Re: NULL pointer in proc_pid_stat -- oops.

[OGAWA Hirofumi]

"Andrew Reiter" <areiter@xxxxxxxxxxxxxx> writes:

> 0x000004d4 <proc_pid_stat+124>: test   %ecx,%ecx
> 0x000004d6 <proc_pid_stat+126>: je     0x510 <proc_pid_stat+184>
> 0x000004d8 <proc_pid_stat+128>: mov    0x98(%ecx),%eax
> 0x000004de <proc_pid_stat+134>: mov    %eax,0x20(%esp,1)
> 0x000004e2 <proc_pid_stat+138>: mov    0x4(%ecx),%edx
> 0x000004e5 <proc_pid_stat+141>: movswl 0x64(%edx),%eax
> 0x000004e9 <proc_pid_stat+145>: movswl 0x66(%edx),%edx
> 0x000004ed <proc_pid_stat+149>: shl    $0x14,%eax
> 0x000004f0 <proc_pid_stat+152>: or     %edx,%eax
> 0x000004f2 <proc_pid_stat+154>: add    0x8(%ecx),%eax
> 
> And from the oops trace output (that is attached), we can see that %edx
> is 0x0; so we can easily see here why we're crashing at least.  After
> examining the C source, I see that we're dying in the call to
> task_name() (inline) from proc_pid_stat().

Looks like this problem is same with BSD acct Oops.

	if (task->tty) {
		tty_pgrp = task->tty->pgrp;
		tty_nr = new_encode_dev(tty_devnum(task->tty));
	}

Some place doesn't take the any lock for ->tty. I think we need to
take the lock for ->tty.
-- 
OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/