show_task() is not SMP safe

From: Arnd Bergmann
Date: Tue Jan 27 2004 - 07:11:59 EST


Christian Bornträger noticed that the kernel can crash after
<SysRq>-T. It appears that the show_task function gets called
for all tasks, which does not work if one of the tasks is
running in a system call on another CPU. In that case the
result of thread_saved_pc and show_stack is undefined and
likely to cause a crash.

For tasks running in user space on other CPUs, show_task()
is probably harmless, but I'm not sure if that's true on all
architectures.

The patch below is still racy for tasks that are about to
sleep, but it demonstrates the problem.

In the same function, there is another (harmless) bug that causes
the "free stack" indicator to be wrong. It can take any value
between zero and the intended meaning unless __alloc_thread_info
is modified to clear newly allocated stack memory.

Arnd <><

Index: kernel/sched.c
===================================================================
RCS file: /home/cvs/linux-2.5/kernel/sched.c,v
retrieving revision 1.56
diff -u -r1.56 sched.c
--- kernel/sched.c 24 Nov 2003 09:44:34 -0000 1.56
+++ kernel/sched.c 27 Jan 2004 11:50:55 -0000
@@ -2457,13 +2457,13 @@
else
printk(" ");
#if (BITS_PER_LONG == 32)
- if (p == current)
- printk(" current ");
+ if (state == TASK_RUNNING)
+ printk(" running ");
else
printk(" %08lX ", thread_saved_pc(p));
#else
- if (p == current)
- printk(" current task ");
+ if (state == TASK_RUNNING)
+ printk(" running task ");
else
printk(" %016lx ", thread_saved_pc(p));
#endif
@@ -2491,7 +2491,8 @@
else
printk(" (NOTLB)\n");

- show_stack(p, NULL);
+ if (state != TASK_RUNNING)
+ show_stack(p, NULL);
}

void show_state(void)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/