On Sat, Jul 7, 2018 at 10:29 PM Eric Dumazet <eric.duma...@gmail.com> wrote: > >> Tested: passes Android sock_diag_test.py, which exercises this codepath > > > > If this Android test case exercises this path, why didn't it trigger > > the double free and thus cause this bug to be found much sooner? > > > > Just curious. > > Presumably android has not backported yet the refcount_t stuff in their > kernels.
That's correct. We only started seeing this on 4.14, which is not yet in the field. Also, I think this failure does not appear in our continuous test runs (even on 4.14) because those uses ARCH=um, which is single-threaded. We're working on making it possible to run the tests on qemu in order to catch these threading issues, but we're not there yet.
