Oleg Nesterov 788e05a67c [PATCH] fix do_coredump() vs SIGSTOP race ... Let's suppose we have 2 threads in thread group: A - does coredump B - has pending SIGSTOP thread A thread B do_coredump: get_signal_to_deliver: lock(->sighand) ->signal->flags = SIGNAL_GROUP_EXIT unlock(->sighand) lock(->sighand) signr = dequeue_signal() ->signal->flags |= SIGNAL_STOP_DEQUEUED return SIGSTOP; do_signal_stop: unlock(->sighand) coredump_wait: zap_threads: lock(tasklist_lock) send SIGKILL to B // signal_wake_up() does nothing unlock(tasklist_lock) lock(tasklist_lock) lock(->sighand) re-check sig->flags & SIGNAL_STOP_DEQUEUED, yes set_current_state(TASK_STOPPED); finish_stop: schedule(); // ->state == TASK_STOPPED wait_for_completion(&startup_done) // waits for complete() from B, // ->state == TASK_UNINTERRUPTIBLE We can't wake up 'B' in any way: SIGCONT will be ignored because handle_stop_signal() sees ->signal->flags & SIGNAL_GROUP_EXIT. sys_kill(SIGKILL)->__group_complete_signal() will choose uninterruptible 'A', so it can't help. sys_tkill(B, SIGKILL) will be ignored by specific_send_sig_info() because B already has pending SIGKILL. This scenario is not possbile if 'A' does do_group_exit(), because it sets sig->flags = SIGNAL_GROUP_EXIT and delivers SIGKILL to subthreads atomically, holding both tasklist_lock and sighand->lock. That means that do_signal_stop() will notice !SIGNAL_STOP_DEQUEUED after re-locking ->sighand. And it is not possible to any other thread to re-add SIGNAL_STOP_DEQUEUED later, because dequeue_signal() can only return SIGKILL. I think it is better to change do_coredump() to do sigaddset(SIGKILL) and signal_wake_up() under sighand->lock, but this patch is much simpler. Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Signed-off-by: Linus Torvalds <torvalds@osdl.org>		2005-10-08 14:53:31 -07:00
..
irq	[PATCH] CHECK_IRQ_PER_CPU() to avoid dead code in __do_IRQ()	2005-09-07 16:57:29 -07:00
power	[PATCH] swsusp: avoid problems if there are too many pages to save	2005-09-28 07:46:41 -07:00
acct.c	[PATCH] kernel/acct: add kerneldoc	2005-09-10 10:06:26 -07:00
audit.c	Merge master.kernel.org:/pub/scm/linux/kernel/git/dwmw2/audit-2.6	2005-09-13 09:47:30 -07:00
auditsc.c	[AUDIT] Allow filtering on system call success _or_ failure	2005-08-27 10:25:43 +01:00
capability.c	[PATCH] kernel/capability.c: add kerneldoc	2005-07-27 16:26:06 -07:00
compat.c	[PATCH] kernel: fix-up schedule_timeout() usage	2005-09-10 10:06:37 -07:00
configs.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
cpu.c	[PATCH] i386 CPU hotplug	2005-06-25 16:24:29 -07:00
cpuset.c	[PATCH] cpuset crapectomy	2005-09-30 08:42:24 -07:00
crash_dump.c	[PATCH] kernel/crash_dump.c: add kerneldoc	2005-07-27 16:26:06 -07:00
dma.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
exec_domain.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
exit.c	Fix inequality comparison against "task->state"	2005-10-01 11:04:18 -07:00
extable.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
fork.c	[PATCH] CPU hotplug breaks wake_up_new_task	2005-09-17 11:49:59 -07:00
futex.c	[PATCH] futex: remove duplicate code	2005-09-07 16:57:33 -07:00
intermodule.c	[PATCH] introduce and use kzalloc	2005-09-07 16:57:45 -07:00
itimer.c	[PATCH] itimer fixes	2005-07-27 16:25:51 -07:00
kallsyms.c	[PATCH] ppc32: platform-specific functions missing from kallsyms.	2005-05-05 16:36:31 -07:00
Kconfig.hz	[PATCH] i386: Selectable Frequency of the Timer Interrupt	2005-06-23 09:45:10 -07:00
Kconfig.preempt	[PATCH] sched: voluntary kernel preemption	2005-06-25 16:24:45 -07:00
kexec.c	[PATCH] kexec: fix sparse warnings	2005-06-28 14:53:40 -07:00
kfifo.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
kmod.c	[PATCH] Keys: Pass session keyring to call_usermodehelper()	2005-06-24 00:05:18 -07:00
kprobes.c	[PATCH] kprobes: fix bug when probed on task and isr functions	2005-09-07 16:58:01 -07:00
ksysfs.c	[PATCH] Kdump: Export crash notes section address through sysfs	2005-06-25 16:24:51 -07:00
kthread.c	[PATCH] use smp_mb/wmb/rmb where possible	2005-05-01 08:58:47 -07:00
Makefile	[PATCH] spinlock consolidation	2005-09-10 10:06:21 -07:00
module.c	[PATCH] use add_taint() for setting tainted bit flags	2005-09-13 08:22:29 -07:00
panic.c	[PATCH] Call emergency_reboot from panic	2005-07-26 14:35:43 -07:00
params.c	[PATCH] Ignore trailing whitespace on kernel parameters correctly	2005-09-28 07:46:41 -07:00
pid.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
posix-cpu-timers.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
posix-timers.c	[PATCH] fix send_sigqueue() vs thread exit race	2005-09-07 16:57:33 -07:00
printk.c	[PATCH] Add printk_clock()	2005-09-21 10:11:54 -07:00
profile.c	[PATCH] mostly_read data section	2005-07-07 18:23:46 -07:00
ptrace.c	[PATCH] remove duplicated code from proc and ptrace	2005-09-07 16:57:43 -07:00
rcupdate.c	[PATCH] files: rcuref APIs	2005-09-09 13:57:54 -07:00
resource.c	[PATCH] introduce and use kzalloc	2005-09-07 16:57:45 -07:00
sched.c	[PATCH] Fix spinlock owner debugging	2005-09-13 09:59:04 -07:00
seccomp.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
signal.c	[PATCH] fix do_coredump() vs SIGSTOP race	2005-10-08 14:53:31 -07:00
softirq.c	[PATCH] x86-64: Some cleanup and optimization to the processor data area.	2005-09-12 10:49:58 -07:00
softlockup.c	[PATCH] detect soft lockups	2005-09-07 16:57:17 -07:00
spinlock.c	[PATCH] spinlock consolidation	2005-09-10 10:06:21 -07:00
stop_machine.c	[PATCH] smp_processor_id() cleanup	2005-06-21 18:46:13 -07:00
sys_ni.c	[PATCH] remove sys_set_zone_reclaim()	2005-08-01 10:03:56 -07:00
sys.c	[PATCH] reboot: comment and factor the main reboot functions	2005-09-22 22:17:33 -07:00
sysctl.c	[NET]: Fix sparse warnings	2005-08-29 16:01:32 -07:00
time.c	[PATCH] clean up inline static vs static inline	2005-07-27 16:26:20 -07:00
timer.c	[PATCH] schedule_timeout_[un]interruptible() speedup	2005-09-13 08:22:29 -07:00
uid16.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
user.c	[PATCH] inotify	2005-07-12 20:38:38 -07:00
wait.c	Linux-2.6.12-rc2	2005-04-16 15:20:36 -07:00
workqueue.c	[PATCH] introduce and use kzalloc	2005-09-07 16:57:45 -07:00