| Message ID | e2536f11844d8e768fee374f91b869b557081e37.1411715314.git.hutao@cn.fujitsu.com |
|---|---|
| State | New |
| Headers | show |
diff --git a/exec.c b/exec.c index 759055d..eed5da2 100644 --- a/exec.c +++ b/exec.c @@ -1163,9 +1163,9 @@ static void *file_ram_alloc(RAMBlock *block, return area; error: - if (mem_prealloc) { + if (area && area != MAP_FAILED) { error_report("%s\n", error_get_pretty(*errp)); - exit(1); + munmap(area, memory); } return NULL; }
When using monitor command object_add to add a memory backend file but failed to preallocate memory for it, qemu exits silently. So a unexpected user input, e.g. a too large size of memory-backend-file can crash the guest. This is the case of -mem-prealloc, not memory-backend-file,prealloc=y. The problem can be reproduced as follows: 1. run qemu with -mem-prealloc: ./x86_64-softmmu/qemu-system-x86_64 -hda f18.img \ -m 512 -mem-prealloc -qmp unix:/tmp/m,server,nowait \ -monitor stdio -enable-kvm 2. add a memory-backend-file object from qemu monitor whose size is larger than host memory(assume host has 4G memory total): (qemu)object_add memory-backend-file,size=4G,mem-path=/hugepages,id=mem-file0 Without this patch, qemu quits with message: unable to map backing store for hugepages: Cannot allocate memory With this patch, qemu gives the same message, but continues running. Signed-off-by: Hu Tao <hutao@cn.fujitsu.com> --- exec.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)