Re: Possible bug introduced in commit 9b84cca

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Oleg Nesterov <oleg@redhat.com>
To: Denys Vlasenko <vda.linux@googlemail.com>
Cc: "Tejun Heo" <tj@kernel.org>,
	"Denys Vlasenko" <dvlasenk@redhat.com>,
	linux-kernel@vger.kernel.org,
	"Łukasz Michalik" <lmi@ift.uni.wroc.pl>,
	"Dmitry V. Levin" <ldv@altlinux.org>
Subject: Re: Possible bug introduced in commit 9b84cca
Date: Thu, 29 Dec 2011 13:05:07 +0100	[thread overview]
Message-ID: <20111229120506.GA23653@redhat.com> (raw)
In-Reply-To: <20111229113245.GA18062@redhat.com>

On 12/29, Oleg Nesterov wrote:
>
> On 12/28, Denys Vlasenko wrote:
> >
> > Looks like after commit 9b84cca, waitpid under strace
> > sometimes returns bogus ECHILD while child does exist.
> >
> > I did not yet confirm that the bug appeared exactly
> > at this commit - Łukasz says that.
> >
> > I confirmed that bug exists on kernels 3.1.6 (in Fedora)
> > and 3.1.0-rc4 (vanilla).
> >
> > We have a testcase which spawns N threads, each of them
> > performs an infinite loop "fork, exit in child, waitpid
> > in parent for the child". When straced, sometimes waitpid
> > returns ECHILD.
>
> You mean, the natural parent gets ECHILD, not strace?
>
> > The key part is here:
> >
> > 931   clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xf763dbd8) = 1048
> > 1048  exit_group(42)                    = ?
> > 931   waitpid(1048,  <unfinished ...>
> > 1048  +++ exited with 42 +++
> > 931   <... waitpid resumed> 0xf763d3a0, 0) = -1 ECHILD (No child processes)
>
> Argh. I seem to understand
>
> I didn't check, but I think the offending commit is 823b018e5b1196d8
> "job control: Small reorganization of wait_consider_task()".
>
> ptracer sees EXIT_ZOMBIE and temporary sets EXIT_DEAD, this fools
> the ->real_parent.
>
> I need to think. The fix should be simple, but perhaps it is the
> time to kill EXIT_DEAD altogether. I'll try to make the patch
> after vacation. In the next year ;)
>
> Thanks a lot Denys!

I've made the simple test-case, it triggers the bug.

Oleg.

#include <sys/ptrace.h>
#include <sys/wait.h>
#include <unistd.h>
#include <stdio.h>
#include <assert.h>

int main(void)
{
	int pid, status;

	pid = fork();
	if (!pid) {
		for (;;) {
			if (!fork())
				return 0x23;
			assert(waitpid(-1, &status, 0) > 0);
			assert(status == 0x2300);
		}
	}

	assert(ptrace(PTRACE_ATTACH, pid, 0,0) == 0);
	assert(waitpid(-1, NULL, 0) == pid);

	assert(ptrace(PTRACE_SETOPTIONS, pid, 0, PTRACE_O_TRACEFORK) == 0);

	for (;;) {
		ptrace(PTRACE_CONT, pid, 0, 0);
		pid = waitpid(-1, NULL, 0);
		assert(pid > 0);
	}

	return 0;
}

next prev parent reply	other threads:[~2011-12-29 12:10 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-12-28 18:55 Possible bug introduced in commit 9b84cca Denys Vlasenko
2011-12-28 21:07 ` Denys Vlasenko
2011-12-28 21:23   ` Łukasz Michalik
2011-12-29 11:32 ` Oleg Nesterov
2011-12-29 12:05   ` Oleg Nesterov [this message]
2012-01-03 14:29     ` Oleg Nesterov
2012-01-03 15:44       ` ptrace fixes for 3.2 Oleg Nesterov
2012-01-03 16:30         ` Tejun Heo
2012-01-03 17:09           ` Oleg Nesterov
2012-01-03 19:18             ` Tejun Heo
2012-01-04 11:35               ` Oleg Nesterov
2012-01-04 15:31                 ` Tejun Heo
2012-01-04 15:59                   ` Oleg Nesterov
2012-01-03 16:51         ` Denys Vlasenko
2012-01-04  9:00           ` Łukasz Michalik

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20111229120506.GA23653@redhat.com \
    --to=oleg@redhat.com \
    --cc=dvlasenk@redhat.com \
    --cc=ldv@altlinux.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lmi@ift.uni.wroc.pl \
    --cc=tj@kernel.org \
    --cc=vda.linux@googlemail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.