xref: /qemu/tests/qemu-iotests/080 (revision b355f08a) 
1#!/usr/bin/env bash
2# group: rw auto
3#
4# qcow2 format input validation tests
5#
6# Copyright (C) 2013 Red Hat, Inc.
7#
8# This program is free software; you can redistribute it and/or modify
9# it under the terms of the GNU General Public License as published by
10# the Free Software Foundation; either version 2 of the License, or
11# (at your option) any later version.
12#
13# This program is distributed in the hope that it will be useful,
14# but WITHOUT ANY WARRANTY; without even the implied warranty of
15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16# GNU General Public License for more details.
17#
18# You should have received a copy of the GNU General Public License
19# along with this program.  If not, see <http://www.gnu.org/licenses/>.
20#
21
22# creator
23owner=kwolf@redhat.com
24
25seq=`basename $0`
26echo "QA output created by $seq"
27
28status=1	# failure is the default!
29
30_cleanup()
31{
32    _rm_test_img "$TEST_IMG.snap"
33    _cleanup_test_img
34}
35trap "_cleanup; exit \$status" 0 1 2 3 15
36
37# get standard environment, filters and checks
38. ./common.rc
39. ./common.filter
40
41_supported_fmt qcow2
42_supported_proto file fuse
43_supported_os Linux
44# - Internal snapshots are (currently) impossible with refcount_bits=1,
45#   and generally impossible with external data files
46# - This is generally a test for compat=1.1 images
47_unsupported_imgopts 'refcount_bits=1[^0-9]' data_file 'compat=0.10'
48
49header_size=112
50
51offset_backing_file_offset=8
52offset_backing_file_size=16
53offset_l1_size=36
54offset_l1_table_offset=40
55offset_refcount_table_offset=48
56offset_refcount_table_clusters=56
57offset_nb_snapshots=60
58offset_snapshots_offset=64
59offset_header_size=100
60offset_ext_magic=$header_size
61offset_ext_size=$((header_size + 4))
62
63offset_l2_table_0=$((0x40000))
64
65offset_snap1=$((0x70000))
66offset_snap1_l1_offset=$((offset_snap1 + 0))
67offset_snap1_l1_size=$((offset_snap1 + 8))
68
69echo
70echo "== Huge header size =="
71_make_test_img 64M
72poke_file "$TEST_IMG" "$offset_header_size" "\xff\xff\xff\xff"
73{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
74poke_file "$TEST_IMG" "$offset_header_size" "\x7f\xff\xff\xff"
75{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
76
77echo
78echo "== Huge unknown header extension =="
79_make_test_img 64M
80poke_file "$TEST_IMG" "$offset_backing_file_offset" "\xff\xff\xff\xff\xff\xff\xff\xff"
81poke_file "$TEST_IMG" "$offset_ext_magic" "\x12\x34\x56\x78"
82poke_file "$TEST_IMG" "$offset_ext_size" "\x7f\xff\xff\xff"
83{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
84poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x$(printf %x $offset_ext_size)"
85{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
86poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x00\x00"
87{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
88
89echo
90echo "== Huge refcount table size =="
91_make_test_img 64M
92poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\xff\xff\xff\xff"
93{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
94poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x02\x00\x01"
95{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
96
97echo
98echo "== Misaligned refcount table =="
99_make_test_img 64M
100poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
101{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
102
103echo
104echo "== Huge refcount offset =="
105_make_test_img 64M
106poke_file "$TEST_IMG" "$offset_refcount_table_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
107poke_file "$TEST_IMG" "$offset_refcount_table_clusters" "\x00\x00\x00\x7f"
108{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
109
110echo
111echo "== Invalid snapshot table =="
112_make_test_img 64M
113poke_file "$TEST_IMG" "$offset_nb_snapshots" "\xff\xff\xff\xff"
114{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
115poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x7f\xff\xff\xff"
116{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
117
