On Sat, 25 Dec 2010 03:33:23 +0100
Mike Galbraith
Eyeballs fingered the bad thing spot before my dog slow download finished, and Peter has subsequently confirmed/plugged the hole.
And in plain english this means: "it is fixed in kernel-*-2.6.xxx.yyy-zzz.rpm" for which xxx, yyy and zzz? Or for which rpm changelog entry do we need to look? ;)
Problem was cgroup_exit() assigning exiting tasks to the root task group without actually moving it. In a CONFIG_PREEMPT kernel, preemption after that assignment means you'll be enqueued on the cgroup cfs_rq, which can go away if you were the last task with a reference. When you get back to the CPU, boom, use after free.
Oops, nasty one. Lucky me it has only hit me on test-VMs and never on my production laptop which is running fine the last few weeks. Thanks -- Stefan Seyfried "Dispatch war rocket Ajax to bring back his body!" -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-factory+help@opensuse.org