@@ -1524,12 +1524,13 @@ static int coroutine_fn bdrv_aligned_preadv(BdrvChild *child,
assert(num);
ret = bdrv_driver_preadv(bs, offset + bytes - bytes_remaining,
- num, qiov, bytes - bytes_remaining, 0);
+ num, qiov,
+ qiov_offset + bytes - bytes_remaining, 0);
max_bytes -= num;
} else {
num = bytes_remaining;
- ret = qemu_iovec_memset(qiov, bytes - bytes_remaining, 0,
- bytes_remaining);
+ ret = qemu_iovec_memset(qiov, qiov_offset + bytes - bytes_remaining,
+ 0, bytes_remaining);
}
if (ret < 0) {
goto out;
@@ -2032,7 +2033,8 @@ static int coroutine_fn bdrv_aligned_pwritev(BdrvChild *child,
}
ret = bdrv_driver_pwritev(bs, offset + bytes - bytes_remaining,
- num, qiov, bytes - bytes_remaining,
+ num, qiov,
+ qiov_offset + bytes - bytes_remaining,
local_flags);
if (ret < 0) {
break;
Since these functions take a @qiov_offset, they must always take it into account when working with @qiov. There are a couple of places where they do not, but they should. Fixes: 65cd4424b9df03bb5195351c33e04cbbecc0705c Fixes: 28c4da28695bdbe04b336b2c9c463876cc3aaa6d Reported-by: Claudio Fontana <cfontana@suse.de> Reported-by: Bruce Rogers <brogers@suse.com> Cc: qemu-stable@nongnu.org Signed-off-by: Max Reitz <mreitz@redhat.com> --- block/io.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-)