qemu_chr_parse_ringbuf() initializes the new ChardevRingbuf's @size to the value of qemu_opt_get_size(). Except it first truncates the value from uint64_t to int. Fix that, so you can waste your RAM on multi-gigabyte ring buffers.
Signed-off-by: Markus Armbruster <arm...@redhat.com> --- chardev/char-ringbuf.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/chardev/char-ringbuf.c b/chardev/char-ringbuf.c index a9205ea..9275ae9 100644 --- a/chardev/char-ringbuf.c +++ b/chardev/char-ringbuf.c @@ -198,18 +198,14 @@ char *qmp_ringbuf_read(const char *device, uint64_t size, static void qemu_chr_parse_ringbuf(QemuOpts *opts, ChardevBackend *backend, Error **errp) { - int val; ChardevRingbuf *ringbuf; backend->type = CHARDEV_BACKEND_KIND_RINGBUF; ringbuf = backend->u.ringbuf.data = g_new0(ChardevRingbuf, 1); qemu_chr_parse_common(opts, qapi_ChardevRingbuf_base(ringbuf)); - val = qemu_opt_get_size(opts, "size", 0); - if (val != 0) { - ringbuf->has_size = true; - ringbuf->size = val; - } + ringbuf->size = qemu_opt_get_size(opts, "size", 0); + ringbuf->has_size = ringbuf->size != 0; } static void char_ringbuf_class_init(ObjectClass *oc, void *data) -- 2.7.5