[BUG] [3d RESEND] de_thread()

From: Oleg Nesterov (oleg@tv-sign.ru)
Date: Wed Oct 16 2002 - 09:32:10 EST


On Thu, 10 Oct 2002, Oleg Nesterov wrote:
> Suppose process P in thread group was cloned _without_
> CLONE_DETACHED flag. Then another thread, group_leader
> for simplicity, does exec and calls de_thread(). It kills
> P via _broadcast_thread_group(). While doing do_exit(),
> P skips release_task(), because its exit_signal != -1,
> and becomes TASK_ZOMBIE.
> Then leader calls schedule() with TASK_UNINTERRUPTIBLE
> in while(oldsig->count > 1) {...} and sleeps forever,
> because nobody can do wake_up_process(sig->group_exit_task).

This program should hang leaving task in D state.

#include <unistd.h>
#include <signal.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>
#include <asm/unistd.h>

#define CLONE_SIGHAND 0x00000800
#define CLONE_THREAD 0x00010000

#define __NR_sys_clone __NR_clone

static inline _syscall2(int,sys_clone, int,flag, void*,stack)

int main(void)
        static char stack[1024];
        int pid = sys_clone(CLONE_THREAD | CLONE_SIGHAND | SIGCHLD, stack);

        if (pid < 0) {
                printf("ERR!! clone: %s.\n", strerror(errno));
                return -1;

        if (pid == 0) _exit(0);

        execlp("echo", "echo", "Should not happen.", 0);
        printf("ERR!! exec: %s.\n", strerror(errno));

        return 0;

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:28 EST