From 1291cf4163d21f1b4999d697cbf68d38e7151c28 Mon Sep 17 00:00:00 2001 From: Oleg Nesterov Date: Sun, 30 Oct 2005 15:02:54 -0800 Subject: [PATCH] [PATCH] fix de_thread() vs do_coredump() deadlock de_thread() sends SIGKILL to all sub-threads and waits them to die in 'D' state. It is possible that one of the threads already dequeued coredump signal. When de_thread() unlocks ->sighand->lock that thread can enter do_coredump()->coredump_wait() and cause a deadlock. Signed-off-by: Oleg Nesterov Cc: Roland McGrath Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/exec.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/fs/exec.c b/fs/exec.c index 6d9521636aa..10d493fea7c 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1460,11 +1460,21 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs) current->fsuid = 0; /* Dump root private */ } mm->dumpable = 0; - init_completion(&mm->core_done); + + retval = -EAGAIN; spin_lock_irq(¤t->sighand->siglock); - current->signal->flags = SIGNAL_GROUP_EXIT; - current->signal->group_exit_code = exit_code; + if (!(current->signal->flags & SIGNAL_GROUP_EXIT)) { + current->signal->flags = SIGNAL_GROUP_EXIT; + current->signal->group_exit_code = exit_code; + retval = 0; + } spin_unlock_irq(¤t->sighand->siglock); + if (retval) { + up_write(&mm->mmap_sem); + goto fail; + } + + init_completion(&mm->core_done); coredump_wait(mm); /*