ptrace: wait_task_zombie: do not account traced sub-threads

The bug is ancient.

If we trace the sub-thread of our natural child and this sub-thread exits,
we update parent->signal->cxxx fields.  But we should not do this until
the whole thread-group exits, otherwise we account this thread (and all
other live threads) twice.

Add the task_detached() check.  No need to check thread_group_empty(),
wait_consider_task()->delay_group_leader() already did this.

Signed-off-by: Oleg Nesterov <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Acked-by: Roland McGrath <[email protected]>
Cc: Stanislaw Gruszka <[email protected]>
Cc: Vitaly Mayatskikh <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>

diff --git a/kernel/exit.c b/kernel/exit.c
index 13ae64001fec08774f13653f619e7b9de95cbd1d..628d41f0dd54ed163e32f2d4d2e9ec6909ccd2ab 100644 (file)
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -1197,8 +1197,11 @@ static int wait_task_zombie(struct wait_opts *wo, struct task_struct *p)
        }
 
        traced = ptrace_reparented(p);
-
-       if (likely(!traced)) {
+       /*
+        * It can be ptraced but not reparented, check
+        * !task_detached() to filter out sub-threads.
+        */
+       if (likely(!traced) && likely(!task_detached(p))) {
                struct signal_struct *psig;
                struct signal_struct *sig;