projects / barrelfish / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch (parent: 3f7c029)
Fix various memory leaks and uninitialized variable uses as reported by cppcheck
authorSimon Gerber <simon.gerber@inf.ethz.ch>
Mon, 24 Jul 2017 11:29:49 +0000 (13:29 +0200)
committerSimon Gerber <simon.gerber@inf.ethz.ch>
Tue, 29 Aug 2017 06:36:58 +0000 (08:36 +0200)
Signed-off-by: Simon Gerber <simon.gerber@inf.ethz.ch>

lib/barrelfish/debug.c patch | blob | history
lib/barrelfish/inthandler.c patch | blob | history
lib/barrelfish/slot_alloc/twolevel_slot_alloc.c patch | blob | history
lib/barrelfish/threads.c patch | blob | history
lib/barrelfish/vspace/utils.c patch | blob | history
usr/monitor/bfscope_support.c patch | blob | history
usr/monitor/multihop_support.c patch | blob | history

diff --git a/lib/barrelfish/debug.c b/lib/barrelfish/debug.c
index a391665..20b176f 100644 (file)
--- a/lib/barrelfish/debug.c
+++ b/lib/barrelfish/debug.c
@@ -138,8 +138,9 @@ void debug_printf(const char *fmt, ...)
     char str[256];
     size_t len;
 
-    if (me)
+    if (me) {
         snprintf(id, sizeof(id), "%"PRIuPTR, thread_get_id(me));
+    }
     len = snprintf(str, sizeof(str), "\033[34m%.*s.\033[31m%u.%s\033[0m: ",
                    DISP_NAME_LEN, disp_name(), disp_get_core_id(), id);
     if (len < sizeof(str)) {
diff --git a/lib/barrelfish/inthandler.c b/lib/barrelfish/inthandler.c
index 9c102fb..912e59a 100644 (file)
--- a/lib/barrelfish/inthandler.c
+++ b/lib/barrelfish/inthandler.c
@@ -245,6 +245,7 @@ errval_t inthandler_setup_movable(interrupt_handler_fn handler, void *handler_ar
     err = alloc_dest_irq_cap(&irq_dest_cap);
     if(err_is_fail(err)){
         DEBUG_ERR(err, "Could not allocate dest irq cap");
+        free(state);
         return err;
     }
 
diff --git a/lib/barrelfish/slot_alloc/twolevel_slot_alloc.c b/lib/barrelfish/slot_alloc/twolevel_slot_alloc.c
index 2bd1922..5cdb88b 100644 (file)
--- a/lib/barrelfish/slot_alloc/twolevel_slot_alloc.c
+++ b/lib/barrelfish/slot_alloc/twolevel_slot_alloc.c
@@ -226,11 +226,6 @@ errval_t two_level_slot_alloc_init(struct multi_slot_allocator *ret)
     errval_t err;
     size_t bufsize = SINGLE_SLOT_ALLOC_BUFLEN(L2_CNODE_SLOTS); // XXX?
 
-    void *top_buf = malloc(bufsize);
-    if (!top_buf) {
-        return LIB_ERR_MALLOC_FAIL;
-    }
-
     ret->head = malloc(sizeof(struct slot_allocator_list));
     if (!ret->head) {
         return LIB_ERR_MALLOC_FAIL;
@@ -238,21 +233,32 @@ errval_t two_level_slot_alloc_init(struct multi_slot_allocator *ret)
     ret->head->next = NULL;
     void *head_buf = malloc(bufsize);
     if (!head_buf) {
+        free(ret->head);
         return LIB_ERR_MALLOC_FAIL;
     }
 
     ret->reserve = malloc(sizeof(struct slot_allocator_list));
     if (!ret->reserve) {
+        free(ret->head);
+        free(head_buf);
         return LIB_ERR_MALLOC_FAIL;
     }
     void *reserve_buf = malloc(bufsize);
     if (!reserve_buf) {
+        free(ret->head);
+        free(head_buf);
+        free(ret->reserve);
         return LIB_ERR_MALLOC_FAIL;
     }
 
+
     size_t allocation_unit = sizeof(struct slot_allocator_list) + bufsize;
     err = vspace_mmu_aware_init(&ret->mmu_state, allocation_unit * L2_CNODE_SLOTS * 2);
     if (err_is_fail(err)) {
+        free(ret->head);
+        free(head_buf);
+        free(ret->reserve);
+        free(reserve_buf);
         return err_push(err, LIB_ERR_VSPACE_MMU_AWARE_INIT);
     }
 
