From: Oleg D. <gr...@li...> - 2003-03-12 20:35:11
|
Hello! Seems this is right list/person to post this. I am looking at ./drivers/char/drm/drm_drv.h::drm_init() (latest 2.4), and it seems there is a memleak on error exit path. If DRM(stub_register)(DRIVER_NAME, &DRM(fops),dev) fails, DRM(device) and DRM(minor) memory areas are not freed before exit. Is this looking real? Bte, Oleg |
From: Christoph H. <hc...@ls...> - 2003-03-12 20:42:08
|
On Wed, Mar 12, 2003 at 11:34:08PM +0300, Oleg Drokin wrote: > Hello! > > Seems this is right list/person to post this. > I am looking at ./drivers/char/drm/drm_drv.h::drm_init() (latest 2.4), and > it seems there is a memleak on error exit path. > If DRM(stub_register)(DRIVER_NAME, &DRM(fops),dev) fails, > DRM(device) and DRM(minor) memory areas are not freed before exit. > > Is this looking real? I don't know. The drm code is intentionally obsfucated. |
From: Dave J. <da...@su...> - 2003-03-13 16:15:37
|
On Wed, Mar 12, 2003 at 11:34:08PM +0300, Oleg Drokin wrote: > Hello! > > Seems this is right list/person to post this. > I am looking at ./drivers/char/drm/drm_drv.h::drm_init() (latest 2.4), and > it seems there is a memleak on error exit path. > If DRM(stub_register)(DRIVER_NAME, &DRM(fops),dev) fails, > DRM(device) and DRM(minor) memory areas are not freed before exit. > > Is this looking real? Looks like a leak, smells like a leak, afaics, is a leak. The exit paths further down also look fishy, as takedown() doesn't free that stuff, so its left dangling. Dave -- | Dave Jones. http://www.codemonkey.org.uk | SuSE Labs |
From: Oleg D. <gr...@li...> - 2003-03-13 16:35:44
|
Hello! On Thu, Mar 13, 2003 at 05:15:03PM +0100, Dave Jones wrote: > > Seems this is right list/person to post this. > > I am looking at ./drivers/char/drm/drm_drv.h::drm_init() (latest 2.4), and > > it seems there is a memleak on error exit path. > > If DRM(stub_register)(DRIVER_NAME, &DRM(fops),dev) fails, > > DRM(device) and DRM(minor) memory areas are not freed before exit. > > Is this looking real? > Looks like a leak, smells like a leak, afaics, is a leak. > The exit paths further down also look fishy, as takedown() doesn't > free that stuff, so its left dangling. Yes, the script complained about other exit paths too, but I have not investigated whenever those other cleanup functions free the initially allocated memory or not. The code does not look pretty to me, I am only 50% through list of potential leaks, so I do not want to spends lots of time on specific things right now, my current goal is to make number of false positives down. Bye, Oleg |