From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57613)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mreitz@redhat.com>) id 1XgVAM-0001mF-Vj
	for qemu-devel@nongnu.org; Tue, 21 Oct 2014 04:51:49 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <mreitz@redhat.com>) id 1XgVAG-0006YU-MB
	for qemu-devel@nongnu.org; Tue, 21 Oct 2014 04:51:42 -0400
Received: from mx1.redhat.com ([209.132.183.28]:7183)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <mreitz@redhat.com>) id 1XgVAG-0006YQ-FM
	for qemu-devel@nongnu.org; Tue, 21 Oct 2014 04:51:36 -0400
From: Max Reitz <mreitz@redhat.com>
Date: Tue, 21 Oct 2014 10:51:26 +0200
Message-Id: <1413881486-24710-3-git-send-email-mreitz@redhat.com>
In-Reply-To: <1413881486-24710-1-git-send-email-mreitz@redhat.com>
References: <1413881486-24710-1-git-send-email-mreitz@redhat.com>
Subject: [Qemu-devel] [PATCH 2/2] block/vdi: Do not use bdrv_pwrite_sync()
	for bmap
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>, Stefan Weil <sw@weilnetz.de>, Max Reitz <mreitz@redhat.com>, Stefan Hajnoczi <stefanha@redhat.com>, =?UTF-8?q?Beno=C3=AEt=20Canet?= <benoit.canet@nodalink.com>

The bmap can be rather large (maximum blocks per image count:
0x3fffffff; the bmap has a size of block_count * sizeof(uint32_t) bytes,
which makes 0xfffffffc bytes) and exceed INT_MAX. Using block layer
functions which take a byte count as an int is therefore not a good
idea. Use bdrv_write()+bdrv_flush() instead of bdrv_pwrite_sync().

See: https://bugzilla.redhat.com/show_bug.cgi?id=1154940

Signed-off-by: Max Reitz <mreitz@redhat.com>
---
 block/vdi.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/block/vdi.c b/block/vdi.c
index 19701ee..322efcd 100644
--- a/block/vdi.c
+++ b/block/vdi.c
@@ -783,11 +783,18 @@ static int vdi_create(const char *filename, QemuOpts *opts, Error **errp)
                 bmap[i] = VDI_UNALLOCATED;
             }
         }
-        ret = bdrv_pwrite_sync(bs, offset, bmap, bmap_size);
+        assert(!(offset % BDRV_SECTOR_SIZE));
+        ret = bdrv_write(bs, offset / BDRV_SECTOR_SIZE, (uint8_t *)bmap,
+                         bmap_size / BDRV_SECTOR_SIZE);
         if (ret < 0) {
             error_setg(errp, "Error writing bmap to %s", filename);
             goto exit;
         }
+        ret = bdrv_flush(bs);
+        if (ret < 0) {
+            error_setg(errp, "Error flushing bmap to %s", filename);
+            goto exit;
+        }
         offset += bmap_size;
     }
 
-- 
1.9.3