x86_64 system lockup from userspace using setitimer()

From: Johannes Bauer
Date: Tue Mar 13 2007 - 14:55:52 EST


Dear Community,

I think I've encountered a bug with the Linux kernel which results in a complete system lockup and which can be started without root priviliges. It's reproducible with 2.6.20.1 and 2.6.20.2 and only x64_64 seems affected.

Here's the code which triggers the bug (originally found by me using an only partly initialized "struct itimerval" structure - hence the strange values in it_interval):

-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----
#include <stdio.h>
#include <sys/time.h>
#include <unistd.h>

int main(int argc, char **argv) {
struct itimerval tim = {
.it_interval = {
.tv_sec = 140735669863712,
.tv_usec = 4199521
},
.it_value = {
.tv_sec = 0,
.tv_usec = 100000
}
};
setitimer(ITIMER_REAL, &tim, NULL);
while (1) sleep(1);
return 0;
}
-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----8<-----

Compiled with gcc 4.1.1 with "gcc -O2 -Wall -o crash crash.c".

The sourcecode can be found at http://www.johannes-bauer.com/crash/crash.c and my kernel configuration is at http://www.johannes-bauer.com/crash/config

Any further questions: feel free to ask. Please CC me for any posts in this thread.

Greetings,
Johannes

--
"A PC without Windows is like a chocolate cake without mustard."

Johannes Bauer
91054 Erlangen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/