* Race condition in fs/proc/array.c with task->comm
@ 2003-06-29 14:27 Corey Minyard
0 siblings, 0 replies; only message in thread
From: Corey Minyard @ 2003-06-29 14:27 UTC (permalink / raw)
To: linux-kernel
I searched for something about this, and I couldn't find anything.
I was having a problem with "top" crashing occasionally, so I looked,
and top was getting nil characters in the process name in
/proc/<pid>/stat. It turns out that there is a race condition when
generating the output for task->comm. If the task "execs" during this
time, it copies a new name into task->comm. When generating
/proc/<pid>/stat, it uses sprintf to copy the string. However, if the
data is changing in task->comm during this time, the results can be
corrupted, including putting nil characters into the string.
This seems to be a problem in all version of the kernel I looked at
(various 2.4 and 2.5 releases). I have only tested the problem in 2.4.20.
I can think it two main ways to fix this. You can:
* Make a local copy of task->comm. The results might still be wrong,
but it will not contain nil characters.
* Use locks so the data is consistent.
I can fix this and supply a patch, but I'd like suggestions on which
path to take. If suggesting a lock, should I create a new lock, or is
there an existing lock I can use?
Thanks,
-Corey
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-06-29 14:11 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-06-29 14:27 Race condition in fs/proc/array.c with task->comm Corey Minyard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox