libxl: fix a variable underflow in libxl_wait_for_free_memory

When xl is called to create a domU and there is not enough memory available,
then the autoballooning is called to extract memory from dom0. During the
ballooning a loop in libxl_wait_for_free_memory() waits unless enough memory
is available to create the domU.

But because of a variable-underflow the loop can finish too soon and xl
finally aborts with the message:

xc: error: panic: xc_dom_boot.c:161: xc_dom_boot_mem_init: can't allocate low memory for domain: Out of memory
libxl: error: libxl_dom.c:430:libxl__build_pv: xc_dom_boot_mem_init failed: Device or resource busy
libxl: error: libxl_create.c:901:domcreate_rebuild_done: cannot (re-)build domain: -3

The variable-underflow happens when freemem_slack is larger then
info.free_pages*4, because the solution of this operation is converted
implicit to a unsigned int to match the type of memory_kb.

Add a extra check for this condition to solve the problem.

Signed-off-by: Ronny Hegewald <Ronny.Hegewald@online.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>

diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c
index de75ee0f2593d37732527fd6fd11e4883e738f56..6c77556cd5331df7136cdb703fac648d88ba3135 100644 (file)
--- a/tools/libxl/libxl.c
+++ b/tools/libxl/libxl.c
@@ -3764,7 +3764,8 @@ int libxl_wait_for_free_memory(libxl_ctx *ctx, uint32_t domid, uint32_t
         rc = libxl_get_physinfo(ctx, &info);
         if (rc < 0)
             goto out;
-        if (info.free_pages * 4 - freemem_slack >= memory_kb) {
+        if (info.free_pages * 4 >= freemem_slack &&
+            info.free_pages * 4 - freemem_slack >= memory_kb) {
             rc = 0;
             goto out;
         }