From 995110143880fd9cb255fa5df05f8950c56fb43a Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Sun, 19 Feb 2006 22:11:50 -0800 Subject: [PATCH] [XFRM]: Fix policy double put The policy is put once immediately and once at the error label, which results in the following Oops: kernel BUG at net/xfrm/xfrm_policy.c:250! invalid opcode: 0000 [#2] PREEMPT [...] CPU: 0 EIP: 0060:[] Not tainted VLI EFLAGS: 00210246 (2.6.16-rc3 #39) EIP is at __xfrm_policy_destroy+0xf/0x46 eax: d49f2000 ebx: d49f2000 ecx: f74bd880 edx: f74bd280 esi: d49f2000 edi: 00000001 ebp: cd506dcc esp: cd506dc8 ds: 007b es: 007b ss: 0068 Process ssh (pid: 31970, threadinfo=cd506000 task=cfb04a70) Stack: <0>cd506000 cd506e34 c028e92b ebde7280 cd506e58 cd506ec0 f74bd280 00000000 00000214 0000000a 0000000a 00000000 00000002 f7ae6000 00000000 cd506e58 cd506e14 c0299e36 f74bd280 e873fe00 c02943fd cd506ec0 ebde7280 f271f440 Call Trace: [] show_stack_log_lvl+0xaa/0xb5 [] show_registers+0x126/0x18c [] die+0x14e/0x1db [] do_trap+0x7c/0x96 [] do_invalid_op+0x89/0x93 [] error_code+0x4f/0x54 [] xfrm_lookup+0x349/0x3c2 [] ip6_datagram_connect+0x317/0x452 [] inet_dgram_connect+0x49/0x54 [] sys_connect+0x51/0x68 [] sys_socketcall+0x6f/0x166 [] syscall_call+0x7/0xb Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/xfrm/xfrm_policy.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 98ec53bd3a..5e6b05ac12 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -885,8 +885,6 @@ restart: * We can't enlist stable bundles either. */ write_unlock_bh(&policy->lock); - - xfrm_pol_put(policy); if (dst) dst_free(dst); -- 2.39.5