From: Matt Wilson <msw@redhat.com>

The change to detach the threads in zap_other_threads() broke the case
where the non-thread-group-leader is the cause of de_thread().  In this
case the group leader will be detached and freed before switch_exec_pids()
is complete and invalid data will be used.  This is a patch that makes sure
that the group leader does not get detached and reaped.




 kernel/signal.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff -puN kernel/signal.c~zap_other_threads-fix kernel/signal.c
--- 25/kernel/signal.c~zap_other_threads-fix	2003-08-09 13:07:35.000000000 -0700
+++ 25-akpm/kernel/signal.c	2003-08-09 13:07:35.000000000 -0700
@@ -1016,9 +1016,11 @@ void zap_other_threads(struct task_struc
 		 * killed as part of a thread group due to another
 		 * thread doing an execve() or similar. So set the
 		 * exit signal to -1 to allow immediate reaping of
-		 * the process.
+		 * the process.  But don't detach the thread group
+		 * leader.
 		 */
-		t->exit_signal = -1;
+		if (t != p->group_leader)
+			t->exit_signal = -1;
 
 		sigaddset(&t->pending.signal, SIGKILL);
 		rm_from_queue(SIG_KERNEL_STOP_MASK, &t->pending);

_