diff options
| author | Peter Lieven <pl@kamp.de> | 2015-01-05 12:29:49 +0100 |
|---|---|---|
| committer | Stefan Hajnoczi <stefanha@redhat.com> | 2015-01-13 13:43:29 +0000 |
| commit | 095e4fa4b56cf511cb41005872eeace9a2f24582 (patch) | |
| tree | 929757fee681f1d76a0b744238c88d5900e9144d | |
| parent | 51a2219bdceed16e81c6e2e2f08aed39c579728f (diff) | |
| download | focaccia-qemu-095e4fa4b56cf511cb41005872eeace9a2f24582.tar.gz focaccia-qemu-095e4fa4b56cf511cb41005872eeace9a2f24582.zip | |
block: limited request size in write zeroes unsupported path
If bs->bl.max_write_zeroes is large and we end up in the unsupported path we might allocate a lot of memory for the iovector and/or even generate an oversized requests. Fix this by limiting the request by the minimum of the reported maximum transfer size or 16MB (32768 sectors). Reported-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Peter Lieven <pl@kamp.de> Reviewed-by: Denis V. Lunev <den@openvz.org> Message-id: 1420457389-16332-1-git-send-email-pl@kamp.de Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
| -rw-r--r-- | block.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/block.c b/block.c index e76a223eae..371d0f6745 100644 --- a/block.c +++ b/block.c @@ -3244,6 +3244,9 @@ static int coroutine_fn bdrv_co_do_write_zeroes(BlockDriverState *bs, if (ret == -ENOTSUP) { /* Fall back to bounce buffer if write zeroes is unsupported */ + int max_xfer_len = MIN_NON_ZERO(bs->bl.max_transfer_length, + MAX_WRITE_ZEROES_DEFAULT); + num = MIN(num, max_xfer_len); iov.iov_len = num * BDRV_SECTOR_SIZE; if (iov.iov_base == NULL) { iov.iov_base = qemu_try_blockalign(bs, num * BDRV_SECTOR_SIZE); @@ -3260,7 +3263,7 @@ static int coroutine_fn bdrv_co_do_write_zeroes(BlockDriverState *bs, /* Keep bounce buffer around if it is big enough for all * all future requests. */ - if (num < max_write_zeroes) { + if (num < max_xfer_len) { qemu_vfree(iov.iov_base); iov.iov_base = NULL; } |