From 4096974e1885913dfe2931863be47bd35b266521 Mon Sep 17 00:00:00 2001 From: Eric Blake Date: Fri, 17 Nov 2017 10:47:47 -0600 Subject: [PATCH] qcow2: fix image corruption on commit with persistent bitmap If an image contains persistent bitmaps, we cannot use the fast path of bdrv_make_empty() to clear the image during qemu-img commit, because that will lose the clusters related to the bitmaps. Also leave a comment in qcow2_read_extensions to remind future feature additions to think about fast-path removal, since we just barely fixed the same bug for LUKS encryption. It's a pain that qemu-img has not yet been taught to manipulate, or even at a very minimum display, information about persistent bitmaps; instead, we have to use QMP commands. It's also a pain that only qeury-block and x-debug-block-dirty-bitmap-sha256 will allow bitmap introspection; but the former requires the node to be hooked to a block device, and the latter is experimental. Signed-off-by: Eric Blake Signed-off-by: Kevin Wolf --- block/qcow2.c | 17 +-- tests/qemu-iotests/176 | 55 ++++++++-- tests/qemu-iotests/176.out | 216 ++++++++++++++++++++++++++++++++++++- 3 files changed, 270 insertions(+), 18 deletions(-) diff --git a/block/qcow2.c b/block/qcow2.c index e9a86b7443..f2731a7cb5 100644 --- a/block/qcow2.c +++ b/block/qcow2.c @@ -376,6 +376,8 @@ static int qcow2_read_extensions(BlockDriverState *bs, uint64_t start_offset, default: /* unknown magic - save it in case we need to rewrite the header */ + /* If you add a new feature, make sure to also update the fast + * path of qcow2_make_empty() to deal with it. */ { Qcow2UnknownHeaderExtension *uext; @@ -3600,15 +3602,16 @@ static int qcow2_make_empty(BlockDriverState *bs) l1_clusters = DIV_ROUND_UP(s->l1_size, s->cluster_size / sizeof(uint64_t)); - if (s->qcow_version >= 3 && !s->snapshots && + if (s->qcow_version >= 3 && !s->snapshots && !s->nb_bitmaps && 3 + l1_clusters <= s->refcount_block_size && s->crypt_method_header != QCOW_CRYPT_LUKS) { - /* The following function only works for qcow2 v3 images (it requires - * the dirty flag) and only as long as there are no snapshots (because - * it completely empties the image). Furthermore, the L1 table and three - * additional clusters (image header, refcount table, one refcount - * block) have to fit inside one refcount block. It cannot be used - * for LUKS (yet) as it throws away the LUKS header cluster(s) */ + /* The following function only works for qcow2 v3 images (it + * requires the dirty flag) and only as long as there are no + * features that reserve extra clusters (such as snapshots, + * LUKS header, or persistent bitmaps), because it completely + * empties the image. Furthermore, the L1 table and three + * additional clusters (image header, refcount table, one + * refcount block) have to fit inside one refcount block. */ return make_completely_empty(bs); } diff --git a/tests/qemu-iotests/176 b/tests/qemu-iotests/176 index 950b28720e..0f31a20294 100755 --- a/tests/qemu-iotests/176 +++ b/tests/qemu-iotests/176 @@ -3,10 +3,11 @@ # Commit changes into backing chains and empty the top image if the # backing image is not explicitly specified. # -# Variant of 097, which includes snapshots to test different codepath -# in qcow2 +# Variant of 097, which includes snapshots and persistent bitmaps, to +# tickle the slow codepath in qcow2. See also 198, for another feature +# that tickles the slow codepath. # -# Copyright (C) 2014 Red Hat, Inc. +# Copyright (C) 2014, 2017 Red Hat, Inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -43,11 +44,18 @@ trap "_cleanup; exit \$status" 0 1 2 3 15 . ./common.filter . ./common.pattern -# Any format supporting backing files and bdrv_make_empty +# This test is specific to qcow2 _supported_fmt qcow2 _supported_proto file _supported_os Linux +function run_qemu() +{ + $QEMU -nographic -qmp stdio -serial none "$@" 2>&1 \ + | _filter_testdir | _filter_qmp | _filter_qemu +} + +for reason in snapshot bitmap; do # Four passes: # 0: Two-layer backing chain, commit to upper backing file (implicitly) @@ -66,14 +74,29 @@ _supported_os Linux for i in 0 1 2 3; do echo -echo "=== Test pass $i ===" +echo "=== Test pass $reason.$i ===" echo len=$((2100 * 1024 * 1024 + 512)) # larger than 2G, and not cluster aligned TEST_IMG="$TEST_IMG.base" _make_test_img $len TEST_IMG="$TEST_IMG.itmd" _make_test_img -b "$TEST_IMG.base" $len _make_test_img -b "$TEST_IMG.itmd" $len -$QEMU_IMG snapshot -c snap "$TEST_IMG" +# Update the top image to use a feature that is incompatible with fast path +case $reason in + snapshot) $QEMU_IMG snapshot -c snap "$TEST_IMG" ;; + bitmap) + run_qemu <