[vfs2] Don't take reference in Task.MountNamespaceVFS2 and MountNamespace.Root.

This fixes reference leaks related to accidentally forgetting to DecRef() after calling one or the other. PiperOrigin-RevId: 336918922
author: Dean Deng <deandeng@google.com> 2020-10-13 11:29:21 -0700
committer: gVisor bot <gvisor-bot@google.com> 2020-10-13 11:31:22 -0700
commit: 432963dd2d9f4797f26a8b2555464a50f8319537 (patch)
tree: 8cf1e7fd7529fa98af146a70ce508cdad8a797e0 /runsc/boot/loader.go
parent: d9b32efb306444440daa89a79e4d85516ff8f340 (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index 9a08ebc60..8ad000497 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -903,7 +903,7 @@ func (l *Loader) executeAsync(args *control.ExecArgs) (kernel.ThreadID, error) {
 	// Get the container MountNamespace from the Task. Try to acquire ref may fail
 	// in case it raced with task exit.
 	if kernel.VFS2Enabled {
-		// task.MountNamespace() does not take a ref, so we must do so ourselves.
+		// task.MountNamespaceVFS2() does not take a ref, so we must do so ourselves.
 		args.MountNamespaceVFS2 = tg.Leader().MountNamespaceVFS2()
 		if !args.MountNamespaceVFS2.TryIncRef() {
 			return 0, fmt.Errorf("container %q has stopped", args.ContainerID)
@@ -925,7 +925,6 @@ func (l *Loader) executeAsync(args *control.ExecArgs) (kernel.ThreadID, error) {
 		root := args.MountNamespaceVFS2.Root()
 		ctx := vfs.WithRoot(l.k.SupervisorContext(), root)
 		defer args.MountNamespaceVFS2.DecRef(ctx)
-		defer root.DecRef(ctx)
 		envv, err := user.MaybeAddExecUserHomeVFS2(ctx, args.MountNamespaceVFS2, args.KUID, args.Envv)
 		if err != nil {
 			return 0, err
author	Dean Deng <deandeng@google.com>	2020-10-13 11:29:21 -0700
committer	gVisor bot <gvisor-bot@google.com>	2020-10-13 11:31:22 -0700
commit	432963dd2d9f4797f26a8b2555464a50f8319537 (patch)
tree	8cf1e7fd7529fa98af146a70ce508cdad8a797e0 /runsc/boot/loader.go
parent	d9b32efb306444440daa89a79e4d85516ff8f340 (diff)