From 932aeafbe8521a9a9d790152d66020e0fef2029b Mon Sep 17 00:00:00 2001 From: Oleg Nesterov Date: Sun, 30 Oct 2005 15:02:17 -0800 Subject: [PATCH] [PATCH] fix de_thread vs it_real_fn() deadlock de_thread() calls del_timer_sync(->real_timer) under ->sighand->siglock. This is deadlockable, it_real_fn sends a signal and needs this lock too. Also, delete unneeded ->real_timer.data assignment. Signed-off-by: Oleg Nesterov Cc: Roland McGrath Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/exec.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/exec.c b/fs/exec.c index 1de69cdc0e6c..fc02dadc604a 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -641,8 +641,10 @@ static inline int de_thread(struct task_struct *tsk) * before we can safely let the old group leader die. */ sig->real_timer.data = (unsigned long)current; + spin_unlock_irq(lock); if (del_timer_sync(&sig->real_timer)) add_timer(&sig->real_timer); + spin_lock_irq(lock); } while (atomic_read(&sig->count) > count) { sig->group_exit_task = current; @@ -654,7 +656,6 @@ static inline int de_thread(struct task_struct *tsk) } sig->group_exit_task = NULL; sig->notify_count = 0; - sig->real_timer.data = (unsigned long)current; spin_unlock_irq(lock); /*