tests/qemu-iotests/080 - qemu - Git at Google

 #!/usr/bin/env bash
 # group: rw auto
 #
 # qcow2 format input validation tests
 #
 # Copyright (C) 2013 Red Hat, Inc.
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 #

 # creator
 owner=kwolf@redhat.com

 seq=`basename $0`
 echo "QA output created by $seq"

 status=1	# failure is the default!

 _cleanup()
 {
     _rm_test_img "$TEST_IMG.snap"
     _cleanup_test_img
 }
 trap "_cleanup; exit \$status" 0 1 2 3 15

 # get standard environment, filters and checks
 . ./common.rc
 . ./common.filter

 _supported_fmt qcow2
 _supported_proto file fuse
 _supported_os Linux
 # - Internal snapshots are (currently) impossible with refcount_bits=1,
 #   and generally impossible with external data files
 # - This is generally a test for compat=1.1 images
 _unsupported_imgopts 'refcount_bits=1[^0-9]' data_file 'compat=0.10'

 header_size=112

 offset_backing_file_offset=8
 offset_backing_file_size=16
 offset_l1_size=36
 offset_l1_table_offset=40
 offset_refcount_table_offset=48
 offset_refcount_table_clusters=56
 offset_nb_snapshots=60
 offset_snapshots_offset=64
 offset_header_size=100
 offset_ext_magic=$header_size
 offset_ext_size=$((header_size + 4))

 offset_l2_table_0=$((0x40000))

 offset_snap1=$((0x70000))
 offset_snap1_l1_offset=$((offset_snap1 + 0))
 offset_snap1_l1_size=$((offset_snap1 + 8))

 echo
 echo "== Huge header size =="
 _make_test_img 64M
 poke_file "$TEST_IMG" "$offset_header_size" "\xff\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_header_size" "\x7f\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Huge unknown header extension =="
 _make_test_img 64M
 poke_file "$TEST_IMG" "$offset_backing_file_offset" "\xff\xff\xff\xff\xff\xff\xff\xff"
 poke_file "$TEST_IMG" "$offset_ext_magic" "\x12\x34\x56\x78"
 poke_file "$TEST_IMG" "$offset_ext_size" "\x7f\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x$(printf %x $offset_ext_size)"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Huge refcount table size =="
 _make_test_img 64M
 poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\xff\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x02\x00\x01"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Misaligned refcount table =="
 _make_test_img 64M
 poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Huge refcount offset =="
 _make_test_img 64M
 poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
 poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x00\x00\x7f"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Invalid snapshot table =="
 _make_test_img 64M
 poke_file "$TEST_IMG" "$offset_nb_snapshots" "\xff\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x7f\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 poke_file "$TEST_IMG" "$offset_snapshots_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
 poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
 poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\x00\x00"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Hitting snapshot table size limit =="
 _make_test_img 64M
 # Put the refcount table in a more or less safe place (16 MB)
 poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x00\x00\x00\x00\x01\x00\x00\x00"
 poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x01\x00\x00"
 { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Invalid L1 table =="
 _make_test_img 64M
 poke_file "$TEST_IMG" "$offset_l1_size" "\xff\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_l1_size" "\x7f\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x7f\xff\xff\xff\xff\xff\x00\x00"
 poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
 poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x01"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Invalid L1 table (with internal snapshot in the image) =="
 _make_test_img 64M
 { $QEMU_IMG snapshot -c foo $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x00"
 _img_info

 echo
 echo "== Invalid backing file size =="
 _make_test_img 64M
 poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x10\x00"
 poke_file "$TEST_IMG" "$offset_backing_file_size" "\xff\xff\xff\xff"
 { $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Invalid L2 entry (huge physical offset) =="
 _make_test_img 64M
 { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_l2_table_0" "\xbf\xff\xff\xff\xff\xff\x00\x00"
 { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 poke_file "$TEST_IMG" "$offset_l2_table_0" "\x80\x00\x00\xff\xff\xff\x00\x00"
 { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir

