[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [Bug 1354529] Re: qemu-io: Assert failure on the fuzzed qco
From: |
Max Reitz |
Subject: |
[Qemu-devel] [Bug 1354529] Re: qemu-io: Assert failure on the fuzzed qcow2 image |
Date: |
Tue, 21 Oct 2014 10:57:18 -0000 |
Hi,
This issue has been fixed in master
(5f77ef69a195098baddfdc6d189f1b4a94587378):
$ ./qemu-io copy.img -c 'write 2856960 208896'
qcow2_free_clusters failed: Invalid argument
qcow2_free_clusters failed: Invalid argument
qcow2_free_clusters failed: Invalid argument
qcow2_free_clusters failed: Invalid argument
qcow2_free_clusters failed: Invalid argument
qcow2_free_clusters failed: File too large
qcow2_free_clusters failed: Invalid argument
qcow2: Image is corrupt: Cannot free unaligned cluster 0xfffffffffffe00;
further non-fatal corruption events will be suppressed
qcow2_free_clusters failed: Invalid argument
qcow2: Marking image as corrupt: Data cluster offset 0xfffffe00 unaligned
(guest offset: 0x2e1000); further corruption events will be suppressed
write failed: Input/output error
Thanks for your report (and your fuzzer),
Max
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1354529
Title:
qemu-io: Assert failure on the fuzzed qcow2 image
Status in QEMU:
Fix Committed
Bug description:
'qemu-io -c write' failed on the fuzzed image with missed refcount
tables:
Sequence:
1. Unpack the attached archive, make a copy of test.img
2. Put copy.img and backing_img.cow in the same directory
3. Execute
qemu-io copy.img -c 'write 2856960 208896'
Result: qemu-io was killed by SIGIOT with the reason:
qemu-io: block/qcow2-cluster.c:910: handle_copied: Assertion `*host_offset ==
0
|| offset_into_cluster(s, guest_offset) == offset_into_cluster(s,
*host_offset)'
failed.
qemu.git HEAD 2d591ce2aeebf
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1354529/+subscriptions
- [Qemu-devel] [Bug 1354529] Re: qemu-io: Assert failure on the fuzzed qcow2 image,
Max Reitz <=