Re: BUG: IPv4: Attempt to release TCP socket in state 1

From: Eric Dumazet
Date: Sun Mar 17 2013 - 12:52:59 EST

On Sun, 2013-03-17 at 09:33 -0700, Eric Dumazet wrote:
> On Sun, 2013-03-17 at 02:21 -0700, dormando wrote:
> > Hope you don't mind a screenshot:
> >
> >
> > (I put the patches on 3.8.2). box is on another continent so screenshot
> > via IPMI is what I get. If this isn't enough or isn't right I'll try
> > harder to get the trace logged, I guess?
> Thanks a lot, this gives another useful input, no need for more traces
> for the moment.
> Could you send me the disassembly of tcp_release_cb() ?
> (objdump -d vmlinux | filter to get tcp_release_cb() body)

It seems we can have a refcnt imbalance because of

atomic_set(&newsk->sk_refcnt, 2);

we do in sk_clone_lock()

Somehow, something is wrong, because at this point the socket should not
be found.

We perform a sock_hold() somewhere while the socket is already dead.

I'll send a patch asap

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at