 echo
 echo "== Invalid snapshot L1 table offset =="
 _make_test_img 64M
 { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir
 poke_file "$TEST_IMG" "$offset_snap1_l1_offset" "\x00\x00\x00\x00\x00\x40\x02\x00"
 { $QEMU_IMG convert -l test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir
 { $QEMU_IMG amend -o compat=0.10 $TEST_IMG; } 2>&1 | _filter_testdir
 { $QEMU_IO -c "open -o overlap-check.inactive-l2=on $TEST_IMG" \
            -c 'write 0 4k'; } 2>&1 | _filter_qemu_io | _filter_testdir
 { $QEMU_IMG snapshot -a test $TEST_IMG; } 2>&1 | _filter_testdir
 { $QEMU_IMG snapshot -d test $TEST_IMG; } 2>&1 | _filter_testdir
 _check_test_img

 echo
 echo "== Invalid snapshot L1 table size =="
 _make_test_img 64M
 { $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
 { $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir
 poke_file "$TEST_IMG" "$offset_snap1_l1_size" "\x10\x00\x00\x00"
 { $QEMU_IMG convert -l test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir
 { $QEMU_IMG amend -o compat=0.10 $TEST_IMG; } 2>&1 | _filter_testdir
 { $QEMU_IO -c "open -o overlap-check.inactive-l2=on $TEST_IMG" \
            -c 'write 0 4k'; } 2>&1 | _filter_qemu_io | _filter_testdir
 { $QEMU_IMG snapshot -a test $TEST_IMG; } 2>&1 | _filter_testdir
 { $QEMU_IMG snapshot -d test $TEST_IMG; } 2>&1 | _filter_testdir
 _check_test_img

 # success, all done
 echo "*** done"
 rm -f $seq.full
 status=0
	#!/usr/bin/env bash
	# group: rw auto
	#
	# qcow2 format input validation tests
	#
	# Copyright (C) 2013 Red Hat, Inc.
	#
	# This program is free software; you can redistribute it and/or modify
	# it under the terms of the GNU General Public License as published by
	# the Free Software Foundation; either version 2 of the License, or
	# (at your option) any later version.
	#
	# This program is distributed in the hope that it will be useful,
	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	# GNU General Public License for more details.
	#
	# You should have received a copy of the GNU General Public License
	# along with this program. If not, see <http://www.gnu.org/licenses/>.
	#

	# creator
	owner=kwolf@redhat.com

	seq=`basename $0`
	echo "QA output created by $seq"

	status=1 # failure is the default!

	_cleanup()
	{
	_rm_test_img "$TEST_IMG.snap"
	_cleanup_test_img
	}
	trap "_cleanup; exit \$status" 0 1 2 3 15

	# get standard environment, filters and checks
	. ./common.rc
	. ./common.filter

	_supported_fmt qcow2
	_supported_proto file fuse
	_supported_os Linux
	# - Internal snapshots are (currently) impossible with refcount_bits=1,
	# and generally impossible with external data files
	# - This is generally a test for compat=1.1 images
	_unsupported_imgopts 'refcount_bits=1[^0-9]' data_file 'compat=0.10'

	header_size=112

	offset_backing_file_offset=8
	offset_backing_file_size=16
	offset_l1_size=36
	offset_l1_table_offset=40
	offset_refcount_table_offset=48
	offset_refcount_table_clusters=56
	offset_nb_snapshots=60
	offset_snapshots_offset=64
	offset_header_size=100
	offset_ext_magic=$header_size
	offset_ext_size=$((header_size + 4))

	offset_l2_table_0=$((0x40000))

	offset_snap1=$((0x70000))
	offset_snap1_l1_offset=$((offset_snap1 + 0))
	offset_snap1_l1_size=$((offset_snap1 + 8))

