On 08/08/2013 10:48 AM, Alex Jia wrote: > Valgrind defects memory error: > > ==16759== 1 errors in context 1 of 8: > ==16759== Invalid free() / delete / delete[] / realloc() > ==16759== at 0x4A074C4: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) > ==16759== by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) > ==16759== by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) > ==16759== by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) > ==16759== by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) > ==16759== by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) > ==16759== by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) > ==16759== by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) > ==16759== by 0x13127A: cmdStart (virsh-domain.c:3376) > ==16759== by 0x12BF83: vshCommandRun (virsh.c:1751) > ==16759== by 0x126FFB: main (virsh.c:3205) > ==16759== Address 0xe1394a0 is not stack'd, malloc'd or (recently) free'd > > ==16759== 1 errors in context 2 of 8: > ==16759== Conditional jump or move depends on uninitialised value(s) > ==16759== at 0x4A07477: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) > ==16759== by 0x83CD329: xdr_string (in /usr/lib64/libc-2.17.so) > ==16759== by 0x4D93E4D: xdr_remote_nonnull_string (remote_protocol.c:31) > ==16759== by 0x4D94350: xdr_remote_nonnull_domain (remote_protocol.c:58) > ==16759== by 0x4D976C8: xdr_remote_domain_create_with_flags_ret (remote_protocol.c:1762) > ==16759== by 0x83CC734: xdr_free (in /usr/lib64/libc-2.17.so) > ==16759== by 0x4D7F1E0: remoteDomainCreateWithFlags (remote_driver.c:2441) > ==16759== by 0x4D4BF17: virDomainCreateWithFlags (libvirt.c:9499) > ==16759== by 0x13127A: cmdStart (virsh-domain.c:3376) > ==16759== by 0x12BF83: vshCommandRun (virsh.c:1751) > ==16759== by 0x126FFB: main (virsh.c:3205) > ==16759== Uninitialised value was created by a stack allocation > ==16759== at 0x4D7F120: remoteDomainCreateWithFlags (remote_driver.c:2423) > > How to reproduce? > > # virsh start <domain> --paused > > RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=994855 > > > Signed-off-by: Alex Jia <ajia@xxxxxxxxxx> > --- > src/remote/remote_driver.c | 1 + > 1 files changed, 1 insertions(+), 0 deletions(-) > > diff --git a/src/remote/remote_driver.c b/src/remote/remote_driver.c > index f828eef..71d0034 100644 > --- a/src/remote/remote_driver.c > +++ b/src/remote/remote_driver.c > @@ -2431,6 +2431,7 @@ remoteDomainCreateWithFlags(virDomainPtr dom, unsigned int flags) > make_nonnull_domain(&args.dom, dom); > args.flags = flags; > > + memset(&ret, 0, sizeof(ret)); > if (call(dom->conn, priv, 0, REMOTE_PROC_DOMAIN_CREATE_WITH_FLAGS, > (xdrproc_t)xdr_remote_domain_create_with_flags_args, (char *)&args, > (xdrproc_t)xdr_remote_domain_create_with_flags_ret, (char *)&ret) == -1) { > ACK. I wonder whether we could de-duplicate this since all similar functions call this, but call() doesn't know the structure size :( Martin -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list