Re: [RFC][PATCH][2.5] Possible race in wait_task_zombie and finish_task_switch

From: Manfred Spraul (manfred@colorfullife.com)
Date: Sun May 25 2003 - 06:29:12 EST

Next message: Andrew Morton: "2.5.69-mm9"
Previous message: Mitch: "Linux 2.4.21-rc3, writing to /dev/console returns ESPIPE"
In reply to: Mika Penttilä: "Re: [RFC][PATCH][2.5] Possible race in wait_task_zombie and finish_task_switch"
Next in thread: Zwane Mwaikambo: "Re: [RFC][PATCH][2.5] Possible race in wait_task_zombie andfinish_task_switch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Do we have an idea which reference is miscounted? It seems that there are 4 different kinds of references to a task structure:

- the reference for the stack itself, acquired by setting usage to 2, dropped by schedule_tail.
- the reference for wait4, acquired by setting usage to 2, dropped by wait_task_zombie.
- references for the pid structures, maintained by pid.c
- temporary references for looking at tsk->{fs,mm,files,tty}, used by /proc, ptrace, tty.

kernel BUG at kernel/sched.c:746!

Hmm. What is schedule.c:746? There is no BUG in that area in the bk tree.

Zwane, is it easy to reproduce the crash? I could write a patch that adds 4 refcounters, then we could find out in which area we must look.

--
Manfred

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "2.5.69-mm9"
Previous message: Mitch: "Linux 2.4.21-rc3, writing to /dev/console returns ESPIPE"
In reply to: Mika Penttilä: "Re: [RFC][PATCH][2.5] Possible race in wait_task_zombie and finish_task_switch"
Next in thread: Zwane Mwaikambo: "Re: [RFC][PATCH][2.5] Possible race in wait_task_zombie andfinish_task_switch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]