From: Andrew Morton <akpm@zip.com.au>
To: andersg@0x63.nu
Cc: linux-kernel@vger.kernel.org, lvm-devel@sistina.com
Subject: Re: lvm in 2.5.1
Date: Thu, 27 Dec 2001 01:33:15 -0800 [thread overview]
Message-ID: <3C2AEADB.24BEFE94@zip.com.au> (raw)
In-Reply-To: <20011227084304.GA26255@h55p111.delphi.afb.lu.se>
andersg@0x63.nu wrote:
>
> Hi Jens and other kernelhackers,
>
> I'm now running 2.5.1 with lvm. The following patch makes some minor changes
> for bio-support and removes allocation of a lv_t on the stack, which made
> the stack overflow and gave me something to spend my last 24 hours
> debugging.
That's a worry, because an lv_t is only 420 bytes. If that's triggering
a stack overflow then we're way too close. Think interrupts....
There must be other sources of stack bloat.
lvm_chr_ioctl() calls lvm_do_vg_create(), and it has has another lv_t
on the stack. That's 840 bytes - still not enough. Maybe lvm_do_vg_create()
is calling something which uses lots of stack? Can't see it. Odd.
> ...
> /* get the logical volume structures */
> vg_ptr->lv_cur = 0;
> for (l = 0; l < vg_ptr->lv_max; l++) {
> lv_t *lvp;
> +
> /* user space address */
> if ((lvp = vg_ptr->lv[l]) != NULL) {
> - if (copy_from_user(&lv, lvp, sizeof(lv_t)) != 0) {
> + if (copy_from_user(tmplv, lvp, sizeof(lv_t)) != 0) {
> P_IOCTL("ERROR: copying LV ptr %p (%d bytes)\n",
> lvp, sizeof(lv_t));
> lvm_do_vg_remove(minor);
> return -EFAULT;
Seems that in various places here you've forgotten to free the lv_t storage
on error paths?
Which means you must painfully go through and put a kfree() in front
of each and every `return' statement, hope you don't miss any, hope
you don't break anything, and hope that people don't forget to do this
next time they change the code. Or you need to go through and restructure
the code so you need only one kfree.
Which is a fine and shining example of why one should never, ever, ever,
ever put more than one `return' statement in a C function. Dammit. It
is the single worst feature of C and should not be used.
BTW, it appears that lvm_do_vg_create() leaks the vmalloced snap_lv_ptr
on an error path...
-
next prev parent reply other threads:[~2001-12-27 9:36 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-12-27 8:43 lvm in 2.5.1 andersg
2001-12-27 9:33 ` Andrew Morton [this message]
2001-12-27 12:25 ` andersg
2001-12-27 13:54 ` andersg
2001-12-27 15:20 ` Jens Axboe
2001-12-27 16:02 ` andersg
2001-12-27 16:11 ` Jens Axboe
2001-12-27 17:18 ` [lvm-devel] " Andreas Dilger
2001-12-27 19:25 ` Andrew Morton
2001-12-27 19:37 ` andersg
2001-12-27 19:45 ` Andrew Morton
2001-12-27 20:24 ` andersg
2001-12-28 16:45 ` Jan Niehusmann
2001-12-28 20:17 ` [lvm-devel] " Andreas Dilger
2001-12-28 20:43 ` andersg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3C2AEADB.24BEFE94@zip.com.au \
--to=akpm@zip.com.au \
--cc=andersg@0x63.nu \
--cc=linux-kernel@vger.kernel.org \
--cc=lvm-devel@sistina.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox