linux/kernel
Kirill Korotaev 4286229868 [PATCH] wrong error path in dup_fd() leading to oopses in RCU
Wrong error path in dup_fd() - it should return NULL on error,
not an address of already freed memory :/

Triggered by OpenVZ stress test suite.

What is interesting is that it was causing different oopses in RCU like
below:
Call Trace:
   [<c013492c>] rcu_do_batch+0x2c/0x80
   [<c0134bdd>] rcu_process_callbacks+0x3d/0x70
   [<c0126cf3>] tasklet_action+0x73/0xe0
   [<c01269aa>] __do_softirq+0x10a/0x130
   [<c01058ff>] do_softirq+0x4f/0x60
   =======================
   [<c0113817>] smp_apic_timer_interrupt+0x77/0x110
   [<c0103b54>] apic_timer_interrupt+0x1c/0x24
  Code:  Bad EIP value.
   <0>Kernel panic - not syncing: Fatal exception in interrupt

Signed-Off-By: Pavel Emelianov <xemul@sw.ru>
Signed-Off-By: Dmitry Mishin <dim@openvz.org>
Signed-Off-By: Kirill Korotaev <dev@openvz.org>
Signed-Off-By: Linus Torvalds <torvalds@osdl.org>
2006-03-31 12:25:46 -08:00
..
irq [PATCH] warn if free_irq() is called from IRQ context 2006-03-26 08:56:53 -08:00
power [PATCH] Fix suspend with traced tasks 2006-03-31 12:18:50 -08:00
.gitignore
acct.c [PATCH] Fix pacct bug in multithreading case. 2006-03-31 12:18:54 -08:00
audit.c [PATCH] Don't pass boot parameters to argv_init[] 2006-03-31 12:18:53 -08:00
audit.h
auditfilter.c
auditsc.c Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current 2006-03-25 09:24:53 -08:00
capability.c [PATCH] refactor capable() to one implementation, add __capable() helper 2006-03-25 08:22:56 -08:00
compat.c [PATCH] lightweight robust futexes: compat 2006-03-27 08:44:49 -08:00
configs.c
cpu.c [PATCH] Notifier chain update: API changes 2006-03-27 08:44:50 -08:00
cpuset.c [PATCH] cpuset: memory migration interaction fix 2006-03-31 12:18:55 -08:00
dma.c
exec_domain.c [PATCH] Fix module refcount leak in __set_personality() 2006-03-24 07:33:30 -08:00
exit.c [PATCH] task: RCU protect task->usage 2006-03-31 12:18:59 -08:00
extable.c
fork.c [PATCH] wrong error path in dup_fd() leading to oopses in RCU 2006-03-31 12:25:46 -08:00
futex_compat.c [PATCH] futex: check and validate timevals 2006-03-31 12:18:59 -08:00
futex.c [PATCH] futex: check and validate timevals 2006-03-31 12:18:59 -08:00
hrtimer.c [PATCH] hrtimer: call get_softirq_time() only when necessary in run_hrtimer_queue() 2006-03-31 12:18:58 -08:00
intermodule.c
itimer.c [PATCH] hrtimers: remove data field 2006-03-26 08:57:03 -08:00
kallsyms.c
Kconfig.hz
Kconfig.preempt
kexec.c
kfifo.c
kmod.c [PATCH] wait_for_helper: trivial style cleanup 2006-03-28 18:36:41 -08:00
kprobes.c [PATCH] kretprobe instance recycled by parent process 2006-03-26 08:57:04 -08:00
ksysfs.c [PATCH] fix build error if CONFIG_SYSFS=n 2006-03-24 07:33:31 -08:00
kthread.c [PATCH] find_task_by_pid() needs tasklist_lock 2006-03-25 08:22:57 -08:00
Makefile [PATCH] lightweight robust futexes: compat 2006-03-27 08:44:49 -08:00
module.c [PATCH] modules: permit Dual-MIT/GPL licenses 2006-03-31 12:18:56 -08:00
mutex-debug.c
mutex-debug.h
mutex.c
mutex.h
panic.c [PATCH] Notifier chain update: API changes 2006-03-27 08:44:50 -08:00
params.c [PATCH] Change dash2underscore() return value to char 2006-03-28 09:16:03 -08:00
pid.c [PATCH] pidhash: Refactor the pid hash table 2006-03-31 12:19:00 -08:00
posix-cpu-timers.c
posix-timers.c [PATCH] hrtimers: remove data field 2006-03-26 08:57:03 -08:00
printk.c [PATCH] console_setup() depends (wrongly?) on CONFIG_PRINTK 2006-03-24 07:33:27 -08:00
profile.c [PATCH] Notifier chain update: API changes 2006-03-27 08:44:50 -08:00
ptrace.c [PATCH] don't use REMOVE_LINKS/SET_LINKS for reparenting 2006-03-28 18:36:41 -08:00
rcupdate.c [PATCH] rcu_process_callbacks: don't cli() while testing ->nxtlist 2006-03-24 07:33:20 -08:00
rcutorture.c [PATCH] for_each_possible_cpu: fixes for generic part 2006-03-28 09:16:05 -08:00
relay.c [PATCH] relay: consolidate sendfile() and read() code 2006-03-23 19:58:45 +01:00
resource.c
sched.c [PATCH] sched: activate SCHED BATCH expired 2006-03-31 12:18:59 -08:00
seccomp.c
signal.c [PATCH] Fix suspend with traced tasks 2006-03-31 12:18:50 -08:00
softirq.c
softlockup.c [PATCH] Notifier chain update: API changes 2006-03-27 08:44:50 -08:00
spinlock.c [PATCH] BUILD_LOCK_OPS: cleanup preempt_disable() usage 2006-03-23 07:38:16 -08:00
stop_machine.c
sys_ni.c [PATCH] lightweight robust futexes: core 2006-03-27 08:44:49 -08:00
sys.c [PATCH] Make setsid() more robust 2006-03-31 12:18:59 -08:00
sysctl.c [PATCH] Range checking in do_proc_dointvec_(userhz_)jiffies_conv 2006-03-24 07:33:20 -08:00
time.c [PATCH] hrtimers: remove nsec_t typedef 2006-03-26 08:57:03 -08:00
timer.c [PATCH] sched: reduce overhead of calc_load 2006-03-31 12:18:58 -08:00
uid16.c
user.c [PATCH] free_uid() locking improvement 2006-03-24 07:33:20 -08:00
wait.c
workqueue.c