I found since 2.6.25 kernels, uml crashes when it calls down() on a semaphore with
zero counter. Here is some example code.

static struct semaphore test_sem;
static int testfunc(NULL)
        interruptible_sleep_on_timeout(&sleep_queue, 5 * HZ); // after some short period
        up(&test_sem); // up the semaphore

static int parent_func(unsigned argc, char **argv)
        sema_init(&test_sem, 0); // init semaphore with zero counter
        kernel_thread((void *)testfunc, target, CLONE_FILES); // create a thread that will up the semaphore
        down_interruptible(&test_sem); // SHOULD wait here until testfunc up the semaphore

Our kernel module has used this kind of code to synchronize different kernel threads.
It runs fine on real machine and old uml kernels, but crashes on uml. I tried the
latest kernel, and still saw the same problem. It seems to have something to
do with uml's signal handling. Does anyone know what changes in 2.6.25 uml code that
may cause the problem? Thanks a lot!