	echo
	echo "== Huge header size =="
	_make_test_img 64M
	poke_file "$TEST_IMG" "$offset_header_size" "\xff\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_header_size" "\x7f\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Huge unknown header extension =="
	_make_test_img 64M
	poke_file "$TEST_IMG" "$offset_backing_file_offset" "\xff\xff\xff\xff\xff\xff\xff\xff"
	poke_file "$TEST_IMG" "$offset_ext_magic" "\x12\x34\x56\x78"
	poke_file "$TEST_IMG" "$offset_ext_size" "\x7f\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x$(printf %x $offset_ext_size)"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Huge refcount table size =="
	_make_test_img 64M
	poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\xff\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x02\x00\x01"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Misaligned refcount table =="
	_make_test_img 64M
	poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Huge refcount offset =="
	_make_test_img 64M
	poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
	poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x00\x00\x7f"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Invalid snapshot table =="
	_make_test_img 64M
	poke_file "$TEST_IMG" "$offset_nb_snapshots" "\xff\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x7f\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	poke_file "$TEST_IMG" "$offset_snapshots_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
	poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
	poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\x00\x00"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Hitting snapshot table size limit =="
	_make_test_img 64M
	# Put the refcount table in a more or less safe place (16 MB)
	poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x00\x00\x00\x00\x01\x00\x00\x00"
	poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x01\x00\x00"
	{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 \| _filter_testdir
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Invalid L1 table =="
	_make_test_img 64M
	poke_file "$TEST_IMG" "$offset_l1_size" "\xff\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_l1_size" "\x7f\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x7f\xff\xff\xff\xff\xff\x00\x00"
	poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
	poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x01"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Invalid L1 table (with internal snapshot in the image) =="
	_make_test_img 64M
	{ $QEMU_IMG snapshot -c foo $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x00"
	_img_info

	echo
	echo "== Invalid backing file size =="
	_make_test_img 64M
	poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x10\x00"
	poke_file "$TEST_IMG" "$offset_backing_file_size" "\xff\xff\xff\xff"
	{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Invalid L2 entry (huge physical offset) =="
	_make_test_img 64M
	{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_l2_table_0" "\xbf\xff\xff\xff\xff\xff\x00\x00"
	{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_l2_table_0" "\x80\x00\x00\xff\xff\xff\x00\x00"
	{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir

	echo
	echo "== Invalid snapshot L1 table offset =="
	_make_test_img 64M
	{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_snap1_l1_offset" "\x00\x00\x00\x00\x00\x40\x02\x00"
	{ $QEMU_IMG convert -l test $TEST_IMG $TEST_IMG.snap; } 2>&1 \| _filter_testdir
	{ $QEMU_IMG amend -o compat=0.10 $TEST_IMG; } 2>&1 \| _filter_testdir
	{ $QEMU_IO -c "open -o overlap-check.inactive-l2=on $TEST_IMG" \
	-c 'write 0 4k'; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	{ $QEMU_IMG snapshot -a test $TEST_IMG; } 2>&1 \| _filter_testdir
	{ $QEMU_IMG snapshot -d test $TEST_IMG; } 2>&1 \| _filter_testdir
	_check_test_img

	echo
	echo "== Invalid snapshot L1 table size =="
	_make_test_img 64M
	{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 \| _filter_testdir
	poke_file "$TEST_IMG" "$offset_snap1_l1_size" "\x10\x00\x00\x00"
	{ $QEMU_IMG convert -l test $TEST_IMG $TEST_IMG.snap; } 2>&1 \| _filter_testdir
	{ $QEMU_IMG amend -o compat=0.10 $TEST_IMG; } 2>&1 \| _filter_testdir
	{ $QEMU_IO -c "open -o overlap-check.inactive-l2=on $TEST_IMG" \
	-c 'write 0 4k'; } 2>&1 \| _filter_qemu_io \| _filter_testdir
	{ $QEMU_IMG snapshot -a test $TEST_IMG; } 2>&1 \| _filter_testdir
	{ $QEMU_IMG snapshot -d test $TEST_IMG; } 2>&1 \| _filter_testdir
	_check_test_img

	# success, all done
	echo "*** done"
	rm -f $seq.full
	status=0