[cairo] memory leak in Cairo/pixman

Jan Slupski jslupski at juljas.net
Thu Feb 14 12:22:56 PST 2008 

Hi,

I've been tracing a memory leak that appears to come from Cairo.
I'm using 1.4.12, but 1.4.14 seems to be quite the same in that context.

I'm not sure if I got everything right, but this is what I found so far...

The leak seems to occur in pixman in specific condition, when 
_cairo_pixman_region_init_rects is called with count=0.

When the 'region' comes directly from pixman_region_init_rects()
its 'data' is initialized with 'pixman_region_emptyData' (pixregion.c:322)
Then pixman_rect_alloc(region, 0) is called.

Because of above 'pixman_region_emptyData' region->data is not NULL,
but region->data->size is 0.

So we end up in second condition (pixregion.c:414) and allocate the new data
block 'allocData(0,  &region->data);' but leave region->data->size at n=0.

Next time there (or on freeData) we are loosing that memory block, 
since region->data->size==0 means ignore freeing region->data...

I imagine that the code should either ignore pixman_rect_alloc when n==0
or add 'if(!n) n++;' just below 'else if (!region->data->size)'
(pixregion.c:414) in pixman_rect_alloc.

Hope I was clear enough, but let me know if not...
Jan


    _  _  _  _  _____________________________________________
    | |_| |\ |  S L U P S K I             jslupski at juljas.net
  |_| | | | \|                             http://juljas.net/

More information about the cairo mailing list