Fengguang Wu <fengguang...@intel.com> writes:
> Hi Eric,
>
> It's beyond me why this trivial patch will lead to kernel panic. But
> the NULL pointer dereference bug is 100% reproducible since this
> commit.
My mistake apparently I failed to boot test that patch.
The problem crash is because
kthreadd_task == NULL.
kthreadd_task is NULL because this little sequence sets kthreadd_task to NULL
pid = kernel_thread(kthreadd, NULL, CLONE_FS | CLONE_FILES);
rcu_read_lock();
kthreadd_task = find_task_by_pid_ns(pid, &init_pid_ns);
rcu_read_unlock();
The lookup for kthreadd_task fails because when spawning kthread_task
with kernel_thread the is_idle_task(p) test in fork is reporting true,
so the pid is never placed into the pid hash table.
is_idle_task(p) is true because it is testing task_pid(p) two lines
before task_pid(p) is set. So task_pid(p) is still it's parents value
and the parent of the kthreadd_task is the initial idle task.
So I should have just tested (pid != &init_struct_pid) sigh. Silly me.
Fixed and pushed out. That you for reporting this to me.
Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
