Re: [PATCH v2] fs/nsfs: skip active ref counting for initial namespaces
From: Christian Brauner
Date: Tue Nov 11 2025 - 04:28:07 EST
On Sun, Nov 09, 2025 at 02:53:33PM +0530, Deepanshu Kartikey wrote:
> Initial namespaces are statically allocated and exist for the entire
> lifetime of the system. They should not participate in active
> reference counting.
>
> The recent introduction of active reference counting in commit
> 3a18f809184b ("ns: add active reference count") added functions that
> unconditionally take/drop active references on all namespaces,
> including initial ones.
>
> This causes a WARN_ON_ONCE() to trigger when a namespace file for an
> initial namespace is evicted:
>
> WARNING: ./include/linux/ns_common.h:314 at nsfs_evict+0x18e/0x200
>
> The same pattern exists in nsproxy_ns_active_get() and
> nsproxy_ns_active_put() which could trigger similar warnings when
> operating on initial namespaces.
>
> Fix by checking is_initial_namespace() before taking or dropping
> active references in:
> - nsfs_evict()
> - nsproxy_ns_active_get()
> - nsproxy_ns_active_put()
>
> Reported-by: syzbot+0b2e79f91ff6579bfa5b@xxxxxxxxxxxxxxxxxxxxxxxxx
> Link: https://syzkaller.appspot.com/bug?extid=0b2e79f91ff6579bfa5b
> Fixes: 3a18f809184b ("ns: add active reference count")
> Signed-off-by: Deepanshu Kartikey <kartikey406@xxxxxxxxx>
> ---
This is not the way to fix it and it's not the cause of the bug.
I've sent a series that addresses this issue properly and it's already
been in next.