BUG in tty_open when using containers and ptrace

Grzegorz Nosek root at localdomain.pl
Wed Jul 22 15:25:50 PDT 2009


On wto, lip 21, 2009 at 11:41:20 -0700, Sukadev Bhattiprolu wrote:
> I set 
> 	CONFIG_SLUB_DEBUG=y
> 	CONFIG_SLUB=y
> 	CONFIG_SLUB_DEBUG_ON=y
> 	# CONFIG_SLUB_STATS is not set
> 
> and tried 2.6.29, 2.6.31-rc3 and linux-mmotm from July 13, but have
> not been able to repro either on an i386 machine or on a KVM guest.
> 
> I run your program ./tty-bug in a tight loop. I will try to run the
> program overnight in a loop. 
> 
> Given that your program does not depend on NET_NS, can you see if you
> can repro on 2.6.28 and see if we can bisect this problem ?

Immediate crash. I tried 2.6.18-something (Debian etch kernel) that I
had lying around on the VM. The result:

idr_remove called for id=0 which is not allocated.
 [<c01b7abc>] idr_remove+0xd4/0x137
 [<c01fa871>] release_mem+0x1d5/0x1e1
 [<c01fb4ec>] release_dev+0x5d6/0x5ee
 [<c011669e>] __wake_up+0x2a/0x3d
 [<c01f9e1f>] tty_ldisc_enable+0x1f/0x21
 [<c01fabf5>] init_dev+0x378/0x49f
 [<c01fd2e4>] tty_open+0x2a9/0x2e8
 [<c0161899>] chrdev_open+0x126/0x141
 [<c0161773>] chrdev_open+0x0/0x141
 [<c0158b65>] __dentry_open+0xc8/0x1ac
 [<c0158cad>] nameidata_to_filp+0x19/0x28
 [<c0158ce7>] do_filp_open+0x2b/0x31
 [<c027fddd>] do_nanosleep+0x43/0x6a
 [<c0125f96>] do_sigaction+0x99/0x156
 [<c0158d2b>] do_sys_open+0x3e/0xb3
 [<c0158dcd>] sys_open+0x16/0x18
 [<c0102c7b>] syscall_call+0x7/0xb

(on the bright side, the machine is still usable afterwards).

However, 2.6.26 (both mine and Debian) survives the test so it may indeed
be a recent regression (was it broken again after fixing sometime
between .18 and .26?)

Bisecting...

Best regards,
 Grzegorz Nosek


More information about the Containers mailing list