On Mon, 2015-07-20 at 19:14 +0000, subas...@codeaurora.org wrote: > >> //Initialize time wait socket and setup timer > >> inet_twsk_alloc() tw_refcnt = 0 > >> __inet_twsk_hashdance() tw_refcnt = 3 > >> inet_twsk_schedule() tw_refcnt = 4 > >> inet_twsk_put() tw_refcnt = 3 > >> > >> //Receive packet 1 in timewait state > >> tcp_timewait_state_process() -> inet_twsk_schedule tw_refcnt = 3 (no > >> change) > > > > This is obviously wrong. > > > > If a timewait socket is found, do we increment its refcnt before > > proceeding. > We do not increment refcount currently when we find a timewait socket.
Actually we do increment refcnt, for every socket found in ehash. Carefully read again __inet_lookup_established() This code is generic for ESTABLISH and TIME-WAIT sockets If you found a code that performed the lookup without taking the refcnt, please point me at it, this would be a serious bug. > > > I've received some private mails about tw issues, that turned to be > > caused by buggy drivers or buggy arch specific code. > > > > Are you crashed observed on x86 ? > > > This is observed on ARM devices. In the current debug, all time wait > socket refcount changes were happening in TCP stack only and there was no > platform / driver code involved. > > According to my understanding, we would need to increment the time wait > socket refcount first before proceeding with any subsequent operations. > However, I request your expert opinion on this. Is it some Android kernel ? Android had private modules that needed an update in 3.18 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
