Alexey Kuznetsov found some problems in the pi-futex code. One of the root causes is: When a wakeup happens, we do not to stop the chain walk so we we follow a non existing locking chain. Drop out when this happens. Signed-off-by: Thomas Gleixner Acked-by: Ingo Molnar --- kernel/rtmutex.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) Index: linux-2.6.21/kernel/rtmutex.c =================================================================== --- linux-2.6.21.orig/kernel/rtmutex.c 2007-06-08 11:56:10.000000000 +0200 +++ linux-2.6.21/kernel/rtmutex.c 2007-06-08 11:56:10.000000000 +0200 @@ -212,6 +212,19 @@ static int rt_mutex_adjust_prio_chain(st if (!waiter || !waiter->task) goto out_unlock_pi; + /* + * Check the orig_waiter state. After we dropped the locks, + * the previous owner of the lock might have released the lock + * and made us the pending owner: + */ + if (orig_waiter && !orig_waiter->task) + goto out_unlock_pi; + + /* + * Drop out, when the task has no waiters. Note, + * top_waiter can be NULL, when we are in the deboosting + * mode! + */ if (top_waiter && (!task_has_pi_waiters(task) || top_waiter != task_top_pi_waiter(task))) goto out_unlock_pi; -- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/