From: Robert Varga Date: Wed, 16 Sep 2009 06:49:21 +0000 (-0700) Subject: tcp: fix CONFIG_TCP_MD5SIG + CONFIG_PREEMPT timer BUG() X-Git-Tag: firefly_0821_release~11864^2~347 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=657e9649e745b06675aa5063c84430986cdc3afa;p=firefly-linux-kernel-4.4.55.git tcp: fix CONFIG_TCP_MD5SIG + CONFIG_PREEMPT timer BUG() I have recently came across a preemption imbalance detected by: <4>huh, entered ffffffff80644630 with preempt_count 00000102, exited with 00000101? <0>------------[ cut here ]------------ <2>kernel BUG at /usr/src/linux/kernel/timer.c:664! <0>invalid opcode: 0000 [1] PREEMPT SMP with ffffffff80644630 being inet_twdr_hangman(). This appeared after I enabled CONFIG_TCP_MD5SIG and played with it a bit, so I looked at what might have caused it. One thing that struck me as strange is tcp_twsk_destructor(), as it calls tcp_put_md5sig_pool() -- which entails a put_cpu(), causing the detected imbalance. Found on 2.6.23.9, but 2.6.31 is affected as well, as far as I can tell. Signed-off-by: Robert Varga Signed-off-by: David S. Miller --- diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c index 045bcfd3f288..624c3c9b3c2b 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c @@ -363,7 +363,7 @@ void tcp_twsk_destructor(struct sock *sk) #ifdef CONFIG_TCP_MD5SIG struct tcp_timewait_sock *twsk = tcp_twsk(sk); if (twsk->tw_md5_keylen) - tcp_put_md5sig_pool(); + tcp_free_md5sig_pool(); #endif }