Re: [nsproxy] BUG: unable to handle kernel NULL pointer dereferenceat 0000000000000024

[Rakib Mullick]

On 3/7/13, Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote:
> Fengguang Wu <fengguang.wu@xxxxxxxxx> writes:
>
>> Greetings,
>>
>> I got the below oops and the first bad commit is
>
> Doh!  On a second look that change is totally wrong.  Of course we need
> to up the ref-count every time we create a new process.  Especially if
> we don't do anything with namespaces.
>
> I was looking at it from the wrong angle last night.  I should have
> known better.
>
> Patch dropped.
>

Sad to know :( . From the debug messages, it's kmemcheck report. I
can't related the problem specified with the patch I've proposed.

It seems at task exit path, at switch_task_namespaces() - after my
patch atomic_dec_and_test(&ns->count) becomes true (-1), thus
free_nsproxy() gets called. But, free_nsproxy() shouldn't get called
here.

Am I right? Or there's something else?

Thanks,
Rakib
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/