On Fri, 04/24 13:51, Paolo Bonzini wrote:
>
>
> On 24/04/2015 13:00, Paolo Bonzini wrote:
> >> - qemu_iovec_add(&local_qiov, head_buf, offset & (align - 1));
> >> - qemu_iovec_concat(&local_qiov, qiov, 0, qiov->size);
> >> - use_local_qiov = true;
> >> + if (qiov) {
> >> + qemu_iovec_init(&local_qiov, qiov ? qiov->niov + 2 : 1);
> >> + qemu_iovec_add(&local_qiov, head_buf, offset & (align - 1));
> >> + qemu_iovec_concat(&local_qiov, qiov, 0, qiov->size);
> >> + use_local_qiov = true;
> >> + bytes += offset & (align - 1);
> >> + offset = offset & ~(align - 1);
> >> + } else {
> >> + memset(head_buf + (offset & (align - 1)), 0,
> >> + align - (offset & (align - 1)));
>
> Actually, is the byte count correct if bytes < align? In the case of
> your testcase, you'd destroy bytes 1536..4095.
Yes, good catch!
Fam
>
> Same for the computation of bytes, below. It could underflow.
>
> Perhaps a qemu-iotests testcase, using qemu-io, is also necessary.
>
> Paolo
>
> >> + ret = bdrv_aligned_pwritev(bs, &req, offset & ~(align - 1),
> >> align,
> >> + &head_qiov, 0);
> >> + if (ret < 0) {
> >> + goto fail;
> >> + }
> >> + bytes -= align - (offset & (align - 1));
> >> + offset = ROUND_UP(offset, align);
> >> + }
> >> + }
