[PATCH] fix send_sigqueue() vs thread exit race (e752dd6c) · Commits · e / devices / android_kernel_teracube_2e

kernel/posix-timers.c

+15 −13

Original line number	Diff line number	Diff line
		@@ -427,22 +427,24 @@ int posix_timer_event(struct k_itimer *timr,int si_private)
		timr->sigq->info.si_code = SI_TIMER;
		timr->sigq->info.si_tid = timr->it_id;
		timr->sigq->info.si_value = timr->it_sigev_value;

		if (timr->it_sigev_notify & SIGEV_THREAD_ID) {
		if (unlikely(timr->it_process->flags & PF_EXITING)) {
		struct task_struct *leader;
		int ret = send_sigqueue(timr->it_sigev_signo, timr->sigq,
		timr->it_process);

		if (likely(ret >= 0))
		return ret;

		timr->it_sigev_notify = SIGEV_SIGNAL;
		leader = timr->it_process->group_leader;
		put_task_struct(timr->it_process);
		timr->it_process = timr->it_process->group_leader;
		goto group;
		timr->it_process = leader;
		}
		return send_sigqueue(timr->it_sigev_signo, timr->sigq,
		timr->it_process);
		}
		else {
		group:

		return send_group_sigqueue(timr->it_sigev_signo, timr->sigq,
		timr->it_process);
		}
		}
		EXPORT_SYMBOL_GPL(posix_timer_event);

		/*

+12 −10

Original line number	Diff line number	Diff line
		@@ -1366,14 +1366,14 @@ send_sigqueue(int sig, struct sigqueue q, struct task_struct p)
		unsigned long flags;
		int ret = 0;

		/*
		* We need the tasklist lock even for the specific
		* thread case (when we don't need to follow the group
		* lists) in order to avoid races with "p->sighand"
		* going away or changing from under us.
		*/
		BUG_ON(!(q->flags & SIGQUEUE_PREALLOC));
		read_lock(&tasklist_lock);

		if (unlikely(p->flags & PF_EXITING)) {
		ret = -1;
		goto out_err;
		}

		spin_lock_irqsave(&p->sighand->siglock, flags);

		if (unlikely(!list_empty(&q->list))) {
		@@ -1400,8 +1400,10 @@ send_sigqueue(int sig, struct sigqueue q, struct task_struct p)

		out:
		spin_unlock_irqrestore(&p->sighand->siglock, flags);
		out_err:
		read_unlock(&tasklist_lock);
		return(ret);

		return ret;
		}

		int