original_kernel/kernel
Kirill Korotaev 4286229868 [PATCH] wrong error path in dup_fd() leading to oopses in RCU
Wrong error path in dup_fd() - it should return NULL on error,
not an address of already freed memory :/

Triggered by OpenVZ stress test suite.

What is interesting is that it was causing different oopses in RCU like
below:
Call Trace:
   [<c013492c>] rcu_do_batch+0x2c/0x80
   [<c0134bdd>] rcu_process_callbacks+0x3d/0x70
   [<c0126cf3>] tasklet_action+0x73/0xe0
   [<c01269aa>] __do_softirq+0x10a/0x130
   [<c01058ff>] do_softirq+0x4f/0x60
   =======================
   [<c0113817>] smp_apic_timer_interrupt+0x77/0x110
   [<c0103b54>] apic_timer_interrupt+0x1c/0x24
  Code:  Bad EIP value.
   <0>Kernel panic - not syncing: Fatal exception in interrupt

Signed-Off-By: Pavel Emelianov <xemul@sw.ru>
Signed-Off-By: Dmitry Mishin <dim@openvz.org>
Signed-Off-By: Kirill Korotaev <dev@openvz.org>
Signed-Off-By: Linus Torvalds <torvalds@osdl.org>
2006-03-31 12:25:46 -08:00
..
irq
power [PATCH] Fix suspend with traced tasks 2006-03-31 12:18:50 -08:00
.gitignore
Kconfig.hz
Kconfig.preempt
Makefile [PATCH] lightweight robust futexes: compat 2006-03-27 08:44:49 -08:00
acct.c [PATCH] Fix pacct bug in multithreading case. 2006-03-31 12:18:54 -08:00
audit.c [PATCH] Don't pass boot parameters to argv_init[] 2006-03-31 12:18:53 -08:00
audit.h
auditfilter.c
auditsc.c
capability.c
compat.c [PATCH] lightweight robust futexes: compat 2006-03-27 08:44:49 -08:00
configs.c
cpu.c [PATCH] Notifier chain update: API changes 2006-03-27 08:44:50 -08:00
cpuset.c [PATCH] cpuset: memory migration interaction fix 2006-03-31 12:18:55 -08:00
dma.c
exec_domain.c
exit.c [PATCH] task: RCU protect task->usage 2006-03-31 12:18:59 -08:00
extable.c
fork.c [PATCH] wrong error path in dup_fd() leading to oopses in RCU 2006-03-31 12:25:46 -08:00
futex.c [PATCH] futex: check and validate timevals 2006-03-31 12:18:59 -08:00
futex_compat.c [PATCH] futex: check and validate timevals 2006-03-31 12:18:59 -08:00
hrtimer.c [PATCH] hrtimer: call get_softirq_time() only when necessary in run_hrtimer_queue() 2006-03-31 12:18:58 -08:00
intermodule.c
itimer.c [PATCH] hrtimers: remove data field 2006-03-26 08:57:03 -08:00
kallsyms.c
kexec.c
kfifo.c
kmod.c [PATCH] wait_for_helper: trivial style cleanup 2006-03-28 18:36:41 -08:00
kprobes.c [PATCH] kretprobe instance recycled by parent process 2006-03-26 08:57:04 -08:00
ksysfs.c
kthread.c
module.c [PATCH] modules: permit Dual-MIT/GPL licenses 2006-03-31 12:18:56 -08:00
mutex-debug.c
mutex-debug.h
mutex.c
mutex.h
panic.c [PATCH] Notifier chain update: API changes 2006-03-27 08:44:50 -08:00
params.c [PATCH] Change dash2underscore() return value to char 2006-03-28 09:16:03 -08:00
pid.c [PATCH] pidhash: Refactor the pid hash table 2006-03-31 12:19:00 -08:00
posix-cpu-timers.c
posix-timers.c [PATCH] hrtimers: remove data field 2006-03-26 08:57:03 -08:00
printk.c
profile.c [PATCH] Notifier chain update: API changes 2006-03-27 08:44:50 -08:00
ptrace.c [PATCH] don't use REMOVE_LINKS/SET_LINKS for reparenting 2006-03-28 18:36:41 -08:00
rcupdate.c
rcutorture.c [PATCH] for_each_possible_cpu: fixes for generic part 2006-03-28 09:16:05 -08:00
relay.c
resource.c
sched.c [PATCH] sched: activate SCHED BATCH expired 2006-03-31 12:18:59 -08:00
seccomp.c
signal.c [PATCH] Fix suspend with traced tasks 2006-03-31 12:18:50 -08:00
softirq.c
softlockup.c [PATCH] Notifier chain update: API changes 2006-03-27 08:44:50 -08:00
spinlock.c
stop_machine.c
sys.c [PATCH] Make setsid() more robust 2006-03-31 12:18:59 -08:00
sys_ni.c [PATCH] lightweight robust futexes: core 2006-03-27 08:44:49 -08:00
sysctl.c
time.c
timer.c [PATCH] sched: reduce overhead of calc_load 2006-03-31 12:18:58 -08:00
uid16.c
user.c
wait.c
workqueue.c