[PATCH] Thread group exit problem reappeared

A long time ago there was thread group code that at exit time tried to
reparent a task to another task in the thread group.  I discovered a major
race condition in this code, and submitted a patch that removed it.  This
patch was accepted in, I think, 2.4.12.  The code reappeared in 2.4.18 and
sometime in the 2.5 tree before 2.5.15, breaking applications that use
thread groups.

As part of chasing this down, I figured out a way to remove the race
condition while still preserving this behavior.  I've attached a patch
against 2.5.15 that fixes it.

diff --git a/kernel/exit.c b/kernel/exit.c
index e0c0e7405effffb4f2e49a8d49f976ac5030ef23..be0df7d2276c5f1b0e04daf8680e0ed638d5e639 100644 (file)
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -231,7 +231,7 @@ void daemonize(void)
 
 /*
  * When we die, we re-parent all our children.
- * Try to give them to another thread in our process
+ * Try to give them to another thread in our thread
  * group, and if no such member exists, give it to
  * the global child reaper process (ie "init")
  */
@@ -241,8 +241,14 @@ static inline void forget_original_parent(struct task_struct * father)
 
        read_lock(&tasklist_lock);
 
-       /* Next in our thread group */
-       reaper = next_thread(father);
+       /* Next in our thread group, if they're not already exiting */
+       reaper = father;
+       do {
+               reaper = next_thread(reaper);
+               if (!(reaper->flags & PF_EXITING))
+                       break;
+       } while (reaper != father);
+
        if (reaper == father)
                reaper = child_reaper;