Re: Fw: rc3-mm1: oops in keventd_stop_kthread

From: Rusty Russell
Date: Thu Feb 05 2004 - 01:06:20 EST


In message <20040204200410.GA3802@xxxxxxxxxxxxxxxxxxxxx> you write:
> On Wed, Feb 04, 2004 at 02:00:06PM +1100, Rusty Russell wrote:
> > Um, why is ALSA using kthread?
> >
> > Is there a modprobe -r in your script somewhere?
>
> yes. not sure why it is called though.

Reproduced using your config, and fixed. Classic use-after-free bug:
another victory for DEBUG_PAGEALLOC.

Thanks Andrey!
Rusty.
--
Anyone who quotes me in their sig is an idiot. -- Rusty Russell.

Name: Kthread waitpid Race II
Author: Rusty Russell
Status: Tested on 2.6.2-rc3
Depends: Hotcpu/kthread-wait-race.patch.gz

We can't compare waitpid() result with stop->k->tgid, since the thread
will be gone by then (thanks to Andrey Borzenkov and
CONFIG_DEBUG_PAGEALLOC!

diff -urpN --exclude TAGS -X /home/rusty/devel/kernel/kernel-patches/current-dontdiff --minimal linux-2.6.2-rc3-mm1/kernel/kthread.c tmp/kernel/kthread.c
--- linux-2.6.2-rc3-mm1/kernel/kthread.c 2004-02-04 12:29:18.000000000 +1100
+++ tmp/kernel/kthread.c 2004-02-05 15:56:07.000000000 +1100
@@ -107,7 +112,7 @@ static void adopt_kthread(struct task_st
static void keventd_stop_kthread(void *_stop)
{
struct kthread_stop_info *stop = _stop;
- int status;
+ int status, pid;
sigset_t blocked;
struct k_sigaction sa;

@@ -119,11 +124,14 @@ static void keventd_stop_kthread(void *_
allow_signal(SIGCHLD);

adopt_kthread(stop->k);
+ /* Grab pid now: after waitpid(), stop->k is invalid. */
+ pid = stop->k->tgid;
+
/* All signals are blocked, hence the force. */
force_sig(SIGTERM, stop->k);
/* Other threads might exit: if we ask for one pid that
* returns -ERESTARTSYS. */
- while (waitpid(-1, &status, __WALL) != stop->k->tgid)
+ while (waitpid(-1, &status, __WALL) != pid)
flush_signals(current);
stop->result = -((status >> 8) & 0xFF);
complete(&stop->done);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/