mirror of
https://github.com/checkpoint-restore/criu
synced 2025-08-22 01:51:51 +00:00
1bbc9fbe37
We have a use-after-free in predump code: 1st the free_pstree() is called in pre_dump_tasks(), then we go to irmap_predump_run() which may call the lookup_irmap() which, in turn, dereferences the root_item to get the root mount ns fd. But the problem is bigger than that. After we've released the tasks (done before freeing pstree on predump) we can no longer access them by PIDs, so keeping the root-item after irmap scan is not a fix. Fix is to get the root fd before releasing the tasks and using one in irmap scanner. Caught recently on iterative inotify_irmap test. Signed-off-by: Pavel Emelyanov <xemul@parallels.com> Acked-by: Andrew Vagin <avagin@parallels.com>
criu ==== An utility to checkpoint/restore tasks. Using this tool, you can freeze a running application (or part of it) and checkpoint it to a hard drive as a collection of files. You can then use the files to restore and run the application from the point it was frozen at. The distinctive feature of the CRIU project is that it is mainly implemented in user space. The project home is at http://criu.org Pages worth starting with are * Kernel configuration, compilation, etc: http://criu.org/Installation * A simple example of usage: http://criu.org/Simple_loop * More sophisticated example with graphical app: http://criu.org/VNC