[PATCH] posix timers: timer_delete: remove the bogus "->it_process != NULL" check

From: Oleg Nesterov
Date: Fri Jul 25 2008 - 04:47:26 EST

Next message: Oleg Nesterov: "[PATCH] posix timers: release_posix_timer: kill the bogus put_task_struct(->it_process);"
Previous message: Hugh Dickins: "[PATCH] exec: remove some includes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ Upstream commit 4b7a1304267bff68260ae861784b27130e805be3 ]

sys_timer_delete() and itimer_delete() check "timer->it_process != NULL",
this looks completely bogus. ->it_process == NULL means that this timer
is already under destruction or it is not fully initialized, this must not
happen.

sys_timer_delete: the timer is locked, and lock_timer() can't succeed
if ->it_process == NULL.

itimer_delete: it is called by exit_itimers() when there are no other
threads which can play with signal_struct->posix_timers.

Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
Acked-by: Roland McGrath <roland@xxxxxxxxxx>
Cc: john stultz <johnstul@xxxxxxxxxx>
Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Cc: Roland McGrath <roland@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
CC: Oliver Pinter <oliver.pntr@xxxxxxxxx>

diff --git a/kernel/posix-timers.c b/kernel/posix-timers.c
index dbd8398..17f5326 100644
--- a/kernel/posix-timers.c
+++ b/kernel/posix-timers.c
@@ -856,11 +856,10 @@ retry_delete:
* This keeps any tasks waiting on the spin lock from thinking
* they got something (see the lock code above).
*/
- if (timer->it_process) {
- if (timer->it_sigev_notify == (SIGEV_SIGNAL|SIGEV_THREAD_ID))
- put_task_struct(timer->it_process);
- timer->it_process = NULL;
- }
+ if (timer->it_sigev_notify == (SIGEV_SIGNAL|SIGEV_THREAD_ID))
+ put_task_struct(timer->it_process);
+ timer->it_process = NULL;
+
unlock_timer(timer, flags);
release_posix_timer(timer, IT_ID_SET);
return 0;
@@ -885,11 +884,10 @@ retry_delete:
* This keeps any tasks waiting on the spin lock from thinking
* they got something (see the lock code above).
*/
- if (timer->it_process) {
- if (timer->it_sigev_notify == (SIGEV_SIGNAL|SIGEV_THREAD_ID))
- put_task_struct(timer->it_process);
- timer->it_process = NULL;
- }
+ if (timer->it_sigev_notify == (SIGEV_SIGNAL|SIGEV_THREAD_ID))
+ put_task_struct(timer->it_process);
+ timer->it_process = NULL;
+
unlock_timer(timer, flags);
release_posix_timer(timer, IT_ID_SET);
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oleg Nesterov: "[PATCH] posix timers: release_posix_timer: kill the bogus put_task_struct(->it_process);"
Previous message: Hugh Dickins: "[PATCH] exec: remove some includes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]