| To: | Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: KERNEL: assertion (!atomic_read(&sk->sk_rmem_alloc)) failed at net/netlink/af_netlink.c (126) |
| From: | "David S. Miller" <davem@xxxxxxxxxxxxx> |
| Date: | Wed, 30 Mar 2005 17:02:36 -0800 |
| Cc: | mingo@xxxxxxx, netdev@xxxxxxxxxxx, linux-net@xxxxxxxxxxxxxxx, olel@xxxxxx |
| In-reply-to: | <20050330082640.GA8269@xxxxxxxxxxxxxxxxxxx> |
| References: | <20050327091524.GA23215@xxxxxxx> <E1DFUaZ-0001Hg-00@xxxxxxxxxxxxxxxxxxxxxxxx> <20050327133811.GA5569@xxxxxxx> <20050329104906.GA19836@xxxxxxxxxxxxxxxxxxx> <20050329114926.GA14986@xxxxxxx> <20050330082640.GA8269@xxxxxxxxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Wed, 30 Mar 2005 18:26:40 +1000 Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote: > In netlink_dump we're operating on sk after dropping the cb lock. > This is racy because the owner of the socket could close it after > we drop the cb lock. > > This is possible because netlink_dump isn't always called from the > context of the process that owns the socket. For instance, if there > is contention on rtnl then rtnetlink requests will be processed by > the process that owns the rtnl. > > The solution is to hold a ref count on the socket before we drop > the cb lock. > > Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Applied, thanks Herbert. Looks like 2.4.x needs the same fix, correct? |
| Previous by Date: | Re: cls_u32 compile failure in current 2.6.12-rc1+BK tree, David S. Miller |
|---|---|
| Next by Date: | Re: KERNEL: assertion (!atomic_read(&sk->sk_rmem_alloc)) failed at net/netlink/af_netlink.c (126), Herbert Xu |
| Previous by Thread: | Re: KERNEL: assertion (!atomic_read(&sk->sk_rmem_alloc)) failed at net/netlink/af_netlink.c (126), Herbert Xu |
| Next by Thread: | Re: KERNEL: assertion (!atomic_read(&sk->sk_rmem_alloc)) failed at net/netlink/af_netlink.c (126), Herbert Xu |
| Indexes: | [Date] [Thread] [Top] [All Lists] |