@@ -260,10 +266,21 @@ errval_t two_level_slot_alloc_init(struct multi_slot_allocator *ret)
     struct cnoderef initial_cnode, reserve_cnode;
     err = cnode_create_l2(&initial_cap, &initial_cnode);
     if (err_is_fail(err)) {
+        free(ret->head);
+        free(head_buf);
+        free(ret->reserve);
+        free(reserve_buf);
+        vregion_destroy(&ret->mmu_state.vregion);
         return err_push(err, LIB_ERR_CNODE_CREATE);
     }
     err = cnode_create_l2(&reserve_cap, &reserve_cnode);
     if (err_is_fail(err)) {
+        free(head_buf);
+        free(ret->head);
+        free(reserve_buf);
+        free(ret->reserve);
+        vregion_destroy(&ret->mmu_state.vregion);
+        cap_destroy(initial_cap);
         return err_push(err, LIB_ERR_CNODE_CREATE);
     }
     err = two_level_slot_alloc_init_raw(ret, initial_cap, initial_cnode,
diff --git a/lib/barrelfish/threads.c b/lib/barrelfish/threads.c
index 6eacf55..fc4418c 100644 (file)
--- a/lib/barrelfish/threads.c
+++ b/lib/barrelfish/threads.c
@@ -436,6 +436,7 @@ struct thread *thread_create_unrunnable(thread_func_t start_func, void *arg,
     if (err_is_fail(err)) {
         DEBUG_ERR(err, "error allocating LDT segment for new thread");
         free_thread(newthread);
+        free(stack);
         return NULL;
     }
 #endif
@@ -1285,7 +1286,6 @@ void threads_prepare_to_span(dispatcher_handle_t newdh)
         acquire_spinlock(&thread_slabs_spinlock);
 
         while (slab_freecount(&thread_slabs) < MAX_THREADS - 1) {
-            struct capref frame;
             size_t size;
             void *buf;
             errval_t err;
@@ -1294,7 +1294,6 @@ void threads_prepare_to_span(dispatcher_handle_t newdh)
             err = vspace_mmu_aware_map(&thread_slabs_vm, blocksize,
                                        &buf, &size);
             if (err_is_fail(err)) {
-                slot_free(frame);
                 if (err_no(err) == LIB_ERR_VSPACE_MMU_AWARE_NO_SPACE) {
                     // we've wasted space with fragmentation
                     // cross our fingers and hope for the best...
diff --git a/lib/barrelfish/vspace/utils.c b/lib/barrelfish/vspace/utils.c
index 160434e..3fec55b 100644 (file)
--- a/lib/barrelfish/vspace/utils.c
+++ b/lib/barrelfish/vspace/utils.c
@@ -115,11 +115,11 @@ errval_t vspace_map_anon_aligned(void **retaddr, struct memobj **ret_memobj,
     if (err_is_fail(err)) {
         free(memobj);
         free(vregion);
+    } else {
+        *ret_memobj = (struct memobj *)memobj;
+        *ret_vregion = vregion;
     }
 
-    *ret_memobj = (struct memobj *)memobj;
-    *ret_vregion = vregion;
-
     return err;
 }
 
@@ -147,15 +147,14 @@ errval_t vspace_map_anon_attr(void **retaddr, struct memobj **ret_memobj,
 
     err = vspace_map_anon_nomalloc(retaddr, memobj, vregion, size,
                                    retsize, flags, 0);
-    if (err_is_fail(err))
-    {
+    if (err_is_fail(err)) {
       free(memobj);
       free(vregion);
+    } else {
+        *ret_memobj = (struct memobj *)memobj;
+        *ret_vregion = vregion;
     }
 
-    *ret_memobj = (struct memobj *)memobj;
-    *ret_vregion = vregion;
-
     return err;
 }
 
diff --git a/usr/monitor/bfscope_support.c b/usr/monitor/bfscope_support.c
index c135838..ed4be43 100644 (file)
--- a/usr/monitor/bfscope_support.c
+++ b/usr/monitor/bfscope_support.c
@@ -130,6 +130,8 @@ static void bfscope_monitor_flush_send_handler(struct monitor_binding *mb, iref_
        if(coreid == my_core_id) {
                printf("bfscope runs on the same core as the initiator of the flush request\n");
 
+                // we don't need the state in this case
+                free(state);
                // Send message to bfscope directly
                bfscope_intermon_flush_forward_handler(NULL, iref);
                return;
diff --git a/usr/monitor/multihop_support.c b/usr/monitor/multihop_support.c
index 6ef27fc..63d7a1f 100644 (file)
--- a/usr/monitor/multihop_support.c
+++ b/usr/monitor/multihop_support.c
@@ -1281,7 +1281,7 @@ static void multihop_cap_send_request_handler(
     errval_t err;
     struct capability capability;
     intermon_caprep_t caprep;
-    coreid_t capowner;
+    coreid_t capowner = 0;
     memset(&caprep, 0, sizeof(caprep));
     bool null_cap = capref_is_null(cap);
 
Barrelfish OS git repo