# HG changeset patch # User David Scott # Date 1259942648 0 # Node ID 391cde93edca48ad1f651a944462d15b8a74f2d3 # Parent 4da34ecf1254e82d1e783b81395aaf4e4b2a69e6 Fix a potential race in the memory-offset calibration code: resample total_pages after noticing feature-balloon. The race was easily visible in the hypercall simulator but probably less common in real life. The sequence was: 1. domain is using < startmem 2. domain_getinfolist 3. domain is now using startmem 4. domain writes feature-balloon 5. memory_offset <- old total_pages from (2) - target Now we call domain_getinfo between (4) and (5). Signed-off-by: David Scott diff -r 4da34ecf1254 -r 391cde93edca ocaml/xenops/squeeze_xen.ml --- a/ocaml/xenops/squeeze_xen.ml Fri Dec 04 16:04:07 2009 +0000 +++ b/ocaml/xenops/squeeze_xen.ml Fri Dec 04 16:04:08 2009 +0000 @@ -276,11 +276,15 @@ try Domain.get_memory_offset cnx di.Xc.domid with Xb.Noent -> - let target_kib = Domain.get_target cnx di.Xc.domid in - let offset_kib = memory_actual_kib -* target_kib in - debug "domid %d just exposed feature-balloon; calibrating memory-offset = %Ld KiB" di.Xc.domid offset_kib; - Domain.set_memory_offset_noexn cnx di.Xc.domid offset_kib; - offset_kib + (* Our memory_actual_kib value was sampled before reading xenstore which means there is a slight race. + The race is probably only noticable in the hypercall simulator. However we can fix it by resampling + memory_actual *after* noticing the feature-balloon flag. *) + let target_kib = Domain.get_target cnx di.Xc.domid in + let memory_actual_kib' = Xc.pages_to_kib (Int64.of_nativeint (Xc.domain_getinfo xc di.Xc.domid).Xc.total_memory_pages) in + let offset_kib = memory_actual_kib' -* target_kib in + debug "domid %d just exposed feature-balloon; calibrating memory-offset = %Ld KiB" di.Xc.domid offset_kib; + Domain.set_memory_offset_noexn cnx di.Xc.domid offset_kib; + offset_kib end in let memory_actual_kib = memory_actual_kib -* offset_kib in