Memory Leaks


To ng-spice@ieee.ing.uniroma1.it
From "GLAO S. Dezai" <dezai@hotbot.com>
Date Thu, 12 Oct 2000 07:49:25 -0700
Delivered-To mailing list ng-spice@ieee.ing.uniroma1.it
Mailing-List contact ng-spice-help@ieee.ing.uniroma1.it; run by ezmlm
Organization HotBot Mail (http://mail.hotbot.mailcity.lycos.com:80)
Reply-To ng-spice@ieee.ing.uniroma1.it

Hi All,
I have spent a long week solving spice3 memory leaks.
I have found many things. Some of them are described in the attach file. I 
put there also the way to fix these problems and gave the method to solve 
others problems i didnot describe.
hope this be helpful.
Dezai Glao.




HotBot - Search smarter.
http://www.hotbot.com
           Memory leaks problem in Spice3
           ==============================


Most of the memory leaks in the Spice3 code is due to the abusive use of 
the function copy in xxxxx.c .
Typically we encountered such a configuration that a string variable is
allocated and reallocated without freeing the first.
exemple 
   x=copy(z)
     .
     .
     .
    y=copy(x)

Most the time, y will be included in an another structure and x will remain 
allocated. 

A lot of functions behave like that.
One example is the cp_unquote functions. Here is one of the responsible of 
the memeory
leaks. The others are cp_tildexpand, ft_getpnames etc..
Here is a simple rule to fix the cp_unquote problem:
====================================================.
Each time cp_unquote is used, the  var returned must be freed after is has 
been used

Examples of fixing the cp_unquote memory leak.

Example 1:
Complete.c in   void cp_ccom(wordlist *wlist, char *buf, bool esc)

    buf = cp_unquote(copy(buf));

This is really very bad.
1) The copy of buf will never be released--> memory leak    
2) buf were allocated somewhere (in cp_lexer) and the new buf is
not released. cp_unquote allocate itself a memory; -->memory leak

=========
solution:
=========
char *sbuf;

sbuf=cp_unquote(buf);
strcpy(buf,sbuf);
tfree(sbuf);


Example 2:
com_echo.c 

  fputs(cp_unquote(wlist->wl_word), cp_out);

This instruction will create a memory leak since the allocated string done
by cp_unquote is never released

so do

=========
solution:
=========
char *sbuf;

sbuf=cp_unquote(wlist->wl_word);
fputs(sbuf,cp_out)
tfree(sbuf);

Example 3:
in variable.c cp_varwl(struct variable *var)


 case VT_STRING:
        strcpy(buf, cp_unquote(var->va_string));
        
Very bad also

do

=========
solution:
=========
char *sbuf;

sbuf=cp_unquote(var->va_string);
strcpy(buf,sbuf);
tfree(sbuf);


Example 4: in postcom.c void  com_load(wordlist *wl)


  while (wl) {
            ft_loadfile(cp_unquote(wl->wl_word));
            wl = wl->wl_next;
        }

This will create a memory leak

Do the substitution

=========
solution:
=========
char *sbuf;

sbuf=cp_unquote(wl->wl_word);
ft_loadfile(sbuf);
tfree(sbuf);



And So On... There are a lot of examples of this type
We have to remove them all and make the replacement to solve 
the memeory leak problem due to cp_unquote

Good code has been written in xgraph.c and com_chdir.c
Look at them



Its the same thing with cp_tildexpand

Another uggly things we can find is copying a string even it is unnecessary
example in postcom.c    com_print



out_printf("%s = %s,%s\n", buf,
                        copy(printnum(realpart(v->v_compdata))),
                        copy(printnum(imagpart(v->v_compdata))));
              


There is no nead to copy the result of printnum.
This will create a memory leak because the memory allocated here will never 
be released

=========
solution:
=========

out_printf("%s = %s,%s\n", buf,
                        printnum(realpart(v->v_compdata)),
                        printnum(imagpart(v->v_compdata)));


              



ANOTHER SMALL PROBLEM OF MEMORY LEAK

The function cp_usrset in options.c usually allocate memory for cp_program

and ft_rawfile and... without looking if the flag isset is true or not

This result to a memory leak because the old reference to these variables are 
lost even
if we are asking to remove the var (remvar)

exemple:

  } else if (eq(var->va_name, "program")) {
        cp_program = copy(var->va_string);


We can write
  

 } else if (eq(var->va_name, "program")) {

   if(isset==true)     cp_program = copy(var->va_string);
else if(cp_program)strcpy(cp_program,"");

    } 

Other things in this function also creates memory leaks




That all for Now, Even many other things may be put here.

Dezai GLAO 






     







Partial thread listing: