From b98cd5c1b5a6f81a4ee3ac76800fa390dc91cea1 Mon Sep 17 00:00:00 2001 From: Ronny Hegewald Date: Tue, 27 Nov 2012 14:13:39 +0000 Subject: libxl: fix a variable underflow in libxl_wait_for_free_memory When xl is called to create a domU and there is not enough memory available, then the autoballooning is called to extract memory from dom0. During the ballooning a loop in libxl_wait_for_free_memory() waits unless enough memory is available to create the domU. But because of a variable-underflow the loop can finish too soon and xl finally aborts with the message: xc: error: panic: xc_dom_boot.c:161: xc_dom_boot_mem_init: can't allocate low memory for domain: Out of memory libxl: error: libxl_dom.c:430:libxl__build_pv: xc_dom_boot_mem_init failed: Device or resource busy libxl: error: libxl_create.c:901:domcreate_rebuild_done: cannot (re-)build domain: -3 The variable-underflow happens when freemem_slack is larger then info.free_pages*4, because the solution of this operation is converted implicit to a unsigned int to match the type of memory_kb. Add a extra check for this condition to solve the problem. Signed-off-by: Ronny Hegewald Acked-by: Ian Campbell Committed-by: Ian Campbell --- tools/libxl/libxl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'tools') diff --git a/tools/libxl/libxl.c b/tools/libxl/libxl.c index de75ee0f25..6c77556cd5 100644 --- a/tools/libxl/libxl.c +++ b/tools/libxl/libxl.c @@ -3764,7 +3764,8 @@ int libxl_wait_for_free_memory(libxl_ctx *ctx, uint32_t domid, uint32_t rc = libxl_get_physinfo(ctx, &info); if (rc < 0) goto out; - if (info.free_pages * 4 - freemem_slack >= memory_kb) { + if (info.free_pages * 4 >= freemem_slack && + info.free_pages * 4 - freemem_slack >= memory_kb) { rc = 0; goto out; } -- cgit v1.2.3