[Spice-devel] [qxl] Don't leak ARGB cursor data bo

Christophe Fergeau cfergeau at redhat.com
Tue Mar 24 06:21:52 PDT 2015


qxl_load_cursor_argb() owns 2 references on the cursor_bo it creates:
- one from the call to bo_alloc()
- the second from a call to bo_output_bo_reloc()

qxl_garbage_collect() release one of these refs, but the other one is
never released, so ARGB cursor bos are leaked. This can cause out of
memory issues, for example when running EL6 anaconda installer on a 2TB
disk image (see bug https://bugzilla.redhat.com/show_bug.cgi?id=1199355
).

This commit release the extra ref right after calling push_cursor().
This is similar to what is done in qxl_surface_put_image().
---
 src/qxl_cursor.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/qxl_cursor.c b/src/qxl_cursor.c
index d246594..e29a1ac 100644
--- a/src/qxl_cursor.c
+++ b/src/qxl_cursor.c
@@ -138,6 +138,7 @@ qxl_load_cursor_argb (ScrnInfoPtr pScrn, CursorPtr pCurs)
     qxl->bo_funcs->bo_unmap(cmd_bo);
 
     push_cursor(qxl, cmd_bo);
+    qxl->bo_funcs->bo_decref(qxl, cursor_bo);
 }    
 
 static Bool
-- 
2.3.3



More information about the Spice-devel mailing list