document while_each_thread(), change first_tid() to use for_each_thread()

Add the comment to explain that while_each_thread(g,t) is not rcu-safe
unless g is stable (e.g.  current).  Even if g is a group leader and thus
can't exit before t, t or another sub-thread can exec and remove g from
the thread_group list.

The only lockless user of while_each_thread() is first_tid() and it is
fine in that it can't loop forever, yet for_each_thread() looks better and
I am going to change while_each_thread/next_thread.

Link: https://lkml.kernel.org/r/20230823170806.GA11724@redhat.com
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 05452c3b9872bd00aee5c739d5e865c46d892a2a..483a3edebdd175938fb212066c190c00263e7d34 100644 (file)
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -3813,11 +3813,10 @@ static struct task_struct *first_tid(struct pid *pid, int tid, loff_t f_pos,
        /* If we haven't found our starting place yet start
         * with the leader and walk nr threads forward.
         */
-       pos = task = task->group_leader;
-       do {
+       for_each_thread(task, pos) {
                if (!nr--)
                        goto found;
-       } while_each_thread(task, pos);
+       };
 fail:
        pos = NULL;
        goto out;

diff --git a/include/linux/sched/signal.h b/include/linux/sched/signal.h
index 0deebe2ab07d6bc0fde60c178d2917255bb92cd9..0014d3adaf8460b03b4ad2e4ccaf97b17b7a8884 100644 (file)
--- a/include/linux/sched/signal.h
+++ b/include/linux/sched/signal.h
@@ -648,6 +648,10 @@ extern void flush_itimer_signals(void);
 
 extern bool current_is_single_threaded(void);
 
+/*
+ * Without tasklist/siglock it is only rcu-safe if g can't exit/exec,
+ * otherwise next_thread(t) will never reach g after list_del_rcu(g).
+ */
 #define while_each_thread(g, t) \
        while ((t = next_thread(t)) != g)