The patch titled
proc-readdir-race-fix-take-3-fix-3 fix
has been removed from the -mm tree. Its filename is
proc-readdir-race-fix-take-3-race-fix.patch
This patch was dropped because it was folded into proc-readdir-race-fix-take-3.patch
------------------------------------------------------
Subject: proc-readdir-race-fix-take-3-fix-3 fix
From: Oleg Nesterov <oleg@xxxxxxxxxx>
On 09/07, Oleg Nesterov wrote:
>
> On 09/06, Jean Delvare wrote:
> >
> > On Wednesday 6 September 2006 11:01, Jean Delvare wrote:
> > > Eric, Kame, thanks a lot for working on this. I'll be giving some good
> > > testing to this patch today, and will return back to you when I'm done.
> >
> > The original issue is indeed fixed, but there's a problem with the patch.
> > When stressing /proc (to verify the bug was fixed), my test machine ended
> > up crashing. Here are the 2 traces I found in the logs:
> >
> > Sep 6 12:06:00 arrakis kernel: BUG: warning at
> > kernel/fork.c:113/__put_task_struct()
> > Sep 6 12:06:00 arrakis kernel: [<c0115f93>] __put_task_struct+0xf3/0x100
> > Sep 6 12:06:00 arrakis kernel: [<c019666a>] proc_pid_readdir+0x13a/0x150
> > Sep 6 12:06:00 arrakis kernel: [<c01745f0>] vfs_readdir+0x80/0xa0
> > Sep 6 12:06:00 arrakis kernel: [<c0174750>] filldir+0x0/0xd0
> > Sep 6 12:06:00 arrakis kernel: [<c017488c>] sys_getdents+0x6c/0xb0
> > Sep 6 12:06:00 arrakis kernel: [<c0174750>] filldir+0x0/0xd0
> > Sep 6 12:06:00 arrakis kernel: [<c0102fb7>] syscall_call+0x7/0xb
>
> If the task found is not a group leader, we go to retry, but
> the task != NULL.
>
> Now, if find_ge_pid(tgid) returns NULL, we return that wrong
> task, and it was not get_task_struct()'ed.
Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
Cc: Jean Delvare <jdelvare@xxxxxxx>
Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---
fs/proc/base.c | 2 +-
1 files changed, 1 insertion(+), 1 deletion(-)
diff -puN fs/proc/base.c~proc-readdir-race-fix-take-3-race-fix fs/proc/base.c
--- a/fs/proc/base.c~proc-readdir-race-fix-take-3-race-fix
+++ a/fs/proc/base.c
@@ -2150,9 +2150,9 @@ static struct task_struct *next_tgid(uns
struct task_struct *task;
struct pid *pid;
- task = NULL;
rcu_read_lock();
retry:
+ task = NULL;
pid = find_ge_pid(tgid);
if (pid) {
tgid = pid->nr + 1;
_
Patches currently in -mm which might be from oleg@xxxxxxxxxx are
origin.patch
proc-readdir-race-fix-take-3.patch
proc-readdir-race-fix-take-3-race-fix.patch
vt-rework-the-console-spawning-variables.patch
vt-make-vt_pid-a-struct-pid-making-it-pid-wrap-around-safe.patch
simplify-pid-iterators.patch
file-add-locking-to-f_getown.patch
proc-convert-task_sig-to-use-lock_task_sighand.patch
proc-convert-do_task_stat-to-use-lock_task_sighand.patch
proc-drop-tasklist-lock-in-task_state.patch
proc-properly-compute-tgid_offset.patch
proc-remove-trailing-blank-entry-from-pid_entry-arrays.patch
proc-remove-the-useless-smp-safe-comments-from-proc.patch
proc-comment-what-proc_fill_cache-does.patch
introduce-get_task_pid-to-fix-unsafe-get_pid.patch
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
