[PATCH] Fix /proc access to dead thread group list oops

The pid_alive() check within the loop is incorrect. If we are within the tasklist lock and the thread group leader is valid then the thread chain will be fully intact. Instead, the check should be _outside_ the loop, since if the group leader no longer exists, the whole list is gone and we must not try to access it. Move the check around, and add comment. Bug-hunting and fix by Srivatsa Vaddagiri
author: Ingo Molnar <mingo@elte.hu> 2003-12-02 20:59:12 -0800
committer: Linus Torvalds <torvalds@home.osdl.org> 2003-12-02 20:59:12 -0800
commit: 2452eef0112aef133caeaebfaf34b34b9eebd572 (patch)
tree: e81c7969d12531cadc51d976d5f4387cc5a01a23 /fs/proc
parent: 4d878fe361eaca6f95fe09e20682a7d6e7e13d62 (diff)
1 files changed, 7 insertions, 3 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 3cc64eb275b1..9da127ff6c4f 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1666,10 +1666,14 @@ static int get_tid_list(int index, unsigned int *tids, struct inode *dir)
 
 	index -= 2;
 	read_lock(&tasklist_lock);
-	do {
+	/*
+	 * The starting point task (leader_task) might be an already
+	 * unlinked task, which cannot be used to access the task-list
+	 * via next_thread().
+	 */
+	if (pid_alive(task)) do {
 		int tid = task->pid;
-		if (!pid_alive(task))
-			continue;
+
 		if (--index >= 0)
 			continue;
 		tids[nr_tids] = tid;
author	Ingo Molnar <mingo@elte.hu>	2003-12-02 20:59:12 -0800
committer	Linus Torvalds <torvalds@home.osdl.org>	2003-12-02 20:59:12 -0800
commit	2452eef0112aef133caeaebfaf34b34b9eebd572 (patch)
tree	e81c7969d12531cadc51d976d5f4387cc5a01a23 /fs/proc
parent	4d878fe361eaca6f95fe09e20682a7d6e7e13d62 (diff)