Re: [PATCH] Fix a race in pid generation that causes pids to bereused immediately.

From: Linus Torvalds
Date: Wed Jun 09 2010 - 13:24:27 EST

On Wed, 9 Jun 2010, tytso@xxxxxxx wrote:
> This brings up a question. If we're going to use a cmpxchg() loop, is
> there any point to doing the test-and-set game with the bitmap?

I think there very much is.

Otherwise you have three threads, two of which pick the same pid (because
the test-and-set isn't atomic), and a third of which picks a new one. The
cmpxchg succeeds (the third one wins, and everybody picks that winner),
but you only expanded the map by two entries, and you're going to return
the same pid nr to two people.

So the cmpxchg only protects "last_pid". It does _not_ in any way protect
the pid we're actually going to return.

Or am I missing something?

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at