FW: [PATCH] AB-BA deadlock between uidhash_lock and tasklist_lock.

From: Robin Holt
Date: Wed Dec 22 2004 - 18:15:15 EST

We have uncovered a very difficult to trip AB-BA deadlock between the
uidhash_lock and tasklist_lock.

reparent_to_init() does write_lock_irq(&tasklist_lock) then calls
switch_uid() which calls free_uid() which grabs the uidhash_lock.

Independent of that, we have seen a different cpu call free_uid as a
result of sys_wait4 and, immediately after acquiring the uidhash_lock,
receive a timer interrupt which eventually leads to an attempt to grab
the tasklist_lock.

Signed-off-by: Robin Holt <holt@xxxxxxx>

Index: linux/kernel/user.c
--- linux.orig/kernel/user.c 2004-12-22 13:10:49.000000000 -0600
+++ linux/kernel/user.c 2004-12-22 16:04:40.244569776 -0600
@@ -90,6 +90,9 @@

void free_uid(struct user_struct *up)
+ unsigned long flags;
+ local_irq_save(flags);
if (up && atomic_dec_and_lock(&up->__count, &uidhash_lock)) {
@@ -97,6 +100,7 @@
kmem_cache_free(uid_cachep, up);
+ local_irq_restore(flags);

struct user_struct * alloc_uid(uid_t uid)
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/