Oleg Nesterov <o...@redhat.com> writes:
> On 03/10, Eric W. Biederman wrote:
>>
>> /* If global init has exited,
>> * panic immediately to get a useable coredump.
>> */
>> if (unlikely(is_global_init(tsk) &&
>> (thread_group_empty(tsk) ||
>> (tsk->signal->flags & SIGNAL_GROUP_EXIT)))) {
>> panic("Attempted to kill init! exitcode=0x%08x\n",
>> tsk->signal->group_exit_code ?: (int)code);
>> }
>>
>> The thread_group_empty test is needed to handle single threaded
>> inits.
>
> But we can't rely on thread_group_empty(). Just suppose that the main
> thread exit first, then the 2nd (last) thread exits too.
It took me a minute. I think you are pointing out that there is a case
where we do not set SIGNAL_GROUP_EXIT and that init actually exits.
The case where all of the threads do pthread_exit() aka do_exit().
I think that implies that to have a comprehensive test would
need to do:
group_dead = atomic_dec_and_test(&tsk->signal->live);
/* If global init has exited,
* panic immediately to get a useable coredump.
*/
if (unlikely(is_global_init(tsk) &&
(group_dead || thread_group_empty(tsk) ||
(tsk->signal->flags & SIGNAL_GROUP_EXIT)))) {
panic("Attempted to kill init! exitcode=0x%08x\n",
tsk->signal->group_exit_code ?: (int)code);
}
Leaving the test where it is. Yes. I think that should work.
Eric
