[PATCH 2/3] clear signal->tty when the last thread exits
in [Kernel]
|
Prev: [PATCH 6/6] Staging:rt2860: fix coding style issue in rt_usb.c This is a patch to the rt_usb.c file that fixes up errors found by the checkpatch.pl tool
Next: Infinite loop on boot in free_early_partial due to start==end on tip/master
From: Oleg Nesterov on 19 Mar 2010 14:50 When the last thread exits signal->tty is freed, but the pointer is not cleared and points to nowhere. This is OK. Nobody should use signal->tty lockless, and it is no longer possible to take ->siglock. However this looks wrong even if correct, and the nice OOPS is better than subtle and hard to find bugs. Change __exit_signal() to clear signal->tty under ->siglock. Note: __exit_signal() needs more cleanups. It should not check "sig != NULL" to detect the all-dead case and we have the same issues with signal->stats. Signed-off-by: Oleg Nesterov <oleg(a)redhat.com> --- kernel/exit.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) --- 34-rc1/kernel/exit.c~9_CLEAR_SIGNAL_TTY 2010-03-19 17:25:36.000000000 +0100 +++ 34-rc1/kernel/exit.c 2010-03-19 18:55:02.000000000 +0100 @@ -81,6 +81,7 @@ static void __exit_signal(struct task_st { struct signal_struct *sig = tsk->signal; struct sighand_struct *sighand; + struct tty_struct *tty; BUG_ON(!sig); BUG_ON(!atomic_read(&sig->count)); @@ -94,6 +95,8 @@ static void __exit_signal(struct task_st posix_cpu_timers_exit(tsk); if (thread_group_leader(tsk)) { posix_cpu_timers_exit_group(tsk); + tty = sig->tty; + sig->tty = NULL; } else { /* * If there is any task waiting for the group exit @@ -148,7 +151,7 @@ static void __exit_signal(struct task_st * see account_group_exec_runtime(). */ task_rq_unlock_wait(tsk); - tty_kref_put(sig->tty); + tty_kref_put(tty); } } -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |