From: Soheil Hassas Yeganeh <soheil.k...@gmail.com> Date: Sat, 14 Apr 2018 20:44:46 -0400
> From: Soheil Hassas Yeganeh <soh...@google.com> > > Clear tp->packets_out when purging the write queue, otherwise > tcp_rearm_rto() mistakenly assumes TCP write queue is not empty. > This results in NULL pointer dereference. > > Also, remove the redundant `tp->packets_out = 0` from > tcp_disconnect(), since tcp_disconnect() calls > tcp_write_queue_purge(). > > Fixes: a27fd7a8ed38 (tcp: purge write queue upon RST) > Reported-by: Subash Abhinov Kasiviswanathan <subas...@codeaurora.org> > Reported-by: Sami Farin <hvtaifwkbgefb...@gmail.com> > Tested-by: Sami Farin <hvtaifwkbgefb...@gmail.com> > Signed-off-by: Eric Dumazet <eduma...@google.com> > Signed-off-by: Soheil Hassas Yeganeh <soh...@google.com> > Acked-by: Yuchung Cheng <ych...@google.com> > Acked-by: Neal Cardwell <ncardw...@google.com> Applied and queued up for -stable, thanks.
