Doru Petrescu wrote:
>
> also I don't understand how a race condition can occour since all
> functions that play with the lists has a spin_lock() arround them.
> Maybe is not someting wrong in the timers, maybe some other part of the
> kernel is doing the bad thing.
Yes. All it takes is this:
handler(foo)
{
stuff();
mod_timer(&foo->timer, whenever);
}
mainline()
{
del_timer(&foo->timer);
kfree(foo);
}
If the handler and mainline run at the same time
we will add a timer which is in freed memory. Later,
someone reuses that memory and changes it. The timer
list is corrupted.
Problem is, it seems that your machine is using
IPV4, TCP, IDE, netfilter and nothing else. Those
parts of the kernel don't have the above bug (well,
they didn't mid last year).
One really, really useful piece of information would
be the value of the `function' member of the corrupted
timer. Your debug code prints this out. Do you still
have the logs?
Was it ever non-zero?
If so, what function was it pointing at?
-
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Apr 15 2001 - 21:00:21 EST