On Fri, 11 Jun 2010 14:26:57 +1000, Ben Skeggs <[email protected]> wrote:
> Without resetting the private's pointer to NULL, we can end up freeing > the struct twice: > > ==11188== Invalid free() / delete / delete[] > ==11188== at 0x4C24D72: free (vg_replace_malloc.c:325) > ==11188== by 0x42D8A3: dixFreePrivates (privates.c:217) > ==11188== by 0x420CF6: main (main.c:319) > ==11188== Address 0x8d884a0 is 0 bytes inside a block of size 24 free'd > ==11188== at 0x4C24D72: free (vg_replace_malloc.c:325) > ==11188== by 0x4996A3: CursorCloseScreen (cursor.c:200) > ==11188== by 0x4C051B: AnimCurCloseScreen (animcur.c:125) > ==11188== by 0x420CCB: main (main.c:317) > ==11188== This is not a 1.9 server -- the new devPrivates will not free storage in this way, so feel free to merge it to 1.8, but there's no need to add this to 1.9. Even in 1.8, I'm surprised that the devPrivates code is freeing stuff it didn't allocate. That seems quite wrong. -- [email protected]
pgpEmyeohcD1M.pgp
Description: PGP signature
_______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
