Bug 25029 - Memory leak on missing call of VBEFreeVBEInfo()
Summary: Memory leak on missing call of VBEFreeVBEInfo()
Status: RESOLVED FIXED
Alias: None
Product: xorg
Classification: Unclassified
Component: Driver/Vesa (show other bugs)
Version: 7.1 (2006.05)
Hardware: Other All
: medium normal
Assignee: Adam Jackson
QA Contact: Xorg Project Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-11-11 02:55 UTC by Zdenek Kabelac
Modified: 2018-05-15 16:02 UTC (History)
0 users

See Also:
i915 platform:
i915 features:

Attachments

Description Zdenek Kabelac 2009-11-11 02:55:57 UTC 
I've noticed  VESA driver leaks VBEInfo  structure allocated this way:

536 bytes in 1 blocks are still reachable in loss record 795 of 916
   at 0x4C2415D: malloc (vg_replace_malloc.c:195)
   by 0x462705: Xcalloc (utils.c:1098)
   by 0xB42D777: VBEGetVBEInfo (vbe.c:376)
   by 0xB01D46C: VESAPreInit (vesa.c:608)
   by 0x46FB71: InitOutput (xf86Init.c:829)
   by 0x421B59: main (main.c:204)

80 bytes in 1 blocks are definitely lost in loss record 585 of 916
   at 0x4C2415D: malloc (vg_replace_malloc.c:195)
   by 0xB42D849: VBEGetVBEInfo (vbe.c:399)
   by 0xB01D46C: VESAPreInit (vesa.c:608)
   by 0x46FB71: InitOutput (xf86Init.c:829)
   by 0x421B59: main (main.c:204)

61 bytes in 1 blocks are definitely lost in loss record 536 of 916
   at 0x4C2415D: malloc (vg_replace_malloc.c:195)
   by 0x727BA01: strdup (strdup.c:43)
   by 0xB42D7D4: VBEGetVBEInfo (vbe.c:387)
   by 0xB01D46C: VESAPreInit (vesa.c:608)
   by 0x46FB71: InitOutput (xf86Init.c:829)
   by 0x421B59: main (main.c:204)

46 bytes in 1 blocks are definitely lost in loss record 489 of 916
   at 0x4C2415D: malloc (vg_replace_malloc.c:195)
   by 0x727BA01: strdup (strdup.c:43)
   by 0xB42D8D4: VBEGetVBEInfo (vbe.c:414)
   by 0xB01D46C: VESAPreInit (vesa.c:608)
   by 0x46FB71: InitOutput (xf86Init.c:829)
   by 0x421B59: main (main.c:204)

21 bytes in 1 blocks are definitely lost in loss record 147 of 916
   at 0x4C2415D: malloc (vg_replace_malloc.c:195)
   by 0x727BA01: strdup (strdup.c:43)
   by 0xB42D8F9: VBEGetVBEInfo (vbe.c:417)
   by 0xB01D46C: VESAPreInit (vesa.c:608)
   by 0x46FB71: InitOutput (xf86Init.c:829)
   by 0x421B59: main (main.c:204)

18 bytes in 1 blocks are definitely lost in loss record 139 of 916
   at 0x4C2415D: malloc (vg_replace_malloc.c:195)
   by 0x727BA01: strdup (strdup.c:43)
   by 0xB42D8AF: VBEGetVBEInfo (vbe.c:411)
   by 0xB01D46C: VESAPreInit (vesa.c:608)
   by 0x46FB71: InitOutput (xf86Init.c:829)
   by 0x421B59: main (main.c:204)



While the  pVesa->pVbe is deallocated via vbeFree(), it keeps pVesa->vbeInfo without call of VBEFreeVBEInfo() - 

Fix is probably simple just to find every occurrence of vbeFree() and add there also call of VBEFreeVBEInfo() - eventually use some nice macro - or goto jump for failure path - solution is left for VESA maintainer I guess.

Leak is show on:
xorg-x11-server-Xorg-1.7.1-7.fc12.x86_64
xorg-x11-drv-vesa-2.2.1-1.fc12.x86_64
Comment 1 Adam Jackson 2018-05-15 16:02:40 UTC 
commit 2cb984533fd7a36151bb8be18a63f678a552ad71
Author: Adam Jackson <ajax@redhat.com>
Date:   Wed Jan 31 10:48:08 2018 -0500

    Use VBEFreeVBEInfo not free
    
    A VbeInfoBlock has substructure, just freeing the object will leak.
    Unfortunately VBEFreeVBEInfo does not check for NULL first so we have
    to.
    
    Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=25029
    Signed-off-by: Adam Jackson <ajax@redhat.com>

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.