On 07/23, Jeremy Katz wrote: > > On Fri, 20 Jul 2007, Oleg Nesterov wrote: > > >I still can't believe we have a double-free problem, this looks imposiible. > >Do you see the > > > > "idr_remove called for id=%d which is not allocated.\n" > > > >in syslog? > > No. I also added some accounting with atomic counters, and don't see > evidence of a second call to release_posix_timer.
Interesting. Could you show the patch? Where does sys_timer_create() set counter == 1? > >Could you try the patch below? Perhaps we have some wierd problem with > >->sigq corruption. > > Tried, with apparent effect. You mean, "null pointer dereference" in release_posix_timer() ? Or it was BUG_ON(timr && !timr->sigq) in lock_timer() ? I assume you didn't apply any other patches except Thomas's, yes? Oleg. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
