VirtualBox

Changeset 30044 in vbox for trunk/src/VBox/Devices/Storage


Ignore:
Timestamp:
Jun 4, 2010 6:59:05 PM (15 years ago)
Author:
vboxsync
svn:sync-xref-src-repo-rev:
62398
Message:

VBoxHDD/Async: Fix variable initialization, was always 0 before. Fix unallowed modification of the parent S/G buffer under certain circumstances. Both bugs happen only during a write to a so far unallocted block

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/Devices/Storage/VBoxHDD.cpp

    r29497 r30044  
    269269            /** Number of bytes to post read. */
    270270            size_t                       cbPostRead;
     271            /** Number of bytes to write left in the parent. */
     272            size_t                       cbWriteParent;
    271273            /** Write type dependent data. */
    272274            union
     
    281283                    /** Bytes to read from the image. */
    282284                    size_t               cbReadImage;
    283                     /** Number of bytes to wite left. */
    284                     size_t               cbWrite;
    285285                } Optimized;
    286286            } Write;
     
    643643                                       PCRTSGSEG paSeg, unsigned cSeg,
    644644                                       PVDIOCTX pIoCtxParent, size_t cbTransferParent,
    645                                        void *pvAllocation,
     645                                       size_t cbWriteParent, void *pvAllocation,
    646646                                       PFNVDIOCTXTRANSFER pfnIoCtxTransfer)
    647647{
     
    655655        pIoCtx->Type.Child.cbTransferLeftSaved = cbTransfer;
    656656        pIoCtx->Type.Child.cbTransferParent    = cbTransferParent;
     657        pIoCtx->Type.Child.cbWriteParent       = cbWriteParent;
    657658    }
    658659
     
    12991300        /* Now assemble the remaining data. */
    13001301        if (cbWriteCopy)
    1301             vdIoCtxCopy(pIoCtx, pIoCtxParent, cbWriteCopy);
     1302        {
     1303            /*
     1304             * The S/G buffer of the parent needs to be cloned because
     1305             * it is not allowed to modify the state.
     1306             */
     1307            RTSGBUF SgBufParentTmp;
     1308
     1309            RTSgBufClone(&SgBufParentTmp, &pIoCtxParent->SgBuf);
     1310            RTSgBufCopy(&pIoCtx->SgBuf, &SgBufParentTmp, cbWriteCopy);
     1311        }
     1312
    13021313        /* Zero out the remainder of this block. Will never be visible, as this
    13031314         * is beyond the limit of the image. */
     
    13131324    rc = pImage->Backend->pfnAsyncWrite(pImage->pvBackendData,
    13141325                                        pIoCtx->uOffset - cbPreRead,
    1315                                         cbPreRead + pIoCtx->cbTransferLeft + cbPostRead,
     1326                                        cbPreRead + cbThisWrite + cbPostRead,
    13161327                                        pIoCtx, NULL, &cbPreRead, &cbPostRead, 0);
    13171328    Assert(rc != VERR_VD_BLOCK_FREE);
     
    13541365    size_t cbPreRead   = pIoCtx->Type.Child.cbPreRead;
    13551366    size_t cbPostRead  = pIoCtx->Type.Child.cbPostRead;
    1356     size_t cbWrite     = pIoCtx->Type.Child.Write.Optimized.cbWrite;
     1367    size_t cbWrite     = pIoCtx->Type.Child.cbWriteParent;
    13571368    size_t cbFill = 0;
    13581369    size_t cbWriteCopy = 0;
     
    13891400    pIoCtx->cbTransferLeft = cbPreRead + cbThisWrite + cbPostRead - cbFill;
    13901401    pIoCtx->cbTransfer     = pIoCtx->cbTransferLeft;
    1391     pIoCtx->uOffset -= cbPreRead;
     1402    pIoCtx->uOffset       -= cbPreRead;
    13921403
    13931404    /* Next step */
     
    14391450                pIoCtx->fBlocked = true;
    14401451                Assert(pIoCtx->NodeWriteGrowing.pNext == &pDisk->ListWriteGrowing);
    1441                 Assert(pDisk->ListWriteGrowing.pPrev == & pIoCtx->NodeWriteGrowing);
     1452                Assert(pDisk->ListWriteGrowing.pPrev == &pIoCtx->NodeWriteGrowing);
    14421453                rc = VERR_VD_ASYNC_IO_IN_PROGRESS;
    14431454                break;
     
    14591470                                                         pTmp, 1,
    14601471                                                         pIoCtx, cbThisWrite,
     1472                                                         cbWrite,
    14611473                                                         pTmp,
    14621474                                                           (pImage->uOpenFlags & VD_OPEN_FLAGS_HONOR_SAME)
Note: See TracChangeset for help on using the changeset viewer.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette