Block Cache Memory Leak

[jvff]

cache_detach_sub_transaction was overwritting the block->original_data pointer without freeing the previous data it pointed to.

[jvff]

This patch frees the data block, but it assumes that the pointer value won't be overwritten by it's own value (otherwise it will point to a freed area). Also, the patch was generated from trunk/src/system/ because I had other files changed that weren't relevant to the patch.

[jvff]

I ran block_cache.cpp through grep to find where stuff was assigned (ie. grep "<src>.* = ") and I reached the following dependancy:

• original_data is either NULL, returned from Allocate or copied from parent_data (where the leak originally occurred);
• parent_data is either NULL, returned from Allocate or copied from current_data;
• current_data is returned from Allocate.

This (initially) leads me to the conclusion that a "false overwrite" doesn't happen, which means the patch is (in theory) safe. However, it would be better if someone with more knowledge of the code could confirm this.

[bonefish]

Replying to jvff:

Also, the patch was generated from trunk/src/system/ because I had other files changed that weren't relevant to the patch.

Please know that you can pass the paths which you want to include in the patch to svn diff. There's no reason for creating a patch from a subdirectory.

[axeld]

The code in cache_detach_sub_transaction() is really pretty much broken, however, your patch only works around the actual issue. Thanks for looking into it, though!

I'm currently working on fixing the bug for real, and add a bit more documentation that should ease understanding the code.

[axeld]

Fixed for real in hrev37899.