The lttng-statedump checks the return value of task_active_pid_ns()
before each use within lttng_statedump_process_pid_ns(), but misses
the NULL check before dereferencing pid_ns->parent.
This race happens if a task exists in "dead" state while the statedump
iterates on that task.
Reported-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
pid_ns = task_active_pid_ns(p);
do {
trace_lttng_statedump_process_pid_ns(session, p, pid_ns);
- pid_ns = pid_ns->parent;
+ pid_ns = pid_ns ? pid_ns->parent : NULL;
} while (pid_ns);