On 5/10/24 14:54, Alexey Kuznetsov wrote:
Images of size > 2TB are corrupted!
https://pmc.acronis.work/browse/TTASK-68430
Signed-off-by: Alexey Kuznetsov <kuz...@acronis.com>
---
drivers/md/dm-ploop.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/md/dm-ploop.h b/drivers/md/dm-ploop.h
index db36687..e693d0e 100644
--- a/drivers/md/dm-ploop.h
+++ b/drivers/md/dm-ploop.h
@@ -317,7 +317,7 @@ static inline void ploop_remap_to_cluster(struct ploop
*ploop,
struct pio *pio, u32 clu)
{
pio->bi_iter.bi_sector &= ((1 << ploop->cluster_log) - 1);
- pio->bi_iter.bi_sector |= (clu << ploop->cluster_log);
+ pio->bi_iter.bi_sector |= ((u64)clu << ploop->cluster_log);
}
static inline bool ploop_whole_cluster(struct ploop *ploop, struct pio *pio)
this is really integer overflow. Validated that with the simple
test program.
iris ~ $ cat 1.c
#include <stdint.h>
#include <stdio.h>
struct s
{
uint64_t x;
};
int main()
{
uint32_t clu = 0x200000, log = 20;
struct s st = {
.x = 0,
};
st.x |= clu << log;
printf("%lu\n", st.x);
st.x |= (uint64_t)clu << log;
printf("%lu\n", st.x);
return 0;
}
iris ~ $ ./a.out
0
2199023255552
iris ~ $
The most important question is that do we have other similar
places or not?
Den
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
