Since these functions take a @qiov_offset, they must always take it into account when working with @qiov. There are a couple of places where they do not, but they should.
Fixes: 65cd4424b9df03bb5195351c33e04cbbecc0705c Fixes: 28c4da28695bdbe04b336b2c9c463876cc3aaa6d Reported-by: Claudio Fontana <[email protected]> Reported-by: Bruce Rogers <[email protected]> Cc: [email protected] Signed-off-by: Max Reitz <[email protected]> --- block/io.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/block/io.c b/block/io.c index b6564e34c5..ad3a51ed53 100644 --- a/block/io.c +++ b/block/io.c @@ -1524,12 +1524,13 @@ static int coroutine_fn bdrv_aligned_preadv(BdrvChild *child, assert(num); ret = bdrv_driver_preadv(bs, offset + bytes - bytes_remaining, - num, qiov, bytes - bytes_remaining, 0); + num, qiov, + qiov_offset + bytes - bytes_remaining, 0); max_bytes -= num; } else { num = bytes_remaining; - ret = qemu_iovec_memset(qiov, bytes - bytes_remaining, 0, - bytes_remaining); + ret = qemu_iovec_memset(qiov, qiov_offset + bytes - bytes_remaining, + 0, bytes_remaining); } if (ret < 0) { goto out; @@ -2032,7 +2033,8 @@ static int coroutine_fn bdrv_aligned_pwritev(BdrvChild *child, } ret = bdrv_driver_pwritev(bs, offset + bytes - bytes_remaining, - num, qiov, bytes - bytes_remaining, + num, qiov, + qiov_offset + bytes - bytes_remaining, local_flags); if (ret < 0) { break; -- 2.26.2
