From 3e57615c76b13c67e8c6ce8ce2296f509338a61e Mon Sep 17 00:00:00 2001 From: farmdve Date: Fri, 11 Dec 2015 02:42:31 +0200 Subject: [PATCH] Fix uc_mem_unmap memory leak and in uc_close. It appears the problem is that we are not calling the memory region destructor. After modifying memory_unmap to include the destructor call for the memory region, the memory is freed. Furthermore in uc_close we must explicitly free any blocks that were not unmapped by the user to prevent leaks. This should fix issue 305. --- qemu/memory.c | 5 +++++ uc.c | 13 ++++++++++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/qemu/memory.c b/qemu/memory.c index eaab3ba6..33944404 100644 --- a/qemu/memory.c +++ b/qemu/memory.c @@ -68,6 +68,11 @@ void memory_unmap(struct uc_struct *uc, MemoryRegion *mr) uc->mapped_block_count--; //shift remainder of array down over deleted pointer memcpy(&uc->mapped_blocks[i], &uc->mapped_blocks[i + 1], sizeof(MemoryRegion*) * (uc->mapped_block_count - i)); + mr->destructor(mr); + if((char *)mr->name) + g_free((char *)mr->name); + if(mr->ioeventfds) + g_free(mr->ioeventfds); break; } } diff --git a/uc.c b/uc.c index 7ff96368..5d12298a 100644 --- a/uc.c +++ b/uc.c @@ -258,6 +258,9 @@ uc_err uc_open(uc_arch arch, uc_mode mode, uc_engine **result) UNICORN_EXPORT uc_err uc_close(uc_engine *uc) { + MemoryRegion *mr; + int i; + if (uc->release) uc->release(uc->tcg_ctx); @@ -271,11 +274,19 @@ uc_err uc_close(uc_engine *uc) g_free(uc->tcg_ctx); + for (i = 0; i < uc->mapped_block_count; i++) { + mr = uc->mapped_blocks[i]; + mr->destructor(mr); + if((char *)mr->name) + g_free((char *)mr->name); + if(mr->ioeventfds) + g_free(mr->ioeventfds); + } + free((void*) uc->system_memory->name); g_free(uc->system_memory); g_hash_table_destroy(uc->type_table); - int i; for (i = 0; i < DIRTY_MEMORY_NUM; i++) { free(uc->ram_list.dirty_memory[i]); }