118poke_file "$TEST_IMG" "$offset_snapshots_offset" "\xff\xff\xff\xff\xff\xff\x00\x00"
119poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\xff\xff"
120{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
121
122poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
123poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x00\x00\x00"
124{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
125
126echo
127echo "== Hitting snapshot table size limit =="
128_make_test_img 64M
129# Put the refcount table in a more or less safe place (16 MB)
130poke_file "$TEST_IMG" "$offset_snapshots_offset" "\x00\x00\x00\x00\x01\x00\x00\x00"
131poke_file "$TEST_IMG" "$offset_nb_snapshots" "\x00\x01\x00\x00"
132{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir
133{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
134
135echo
136echo "== Invalid L1 table =="
137_make_test_img 64M
138poke_file "$TEST_IMG" "$offset_l1_size" "\xff\xff\xff\xff"
139{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
140poke_file "$TEST_IMG" "$offset_l1_size" "\x7f\xff\xff\xff"
141{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
142
143poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x7f\xff\xff\xff\xff\xff\x00\x00"
144poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\xff\xff"
145{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
146
147poke_file "$TEST_IMG" "$offset_l1_table_offset" "\x12\x34\x56\x78\x90\xab\xcd\xef"
148poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x01"
149{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
150
151echo
152echo "== Invalid L1 table (with internal snapshot in the image) =="
153_make_test_img 64M
154{ $QEMU_IMG snapshot -c foo $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
155poke_file "$TEST_IMG" "$offset_l1_size" "\x00\x00\x00\x00"
156_img_info
157
158echo
159echo "== Invalid backing file size =="
160_make_test_img 64M
161poke_file "$TEST_IMG" "$offset_backing_file_offset" "\x00\x00\x00\x00\x00\x00\x10\x00"
162poke_file "$TEST_IMG" "$offset_backing_file_size" "\xff\xff\xff\xff"
163{ $QEMU_IO -c "read 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
164
165echo
166echo "== Invalid L2 entry (huge physical offset) =="
167_make_test_img 64M
168{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
169poke_file "$TEST_IMG" "$offset_l2_table_0" "\xbf\xff\xff\xff\xff\xff\x00\x00"
170{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
171poke_file "$TEST_IMG" "$offset_l2_table_0" "\x80\x00\x00\xff\xff\xff\x00\x00"
172{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
173
174echo
175echo "== Invalid snapshot L1 table offset =="
176_make_test_img 64M
177{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
178{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir
179poke_file "$TEST_IMG" "$offset_snap1_l1_offset" "\x00\x00\x00\x00\x00\x40\x02\x00"
180{ $QEMU_IMG convert -l test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir
181{ $QEMU_IMG amend -o compat=0.10 $TEST_IMG; } 2>&1 | _filter_testdir
182{ $QEMU_IO -c "open -o overlap-check.inactive-l2=on $TEST_IMG" \
183           -c 'write 0 4k'; } 2>&1 | _filter_qemu_io | _filter_testdir
184{ $QEMU_IMG snapshot -a test $TEST_IMG; } 2>&1 | _filter_testdir
185{ $QEMU_IMG snapshot -d test $TEST_IMG; } 2>&1 | _filter_testdir
186_check_test_img
187
188echo
189echo "== Invalid snapshot L1 table size =="
190_make_test_img 64M
191{ $QEMU_IO -c "write 0 512" $TEST_IMG; } 2>&1 | _filter_qemu_io | _filter_testdir
192{ $QEMU_IMG snapshot -c test $TEST_IMG; } 2>&1 | _filter_testdir
193poke_file "$TEST_IMG" "$offset_snap1_l1_size" "\x10\x00\x00\x00"
194{ $QEMU_IMG convert -l test $TEST_IMG $TEST_IMG.snap; } 2>&1 | _filter_testdir
195{ $QEMU_IMG amend -o compat=0.10 $TEST_IMG; } 2>&1 | _filter_testdir
196{ $QEMU_IO -c "open -o overlap-check.inactive-l2=on $TEST_IMG" \
197           -c 'write 0 4k'; } 2>&1 | _filter_qemu_io | _filter_testdir
198{ $QEMU_IMG snapshot -a test $TEST_IMG; } 2>&1 | _filter_testdir
199{ $QEMU_IMG snapshot -d test $TEST_IMG; } 2>&1 | _filter_testdir
200_check_test_img
201
202# success, all done
203echo "*** done"
204rm -f $seq.full
205status=0
206