Re: 2.6.11-rc3-mm2: lockup in sys_timer_settime

[Alexander Nyberg]

> When running a Posix conformance test (from posixtestsuite), the kernel
> locks up with:
> 
> BUG: soft lockup detected on CPU#0
> 
> Pid:  1873, comm: 10-1.test
> EIP: 0060:[<c0126fda>] CPU: 0
> EIP is at sys_timer_settime+0xfa+0x1f0
>  EFLAGS: 00000282  Not tainted (2.6.11-rc3-mm2)
> EAX: 00000282 EBX: 00000001 ECX: ffffffff EDX: 00000000
> ESI: 00000000 EDI: 00000000 EBP: f17eafbc DS: 007b ES: 007b
> CR0: 8005003b CR2: b7fac1f0 CR3: 311b3000 CR4: 000006d0
> 
> in test conformance/interfaces/timer_create/10-1.c (attached).
> 
> It doesn't lockup with 2.6.11-rc4; I notice the rc3-mm2 has a lot of
> Posix-timer related changes.

Hi Roland

The problem arises from code touching the union in alloc_posix_timer() 
which makes firing go non-zero. When firing is checked in posix_cpu_timer_set()
it will be positive causing an infinite loop.

So either the below fix or preferably move the INIT_LIST_HEAD(x) from alloc_posix_timer()
to somewhere later where it doesn't disturb the other union members.


Index: linux-2.6.10/kernel/posix-cpu-timers.c
===================================================================
--- linux-2.6.10.orig/kernel/posix-cpu-timers.c	2005-02-20 22:23:30.000000000 +0100
+++ linux-2.6.10/kernel/posix-cpu-timers.c	2005-02-20 22:27:03.000000000 +0100
@@ -323,6 +323,7 @@
 	INIT_LIST_HEAD(&new_timer->it.cpu.entry);
 	new_timer->it.cpu.incr.sched = 0;
 	new_timer->it.cpu.expires.sched = 0;
+	new_timer->it.cpu.firing = 0;
 
 	read_lock(&tasklist_lock);
 	if (CPUCLOCK_PERTHREAD(new_timer->it_clock)) {


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/