[PATCH] hrtimers: fix posix-timer requeue race
From: Steven [email protected] <[email protected]>
CPU0 expires a posix-timer and runs the callback function. The signal is
queued.
After releasing the posix-timer lock and before returning to hrtimer_run_queue
CPU0 gets interrupted. CPU1 delivers the queued signal and rearms the timer.
CPU0 comes back to hrtimer_run_queue and sets the timer state to expired.
The next modification of the timer can result in an oops, because the state
information is wrong.
Keep track of state = RUNNING and check if the state has been in the return
path of hrtimer_run_queue. In case the state has been changed, ignore a
restart request and do not touch the state variable.
Signed-off-by: Steven Rostedt <[email protected]>
Signed-off-by: Thomas Gleixner <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
diff --git a/include/linux/hrtimer.h b/include/linux/hrtimer.h
index 089bfb1..c657f3d 100644
--- a/include/linux/hrtimer.h
+++ b/include/linux/hrtimer.h
@@ -40,6 +40,7 @@
enum hrtimer_state {
HRTIMER_INACTIVE, /* Timer is inactive */
HRTIMER_EXPIRED, /* Timer is expired */
+ HRTIMER_RUNNING, /* Timer is running the callback function */
HRTIMER_PENDING, /* Timer is pending */
};
