Thomas Gleixner wrote:
>
> On Sat, 2005-08-20 at 20:58 +0400, Oleg Nesterov wrote:
> > [PATCH] fix send_sigqueue() vs thread exit race
> >
> > .....
> > - read_lock(&tasklist_lock);
> > + read_lock(&tasklist_lock);
> > +
> > + if (unlikely(p->flags & PF_EXITING)) {
> > + ret = -1;
> > + goto out_err;
> > + }
> > +
>
> It's still racy. tasklist_lock does not protect anything here.
I hope no, but please clarify if I am wrong.
tasklist_lock protects against release_task()->__exit_sigxxx()
here.
> arm timer
> exit
If this is the last thread in thread group, exit_itimers()
will stop and clear ->posix_timers.
If not:
> timer event
> timr->it_process references a freed structure
>
No, create_timer() does get_task_struct(timr->it_process), this
task may be EXIT_DEAD now, but the task_struct itself is valid,
and it's ->flags has PF_EXITING flag.
Oleg.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
