Fix: statedump: check task_active_pid_ns return value for NULL

The lttng-statedump checks the return value of task_active_pid_ns()
before each use within lttng_statedump_process_pid_ns(), but misses
the NULL check before dereferencing pid_ns->parent.

This race happens if a task exists in "dead" state while the statedump
iterates on that task.

Reported-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>

diff --git a/lttng-statedump-impl.c b/lttng-statedump-impl.c
index 066b9612c0ee5f3884f023c1211eef17c58ad305..043bbaa1a8eaee4b91655f8649ed2e4fccfb8cc5 100644 (file)
--- a/lttng-statedump-impl.c
+++ b/lttng-statedump-impl.c
@@ -426,7 +426,7 @@ void lttng_statedump_process_ns(struct lttng_session *session,
        pid_ns = task_active_pid_ns(p);
        do {
                trace_lttng_statedump_process_pid_ns(session, p, pid_ns);
-               pid_ns = pid_ns->parent;
+               pid_ns = pid_ns ? pid_ns->parent : NULL;
        } while (pid_ns);