There is a memory leak on failure to create an ir_constant in calculate_iterations in loop_controls.cpp. If iter is NULL the method returns without deleting the allocated memory. See below: int calculate_iterations(ir_rvalue *from, ir_rvalue *to, ir_rvalue *increment, enum ir_expression_operation op) { if (from == NULL || to == NULL || increment == NULL) return -1; void *mem_ctx = ralloc_context(NULL); ir_expression *const sub = new(mem_ctx) ir_expression(ir_binop_sub, from->type, to, from); ir_expression *const div = new(mem_ctx) ir_expression(ir_binop_div, sub->type, sub, increment); ir_constant *iter = div->constant_expression_value(); if (iter == NULL) return -1; If iter == NULL then I should be seeing something like: if (iter == NULL) { // sub & div are created as emplacement new so delete is not required // unless meme_ctx has a destructor. ralloc_free(mem_ctx); return -1; }
(you don't need to Cc yourself on bugs you filed. you'll receive the emails either way) Yes, you are right. It looks like we should be calling ralloc_free(mem_ctx) before the early return. The comment is not necessary. Would you please send a patch to mesa-dev@lists.freedesktop.org? Feel free to Cc me on it.
Thanks! Fixed by: commit 40bc1afc9437433f2f1d1c0a6980376ff5670638 Author: Timothy Arceri <tarceri@itsqueeze.com> Date: Fri Mar 17 21:53:35 2017 +1100 glsl: don't leak memory when trying to count loop iterations Suggested-by: Damian Dixon <damian.dixon@gmail.com> Reviewed-by: Elie Tournier <elie.tournier@collabora.com> Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=99789
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.