rohc

Linux kernel module: NULL pointer dereferences

Bug #1213411 reported by Didier Barvaux on 2013-08-17

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
rohc	Status tracked in Rohc-main
Rohc-1.5.x	Invalid	Undecided	Didier Barvaux	rohc 1.5.4
Rohc-1.6.x	Won't Fix	Undecided	Didier Barvaux	rohc 1.6.2
Rohc-1.7.x	Won't Fix	Undecided	Didier Barvaux	rohc 1.7.1
Rohc-main	Fix Released	Medium	Didier Barvaux	rohc 2.0.0

Bug Description

Mikhail Gruzdev reported on the mailing list that:

> The other thing I've noticed is that rohc_test throws multiple
> NULL-pointer dereference oopses in kernel log during the test.

And, in a follow-up message:

> > I didn't see them. What kernel version did you used?
>
> It's 3.2.0-23-generic-pae from ubuntu-12.04-desktop-i386 distribution.
> I've uploaded kernel and userspace message logs:
>
> https://docs.google.com/file/d/0B7kwArZeP9zXV256SjBabUY0TmM/edit?usp=sharing
>
> and
>
> https://docs.google.com/file/d/0B7kwArZeP9zXRTI1ZkpLUnBEb2s/edit?usp=sharing

Tags:

Revision history for this message

Didier Barvaux (didier-barvaux) wrote on 2015-06-21:

The problem seems to be related to the way the ROHC compressor/decompressor couples are created and destroyed in the rohc_test.ko module. Upon the first /proc open, the couples are created. They are also released upon the first /proc close. However, some other /proc may still be used and ask the rohc_test.ko module to perform some compression/decompression.

Fix coded. To be tested in VM.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.