Re: kernel BUG at kernel/exit.c:792!

[Ingo Molnar]

On Wed, 3 Dec 2003, Linus Torvalds wrote:

> > But I don't understand the oops:
> > __exit_sighand clears current->sighand, and then in the next line
> > __unhash_process removes the thread from the task list. But that's under
> > write_lock_irq(&tasklist_lock), and get_tid_list runs under
> > read_lock(&tasklist_lock). It should be impossible that ->sighand is
> > NULL and the task is still listed in the task list.
> 
> The /proc filesystem will keep pointers to processes alive, and can
> reach them even if the process is otherwise gone.
> 
> This is why /proc ends up doing tests like "if (tsk->mm)" etc - because
> it literally can see processes after they are dead.

yes, and we start the 'task list search' at leader_task, which might be an
already unlinked task. So i'd suggest to use a variant of Srivatsa's fix
(attached below) - the extra explanation at this place cannot hurt i
think.

	Ingo

--- linux/fs/proc/base.c.orig	
+++ linux/fs/proc/base.c	
@@ -1666,7 +1666,12 @@ static int get_tid_list(int index, unsig
 
 	index -= 2;
 	read_lock(&tasklist_lock);
-	do {
+	/*
+	 * The starting point task (leader_task) might be an already
+	 * unlinked task, which cannot be used to access the task-list
+	 * via next_thread().
+	 */
+	if (pid_alive(task)) do {
 		int tid = task->pid;
 		if (!pid_alive(task))
 			continue;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/