Re: [3.1] Divide by zero in __tcp_select_window()

[Simon Kirby]

On Mon, Nov 14, 2011 at 03:36:08PM -0500, David Miller wrote:

> From: Eric Dumazet <eric.dumazet@xxxxxxxxx>
> Date: Tue, 08 Nov 2011 22:23:25 +0100
> 
> > OK, it seems we let a timer running while we free the socket (same error
> > path than your previous bug report, because of the NULL route)
> > 
> > We arm this keepalive timer in tcp_create_openreq_child()
> > 
> > net/ipv4/tcp_minisocks.c:513
> > 	if (sock_flag(newsk, SOCK_KEEPOPEN))
> > 		inet_csk_reset_keepalive_timer(newsk,
> > 			keepalive_time_when(newtp));
> > 
> > I would try to add a call to tcp_clear_xmit_timers() as well
> > 
> > Please try following patch :
> 
> We've been waiting quite some time to get some testing validation on
> this patch, but I think it's correct.
> 
> Eric can you formally submit this?  Thanks!

Sorry, I'm still testing slowly, with the "crash into the new kernel"
method. :) I'll reboot the rest shortly, but so far no recurrences on
boxes running with this fix, and no other problems noted with it applied.

Simon-
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/