[libvirt] [ruby-libvirt] Don't free more entries than we retrieved

Chris Lalancette clalancette at gmail.com
Tue Jan 7 20:38:48 UTC 2014

On Tue, Jan 7, 2014 at 3:24 PM, Guido Günther <agx at sigxcpu.org> wrote:
> The vir*List* functions return the number of fetched entries. We mustn't
> free more, otherwise we'll crash like
>  #0  0xb779d424 in __kernel_vsyscall ()
>  #1  0xb733981f in __GI_raise (sig=sig at entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
>  #2  0xb733ccd3 in __GI_abort () at abort.c:90
>  #3  0xb7376275 in __libc_message (do_abort=do_abort at entry=2, fmt=fmt at entry=0xb74767d0 "*** Error in `%s': %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:199
>  #4  0xb7380e52 in malloc_printerr (action=<optimized out>, str=<optimized out>, ptr=0xb7087000) at malloc.c:4923
>  #5  0xb7381b90 in _int_free (av=0xb74b7440 <main_arena>, p=0xb7086ff8, have_lock=0) at malloc.c:3779
>  #6  0xb75c059f in ruby_xfree () from /usr/lib/libruby-1.9.1.so.1.9
>  #7  0xb7076448 in ruby_libvirt_generate_list () from /usr/lib/ruby/vendor_ruby/1.9.1/i486-linux/_libvirt.so
> ...
> since we're trying to free random addresses.

Hm, this is pretty weird.  At all ruby_libvirt_generate_list() call
sites, there is a line of code that precedes it that checks for r < 0.
 If r is less than 0, then we generate an exception, which means that
the code that follows should never be called, and thus we should never
need this patch.

Can you explain a bit more why this patch helps, and/or give me a test
case that will cause it to fail?


More information about the libvir-list mailing list