-kvm-5.1.0-3.module+el8.3.0+7708+740a1315, not hit this issue. It works well. Versions: kernel-4.18.0-233.el8.x86_64 qemu-kvm-5.1.0-3.module+el8.3.0+7708+740a1315 Steps: # cat > blkdebug.conf <<EOF [inject-error] event = "write_aio" errno = "5" immediately = "on" once = "on" EOF # qemu-img create -f qcow2 foo.qcow2 64M Formatting 'foo.qcow2', fmt=qcow2 cluster_size=65536 compression_type=zlib size=67108864 lazy_refcounts=off refcount_bits=16 # qemu-io -c 'write 0 64k' -c 'write -z 0 64k' foo.qcow2 wrote 65536/65536 bytes at offset 0 64 KiB, 1 ops; 00.00 sec (15.980 MiB/sec and 255.6829 ops/sec) wrote 65536/65536 bytes at offset 0 64 KiB, 1 ops; 00.00 sec (254.704 MiB/sec and 4075.2619 ops/sec) # qemu-io -c 'write 0 64k' blkdebug:blkdebug.conf:foo.qcow2 write failed: Input/output error # qemu-img check foo.qcow2 No errors were found on the image. 1/1024 = 0.10% allocated, 0.00% fragmented, 0.00% compressed clusters Image end offset: 393216 Hi Danilo, Any update? Thanks. Hi, ITR wasn't set so it doesn't show in the queries looking for fixes appearing upstream. Tested with qemu-kvm-5.1.0-4.module+el8.3.0+7846+ae9b566f, not hit this issue. So set status to VERIFIED. Versions: kernel-4.18.0-234.el8.x86_64 qemu-kvm-5.1.0-4.module+el8.3.0+7846+ae9b566f Steps: # cat > blkdebug.conf <<EOF [inject-error] event = "write_aio" errno = "5" immediately = "on" once = "on" EOF # qemu-img create -f qcow2 foo.qcow2 64M Formatting 'foo.qcow2', fmt=qcow2 cluster_size=65536 compression_type=zlib size=67108864 lazy_refcounts=off refcount_bits=16 # qemu-io -c 'write 0 64k' -c 'write -z 0 64k' foo.qcow2 wrote 65536/65536 bytes at offset 0 64 KiB, 1 ops; 00.18 sec (363.550 KiB/sec and 5.6805 ops/sec) wrote 65536/65536 bytes at offset 0 64 KiB, 1 ops; 00.01 sec (11.056 MiB/sec and 176.9039 ops/sec) # qemu-io -c 'write 0 64k' blkdebug:blkdebug.conf:foo.qcow2 write failed: Input/output error # qemu-img check foo.qcow2 No errors were found on the image. 1/1024 = 0.10% allocated, 0.00% fragmented, 0.00% compressed clusters Image end offset: 393216 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (virt:8.3 bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:5137 |