From nobody Sun Feb 8 12:45:57 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org ARC-Seal: i=1; a=rsa-sha256; t=1572244481; cv=none; d=zoho.com; s=zohoarc; b=UjY/l+Y5F+NN4A/HEiUZFQVvzvO6syrlhCm6lFEuLZQMef++u55H4kZoxWk2DXIekWBPuN9TJzHtopyIpRw1Ucg6qLvQKDMgW8UJsGBQSYf/jYy6Zdq3Uz8FY3h+o3HNA0OSdYeXpiguoynpkeie0FPuAps7y+y1LgQfR2rawTQ= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1572244481; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=mweGHreGZq+6OFXkJlq5LjlouxfBiEAEkmkKDvOEJDE=; b=a506s8nTqN8nQB63cGQ0h948HH0ckZfOKF+ZJjvmumRFZCQGbMMs0Ej+eFIfNqR0RglhmI/t7oSwNSlHotQAmDYPR1tigogk3EnNZFZMG68CG2YEpEqMc61Qg97r6DC4W1ySkJ+ZvnB6rSR7C3HRBVUHiQM2/CNtFpBab10XWkQ= ARC-Authentication-Results: i=1; mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1572244481536738.1588604647247; Sun, 27 Oct 2019 23:34:41 -0700 (PDT) Received: from localhost ([::1]:51104 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iOybq-00066I-AB for importer@patchew.org; Mon, 28 Oct 2019 02:34:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40641) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iOyaw-0004dq-BP for qemu-devel@nongnu.org; Mon, 28 Oct 2019 02:33:39 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iOyau-0006Gj-D8 for qemu-devel@nongnu.org; Mon, 28 Oct 2019 02:33:37 -0400 Received: from smtp.h3c.com ([60.191.123.50]:32062 helo=h3cspam02-ex.h3c.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iOyat-00060B-3c; Mon, 28 Oct 2019 02:33:36 -0400 Received: from DAG2EX02-BASE.srv.huawei-3com.com ([10.8.0.65]) by h3cspam02-ex.h3c.com with ESMTPS id x9S6X6cd028044 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Mon, 28 Oct 2019 14:33:06 +0800 (GMT-8) (envelope-from tu.guoyi@h3c.com) Received: from DAG2EX03-BASE.srv.huawei-3com.com (10.8.0.66) by DAG2EX02-BASE.srv.huawei-3com.com (10.8.0.65) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Mon, 28 Oct 2019 14:33:08 +0800 Received: from DAG2EX03-BASE.srv.huawei-3com.com ([fe80::5d18:e01c:bbbd:c074]) by DAG2EX03-BASE.srv.huawei-3com.com ([fe80::5d18:e01c:bbbd:c074%6]) with mapi id 15.01.1713.004; Mon, 28 Oct 2019 14:33:08 +0800 From: Tuguoyi To: "vsementsov@virtuozzo.com" , "kwolf@redhat.com" , "mreitz@redhat.com" , "qemu-block@nongnu.org" Subject: [PATCH v2] qcow2-bitmap: Fix uint64_t left-shift overflow Thread-Topic: [PATCH v2] qcow2-bitmap: Fix uint64_t left-shift overflow Thread-Index: AdWNWOAJ7czUdZfnT3+PEnECPxQetw== Date: Mon, 28 Oct 2019 06:33:08 +0000 Message-ID: <494aedb644bf434f8eee0263aa17aa23@h3c.com> Accept-Language: en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.125.108.112] x-sender-location: DAG2 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-DNSRBL: X-MAIL: h3cspam02-ex.h3c.com x9S6X6cd028044 X-detected-operating-system: by eggs.gnu.org: FreeBSD 9.x [fuzzy] X-Received-From: 60.191.123.50 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Chengchiwen , "qemu-devel@nongnu.org" , Wangyongqing , Changlimin , Gaoliang , Wangyong Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" In check_constraints_on_bitmap(), the sanity check on the granularity will cause uint64_t integer left-shift overflow when cluster_size is 2M and the granularity is BIGGER than 32K. As a result, for a qcow2 disk with cluster_size set to 2M, we could not even create a dirty bitmap with default granularity. This patch fix the issue by dividing @len by granularity instead. Signed-off-by: Guoyi Tu Reviewed-by: Vladimir Sementsov-Ogievskiy --- block/qcow2-bitmap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/block/qcow2-bitmap.c b/block/qcow2-bitmap.c index 98294a7..71ac822 100644 --- a/block/qcow2-bitmap.c +++ b/block/qcow2-bitmap.c @@ -172,8 +172,8 @@ static int check_constraints_on_bitmap(BlockDriverState= *bs, } =20 if ((len > (uint64_t)BME_MAX_PHYS_SIZE << granularity_bits) || - (len > (uint64_t)BME_MAX_TABLE_SIZE * s->cluster_size << - granularity_bits)) + (DIV_ROUND_UP(len, granularity) > (uint64_t)BME_MAX_TABLE_SIZE * + s->cluster_size)) { error_setg(errp, "Too much space will be occupied by the bitmap. " "Use larger granularity"); --=20 2.7.4