netbsd-bugs: kern/37093: itimer problems

Subject: kern/37093: itimer problems
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <ad@netbsd.org>
List: netbsd-bugs
Date: 10/09/2007 13:05:01

>Number:         37093
>Category:       kern
>Synopsis:       itimer problems
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Oct 09 13:05:01 +0000 2007
>Originator:     Andrew Doran
>Release:        NetBSD 4.99.32
>Organization:
The NetBSD Project
>Environment:
N/A
>Description:
itimers are fired from hardclock(). There are a few problems:

- itimer code run in process context has scant splsched() protection

- hardclock() is called w/o kernel_lock held and the code is not MP
  safe.

- itimerfire() may try to send signals with ksiginfo, which will
  use ksiginfo_pool and thus the VM system above IPL_VM.

>How-To-Repeat:
Code inspection.

>Fix:
- Defer sending signals to a soft interrupt.
- Spinlock the itimers.