From: Sebastian Brzezinka <sebastian.brzezinka@intel.com>
To: Tvrtko Ursulin <tursulin@ursulin.net>,
Sebastian Brzezinka <sebastian.brzezinka@intel.com>,
<igt-dev@lists.freedesktop.org>
Cc: <kamil.konieczny@linux.intel.com>
Subject: Re: [PATCH i-g-t] tools/intel_gpu_top: prevent losing original pointer on realloc failure
Date: Wed, 17 Dec 2025 08:05:10 +0100 [thread overview]
Message-ID: <DF0AUA96GTSN.1UWEVS3F6M94I@intel.com> (raw)
In-Reply-To: <257cafe7-a9ff-47d1-a862-488305b169a5@ursulin.net>
Hi Tvrtko
On Tue Dec 16, 2025 at 8:02 PM CET, Tvrtko Ursulin wrote:
>
> On 15/12/2025 14:45, Sebastian Brzezinka wrote:
>> Previously, realloc was called directly on engines after incrementing
>> num_engines. If realloc failed, it would return NULL and overwrite the
>> original pointer, causing a memory leak and leaving engines inaccessible.
>> This patch uses a temporary pointer for realloc and only updates engines
>> after a successful allocation, ensuring the original pointer is preserved
>> on failure and preventing data loss.
>
> I don't see a memory leak, or any other problem really. If realloc fails
> the flow is this:
>
> static struct engines *discover_engines(char *device)
> {
> ...
> engines = realloc(engines, sizeof(struct engines) +
> engines->num_engines * sizeof(struct engine));
> if (!engines) {
> ret = errno;
> break;
> }
> ...
> if (ret) {
> errno = ret;
> goto err;
> }
> ...
> return NULL;
>
>
> <back to main>
>
> engines = discover_engines(pmu_device);
> if (!engines) {
> fprintf(stderr,
> "Failed to detect engines! (%s)\n(Kernel 4.16 or newer is required
> for i915 PMU support.)\n",
> strerror(errno));
> ret = EXIT_FAILURE;
> goto err_engines;
> }
>
> So tools exits with an error message. Maybe I am blind but, again, I
> don't see a problem?
When realloc fails, it returns NULL. If we assign that NULL value directly to the
original pointer, we lose the only reference to the previously allocated memory.
Since that memory is no longer accessible and cannot be freed, it effectively
becomes a memory leak for the remainder of the program’s execution. The operating
system will reclaim the memory when the program exits, but during the program’s
lifetime, the leak still exists. After the failure, execution jumps to err_engines,
which skips the cleanup normally performed by free_engines(engines)
--
Best regards,
Sebastian
next prev parent reply other threads:[~2025-12-17 7:05 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-15 14:45 [PATCH i-g-t] tools/intel_gpu_top: prevent losing original pointer on realloc failure Sebastian Brzezinka
2025-12-15 22:04 ` ✗ i915.CI.BAT: failure for " Patchwork
2025-12-17 6:33 ` Sebastian Brzezinka
2025-12-15 22:28 ` ✗ Xe.CI.BAT: " Patchwork
2025-12-16 7:18 ` [PATCH i-g-t] " Krzysztof Karas
2025-12-16 17:29 ` Kamil Konieczny
2025-12-16 8:16 ` ✗ Xe.CI.Full: failure for " Patchwork
2025-12-16 19:02 ` [PATCH i-g-t] " Tvrtko Ursulin
2025-12-17 7:05 ` Sebastian Brzezinka [this message]
2025-12-17 10:07 ` Tvrtko Ursulin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DF0AUA96GTSN.1UWEVS3F6M94I@intel.com \
--to=sebastian.brzezinka@intel.com \
--cc=igt-dev@lists.freedesktop.org \
--cc=kamil.konieczny@linux.intel.com \
--cc=tursulin@ursulin.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox