[Libvir] Segfault with invalid virConnectPtr

Program terminated with signal 11, Segmentation fault. #0 0x0000003d8b472a1b in free () from /lib64/libc.so.6 (gdb) bt #0 0x0000003d8b472a1b in free () from /lib64/libc.so.6 #1 0x00002aaaaaae8dd7 in virResetError (err=0x33535c8) at virterror.c:111 #2 0x00002aaaaaae8fce in __virRaiseError (conn=0x33535a0, dom=0x0, net=0x0, domain=0, code=6, level=VIR_ERR_ERROR, str1=0x2aaaaab0c678 "invalid connection pointer in %s", str2=0x2aaaaab08560 "virConnectNumOfDomains", str3=0x0, int1=0, int2=0, msg=0x2aaaaab0c678 "invalid connection pointer in %s") at virterror.c:358 #3 0x00002aaaaaacfa8e in virLibConnError (conn=0x33535a0, error=VIR_ERR_INVALID_CONN, info=0x2aaaaab08560 "virConnectNumOfDomains") at libvirt.c:127 #4 0x00002aaaaaad1052 in virConnectNumOfDomains (conn=0x736e6961) at libvirt.c:758 #5 0x000000000043fa4e in ?? () A preliminary look at the code seems to indicate a fault in this logic: int virConnectNumOfDomains(virConnectPtr conn) { DEBUG("conn=%p", conn); if (!VIR_IS_CONNECT(conn)) { virLibConnError(conn, VIR_ERR_INVALID_CONN, __FUNCTION__); The VIR_IS_CONNECT macro is defined as: #define VIR_CONNECT_MAGIC 0x4F23DEAD #define VIR_IS_CONNECT(obj) ((obj) && (obj)->magic==VIR_CONNECT_MAGIC) Obviously if VIR_IS_CONNECT fails then "conn" should not be used further, so calling virLibConnError (conn, ...) is wrong. Personally I think when we detect memory corruption in a C program we should just call abort(). I'll see if I can come up with a patch to fix this later ... at the moment I'm more interested in why my program is passing an invalid connection pointer in the first place :-( Rich. -- Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/ Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, United Kingdom. Registered in England and Wales under Company Registration No. 03798903