Re: [PATCH] pid: Add a judgment for ns null in pid_nr_ns

From: Christian Brauner
Date: Fri Aug 08 2025 - 11:03:24 EST

Next message: Pavel Begunkov: "[RFC v2 22/24] net: let pp memory provider to specify rx buf len"
Previous message: Pavel Begunkov: "[RFC v2 24/24] io_uring/zcrx: implement large rx buffer support"
Next in thread: Oleg Nesterov: "Re: [PATCH] pid: Add a judgment for ns null in pid_nr_ns"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 05, 2025 at 02:43:01PM +0200, Oleg Nesterov wrote:
> On 08/04, Oleg Nesterov wrote:
> >
> > But. I need to re-check, but I just realized that pid_alive() can't
> > really help, tsk->thread_pid is not stable even if tsk == current.
> >
> > This means that, say, task_ppid_nr_ns() is buggy.
>
> After the quick grep I don't see the problematic users, but if a zombie
> task T does task_ppid_nr_ns(current, NULL) the kernel can crash:
>
> - pid_alive() succeeds, the task is not reaped yet
>
> - the parent/debugger does wait()->release_task(T), T->thread_pid
> is NULL now
>
> - T calls task_tgid_nr_ns()-> ... pid_nr_ns(ns => NULL) because
> task_active_pid_ns(T) returns NULL
>
> Do you think this worth fixing?

If it's not too much work and it is an actual real-world concern then I
think we should fix it. But I trust your judgement here!

> In any case, I think that task_state(), sched_show_task(), bacct_add_tsk()
> should be changed to use task_ppid_nr_ns(tsk).

Sounds good!
>

Next message: Pavel Begunkov: "[RFC v2 22/24] net: let pp memory provider to specify rx buf len"
Previous message: Pavel Begunkov: "[RFC v2 24/24] io_uring/zcrx: implement large rx buffer support"
Next in thread: Oleg Nesterov: "Re: [PATCH] pid: Add a judgment for ns null in pid_nr_ns"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]