BUG: de_thread()

From: Oleg Nesterov (oleg@tv-sign.ru)
Date: Thu Oct 10 2002 - 12:41:06 EST


Hello.

Suppose process P in thread group was cloned _without_
CLONE_DETACHED flag. Then another thread, group_leader
for simplicity, does exec and calls de_thread(). It kills
P via _broadcast_thread_group(). While doing do_exit(),
P skips release_task(), because its exit_signal != -1,
and becomes TASK_ZOMBIE.

Then leader calls schedule() with TASK_UNINTERRUPTIBLE
in while(oldsig->count > 1) {...} and sleeps forever,
because nobody can do wake_up_process(sig->group_exit_task).

Sorry if i missed something, i have no machine to test
development kernel, so i can only speculate looking at
source.

Oleg.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Tue Oct 15 2002 - 22:00:37 EST