From d9d645f06a8f50659bbae2be64ed8367ba068fc0 Mon Sep 17 00:00:00 2001
From: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Date: Thu, 19 Oct 2006 23:28:24 -0700
Subject: [PATCH] [PATCH] uml: cleanup run_helper() API to fix a leak

Freeing the stack is left uselessly to the caller of run_helper in some cases
- this is taken from run_helper_thread, but here it is useless, so no caller
needs it and the only place where this happens has a potential leak - in case
of error neither run_helper() nor xterm_open() call free_stack().  At this
point passing a pointer is not needed - the stack pointer should be passed
directly, but this change is not done here.

Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Cc: Jeff Dike <jdike@addtoit.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
---
 arch/um/drivers/xterm.c   | 2 --
 arch/um/os-Linux/helper.c | 7 +++----
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/arch/um/drivers/xterm.c b/arch/um/drivers/xterm.c
index 386f8b952982..850221d9b4c9 100644
--- a/arch/um/drivers/xterm.c
+++ b/arch/um/drivers/xterm.c
@@ -136,8 +136,6 @@ int xterm_open(int input, int output, int primary, void *d,
 		return(pid);
 	}
 
-	if(data->stack == 0) free_stack(stack, 0);
-
 	if (data->direct_rcv) {
 		new = os_rcv_fd(fd, &data->helper_pid);
 	} else {
diff --git a/arch/um/os-Linux/helper.c b/arch/um/os-Linux/helper.c
index 8a78bf03b468..d13299cfa318 100644
--- a/arch/um/os-Linux/helper.c
+++ b/arch/um/os-Linux/helper.c
@@ -50,7 +50,8 @@ static int helper_child(void *arg)
 }
 
 /* Returns either the pid of the child process we run or -E* on failure.
- * XXX The alloc_stack here breaks if this is called in the tracing thread */
+ * XXX The alloc_stack here breaks if this is called in the tracing thread, so
+ * we need to receive a preallocated stack (a local buffer is ok). */
 int run_helper(void (*pre_exec)(void *), void *pre_data, char **argv,
 	       unsigned long *stack_out)
 {
@@ -113,10 +114,8 @@ int run_helper(void (*pre_exec)(void *), void *pre_data, char **argv,
 		close(fds[1]);
 	close(fds[0]);
 out_free:
-	if (stack_out == NULL)
+	if ((stack_out == NULL) || (*stack_out == 0))
 		free_stack(stack, 0);
-	else
-		*stack_out = stack;
 	return ret;
 }