aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOleg Nesterov <oleg@tv-sign.ru>2007-08-22 17:01:58 -0400
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-08-22 22:52:47 -0400
commitabd96ecb298675a21c412a29f5de2f80174d5f18 (patch)
tree5fb722fcfc224bf3e69a06a9e87d8fe56e1a6548
parent5c076fce2e217240b44bc753a5ec8ecd379c6eb9 (diff)
exec: kill unsafe BUG_ON(sig->count) checks
de_thread: if (atomic_read(&oldsighand->count) <= 1) BUG_ON(atomic_read(&sig->count) != 1); This is not safe without the rmb() in between. The results of two correctly ordered __exit_signal()->atomic_dec_and_test()'s could be seen out of order on our CPU. The same is true for the "thread_group_empty()" case, __unhash_process()'s changes could be seen before atomic_dec_and_test(&sig->count). On some platforms (including i386) atomic_read() doesn't provide even the compiler barrier, in that case these checks are simply racy. Remove these BUG_ON()'s. Alternatively, we can do something like BUG_ON( ({ smp_rmb(); atomic_read(&sig->count) != 1; }) ); Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Cc: Roland McGrath <roland@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--fs/exec.c3
1 files changed, 0 insertions, 3 deletions
diff --git a/fs/exec.c b/fs/exec.c
index af4361c927a9..c21a8cc06277 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -784,7 +784,6 @@ static int de_thread(struct task_struct *tsk)
784 * and we can just re-use it all. 784 * and we can just re-use it all.
785 */ 785 */
786 if (atomic_read(&oldsighand->count) <= 1) { 786 if (atomic_read(&oldsighand->count) <= 1) {
787 BUG_ON(atomic_read(&sig->count) != 1);
788 signalfd_detach(tsk); 787 signalfd_detach(tsk);
789 exit_itimers(sig); 788 exit_itimers(sig);
790 return 0; 789 return 0;
@@ -929,8 +928,6 @@ no_thread_group:
929 if (leader) 928 if (leader)
930 release_task(leader); 929 release_task(leader);
931 930
932 BUG_ON(atomic_read(&sig->count) != 1);
933
934 if (atomic_read(&oldsighand->count) == 1) { 931 if (atomic_read(&oldsighand->count) == 1) {
935 /* 932 /*
936 * Now that we nuked the rest of the thread group, 933 * Now that we nuked the rest of the thread group,