Indeed. I still intend to clean up those entry points and haven't gotten
to it, so I hadn't bothered with this yet either (though I think I sent it
to you for the backport). It certainly does bite in practice, e.g. SIGPIPE.
There is a similar failure to take the lock before using zap_other_threads.
I thought I sent this patch before, but it's not in 2.5 yet.
--- /home/roland/redhat/linux-2.5.59-1.1007/fs/exec.c.~1~ Fri Feb 7 20:04:27 2003
+++ /home/roland/redhat/linux-2.5.59-1.1007/fs/exec.c Sun Feb 9 03:43:36 2003
@@ -601,9 +601,12 @@ static inline int de_thread(struct task_
if (thread_group_empty(current))
goto no_thread_group;
+
/*
- * Kill all other threads in the thread group:
+ * Kill all other threads in the thread group.
+ * We must hold tasklist_lock to call zap_other_threads.
*/
+ read_lock(&tasklist_lock);
spin_lock_irq(lock);
if (oldsig->group_exit) {
/*
@@ -611,6 +614,7 @@ static inline int de_thread(struct task_
* return so that the signal is processed.
*/
spin_unlock_irq(lock);
+ read_unlock(&tasklist_lock);
kmem_cache_free(sighand_cachep, newsighand);
if (newsig)
kmem_cache_free(signal_cachep, newsig);
@@ -629,12 +633,15 @@ static inline int de_thread(struct task_
oldsig->group_exit_task = current;
current->state = TASK_UNINTERRUPTIBLE;
spin_unlock_irq(lock);
+ read_unlock(&tasklist_lock);
schedule();
+ read_lock(&tasklist_lock);
spin_lock_irq(lock);
if (oldsig->group_exit_task)
BUG();
}
spin_unlock_irq(lock);
+ read_unlock(&tasklist_lock);
/*
* At this point all other threads have exited, all we have to
> - session-IDs and group-IDs are set outside the tasklist lock. This
> causes breakage in the USB code. The correct fix is to do this:
This is outside the part of the code that I've touched lately.
Thanks,
Roland
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/