[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libvir] Segfault with invalid virConnectPtr



Program terminated with signal 11, Segmentation fault.
#0  0x0000003d8b472a1b in free () from /lib64/libc.so.6
(gdb) bt
#0  0x0000003d8b472a1b in free () from /lib64/libc.so.6
#1  0x00002aaaaaae8dd7 in virResetError (err=0x33535c8) at virterror.c:111
#2 0x00002aaaaaae8fce in __virRaiseError (conn=0x33535a0, dom=0x0, net=0x0,
    domain=0, code=6, level=VIR_ERR_ERROR,
    str1=0x2aaaaab0c678 "invalid connection pointer in %s",
str2=0x2aaaaab08560 "virConnectNumOfDomains", str3=0x0, int1=0, int2=0, msg=0x2aaaaab0c678 "invalid connection pointer in %s") at virterror.c:358
#3  0x00002aaaaaacfa8e in virLibConnError (conn=0x33535a0,
error=VIR_ERR_INVALID_CONN, info=0x2aaaaab08560 "virConnectNumOfDomains")
    at libvirt.c:127
#4  0x00002aaaaaad1052 in virConnectNumOfDomains (conn=0x736e6961)
    at libvirt.c:758
#5  0x000000000043fa4e in ?? ()


A preliminary look at the code seems to indicate a fault in this logic:

int
virConnectNumOfDomains(virConnectPtr conn)
{
    DEBUG("conn=%p", conn);

    if (!VIR_IS_CONNECT(conn)) {
        virLibConnError(conn, VIR_ERR_INVALID_CONN, __FUNCTION__);

The VIR_IS_CONNECT macro is defined as:

#define VIR_CONNECT_MAGIC   0x4F23DEAD
#define VIR_IS_CONNECT(obj) ((obj) && (obj)->magic==VIR_CONNECT_MAGIC)

Obviously if VIR_IS_CONNECT fails then "conn" should not be used further, so calling virLibConnError (conn, ...) is wrong. Personally I think when we detect memory corruption in a C program we should just call abort().

I'll see if I can come up with a patch to fix this later ... at the moment I'm more interested in why my program is passing an invalid connection pointer in the first place :-(

Rich.

--
Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/
Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod
Street, Windsor, Berkshire, SL4 1TE, United Kingdom.  Registered in
England and Wales under Company Registration No. 03798903

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]