On Wed, Aug 04, 2021 at 08:48:24PM +0100, Richard W.M. Jones wrote:
Commit eb6009b092 ("cache, cow: Reduce use of
bounce-buffer") first
introduced in nbdkit 1.14 added an optimization of the
read-modify-write mechanism used for unaligned heads and tails when
zeroing in the cache layer.
Unfortunately the part applied to the tail contained a mistake: It
zeroes the end of the buffer rather than the beginning. This causes
data corruption when you use the zero or trim function with an offset
and count which is not aligned to the block size.
Ouch. And I was copying from the blocksize filter, which did it
correctly. Thanks so much for finding and fixing this.
We can demonstrate this by filling a buffer with data (100000 bytes in
the example), and then trimming that data which ought to zero it all
out but does not.
Before this commit:
$ nbdkit --filter=cow data "33 * 100000" --run 'nbdsh -u $uri -c
"h.trim(100000, 0)" ; nbdcopy $uri - | hexdump -C'
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00018000 21 21 21 21 21 21 21 21 21 21 21 21 21 21 21 21 |!!!!!!!!!!!!!!!!|
*
000186a0
After this commit:
$ ./nbdkit --filter=cow data "33 * 100000" --run 'nbdsh -u $uri -c
"h.trim(100000, 0)" ; nbdcopy $uri - | hexdump -C'
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000186a0
Fixes: commit eb6009b092ae642ed25f133d487dd40ef7bf70f8
Thanks: Ming Xie for originally finding the bug
---
filters/cache/cache.c | 2 +-
filters/cow/cow.c | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
Ack. And yes, we'll have to backport this to quite a few places.
I'll get started on that, to get more experience on doing Fedora
releases.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization:
qemu.org |
libvirt.org